Security Directory

M

Mubea E-Mobility Center GmbH

mubea-emobility-store.com

59

Mubea E-Mobility Center GmbH is a small local business based in Attendorn, Germany, specializing in the retail and consultation of e-mobility products, particularly e-bikes. The company targets consumers interested in sustainable transportation solutions and offers professional advice alongside a wide product selection. The website is built on the Wix platform, indicating a moderate level of digital maturity with a professional design and mobile optimization. However, the absence of WHOIS registration data raises concerns about domain legitimacy. Security posture is basic, with no advanced security headers or policies detected, and privacy compliance is lacking due to missing privacy and cookie policies. Overall, the business presents a professional front but should address domain registration transparency and compliance documentation to enhance trust.

C

CNP Assurances

cnp.fr

75

CNP Assurances is a leading French insurance company specializing in life insurance, health coverage, retirement planning, and savings products for individual customers. The website reflects a mature digital presence with comprehensive content tailored to its target audience of individuals seeking insurance solutions. The company maintains a consistent brand image and provides extensive regulated information, demonstrating transparency and compliance with French and EU regulations. Technically, the website employs modern JavaScript libraries, privacy management tools, and tracking services such as Google Tag Manager and TrustCommander, indicating a well-maintained infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, supporting a positive user experience. From a security perspective, the site enforces HTTPS and includes standard security practices, though explicit security headers and a dedicated security policy page are absent. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the website presents a low-risk profile with high trustworthiness, suitable for a major financial institution. Recommendations include enhancing security header implementation, publishing a vulnerability disclosure policy, and providing explicit incident response contacts to further strengthen security posture.

S

Shop Super Natural Club

supernaturalclub.ch

69

Shop Super Natural Club is a Swiss-based e-commerce business specializing in organic kombucha, lemonades, and other soft drinks. The company positions itself as a niche organic beverage brand with a focus on authentic Swiss craft products. Their online presence is built on the Shopify platform, leveraging modern web technologies and marketing tools such as Klaviyo and Facebook Pixel to engage customers and drive sales. The website is well-designed, mobile-optimized, and provides a smooth user experience with clear navigation and relevant content. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, direct contact information such as emails or phone numbers is not publicly listed, which may impact customer trust and support accessibility. Security posture is strong with HTTPS, security headers, and form protection via hCaptcha, but lacks a dedicated security policy or incident response information. Overall, the site is legitimate, secure, and professionally maintained, suitable for its target market.

R

Rivedroite Paris

rivedroite-paris.com

63

Rivedroite Paris operates an e-commerce website specializing in sustainable bags and accessories crafted by formerly unemployed designers using recycled and upcycled materials. The brand targets environmentally conscious consumers seeking unique fashion items. The website is built on the Shopify platform using the Impulse theme, integrating multiple marketing and analytics tools such as TikTok Pixel, Microsoft Clarity, Klaviyo, and Google Tag Manager, indicating a moderate level of digital maturity and marketing sophistication. The site is mobile-optimized and presents a professional design with clear navigation and relevant content.

P

Puressentiel France

puressentiel.com

69

Puressentiel France operates a professionally designed e-commerce website specializing in natural health and aromatherapy products, primarily essential oils. The website is built on the Shopify platform, leveraging modern web technologies and multiple marketing and analytics tools to optimize user experience and business insights. The brand positions itself as a trusted provider of natural and organic health products in the French market. Technically, the site demonstrates good performance, mobile optimization, and accessibility standards. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and incident response contacts are not publicly available. Privacy compliance is well addressed with clear cookie consent mechanisms and comprehensive privacy policies in French. WHOIS data for the subdomain is unavailable, which is typical for subdomains, and does not raise legitimacy concerns given the consistent branding and content. Overall, the website is trustworthy, professional, and well-maintained, serving a general audience interested in natural health products.

A

ADEME

carnetadapt.org

66

CarNet'Adapt is a French government-backed initiative managed by ADEME to create a Caribbean network focused on climate change adaptation, particularly in agriculture and food sectors. The project is co-financed by the Interreg Caraïbes program and involves multiple regional partners. The website is bilingual, professionally designed, and provides comprehensive information about the project, partners, events, and resources. Technically, the site is built on Drupal 10 and uses Cloudflare DNS services, though DNSSEC is not enabled. Security posture is adequate with HTTPS and domain protection flags but lacks published security policies and some security headers. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Contact is primarily via a web form, with no direct emails or phone numbers published. Overall, the site is trustworthy, well-maintained, and serves a niche governmental and non-profit audience.

G

GoDaddy Operating Company, LLC

belgrade.org

71

The website forsale.godaddy.com/forsale/belgrade.org is a professionally designed domain sales landing page operated by GoDaddy Operating Company, LLC. It offers the premium domain belgrade.org for sale with options to buy immediately or make an offer. The site targets German-speaking customers and emphasizes secure transactions, fast domain transfers, and multiple payment methods. The presence of trust indicators such as a high Trustpilot rating and verified domain badges reinforces its credibility. Technically, the site uses modern web technologies including React and Next.js, hosted on AWS, with good performance and mobile optimization. Security measures include HTTPS enforcement and reCAPTCHA on forms, though some security headers are not explicitly detected. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user trust and regulatory adherence. Overall, the site demonstrates a mature digital infrastructure and a strong security posture appropriate for an enterprise-level e-commerce platform focused on domain aftermarket sales.

B

Belehrad Srbsko - história, ubytovanie, doprava

belehrad.sk

42

The website belehrad.sk is a Slovak language tourism portal focused on providing information about Belgrade, Serbia, including history, accommodation, transportation, and travel services. It targets tourists and travelers interested in visiting Belgrade and offers hotel bookings, bus tickets, flight information, and visa guidance. The site operates on a basic technical infrastructure using standard web technologies and is hosted by HostMonster. It integrates Google services such as Adsense and Analytics and implements a GDPR-compliant consent management platform. However, it lacks explicit privacy policy and terms of service pages, and no direct company contact or security incident response information is provided. The presence of an adult content link in the footer reduces the overall content safety rating. Security posture is moderate with no advanced security headers detected. Overall, the site is functional but would benefit from improvements in security, privacy transparency, and content professionalism.

CzechWinter.com is a niche online portal dedicated to providing accommodation listings and skiing information for tourists interested in the Czech mountain regions. The website offers direct contact to houseowners for cottages, apartments, and hotels, focusing on winter lodging and skiing activities. The business appears to be a small, regionally focused hospitality service provider established around 2008, with a modest online presence and monetization through Google AdSense advertising. From a technical perspective, the website uses basic HTML, CSS, and JavaScript with no modern frameworks or CMS detected. Hosting is provided by a Czech hosting provider as indicated by the nameservers. The site lacks HTTPS enforcement and modern security headers, which lowers its security posture. Mobile optimization and accessibility are minimal, and SEO practices are basic. There is no evidence of privacy or cookie policies, nor GDPR compliance mechanisms. Security-wise, the absence of HTTPS and security headers, combined with no visible privacy or cookie policies, indicates a low maturity level in security and compliance. No contact information or incident response channels are provided, which could hinder user trust and regulatory compliance. However, no malicious or adult content is detected, and the domain registration data is consistent and legitimate. Overall, the website serves its niche purpose but requires significant improvements in security, privacy compliance, and technical modernization to enhance trustworthiness and user experience.

Skrivbord.se is a Swedish e-commerce website specializing in the sale of office desks, including height-adjustable and fixed desks for home and workplace offices. The site leverages the Shopify platform, integrating modern payment methods such as Klarna and Apple Pay, and targets consumers and businesses in Sweden seeking quality office furniture. The website is professionally designed with good content quality and user experience, optimized for mobile devices and SEO. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy and ownership transparency. Security posture is generally good with HTTPS and secure payment integrations, but lacks explicit security headers and a visible cookie consent mechanism. Contact information including phone and physical address is provided, enhancing business credibility.

A

American College of Physicians

acpjournals.org

65

The American College of Physicians (ACP) operates the ACP Journals website, a professional platform hosting multiple medical journals including the Annals of Internal Medicine and Clinical Cases. The site serves physicians, healthcare professionals, and researchers by providing peer-reviewed medical content and educational resources. It holds a strong market position as a leading publisher in internal medicine with a large audience and a subscription-based business model complemented by open access content. Technically, the website employs modern web technologies, including Google Tag Manager, Google Analytics, and Cloudflare services, ensuring good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS enforcement, secure forms, and script nonce usage, though explicit security headers and cookie consent mechanisms could be improved. The absence of WHOIS data due to privacy protection is typical for such organizations and does not detract from the site's legitimacy. Overall, the website is professional, trustworthy, and well-maintained, with minor recommendations for enhanced privacy compliance and security transparency.

B

Bischöflicher Campus Augustinum

augustinum.at

49

Bischöflicher Campus Augustinum is a well-established Austrian educational institution offering a comprehensive range of educational services including kindergarten, primary school, gymnasium, boarding school, social pedagogy college, church music conservatory, and a private pedagogical university. The institution also operates a gastronomy service (Prandia Augustinum) and maintains a large park area, positioning itself as a regional leader in education and religious community services. The website reflects a mature digital presence with clear branding and extensive content tailored to students, parents, and the church community. Technically, the site is built on ProcessWire CMS, uses modern web technologies, and is mobile-optimized with good accessibility and SEO practices. Security posture is solid with HTTPS enforced and secure forms, though it lacks some security headers and published security policies. Privacy compliance is partially met with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional, with a strong alignment between domain registration data and business claims.

°

°celseo Heizung

celseo-heizung.de

48

°celseo Heizung operates a professional website focused on heating system modernization and installation services in Germany. The company connects homeowners with local heating professionals, offering consultation, configuration tools, and price comparison services. The website is built on TYPO3 CMS and integrates modern web technologies including Google Analytics and Facebook Pixel for marketing and analytics purposes. It provides clear contact options including a prominently displayed phone number and a contact page. Privacy and cookie policies are present and appear GDPR compliant. The site demonstrates good SEO practices and mobile optimization, with consistent branding and customer testimonials enhancing trust. Security posture is adequate with HTTPS enforced, though additional security headers and explicit security policies could improve it. WHOIS data is limited but does not raise concerns. Overall, the website is professional, trustworthy, and well-suited for its target audience.

Minhembio.com is a Swedish niche community platform operated by Prisjakt Sverige AB, targeting home cinema and hi-fi enthusiasts. The site offers forums, galleries, news, and reviews, serving as a meeting place for enthusiasts to share experiences and content. The business model appears to be community-driven with advertising and affiliate partnerships, notably with Prisjakt.nu and Blocket Jobb. The website content is primarily in Swedish and focuses on relevant topics for its audience. Technically, the site uses standard web technologies including JavaScript and CSS, with Google Analytics and a local analytics service for tracking. The site implements a cookie consent mechanism and provides privacy and cookie policies, indicating basic GDPR compliance. However, no explicit security policies or incident response information are publicly available.

M

metronom Eisenbahngesellschaft mbH

metronom.de

56

metronom Eisenbahngesellschaft mbH operates regional passenger rail services primarily in the German states of Niedersachsen, Hamburg, and Bremen. The company positions itself as a friendly and reliable transportation provider under the motto "Unterwegs mit Freunden" (Traveling with Friends). It offers multiple regional train lines (RE2, RE3, RB31, RE4, RB41) and provides comprehensive travel planning tools, real-time updates, and ticketing options including integration with the Deutschland-Ticket and Niedersachsentarif. The website reflects a medium-sized transportation company with a strong regional presence and a parent company, Netinera, supporting its operations. The target audience includes commuters, tourists, and day travelers in Northern Germany.

Berliner Verkehrsbetriebe (BVG) operates as the primary public transportation provider in Berlin, Germany, offering comprehensive services including route planning, ticketing, subscriptions, and mobile applications. The website serves a broad audience including residents and tourists, providing timely service updates, ticket purchase options, and customer support. BVG holds a strong market position as the leading transit operator in Berlin with a large operational scale. Technically, the website is built on modern frameworks such as React and Next.js, hosted likely by Cronon, and managed via Magnolia CMS. It demonstrates excellent performance, mobile optimization, and accessibility features, reflecting a mature digital infrastructure. The site employs standard SEO and metadata practices, including Open Graph tags and structured JSON data. From a security perspective, the site enforces HTTPS, includes standard security headers, and implements a robust cookie consent mechanism compliant with GDPR. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. No critical vulnerabilities or suspicious patterns were detected. Overall, the website is professional, trustworthy, and user-friendly, with strong privacy compliance and business credibility. Strategic recommendations include publishing detailed security policies, providing direct security contact information, and establishing a vulnerability disclosure program to enhance transparency and trust.

W

WiREG mbH

wireg.de

54

WiREG mbH is a regional economic development organization focused on strengthening the business environment in the Flensburg and Schleswig region of Germany. The website presents a professional and comprehensive overview of their services including business promotion, sustainability checks, site development, funding advice, and coworking spaces. Their target audience includes regional and Scandinavian companies as well as startups. Technically, the site is built on TYPO3 CMS with modern web technologies and includes multimedia content such as embedded Vimeo videos and SVG graphics. The site is mobile optimized and SEO friendly. Security posture is good with HTTPS enforced and secure form handling, though it lacks explicit security policies and cookie consent mechanisms. Overall, the domain registration data aligns well with the website content, indicating legitimacy and trustworthiness.

O

OZG-Taskforce

ozg-taskforce.de

40

The OZG-Taskforce website serves as a digital platform for a significant intermunicipal network focused on the digitalization of public administration in Baden-Württemberg, Germany. It connects over 1,000 professionals from municipalities, administrations, and government offices, facilitating knowledge exchange and collaboration around the Onlinezugangsgesetz (OZG). The site prominently features information about upcoming conferences, news updates, and partner links, positioning itself as a central hub for digital transformation in local government. Technically, the site is built on WordPress with a modern, responsive design and good accessibility features, hosted on German infrastructure. However, it lacks visible privacy and cookie policies, which are critical for GDPR compliance.

R

Regeringen

regeringen.dk

58

Regeringen.dk is the official website of the Danish government, serving as a primary platform for disseminating government news, speeches, publications, and information about ministers and government structure. It targets the general public, media, and stakeholders interested in Danish governmental affairs. The website is well-established with a domain age dating back to 1998, reflecting its longstanding role as an authoritative government source. Technically, the site employs modern web technologies including React and WebP images, with good mobile optimization and accessibility features. The CMS appears to be Umbraco, a common enterprise-level content management system. Performance is fast, and SEO practices are well implemented, though some security headers are missing. From a security perspective, the site uses HTTPS but lacks DNSSEC and visible security headers, which are recommended for enhanced protection. No privacy or cookie policies were found, indicating gaps in GDPR compliance. Contact information is limited but includes an official government email and physical address. No incident response or vulnerability disclosure information is provided. Overall, the website is professional, trustworthy, and serves its purpose effectively but would benefit from improved privacy compliance and enhanced security configurations to align with best practices.

The website congress-imk.ch serves as a specialized conference management and overview platform primarily targeting the healthcare sector in Switzerland. Operated by IMK Institut für Medizin und Kommunikation AG, it provides listings and management tools for medical conferences, webinars, and educational events. The platform is well-branded and consistent, with content primarily in German and options for English and French, catering to a multilingual professional audience. The business model focuses on event hosting and conference management services within the healthcare education niche. Technically, the site uses a custom CMS platform named Converia, with standard web technologies such as JavaScript, CSS, and HTML5. The site demonstrates basic mobile optimization and good accessibility features, though SEO and performance optimizations appear moderate. No advanced frameworks or third-party analytics/tracking tools were detected, indicating a lean technical footprint. From a security perspective, the site is accessible without WAF or blocking mechanisms and uses HTTPS (assumed from domain and standard practice, though not explicitly confirmed). However, no security headers or cookie consent mechanisms were detected, and no explicit privacy or incident response policies are published on the main page. The WHOIS data aligns well with the business identity, showing a legitimate and consistent registration without privacy protection, enhancing trustworthiness. Overall, the website is professional and trustworthy for its intended audience but would benefit from improved privacy compliance (cookie consent), enhanced security headers, and more visible contact information to strengthen its security posture and user trust.

Prima Computers, operated by SOS PC, s.r.o., is a small Slovakian technology retail and service business specializing in computer hardware sales and servicing. The company has a long-standing presence since 2003 and operates an online e-shop through a partner platform. The website provides basic information about their services, partnerships, and promotional offers but lacks comprehensive contact details and formal policies. Technically, the site is built using an older proprietary website builder and relies on deprecated Flash technology, which negatively impacts security and user experience. No modern analytics or tracking tools are detected, and no privacy or cookie policies are present, indicating limited GDPR compliance. Security posture is moderate with DNSSEC enabled and domain registration consistent with business claims, but the absence of HTTPS enforcement and security headers is a concern. Overall, the website is functional but requires modernization and improved compliance to enhance trust and security.

IHK Siegen operates as a regional Chamber of Industry and Commerce in Germany, providing a broad range of services including vocational training, business founding and succession consulting, international trade support, legal and tax advice, and environmental and energy consulting. The website serves as a comprehensive resource for local businesses, entrepreneurs, trainees, and regional economic stakeholders, reflecting a well-established institution with a strong market position in the South Westphalia region. The content is professionally presented, well-structured, and primarily in German, targeting a regional audience. Technically, the website is built on TYPO3 CMS, a mature and secure content management system. It integrates modern tools such as Usercentrics for cookie consent and eTracker for analytics, indicating a commitment to privacy compliance and user tracking transparency. The site is mobile-optimized and accessible, with good SEO practices evident. Hosting is managed via domaincontrol.com, a common provider for domain management. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but explicit security headers and incident response policies are not clearly published. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The WHOIS data shows no privacy protection and is consistent with the domain's public institutional use, supporting legitimacy. Overall, the website demonstrates a strong business credibility and technical maturity with good privacy compliance. Recommendations include enhancing security headers, publishing a formal security policy and incident response contacts, and considering a vulnerability disclosure program to further strengthen trust and security posture.

G

Gebro Pharma AG

gebro.ch

10

Gebro Pharma AG is a Swiss pharmaceutical company specializing in healthcare products targeting indications such as rheumatology, pain, cold and cough, dermatology, and rare diseases. The company maintains a professional web presence with clear contact information and product navigation, serving healthcare professionals and patients primarily in Switzerland. The website is well-structured, mobile-optimized, and uses modern web technologies including JavaScript libraries and Google Tag Manager for analytics and marketing. From a technical perspective, the site employs asynchronous script loading and modern UI components like sliders and form validation, indicating a mature digital infrastructure. However, it appears to use a custom or proprietary CMS platform rather than a common open-source CMS. Performance is moderate with good mobile responsiveness and accessibility features. Security posture is solid with HTTPS enforced and spam protection on login forms, but lacks visible security headers and a public security policy or incident response contact. Privacy compliance is partial; while a privacy policy and terms of service are present, there is no cookie consent mechanism detected, which is a GDPR compliance gap. Overall, the website is trustworthy and professional with a high legitimacy score based on WHOIS data consistency and business information alignment. Strategic improvements in privacy compliance and security transparency would enhance trust and regulatory adherence.

S

Schweizerische Gesellschaft für Gefässchirurgie

swissvasc.ch

50

The Schweizerische Gesellschaft für Gefässchirurgie is a leading Swiss professional society dedicated to vascular surgery. It focuses on promoting excellent patient care, innovative research, and continuous education for vascular surgeons and medical professionals. The website serves as a comprehensive resource for members and interested parties, offering information on events, training, and the Swissvasc registry. Technically, the site employs modern web technologies including Vue.js and WebGL for interactive content, and uses privacy-respecting analytics (Plausible). The site is well-structured, mobile-optimized, and accessible, reflecting a mature digital presence. Security-wise, the site enforces HTTPS and cookie consent mechanisms but lacks explicit security headers and a published security policy or incident response contacts. Overall, the domain registration aligns well with the organization's identity, indicating legitimacy and trustworthiness.

e-line Systemy Internetowe is a small Polish technology company specializing in internet systems and software development, primarily serving business and local government clients. The website is currently under reconstruction, providing limited content but clear contact information and a professional business focus. The technical infrastructure is basic, utilizing HTML, CSS, and an outdated version of jQuery, with no detected CMS or advanced frameworks. Security posture is weak due to lack of visible HTTPS confirmation, missing security headers, and outdated libraries. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the website presents a modest digital presence with room for significant improvements in security, privacy, and technical modernization.

D

DEGUM | Deutsche Gesellschaft für Ultraschall in der Medizin

degum.de

55

DEGUM (Deutsche Gesellschaft für Ultraschall in der Medizin) is a leading medical scientific society in Germany specializing in ultrasound in medicine. It serves a large membership base with over 13,000 members and 6,000 certified physicians, offering certifications, educational courses, scientific funding, and guidelines. The website is professionally designed using TYPO3 CMS, providing comprehensive content and resources targeted at medical professionals and researchers. The technical infrastructure is modern and well-structured, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and spam-protected emails, though some security headers and explicit policies could be improved. Privacy and cookie policies are present and GDPR compliant. Overall, the website reflects a mature, credible organization with strong trust indicators and a clear business model focused on education and certification in healthcare ultrasound.

I

Iron Street Kraków

ironstreet.pl

9

Iron Street Kraków is a real estate investment website promoting a modern 4-story building with 86 service units located in the center of Kraków, Poland. The business targets property investors and young individuals seeking affordable housing in a prime location near major universities and business centers. The website provides detailed descriptions, visualizations, and location data to support its offerings. Technically, the site uses common web technologies including Google Analytics, Google Tag Manager, Swiper.js for sliders, and Google Maps API for location display. The site is mobile-optimized with good SEO practices but lacks visible privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS usage but no visible security headers or incident response information. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. Recommendations include adding privacy and cookie policies, security headers, and incident response contacts to improve compliance and security.

Z

Zdenek Hošinský - netlogix.cz

netlogix.cz

41

Netlogix.cz is a Czech freelance web design and programming business operated by Zdenek Hošinský, offering a broad range of digital services including web design, online applications, e-shops, SEO, and graphic design. The website presents a professional portfolio and detailed service descriptions targeting small to medium businesses primarily in the Příbram region. The business has been active since 1999, emphasizing personalized and comprehensive web solutions. Technically, the site uses standard web technologies such as HTML, CSS, JavaScript, and jQuery, with Google Analytics for visitor tracking. However, there is no evidence of a CMS or advanced frameworks, and mobile optimization is basic. Security posture is moderate with no visible HTTPS or security headers detected in the provided data, and no privacy or cookie policies are present, indicating compliance gaps. The WHOIS data is missing, which reduces domain trustworthiness and raises questions about domain registration legitimacy. Overall, the site is functional and professional but would benefit from enhanced security, privacy compliance, and technical modernization.

Kami účto s.r.o. is a small Czech Republic based accounting and tax advisory service provider established in 2008. The company offers key services including bookkeeping, payroll management, tax evidence, representation before authorities, and tax consulting primarily targeting local businesses and entrepreneurs. The website content is professional and relevant to the finance sector but lacks modern design and mobile optimization. Technically, the site uses basic HTML, CSS, and JavaScript with Google Analytics for tracking, hosted by Active24. Security posture is moderate with no visible HTTPS confirmation or security headers, and no privacy or cookie policies are present, indicating compliance gaps. Overall, the website is functional but requires improvements in security, privacy compliance, and user experience to enhance trust and professionalism.

T

ThemeGrill

themegrilldemos.com

48

ThemeGrill Demos is a comprehensive WordPress theme demo portal offering over 130 ready-to-import demos across multiple popular themes such as ColorMag, Spacious, Flash, eStore, and others. The platform targets WordPress users, developers, and businesses seeking quick and professional website setups. The technical infrastructure is based on WordPress with a rich ecosystem of plugins and page builders including Elementor, Gutenberg, and SiteOrigin, supported by modern web technologies and analytics tools like Google Tag Manager. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks DNSSEC and explicit security headers. Privacy and cookie policies are not found, indicating a gap in compliance. Overall, the website is professional, well-structured, and trustworthy, but could improve in privacy compliance and security best practices.

G

GoDaddy Operating Company, LLC

icrn.org

71

This website is a domain sales landing page hosted by GoDaddy, offering the domain icrn.org for sale or lease-to-own. It targets businesses and individuals interested in premium domain names, providing secure transactions, multiple payment options, and expert support. The site is professionally designed with consistent branding and a strong trust signal from a high Trustpilot rating. Technically, it uses modern web technologies including React and Next.js, hosted on GoDaddy infrastructure, with good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and secure payment integrations, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy and compliant with GDPR, suitable for its e-commerce domain sales business model.

D

dubanska & co.

dubanska.com

49

Dubanska & co. is a boutique law firm specializing in legal services for life sciences, biotech, FMCG, healthcare, pharma, and digital sectors. The firm positions itself as a niche provider offering expert legal advice with business insight, targeting businesses and professionals in these industries. The website reflects a professional and consistent brand image, supported by media coverage and partnerships with relevant organizations. The firm was founded in 2021 and operates primarily in the Czech Republic.

K

Klinická onkologie

eonkologie.cz

48

The website eonkologie.cz serves as an educational portal dedicated to oncology professionals in the Czech Republic. It functions as the official platform for the Klinická onkologie journal, affiliated with recognized Czech medical societies. The site provides access to oncology journals, recommended clinical procedures, and editorial system login for contributors. The business model centers on specialized healthcare education and professional journal dissemination, supported by partnerships with major pharmaceutical companies. The domain is well-established since 2008, reflecting a stable presence in the oncology education sector. Technically, the website employs basic HTML and CSS with Google Analytics for visitor tracking. The editorial system is hosted externally via Carecomm. The site shows moderate performance and basic mobile optimization but lacks advanced frameworks or CMS indicators. SEO and accessibility features are minimal but functional. No forms or direct data collection mechanisms are present on the homepage. From a security perspective, the site lacks visible security headers and does not disclose privacy or cookie policies, which is a compliance gap. HTTPS status is unknown from the provided data, and no incident response or security contact information is available. The use of Google Analytics indicates moderate user tracking without explicit consent mechanisms. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is a niche educational resource with moderate trustworthiness and basic technical implementation. Strategic improvements in privacy compliance, security posture, and user contact transparency would enhance its credibility and regulatory alignment.

W

Winterhalter Gastronom s.r.o.

winterhalter.cz

62

Winterhalter Gastronom s.r.o. is a medium-sized company specializing in professional dishwashing systems and related products for the hospitality and commercial food service sectors. The company positions itself as a premium provider with a family business heritage. Their website is well-structured, multilingual, and powered by TYPO3 CMS, reflecting a mature digital presence. The technical infrastructure includes modern web technologies and cloud-based analytics and consent management tools. Security posture is adequate with HTTPS and consent mechanisms, though lacking some security headers and explicit incident response information. The WHOIS data is missing, which slightly impacts trust but the overall business credibility remains high due to clear contact information and professional content. Strategic recommendations include enhancing security headers, publishing security policies, and monitoring domain registration details.

E

Erste & Steiermärkische Bank d.d.

ersteprivatebanking.hr

52

Erste Private Banking is a prominent private banking institution operating primarily in Central and Eastern Europe, with a strong market presence in Croatia and other core markets under the Erste Group umbrella. The website reflects a professional financial services provider focused on private banking, portfolio management, and related financial products. The technical infrastructure is modern, leveraging a proprietary CMS (Gem), CDN hosting, and standard web technologies, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response details are not publicly disclosed. Overall, the website demonstrates high business credibility and trustworthiness, supported by consistent WHOIS data and clear branding.

N

N/A

livecasinoonline.ca

55

LiveCasinoOnline.ca is a Canadian-focused affiliate marketing website specializing in providing information, reviews, and access to live casino games online. The site targets Canadian players interested in online gambling, offering curated casino provider listings, bonus offers, and affiliate links to partner casinos. The business model revolves around affiliate commissions and informational content. Technically, the site is built on WordPress, hosted on DigitalOcean, and uses common plugins such as Mega Menu and VegasHero. The site demonstrates basic mobile optimization and moderate performance but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but missing important security headers and DNSSEC. Privacy compliance is minimal with no privacy or terms of service pages, though a cookie consent banner is present. WHOIS data shows consistent Canadian registration with no privacy protection, supporting legitimacy. Overall, the site is functional but would benefit from enhanced security, privacy policies, and richer business contact information to improve trust and compliance.

Blika is an Icelandic weather information website providing accurate and updated weather forecasts, observations, and camping site information across Iceland. The site targets Icelandic residents and visitors interested in weather conditions, offering a range of weather-related services including detailed forecasts, wind predictions, and weather maps. The business operates in the weather information sector with a focus on Icelandic geography and climate. Technically, the website is built using modern web technologies such as React and Next.js, ensuring a responsive and user-friendly experience. The site integrates Google Analytics for user tracking and Airserve for advertising, indicating a monetization model based on ads and data insights. Security-wise, the site uses HTTPS but lacks visible security headers and formal privacy or cookie policies, which are areas for improvement. The absence of WHOIS data suggests privacy protection for the domain registration, which is common for Icelandic domains. Overall, the website is professional and functional but could enhance trust and compliance by adding clear privacy and security policies and contact information.

Abwasserbeseitigung Rendsburg is a municipal utility service responsible for wastewater disposal and treatment in the city of Rendsburg and surrounding areas including Büdelsdorf. The organization operates a dedicated sewage treatment plant and provides related services such as property drainage management. The website serves as an informational portal for residents and businesses, offering updates, contact information, and access to service-related forms. The market position is that of a local government service provider with a clear focus on environmental and public utility functions. Technically, the website is built on the Contao Open Source CMS platform, utilizing standard web technologies including HTML5, CSS, JavaScript, and jQuery. The site is hosted on infrastructure associated with Schleupen, a known service provider. While the site is functional and moderately optimized for mobile devices, it lacks advanced SEO and accessibility features. The absence of modern security headers and cookie consent mechanisms indicates room for improvement in technical security and privacy compliance. From a security perspective, the site uses HTTPS and includes CSRF tokens in forms, which are positive indicators. However, no explicit security policies, incident response contacts, or vulnerability disclosure mechanisms are present. The WHOIS data aligns well with the website's municipal nature, showing consistent domain registration and no privacy protection, supporting legitimacy. Overall, the security posture is moderate but could benefit from enhanced headers, policies, and transparency. The overall risk assessment is low given the nature of the business and the absence of sensitive data exposure or suspicious activity. Strategic recommendations include implementing security headers, adding cookie consent and privacy enhancements, publishing security and incident response policies, and updating technical components to modern standards to improve trust and compliance.

Doppelpunkt Werbeagentur is a small, established German advertising agency founded in 2001, specializing in corporate design, marketing, photography, 3D visualization, webshops, and print media. The website is professionally designed with good content quality and consistent branding, targeting businesses seeking advertising and marketing services in Germany. Technically, the site uses standard web technologies including HTML, CSS, JavaScript, and jQuery, with Google Analytics and Google Tag Manager for analytics and tracking. The site lacks a cookie consent mechanism and DNSSEC, which are areas for improvement. Security posture is moderate with no explicit security headers detected and no DNSSEC enabled. The domain registration data is consistent with the business claims, indicating high legitimacy. Overall, the website is functional, trustworthy, and compliant with GDPR, though it could enhance security and privacy features.

Antesto s.r.o. operates the INFINEO platform, a Czech Republic-based SaaS web application designed for financial advisors to create tailored financial analyses and manage client data efficiently. The platform emphasizes independence from financial institutions, offering objective financial planning tools accessible via any internet-connected device. INFINEO targets individual advisors and firms, providing customization options and API integrations to meet diverse client needs. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, Google Analytics, and Facebook Pixel for analytics and marketing. The site features responsive design optimized for mobile devices, ensuring accessibility and usability across platforms. However, some security headers are missing, and privacy compliance elements such as cookie consent and privacy policies are not evident. From a security perspective, the site uses HTTPS with a strong SSL certificate, ensuring encrypted data transmission. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain legitimacy verification, but the website content and company information appear professional and trustworthy. Strategic improvements include adding privacy and cookie policies, security headers, and incident response information to enhance compliance and security posture.

M

Mangold Photovoltaik GmbH

mangold-photovoltaik.de

39

Mangold Photovoltaik GmbH is a German company specializing in photovoltaic solar energy solutions, offering a comprehensive range of products and services including solar modules, inverters, mounting, maintenance, and expert consulting. With over 20 years of experience and TÜV Rheinland certification, the company holds a strong regional market position in Schwäbisch Gmünd, Germany. Their business model focuses on direct sales, installation, and customer education through training courses. Technically, the website is built on custom HTML with JavaScript libraries such as jQuery and Highslide, hosted on kasserver.com. While the site is accessible and content-rich, it lacks advanced security headers and cookie consent mechanisms, which are recommended for improved GDPR compliance and security posture. Overall, the website demonstrates good professionalism and trustworthiness but could benefit from enhanced security and privacy features.

S

Solgal

solgal.ch

46

Solgal is a Swiss company specializing in photovoltaic system installations, targeting residential and commercial customers interested in solar energy solutions. The website is built on WordPress using the Divi theme and includes WooCommerce for e-commerce capabilities. The technical infrastructure is moderate with standard plugins and libraries but lacks advanced performance and accessibility optimizations. Security posture is weak due to the absence of security headers, privacy policies, and incident response information. No contact details or GDPR compliance indicators are present, which may affect user trust and regulatory compliance. Overall, the website provides basic information about the business but requires significant improvements in security, privacy, and user engagement to enhance credibility and compliance.

S

Solarfuxx GmbH

solarfuxx.de

46

Solarfuxx GmbH is a German-based company specializing in photovoltaic solar energy solutions, energy storage, e-mobility charging infrastructure, and heating/climate technology integration. With over 15 years of regional experience, they serve customers primarily in the North Rhine-Westphalia region, offering consulting, installation, and ongoing support. Their website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive service descriptions. The company demonstrates strong business credibility through certifications and memberships in recognized industry organizations. Technically, the website employs standard web technologies including HTML5, CSS, and JavaScript, with cookie consent mechanisms implemented for GDPR compliance. Hosting is provided by websupport.cz, as indicated by the domain's nameservers. Performance is moderate with good mobile optimization and SEO practices. However, no advanced frameworks or CMS platforms are detected, suggesting a custom or lightweight site build. From a security perspective, the site uses HTTPS and employs email obfuscation to reduce spam. Cookie consent is implemented with opt-in functionality, supporting privacy compliance. However, security headers are not explicitly detected, and no published security or incident response policies are found. No vulnerabilities or suspicious patterns are evident, and the domain registration data aligns well with the business claims, supporting legitimacy. Overall, the website presents a trustworthy and professional digital presence with good privacy compliance and moderate security posture. Strategic improvements could include adding explicit security headers, publishing security policies, and enhancing accessibility features to further strengthen the security and compliance posture.

E

engagently

engagently.com

67

Engagently is a specialized engagement platform designed to foster high-quality, respectful online conversations and dynamic communities, primarily targeting publishers and their audiences. The platform emphasizes privacy, data ownership, and GDPR compliance, positioning itself as a privacy-friendly alternative to large social networks. The website showcases a professional design with clear messaging, multimedia content, and client logos from reputable media companies, indicating a credible market presence. Technically, the site is built using modern web technologies including Next.js and Storyblok CMS, ensuring fast performance, mobile responsiveness, and good SEO practices. The platform integrates AI-powered moderation to maintain content quality and safety. While HTTPS is enforced, the site lacks some security headers and does not publicly disclose a security policy or incident response plan, which are areas for improvement. The security posture is generally strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, warranting further investigation. Overall, engagently presents a trustworthy and professional platform with a strong focus on privacy and user engagement, but should enhance transparency around security policies and domain registration details to strengthen trust further.

L

Ljósmæðrafélag Íslands (implied)

ljosmodir.is

65

Ljosmodir.is is a professional Icelandic educational website dedicated to pregnancy, childbirth, and postpartum care. It serves parents, midwives, and interested individuals by providing comprehensive information, Q&A with midwives, and useful tools such as a due date calculator. The site is associated with the Icelandic Midwives Association, enhancing its credibility and trustworthiness. Technically, the site uses modern web technologies including Next.js and Prismic CMS, ensuring good performance, mobile optimization, and SEO. Security posture is adequate with HTTPS implied, but lacks visible security headers and explicit cookie consent mechanisms. WHOIS data for the domain is unavailable, which slightly reduces trust but does not detract significantly given the professional content and affiliations. Overall, the site is a reliable resource with room for improvement in security and privacy compliance.

The domain cyclingprodata.com is currently a parked domain hosted by GoDaddy.com, LLC, with no active website content or business operations visible. The site serves as a placeholder with minimal design elements and no substantive information about any business or services. The technical infrastructure is basic, relying on GoDaddy's parking platform and standard web technologies such as JavaScript and CSS. There is no evidence of a CMS or advanced frameworks beyond React inferred from the HTML structure. Security posture is minimal with no visible security headers or policies, and DNSSEC is not enabled. Privacy and cookie policies are generic references to GoDaddy's global policies, with no site-specific compliance details. Overall, the site lacks business credibility and trust indicators beyond a Trustpilot widget referencing GoDaddy.

F

Federal Office of Information Technology, Systems and Telecommunication FOITT

eiam.swiss

50

The website www.eiam.swiss serves as the official portal for the Swiss Federal Administration's central identity and access management system, eIAM. It provides a unified login infrastructure for federal web applications and native mobile apps, streamlining authentication processes and reducing costs. The site targets federal employees, IT specialists, application officers, integration managers, as well as citizens and business representatives via the CH-LOGIN service. The business model is a government service focused on secure, centralized identity management within the Swiss federal ecosystem. Technically, the website employs a traditional tech stack including jQuery and JavaScript, hosted likely on government infrastructure with a CMS identified as U5 CMS. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. Security practices include HTTPS usage and no visible vulnerabilities, though security headers and explicit privacy/cookie policies are absent. From a security standpoint, the site demonstrates a solid posture consistent with government standards but lacks some modern security headers and explicit privacy compliance disclosures. The WHOIS data is privacy protected, which is typical for Swiss government domains, and does not detract from the site's legitimacy. No signs of malicious activity or vulnerabilities were detected. Overall, the site is trustworthy, professionally maintained, and serves a critical government function. Recommendations include enhancing privacy and cookie policy transparency, implementing security headers, and improving mobile and accessibility features to align with best practices.

V

Voigt GmbH

voigt-sanitaer.de

10

Voigt GmbH, operating under the brand DIE BADGESTALTER in Geesthacht, Germany, specializes in personalized bathroom renovations and heating system installations. The company emphasizes comprehensive customer service from initial consultation through project completion, offering fixed pricing and guaranteed deadlines. As part of a larger network of over 130 specialized firms under SHK eG, Voigt GmbH benefits from strong brand recognition and a broad partnership ecosystem. The website targets private customers seeking tailored bathroom and heating solutions, positioning itself as a trusted regional expert with a focus on quality and customer satisfaction. Technically, the website is built on the Marcapo Websitemanager CMS, employs Matomo for privacy-conscious analytics, and integrates third-party content such as Google Maps and YouTube videos with explicit user consent mechanisms. The site is mobile-optimized and well-structured, providing a good user experience and clear navigation. Security-wise, the site uses HTTPS and cookie consent but lacks explicit security headers and published incident response policies, indicating room for improvement in security transparency and hardening. Overall, the website and business present a credible, professional image with strong privacy compliance and moderate technical sophistication.

B

Bernd Himmels GmbH

himmels-heinsberg-dbg.de

10

Bernd Himmels GmbH operates as a specialist in bathroom renovation and heating system installation, providing comprehensive services from initial consultation to project completion. The company is part of the larger DIE BADGESTALTER brand network, which includes over 130 specialized firms across Germany and Austria, positioning it as a trusted local expert in Heinsberg. The website reflects a strong focus on personalized customer service, fixed pricing, and guaranteed deadlines, catering primarily to private and commercial customers seeking tailored bathroom and heating solutions. Technically, the website employs modern web technologies including Matomo analytics with privacy-conscious IP anonymization, Google Maps integration, and embedded YouTube videos, all managed via the Marcapo Websitemanager CMS. The site is mobile-optimized, accessible, and SEO-friendly, with a clear cookie consent mechanism and comprehensive privacy policy, indicating good compliance with GDPR requirements. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though additional security headers and explicit security policies could enhance protection. Overall, the site presents a professional, trustworthy, and user-friendly digital presence aligned with the company's business objectives.

°

°celseo

celseo.de

10

°celseo is a leading cooperative network of large craft businesses in Germany specializing in heating, sanitary, climate, and electrical technology. With over 350 affiliated companies and 18,000 employees, it offers independent consulting and comprehensive services to private customers and trade professionals. The website is built on TYPO3 CMS, featuring a modern, responsive design with good SEO and accessibility features. Privacy and cookie policies are well implemented, ensuring GDPR compliance. Security posture is solid with HTTPS and cookie consent, though formal security policies and incident response contacts are absent. Overall, the site is professional and trustworthy, supporting a strong market position in the energy-related SHK sector.