Security Directory

B

BKK VerbundPlus

bkk-verbundplus.de

55

BKK VerbundPlus is a German statutory health insurance provider offering a range of health-related services including family support, pregnancy care, alternative healing, dental, and nursing services. The website is built on TYPO3 CMS and integrates modern technologies such as jQuery, Google Tag Manager, and Cookiebot for consent management. The site demonstrates good digital maturity with a responsive design, clear navigation, and GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and no obvious vulnerabilities detected, though some security headers could be improved. Overall, the website reflects a professional and trustworthy health insurance entity serving the German market.

The website extra-plus.de serves as a dedicated portal for supplementary health insurance products offered by Barmenia Versicherungen, a large independent insurance group in Germany. It targets BKK insured customers and provides detailed information on ambulant, dental, hospital, travel, and other supplementary insurance products. The site is well-branded, consistent with the parent company Barmenia, and offers clear contact channels including phone, email, and physical address. The presence of structured data and social media links further reinforces its legitimacy and market presence. Technically, the website employs modern JavaScript libraries such as Slick Slider and FontAwesome, and uses RichFaces indicating a Java Server Faces backend. Usercentrics is integrated for cookie consent management, ensuring GDPR compliance. Google Tag Manager is used for analytics and marketing tags. The site is mobile optimized, accessible, and SEO friendly, with good performance characteristics. From a security perspective, the site enforces HTTPS and uses consent management for cookies, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or suspicious content were detected. The WHOIS data aligns well with the website branding and domain registration, indicating a trustworthy and legitimate online presence. Overall, the website demonstrates a strong business credibility and privacy compliance posture, with room for improvement in explicit security policy publication and security header implementation.

W

webex.digital s.r.o.

webex.digital

53

webex.digital s.r.o. is a Slovak digital agency specializing in comprehensive digital solutions including web design, e-commerce platforms, SEO optimization, online advertising, and specialized real estate and municipal web applications. The company holds recognized certifications such as ISO 9001 and ISO 27001, underscoring its commitment to quality and information security. Their market position is supported by a portfolio of client references and partnerships, including realvia.sk for real estate web solutions. Technically, the website employs a modern technology stack with integrations of Google Tag Manager, Facebook Pixel, Hotjar, Smartsupp Live Chat, and Google reCAPTCHA v3, indicating a mature digital infrastructure. The proprietary ECHELON CMS platform is used for content management, and the site is mobile optimized with good SEO practices. From a security perspective, the site enforces HTTPS, integrates GDPR-compliant cookie consent mechanisms, and maintains ISO 27001 certification. However, there is room for improvement in implementing HTTP security headers and publishing a security.txt file for vulnerability disclosures. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional, trustworthy, and secure digital presence suitable for its business model. Strategic recommendations include enhancing HTTP security headers, formalizing vulnerability disclosure processes, and improving accessibility compliance to further strengthen security and user trust.

K

KOMFOS Prešov, s.r.o.

cbashop.sk

54

KOMFOS Prešov, s.r.o. operates cbashop.sk, an online grocery shopping platform focused on the Prešov region in Slovakia. The business model centers on providing customers with convenient options for grocery pickup via a drive-in service and home delivery, including free delivery for orders over 50€. The website presents a clear and professional interface with relevant business information and legal documentation, targeting general consumers in the local area. Technically, the site uses a .NET backend with common frontend libraries such as jQuery and Font Awesome, and integrates cookie consent and analytics tools. While the site is functional and moderately optimized for mobile, there is room for improvement in accessibility and SEO.

Z

Zoorix

zoorix.com

55

Zoorix is a specialized SaaS provider offering upsell and cross-sell solutions tailored for Shopify stores. The company positions itself as a trusted partner for e-commerce businesses seeking to increase average order value through AI-powered product recommendations and customizable upsell bundles. With over 6,000 stores using their app and strong customer testimonials, Zoorix has established a credible market presence in the Shopify ecosystem. Technically, the website is built on modern web technologies including Webflow CMS, Google Analytics, and Crisp chat for customer engagement. The site is well-optimized for mobile and desktop, with fast loading times and good SEO practices. The integration with Shopify and use of YouTube embeds enhance user experience and marketing effectiveness. From a security perspective, the site enforces HTTPS and uses secure forms, but lacks visible security headers and a cookie consent mechanism, which are important for GDPR compliance. The absence of WHOIS data for the domain raises some concerns about domain registration transparency, although the website content and Shopify app presence support legitimacy. Overall, Zoorix presents a professional and trustworthy front for its e-commerce SaaS offering, but should improve privacy compliance and domain registration transparency to enhance trust and security posture.

S

Sure Water LLC

surewatertanks.com

61

Sure Water LLC operates an e-commerce website specializing in emergency water storage tanks primarily targeting homeowners and small businesses in the United States. The company leverages over three decades of industry experience to provide durable, certified plastic water tanks designed for emergency preparedness. The website is built on the Shopify platform, utilizing modern e-commerce technologies and integrations such as Facebook Pixel, Google Analytics, and Lucky Orange for marketing and analytics purposes. Despite the professional presentation and active sales presence, the absence of WHOIS registration data raises questions about domain legitimacy, although this may be due to privacy protections or technical issues. The site lacks explicit privacy and cookie policies, which could impact compliance with data protection regulations. Overall, the business appears credible with strong trust indicators including certifications and customer testimonials.

S

Sturm, Ruger & Co., Inc.

ruger.com

68

Sturm, Ruger & Co., Inc. is a leading American firearms manufacturer with a broad portfolio of products including pistols, revolvers, rifles, and accessories. The company has a strong market position supported by a well-structured website that provides detailed product information, customer service, and investor relations. The website targets firearm consumers, law enforcement, and military sectors, emphasizing responsible firearm ownership. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and Google Analytics, with good mobile optimization and navigation clarity. Security posture is moderate with HTTPS usage and anonymized analytics but lacks explicit security headers and a cookie consent mechanism. The domain registration is consistent with the company's long history and public business presence, enhancing trustworthiness. Overall, the website is professional, secure, and compliant with basic privacy policies, though improvements in cookie consent and security headers are recommended.

Normand Technologies AS is a small Norwegian technology service provider specializing in custom website development, e-commerce solutions, website maintenance, and SEO services. The company targets local Norwegian businesses and individuals seeking tailored digital solutions without unnecessary licensing costs. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, reflecting a credible small business presence. Technically, the website is built on WordPress with modern optimization plugins such as Autoptimize and LazySizes for performance. It integrates Google Analytics and Google Tag Manager for user tracking and analytics. The domain is registered with Domeneshop AS and uses hyp.net name servers. The site uses HTTPS with a valid SSL certificate, but lacks DNSSEC and security headers, which are recommended for enhanced security. From a security perspective, the website enforces HTTPS and has domain transfer protection but lacks advanced security headers and a cookie consent mechanism, which impacts privacy compliance. No incident response or security policy information is published. The WHOIS data aligns well with the website content, indicating a legitimate and consistent registration. No suspicious or malicious indicators were found. Overall, the website scores well in content quality, business credibility, and technical implementation but has room for improvement in privacy compliance and security best practices. Strategic recommendations include enabling DNSSEC, adding security headers, implementing cookie consent, and publishing security policies to enhance trust and compliance.

D

Docmedico

docmedico-rezeption.de

58

Docmedico operates a digital online reception platform targeting medical practices, clinics, and pharmacies in Germany. The website presents a professional and modern interface built on Bootstrap, offering services that digitize communication and optimize operational processes for healthcare providers. The company positions itself as a niche SaaS provider in the healthcare sector, focusing on improving team efficiency through digital tools. Technically, the website employs a modern tech stack including Matomo Analytics, Google Tag Manager, and various marketing pixels, hosted on servers indicated by kasserver.com nameservers. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks security headers and explicit privacy policies. No contact or incident response information is visible, limiting transparency. Overall, the site is safe, professional, and suitable for general audiences with no adult or questionable content detected.

X

Xact by Rambøll

rambollxact.se

58

Xact by Rambøll is a Scandinavian market leader in online survey and analytics tools, offering platforms such as SurveyXact, PeopleXact, and EngageXact. The company operates under the Ramboll Management Consulting umbrella, providing advanced data collection and analysis solutions primarily targeting organizations in Scandinavia and Germany. Their business model combines SaaS platforms with expert consultancy services, emphasizing GDPR compliance and ISO certification to ensure data security and privacy. Technically, the website leverages HubSpot CMS, modern JavaScript libraries, and integrates multiple marketing and analytics tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement and privacy mechanisms, though DNSSEC is not enabled and some security headers could be improved. Overall, the site is professional, well-branded, and trustworthy, with no signs of blocking or malicious activity.

X

Xact by Rambøll

rambollxact.no

64

Xact by Rambøll is a Scandinavian market leader providing advanced survey and insight tools, including SurveyXact and PeopleXact platforms, supported by Ramboll Management Consulting. The company targets businesses and organizations seeking data-driven decision-making tools, emphasizing user-friendly interfaces and expert consulting. Technically, the website leverages HubSpot CMS and integrates multiple modern analytics and marketing technologies, ensuring a robust digital presence with good performance and mobile optimization. Security posture is strong, with HTTPS, security headers, GDPR compliance, and secure data handling practices evident, though incident response contacts and vulnerability disclosure mechanisms could be improved. Overall, the site is professional, trustworthy, and well-aligned with its business goals.

X

Xact by Ramboll

rambollxact.de

67

Xact by Ramboll is a leading provider of questionnaire-based survey tools in Scandinavia and Germany, offering a suite of products such as SurveyXact, PeopleXact, EngageXact, and ProjectXact. The company leverages its parent Ramboll Management Consulting's expertise to provide both software and consulting services focused on HR surveys, customer satisfaction, and market analysis. The website is professionally designed, localized for the German market, and integrates modern marketing and analytics technologies, primarily through HubSpot CMS and associated tools. Security posture is strong with HTTPS, cookie consent mechanisms, and ISO certification, though explicit security headers and incident response contacts could be improved. Overall, the site reflects a mature digital presence with good compliance and trust indicators.

X

Xact by Rambøll

rambollxact.dk

60

Xact by Rambøll is a leading Danish technology company specializing in online survey and data collection platforms, primarily serving organizations across Scandinavia and Germany. Their flagship products, SurveyXact and PeopleXact, enable clients to conduct market research, HR surveys, customer satisfaction studies, and more, supported by expert consulting and training services. The company operates under the Rambøll umbrella, leveraging strong brand recognition and a solid market position in the Nordic region. The website is professionally designed, multilingual, and provides comprehensive information about products, services, and compliance.

E

Envision Saint John: The Regional Growth Agency

discoversaintjohn.com

56

Discover Saint John is a professionally developed regional tourism website operated by Envision Saint John: The Regional Growth Agency. It serves as a comprehensive portal for visitors to explore events, accommodations, and trip planning resources in the Saint John Region of New Brunswick, Canada. The website is well-positioned as a regional tourism authority with a strong digital presence and multiple marketing integrations. Technically, the site is built on Drupal 10 with modern web technologies and is optimized for mobile and accessibility. Security posture is good with HTTPS and privacy policies in place, though explicit security headers and incident response information are lacking. The absence of WHOIS data introduces some uncertainty about domain registration legitimacy, but the site content and branding indicate a trustworthy and established organization. Overall, the website demonstrates a mature digital infrastructure supporting regional tourism promotion with room for security and compliance enhancements.

G

Govstack

govstack.com

67

Govstack is a technology provider specializing in digital solutions for public sector organizations, focusing on enhancing community engagement through modular platforms such as CMS, forms, events, and citizen portals. The company positions itself as a trusted partner in government technology, supported by client testimonials, industry awards, and active participation in public sector associations. Their business model targets local governments and public sector entities primarily in North America and other English-speaking countries. Technically, the website employs modern analytics, marketing, and accessibility tools, demonstrating a mature digital infrastructure with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. The absence of WHOIS data for the domain is a notable transparency gap, slightly reducing trustworthiness. Overall, Govstack presents a professional, credible, and well-structured online presence suitable for its target audience.

F

Four Agency Worldwide Limited

joipolloi.com

72

Four Agency Worldwide Limited is a UK-based creative technology agency that acquired Joi Polloi in 2022, integrating their team into its award-winning Creative Technology Unit. The company specializes in building interactive content, immersive experiences, and digital platforms for clients primarily in the cultural and media sectors. Their portfolio includes work for notable clients such as the BBC, Channel 4, and the Natural History Museum, positioning them as a reputable player in the creative technology industry. The website reflects a professional and consistent brand image with comprehensive service offerings and client case studies. Technically, the website is built on Drupal 10 and leverages modern analytics and marketing tools including HubSpot, Microsoft Clarity, and Google Tag Manager. It is mobile-optimized, accessible, and includes a cookie consent mechanism aligned with GDPR requirements. The site demonstrates good SEO practices and performance, although explicit hosting provider details are not disclosed. From a security perspective, the site enforces HTTPS and employs cookie consent banners, but lacks visible security headers and explicit incident response or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable or privacy protected, which is common for businesses of this type and size, and does not detract from the site's legitimacy given the professional content and clear contact information. Overall, the website presents a secure, compliant, and credible digital presence for Four Agency Worldwide Limited, with room for improvement in security transparency and incident response readiness.

J

JINT

jint.be

55

JINT is a Belgian non-profit organization serving as the National Agency for Erasmus+ Youth and the European Solidarity Corps in Flanders. It coordinates youth exchange programs and supports youth organizations with project guidance, information, and events. The website reflects a mature digital presence with a modern Drupal 10 CMS, good mobile optimization, and clear navigation. It integrates GDPR-compliant privacy and cookie policies with consent management. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response information are not publicly detailed. WHOIS data is restricted, which is common for privacy reasons but limits domain transparency. Overall, JINT presents a trustworthy and professional online presence aligned with its government and non-profit sector role.

The website www.obzoreuropa.hr serves as the official Croatian national portal for the EU Horizon Europe research and innovation framework program. It is managed by the Ministry of Science, Education and Youth and the Agency for Mobility and EU Programs, providing comprehensive information, guidance, and support for Croatian researchers and institutions seeking EU funding. The portal features detailed sections on program structure, participation guidelines, financial and legal aspects, news, events, and success stories, targeting researchers, innovators, and public institutions. The site maintains a professional and consistent brand presence with official government and EU affiliations clearly displayed. Technically, the website employs a modern tech stack including PHP backend, Bootstrap for responsive design, and integrates Google Analytics and Tag Manager for analytics. It features a cookie consent mechanism compliant with GDPR, uses HTTPS with good SSL configuration, and includes security measures such as CSRF tokens and session management. Accessibility features and mobile optimization are well implemented, contributing to a positive user experience. From a security perspective, the site demonstrates good practices with secure session handling and privacy compliance. However, explicit security headers are not visible in the provided data, and no public security policy or incident response contacts are found, which could be areas for improvement. No vulnerabilities or suspicious activities were detected. The WHOIS data aligns with the website's governmental nature and Croatian origin, supporting legitimacy and trustworthiness. Overall, the website is a high-quality, trustworthy government portal with strong content, good technical implementation, and solid privacy compliance. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen security posture and user trust.

T

Tempus Közalapítvány

tka.hu

44

Tempus Közalapítvány is a Hungarian non-profit organization specializing in coordinating European and international educational mobility and scholarship programs such as Erasmus+, CEEPUS, Campus Mundi, and Stipendium Hungaricum. It serves a broad audience including students, educators, higher education institutions, and civil organizations. The website reflects a well-established entity with a domain age since 2003, consistent with its long-term operational history. The organization maintains a strong market position as a key national coordinator for EU-funded educational initiatives. Technically, the website employs modern web technologies including Bootstrap, jQuery, and Google Tag Manager, with good mobile optimization and moderate performance. Security posture is solid with HTTPS enforcement and use of reCAPTCHA, though security headers and explicit security policies are not evident. Privacy compliance is well addressed with cookie consent mechanisms and accessible privacy policies. Overall, the site is professional, trustworthy, and content-rich, supporting the organization's mission effectively.

The website eu-ifjusag.hu is operated by Tempus Közalapítvány, serving as the national office for Erasmus+ Youth and the European Solidarity Corps in Hungary. It provides comprehensive information on EU youth policies, priorities, funding opportunities, events, and support services for youth professionals and organizations. The site is well-positioned as an authoritative resource in the youth non-profit sector, targeting youth professionals, NGOs, and young people interested in EU programs. Technically, the site uses modern web technologies including Bootstrap, jQuery, FontAwesome, and integrates Google Tag Manager and reCAPTCHA for security and analytics. The site is mobile-optimized with good accessibility and SEO practices. Security posture is solid with HTTPS and CAPTCHA protections, though additional HTTP security headers could enhance protection. Privacy and cookie policies are present and GDPR compliant, with visible consent mechanisms. No critical vulnerabilities or suspicious content were detected. Overall, the site demonstrates a professional and trustworthy presence with a strong focus on youth policy and EU program facilitation.

T

Tempus Közalapítvány

szolidaritasitestulet.hu

47

The website szolidaritasitestulet.hu serves as the official Hungarian portal for the European Solidarity Corps, managed by Tempus Közalapítvány, a Hungarian public foundation. It focuses on promoting solidarity through youth volunteer programs, offering information, support, and resources for young people and organizations involved in voluntary activities. The site is well-structured, professionally designed, and provides comprehensive content relevant to its target audience of youth and non-profit organizations. It maintains a strong governmental and European Union affiliation, enhancing its credibility and trustworthiness. Technically, the website employs modern web technologies including Bootstrap, FontAwesome, jQuery, and integrates multiple tracking and analytics tools such as Google Tag Manager, Facebook Pixel, and TikTok Pixel. It uses Google reCAPTCHA for form security and implements cookie consent mechanisms, reflecting a mature digital infrastructure. Mobile optimization and SEO practices are adequately addressed, though some accessibility features could be improved. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms. However, it lacks explicit security headers like Content-Security-Policy and does not publish a dedicated security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website presents a low-risk profile with a solid security posture and good privacy practices. Strategic improvements in security headers and incident response transparency would further enhance its security maturity and trust. The domain registration data aligns well with the website's purpose and history, supporting its legitimacy.

T

Tempus Public Foundation

europass.hu

44

Europass.hu is the official Hungarian portal managed by the Tempus Public Foundation, providing comprehensive career development and educational services including Europass document creation, job search assistance, and support for educational institutions and partners. The website serves as a trusted national resource for career advancement and learning opportunities in Hungary. Technically, the site employs a modern tech stack including jQuery, Owl Carousel, Google Tag Manager, Facebook SDK, and Hotjar, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though formal security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, reflecting its government-affiliated status.

E

Eurodesk Italy

eurodesk.it

53

Eurodesk Italy operates as the official national and European network providing information and orientation services to young people about European programs such as Erasmus+ and the European Solidarity Corps. The website serves as a comprehensive portal offering access to events, webinars, opportunities, and a network of local points across Italy. It is supported by the European Commission, enhancing its credibility and official status. The target audience includes young people and professionals working with youth, focusing on mobility and educational opportunities within Europe. Technically, the site is built on Drupal 10, integrates Google services such as Maps and Analytics, and uses modern web standards with good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the site is professional, trustworthy, and well-positioned in its niche, with strong branding and consistent content quality.

Eurodesk Hungary, operated by Tempus Közalapítvány, is a well-established non-profit organization providing comprehensive information and support for youth international mobility opportunities, including Erasmus+ programs, scholarships, volunteering, and internships. The website serves as a key information hub targeting young people and professionals working with youth, offering news, newsletters, and detailed mobility information. The organization holds a strong market position as part of the broader Eurodesk European network and maintains partnerships with relevant EU and Hungarian governmental bodies. Technically, the website employs a modern technology stack including Bootstrap, jQuery, Google Analytics, Facebook and TikTok tracking pixels, and reCAPTCHA for security. The site is well-optimized for mobile devices and SEO, with a professional design and clear navigation. Security posture is solid with HTTPS enforced and a Content-Security-Policy header, though additional security headers could enhance protection. Privacy compliance is robust, featuring a comprehensive GDPR-compliant privacy policy and an active cookie consent mechanism. No critical security vulnerabilities or blocking mechanisms were detected, and the domain's WHOIS data aligns well with the organization's history and public presence, supporting high legitimacy. However, the site lacks explicit published security policies and incident response contacts, which could be improved to enhance trust and readiness. Overall, Eurodesk Hungary presents a trustworthy, professional, and user-friendly platform with strong compliance and security foundations, well-suited to its non-profit educational mission.

C

CIDJ

cidj.com

66

CIDJ.com is a French educational and informational website focused on providing resources related to studies, careers, internships, and youth orientation. The site targets students, young adults, parents, and educators, offering articles, job listings, and newsletters. Technically, the site is built on Drupal 10 and integrates modern web technologies including Google Tag Manager, Matomo analytics, and consent frameworks for cookie management. The website is mobile-optimized and accessible with a professional design and clear navigation. Security-wise, the site uses HTTPS and consent mechanisms but lacks explicit security headers and published privacy or incident response policies. The WHOIS data for the domain is unavailable, which slightly impacts trust but the website content and structure support legitimacy. Overall, CIDJ.com presents a solid digital presence with room for improvement in transparency and security best practices.

E

Eurodesk

eurodesk.cz

48

Eurodesk is a well-established European information network focused on providing young people with access to opportunities such as Erasmus+ youth programs and the European Solidarity Corps. The website serves as a key informational platform for youth in the Czech Republic and broader Europe, offering news, events, and resources to support youth participation and development. The organization operates in the government and non-profit sectors, targeting youth and educational institutions. Technically, the site is built on Drupal 7 with jQuery and integrates Google Analytics and Tag Manager for user tracking. The site is mobile-optimized and presents content in a clear, professional manner with consistent branding. Security posture is generally good with HTTPS enforced, but lacks some security headers and explicit privacy and cookie policies, which are areas for improvement. The absence of WHOIS data for the domain is a concern for domain legitimacy verification, though the website's content and external official links support its authenticity. Overall, the site is safe, professional, and trustworthy for its intended audience.

J

JINT vzw

gostrange.be

63

Go Strange! is a Belgian non-profit platform operated by JINT vzw, dedicated to guiding Flemish youth towards intercultural experiences abroad. The website offers comprehensive information on scholarships, group exchanges, internships, studying abroad, language learning, volunteering, and working holiday opportunities. The platform targets young people in Flanders, providing free resources to facilitate international cultural engagement. Technically, the site is built on Drupal 10, leveraging modern front-end libraries and Google Analytics for user insights. The site is mobile-optimized and accessible, with a cookie consent mechanism compliant with EU regulations. Security posture is adequate with HTTPS enabled, but lacks some security headers and explicit security policies. WHOIS data confirms a long-established domain consistent with the organization's history, enhancing trustworthiness. Overall, the site is professional, user-friendly, and trustworthy, serving its educational mission effectively.

The EPAP website is a professionally maintained online platform operated by the European Lung Foundation, offering free educational resources and training for patients and carers with chronic conditions. It serves as a community and knowledge base to empower patient ambassadors in healthcare representation. The site is well-structured with clear navigation and relevant content targeting healthcare stakeholders and patients. Technically, the website employs standard web technologies including jQuery, Google Analytics, and Google Tag Manager. It uses HTTPS for secure communication but lacks advanced security headers and a cookie consent mechanism, which are areas for improvement. The site is mobile optimized and performs moderately well, though some modernization of libraries is recommended. From a security perspective, the site shows a basic but acceptable posture with no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms indicates room for maturity. The WHOIS data is unavailable, likely due to privacy protection, but the association with a reputable organization supports legitimacy. Overall, the website is trustworthy and serves its educational mission effectively, though enhancements in privacy compliance and security best practices would strengthen its risk profile and user trust.

S

StMartins Chamber of Commerce

stmartinscanada.com

64

The St. Martins and District Chamber of Commerce website serves as a local community hub promoting businesses, events, and tourism in Saint Martins, New Brunswick, Canada. The site is built on the Wix platform, leveraging standard Wix technologies and Google Analytics for visitor tracking. The business model is that of a non-profit chamber of commerce focused on economic growth and community engagement. The website content is relevant and professionally presented, targeting local businesses, residents, and tourists. However, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. Technically, the site is moderately optimized with good mobile responsiveness but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS implied but no visible security headers or policies. Privacy compliance is weak due to missing privacy and cookie policies and no explicit consent mechanisms. Overall, the site is functional and trustworthy for general users but would benefit from improved transparency and compliance documentation.

C

City of Saint John

saintjohn.ca

63

The City of Saint John website serves as the official digital presence for the municipal government of Saint John, New Brunswick. It provides residents, businesses, and visitors with comprehensive information on city services, transit, community events, public safety, and governance. The site positions itself as a trusted source for local news, emergency alerts, and civic engagement platforms, targeting a broad audience within the city and surrounding areas. Technically, the website is built on Drupal 10, leveraging modern web technologies including Google Analytics for user tracking and Google Maps API for transit and location services. The site is hosted behind Cloudflare DNS and CDN services, ensuring reliable performance and security. Mobile optimization and accessibility features are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs domain transfer protections. However, it lacks advanced security headers and does not provide publicly accessible security or incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. No vulnerabilities or suspicious content were detected. Overall, the website demonstrates a solid business credibility and technical foundation suitable for a government entity, but could improve in privacy compliance and security transparency to enhance trust and regulatory adherence.

D

Decile Group

decilegroup.com

64

Decile Group is a modern venture capital service provider specializing in accelerating VC firms, launching institutional-grade funds instantly, and providing AI-powered management platforms. Their offerings include training programs, fund management SaaS, back-office solutions, and a fund of funds investment vehicle. The company targets emerging and established venture capital managers, limited partners, and individuals seeking careers in VC. Technically, the website is built on a modern stack with Ruby on Rails backend, Stimulus JS, Turbo, and CDN hosting, delivering fast performance and excellent mobile optimization. Security posture is solid with HTTPS and CSRF protections, though improvements are recommended in DNSSEC, security headers, and explicit security policies. Privacy compliance is partially met with a clear privacy policy but lacks cookie consent mechanisms. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

X

Xact by Rambøll

rambollxact.com

66

Xact by Rambøll is a technology-driven company specializing in advanced HR survey platforms and knowledge-gathering tools, serving clients primarily in Scandinavia and Europe. Their product suite includes SurveyXact, PeopleXact, and EngageXact, which enable organizations to conduct customer satisfaction surveys, employee engagement assessments, and stakeholder involvement initiatives. The company benefits from being part of Ramboll Management Consulting, leveraging global expertise and a strong brand presence. The website reflects a professional and modern digital presence with multilingual support and comprehensive content aimed at HR professionals and organizational leaders. Technically, the website is built on the HubSpot CMS platform, utilizing modern JavaScript libraries such as Swiper and Keen Slider for UI components, and integrates multiple analytics and marketing tools including Google Tag Manager, Hotjar, and LinkedIn Insight Tag. The site is hosted by One.com A/S and employs HTTPS with a good SSL configuration, though DNSSEC is not enabled. The site is mobile-optimized, accessible, and SEO-friendly, with a clear navigation structure and consistent branding. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, secure form handling via HubSpot, and cookie consent mechanisms compliant with GDPR. However, there is room for improvement by enabling DNSSEC and adding additional security headers. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the business claims, indicating a legitimate and trustworthy domain. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and maintaining transparency in data protection practices to further build trust and resilience.

K

KRM AS

krm.no

53

KRM AS is a Norwegian technical vocational school and course center specializing in industrial machinery maintenance and hydraulics. Established in 1991 and accredited as a technical vocational school in 2021, KRM offers a broad range of technical courses both in-person at their Geilo center and online. Their market position is that of a niche, established education provider serving professionals in industrial and energy sectors. Technically, the website uses a modern tech stack including Snapper CMS, jQuery, Foundation CSS, and integrates multiple analytics and marketing tools such as Google Analytics, Hotjar, Facebook Pixel, and LinkedIn Insight Tag. The site is mobile-optimized with good SEO and accessibility basics. Security posture is strong with HTTPS enforced and a comprehensive cookie consent mechanism, though some security headers could be improved. No critical vulnerabilities or blocking WAFs were detected. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

G

Grønt Skipsfartsprogram

grontskipsfartsprogram.no

53

Grønt Skipsfartsprogram is a Norwegian initiative focused on promoting efficient and environmentally friendly shipping solutions. The program operates through pilot projects and a service office supporting shipping companies and cargo owners to reduce greenhouse gas emissions. The website reflects a medium-sized, well-established program with a clear mission in the energy and transportation sectors, targeting maritime industry stakeholders in Norway. Technically, the site is built on WordPress using FoundationPress theme, integrating modern analytics tools such as Google Analytics, Google Tag Manager, and Hotjar, with a cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit policies could be improved. Overall, the site is professional, trustworthy, and provides clear contact information and relevant content for its audience.

O

Oslo Economics

osloeconomics.no

51

Oslo Economics is a well-established Norwegian economic advisory firm founded in 2008, providing comprehensive economic analysis and consulting services to businesses, government agencies, and organizations. The company holds a strong market position as one of Norway's leading economic advisory environments, offering a wide range of services including financial analyses, health economic analyses, market competition studies, and strategic advisory. Their website reflects a professional and consistent brand image, targeting a broad audience of decision-makers and stakeholders in both public and private sectors. Technically, the website is built on a modern WordPress platform with integration of popular libraries and services such as jQuery, Bootstrap Grid, Google Analytics, and Google Tag Manager. The site demonstrates good mobile optimization, accessibility, and SEO practices, although hosting details are not explicitly disclosed. The presence of cookie consent mechanisms and GDPR-compliant privacy policies indicates a mature approach to privacy and data protection. From a security perspective, the site enforces HTTPS and uses secure contact forms but lacks explicit security headers and publicly available security policies or incident response plans. No vulnerabilities or exposed sensitive data were detected in the analysis. The domain registration is consistent with the business claims, showing a long-standing presence without privacy protection, which supports legitimacy. Overall, Oslo Economics presents a trustworthy and professional online presence with strong compliance and technical foundations. Strategic improvements in security policy transparency and enhanced security headers could further strengthen their security posture and trustworthiness.

CommanderZero.com is a personal blog established in 2003, focusing on preparedness, survivalism, firearms, and related logistics topics. The site serves a niche audience of survival enthusiasts and firearm owners, providing detailed articles, reviews, and observations. The business model appears to be content publishing supported by community engagement and Patreon donations. Technically, the site runs on WordPress hosted by Bluehost, utilizing modern web technologies and Google Analytics for visitor tracking. The site is moderately optimized for mobile and accessibility but lacks comprehensive privacy and cookie policies, which are compliance gaps. Security posture is adequate with HTTPS enabled and domain transfer protections, but missing advanced security headers and vulnerability disclosures. Overall, the domain age and registration data support the site's legitimacy and stable presence. Strategic improvements in privacy compliance and security practices would enhance trust and reduce risk.

D

Dell Deutschland

dell.de

68

Dell Deutschland operates as a regional branch of Dell Technologies, providing a comprehensive portfolio of technology products and services including notebooks, desktops, servers, storage, monitors, gaming equipment, and accessories. The website targets both business and consumer segments in Germany, reflecting Dell's strong market position as a global technology leader. The digital infrastructure is robust, leveraging advanced marketing and analytics tools such as Adobe Target and OneTrust for consent management, ensuring GDPR compliance. The site is well-optimized for performance, mobile responsiveness, and accessibility, with a professional design and clear navigation. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, though explicit security policy and incident response information are not publicly detailed. Overall, the site demonstrates high trustworthiness and professionalism consistent with an enterprise-grade technology provider.

A

All3DP

all3dp.com

64

All3DP is a well-established online magazine specializing in 3D printing and additive manufacturing technologies. Founded in 2013, it serves a global audience of enthusiasts and professionals by providing comprehensive content including news, tutorials, product reviews, and industry insights. The website positions itself as a leading resource in its niche with a professional and consistent brand presence. Technically, the site is built on WordPress and leverages modern web technologies such as Cloudflare for hosting and DNS, Google Tag Manager, Hotjar for analytics, and a consent management platform to comply with GDPR requirements. The site demonstrates good performance and mobile optimization, though accessibility features are basic. Security-wise, the site enforces HTTPS and uses clientTransferProhibited status on its domain, but lacks DNSSEC and explicit security headers. No privacy policy or terms of service were detected in the provided content, which is a notable compliance gap. Overall, the site is trustworthy and professional but could improve transparency and security posture.

P

Prusa Research a.s.

prusa-research.com

71

Prusa Research a.s. operates a comprehensive e-commerce platform specializing in Original Prusa 3D printers, filaments, resins, and accessories. Founded by Josef Prusa, a key figure in the RepRap project, the company targets hobbyists, professionals, educators, and businesses with a strong emphasis on quality, community, and education. The website demonstrates a mature digital presence with modern technologies such as Next.js, React, and Cloudflare, ensuring fast performance and mobile optimization. Security measures include HTTPS, reCAPTCHA Enterprise, and cookie consent management, although explicit security policies and incident response details are not publicly available. The absence of WHOIS registration data slightly impacts trust but is mitigated by strong branding and external trust signals.

W

WeldingPro Group s.r.o.

weldingprogroup.com

54

WeldingPro Group s.r.o. is a Czech-based industrial service provider specializing in welding, technical installations, and industrial assemblies. The company operates domestically and internationally within the EU, serving industrial and construction sectors. Their website reflects a mature digital presence with comprehensive service descriptions, references, and certifications, targeting B2B clients requiring technical assembly solutions. Technically, the site is built on WordPress with modern JavaScript libraries and SEO optimizations, ensuring good performance and mobile responsiveness. Security posture is solid with HTTPS, reCAPTCHA protection on forms, and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR, supporting the company's credibility and market position.

Z

ZUKE Green

zuke-green.de

56

ZUKE Green is a German-based green health community dedicated to promoting sustainable transformation within the healthcare sector. It targets clinic employees and companies offering sustainable solutions, facilitating networking, knowledge exchange, and hosting events such as the ZUKE Green Health Congress. The website is professionally designed using WordPress and Elementor, with a focus on clear navigation and relevant content for its audience. The technical infrastructure includes modern web technologies and Google Tag Manager for analytics. Security posture is adequate with HTTPS enabled and secure forms, though lacks some security headers and explicit privacy policies. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy. Strategic improvements in privacy compliance and security headers would enhance trust and compliance.

L

Leipziger Messe GmbH

medlogistica.de

67

med.Logistica is a specialized event platform organized by Leipziger Messe GmbH, focusing on hospital logistics and process management in the German-speaking healthcare sector. It serves as a leading congress and trade fair, targeting hospital management professionals, exhibitors, and visitors interested in optimizing hospital processes. The platform offers exhibitor registration, visitor information, ticketing, and an official mobile app to enhance user engagement. The website reflects a professional and consistent brand image aligned with its parent company, Leipziger Messe GmbH, based in Germany. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager for analytics, and a comprehensive cookie consent mechanism powered by consentmanager.net. The site is mobile-optimized, accessible, and SEO-friendly, hosted likely under Leipziger Messe's infrastructure. Performance is moderate with good technical implementation but lacks explicit CMS identification. From a security perspective, the site enforces HTTPS and uses cookie consent for GDPR compliance. However, it lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The domain registration data aligns well with the website content, indicating a trustworthy and legitimate online presence. Overall, med.Logistica's website is a well-structured, professional platform with good privacy compliance and moderate security posture. Strategic improvements in security policy transparency and incident response readiness would enhance trust and resilience.

K

KOMFOS Prešov, s.r.o.

komfos.sk

48

KOMFOS Prešov, s.r.o. operates as a Slovakian retail and wholesale food business, affiliated with the international CBA franchise. The company offers a broad range of food products including meat, dairy, confectionery, beverages, and spices, targeting both households and business customers. Their market position is solid within Slovakia as a medium-sized enterprise with a clear focus on food retail and wholesale services, supported by an e-shop and loyalty programs. Technically, the website employs modern frameworks such as Bootstrap and jQuery, integrates social media and marketing tools, and provides a responsive user experience. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and incident response transparency. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, reflecting a credible business presence.

F

FELBERMAYR SLOVAKIA, s.r.o.

felbermayr.sk

50

FELBERMAYR SLOVAKIA, s.r.o. is a large Slovakian business specializing in heavy lifting, crane services, special transport, and lifting platforms. The company operates a substantial fleet of equipment and serves industrial clients across Slovakia and Europe, positioning itself as a regional leader in transportation and lifting solutions. The website reflects a professional business presence with clear service offerings and multiple regional contact points. Technically, the site uses modern front-end technologies including Bootstrap, jQuery, and OwlCarousel, supported by analytics and tracking tools such as Google Analytics and Hotjar with proper cookie consent mechanisms. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved and dedicated security policies published. Overall, the site is well-structured, mobile-optimized, and compliant with GDPR requirements. The domain registration data aligns with the business claims, supporting legitimacy and trustworthiness.

S

STAVEX Košice s.r.o.

stavex-ke.sk

43

STAVEX Košice s.r.o. is a Slovak company specializing in comprehensive renovation of residential buildings, established in 2006 and operating under its current legal form since 2013. The company offers a broad range of services including facade insulation, balcony and loggia repairs, roof insulation and waterproofing, aluminum railings and glazing, anti-mold coatings, interior renovations, electrical and plumbing reconstructions, and project financing. It targets residential property owners and investors primarily in Slovakia, maintaining a strong local reputation supported by customer testimonials and a 10-year warranty on work. Technically, the website employs modern web technologies such as Bootstrap, jQuery, OwlCarousel, and integrates marketing and analytics tools including Google Tag Manager and Facebook Pixel. The site is hosted by Websupport and demonstrates good mobile optimization, SEO, and accessibility basics. Privacy and cookie policies are present with an active consent mechanism, reflecting GDPR compliance. From a security perspective, the site uses HTTPS with DNSSEC enabled, though it lacks some advanced HTTP security headers and does not publish a security policy or incident response contacts. No critical vulnerabilities or suspicious patterns were detected. The domain registration data is consistent with the business history and claims, enhancing trustworthiness. Overall, STAVEX Košice s.r.o. presents a professional and credible online presence with solid technical and security foundations, suitable for its business scope and audience.

B

BJ DENT

bjdent.sk

48

BJ DENT is a dental clinic based in Bardejov, Slovakia, offering a comprehensive range of dental services including aesthetic dentistry, dental hygiene, surgery, implants, and emergency care. The clinic emphasizes professional patient care and modern technology to ensure high-quality dental treatments. The website reflects a well-established local healthcare provider with clear contact details and a user-friendly interface. Technically, the site uses modern frameworks such as Bootstrap and integrates analytics and marketing tools like Google Analytics and Facebook Pixel, demonstrating a mature digital presence. Security-wise, the site enforces HTTPS and cookie consent mechanisms but lacks advanced security headers and formal security policies. Overall, the website is safe, professional, and compliant with GDPR cookie regulations, supporting trustworthiness and business credibility.

W

webex.digital, s.r.o.

realvia.sk

47

REALVIA is a Slovak-based digital service provider specializing in web solutions, official property export services, and real estate management platforms tailored for real estate agencies and brokers. The company positions itself as a reliable partner with over 400 real estate agencies as clients, emphasizing excellent customer support and official integrations with real estate portals. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website employs modern web technologies including Bootstrap, jQuery, Owl Carousel, and integrates marketing and analytics tools such as Google Tag Manager, Google Analytics, and Facebook Pixel. The site is mobile-optimized and uses HTTPS with good SSL configuration. Cookie consent mechanisms and privacy policies are implemented in compliance with GDPR. From a security perspective, the website demonstrates a mature posture with ISO 9001 and ISO 27001 certifications, HTTPS enforcement, and cookie consent. However, some security headers are not explicitly detected, and there is no public incident response or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were found. Overall, the website is trustworthy and professionally maintained, with a strong business credibility and compliance posture. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding a security.txt file to improve transparency and security readiness.

A

Appgen LTD

weekone.io

48

WeekOne is a newly founded (2024) technology company based in Great Britain, specializing in AI-powered employee onboarding solutions. Their platform leverages AI assistants, buddies, mentors, and handover twins to streamline the entire employee journey from pre-boarding to off-boarding. The company targets HR departments and enterprises aiming to improve onboarding efficiency and employee productivity. The website is professionally designed, mobile-optimized, and uses modern web technologies hosted on Cloudflare. Google Tag Manager is integrated for analytics, indicating a moderate level of user tracking. Security posture is good with HTTPS and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are missing, representing compliance gaps. Contact information is clearly provided, enhancing business credibility.

S

Chytrá čidla nejen pro domácnost – Senzoor

senzoor.sk

45

The website senzoor.sk appears to be a newly established business entity based in Slovakia, with domain registration dated February 27, 2024. The site uses modern frontend technologies such as Google Fonts, Google Tag Manager, and Font Awesome icons, hosted on Forpsi's infrastructure with DNSSEC enabled, indicating a baseline of domain security. However, the website content is minimal and lacks critical compliance documents such as privacy policy, cookie policy, and terms of service. No contact information or business certifications are present, which limits trust and credibility from a user perspective. The technical implementation is basic with room for improvement in mobile optimization, accessibility, and SEO. Security posture is moderate due to HTTPS and DNSSEC but lacks security headers and incident response information. Overall, the site is accessible with no WAF or blocking detected, and content is safe for general audiences.