Security Directory

H

HPV FREE GENERATION

hpvfree.pl

10

HPV FREE GENERATION is a Polish non-profit initiative dedicated to the education, prevention, and elimination of the Human Papillomavirus (HPV). Supported by MSD Polska Sp. z o.o., the platform provides educational content, a forum for discussion, and awareness campaigns targeting the general public and healthcare professionals in Poland. The website is professionally designed, consistent in branding, and references credible scientific sources to enhance trust and awareness. Technically, the website is built on WordPress 6.7.2 with common libraries such as jQuery, Bootstrap, and WPBakery Page Builder. It is mobile-optimized and performs moderately well, though accessibility features are basic. The site uses HTTPS with a valid SSL certificate, but lacks some security headers and cookie consent mechanisms, which are recommended for improved security and compliance. From a security perspective, the site shows good baseline practices with HTTPS but could improve by implementing security headers, publishing security policies, and adding vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but does not significantly impact legitimacy given the site's professional presentation and backing. Overall, the website is a trustworthy, well-maintained health education platform with room for improvement in privacy compliance and security best practices. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

T

telc

telc.net

62

telc.net is a professional website dedicated to language examinations, certifications, and learning materials primarily targeting language learners, educational institutions, and professionals. The site positions itself as a reputable provider of language certificates across multiple proficiency levels (A1 to C2), serving a broad audience in Germany and internationally. The business model centers on delivering language testing and training services, supported by a medium-sized organizational structure. The website content is well-structured, professionally designed, and consistent with the brand identity, reflecting a strong market presence in the education sector. Technically, the website leverages TYPO3 CMS with Bootstrap and FontAwesome for frontend design, integrating advanced analytics and marketing tools such as Matomo, Google Analytics, Google Tag Manager, and Cookiebot for GDPR-compliant cookie management. The site demonstrates good mobile optimization, accessibility, and SEO practices, although hosting provider details are not explicitly disclosed. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and employs essential security cookies like XSRF-TOKEN to prevent cross-site request forgery. Cookie consent mechanisms are robust and GDPR compliant. However, explicit security headers are not detected, and no published security or incident response policies are found, indicating areas for improvement. The WHOIS data is incomplete or privacy protected, which slightly reduces trust but is not uncommon for organizations in this sector. Overall, telc.net presents a trustworthy and professional online presence with a solid technical foundation and compliance posture. Strategic enhancements in security transparency and contact information availability would further strengthen its risk profile and user trust.

D

Deutsche Gesellschaft für Kardiologie e.V.

dekk.koeln

41

The website kardiale-bildgebung.de serves as the official platform for the DGK Kardiale Bildgebung congress organized by the Deutsche Gesellschaft für Kardiologie e.V. It targets cardiology professionals and researchers, providing detailed information about the upcoming congress, including program schedules, speakers, and organizational details. The site is professionally designed with consistent branding and clear navigation, supporting its role as a trusted event information source in the healthcare sector. Technically, the site is built on WordPress using WPBakery Page Builder and standard web technologies, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent implemented, though security headers and explicit policies are absent. Overall, the site is safe, compliant with GDPR, and trustworthy, though it lacks some advanced security and compliance disclosures.

TEC Systems Systemhaus GmbH is a German IT service provider specializing in comprehensive IT infrastructure solutions, cloud concepts, software development, and consulting services primarily targeting small and medium-sized enterprises. The company maintains partnerships with major technology vendors such as IBM, Cisco, VMware, and TrendMicro, positioning itself as a trusted regional system house. The website reflects a professional and consistent brand image with clear contact information and service offerings. Technically, the site uses a custom PHP-based CMS with Bootstrap and jQuery frameworks, delivering moderate performance and good mobile responsiveness. However, there is room for improvement in accessibility and SEO optimization. Security posture is moderate; while no critical vulnerabilities are evident, the absence of security headers, visible incident response policies, and cookie consent mechanisms indicate gaps in security best practices and GDPR compliance. The domain WHOIS data is minimal but consistent with the company's German location and business history dating back to at least 2014. Overall, the website is trustworthy and professional but would benefit from enhanced security and privacy features to align with modern compliance standards.

M

MGS Motor Gruppe Sticht GmbH & Co. KG

auto-hensel.de

60

MGS Motor Gruppe Sticht GmbH & Co. KG is a well-established automotive dealership group operating nine locations in Bavaria, Germany. The company offers a wide range of vehicles including new and used cars, commercial vehicles, and campers, representing multiple well-known brands such as Ford, Fiat, Mazda, and Jaguar. Their business model focuses on vehicle sales, leasing, servicing, and customer support, targeting both private and commercial customers in the region. The website reflects a professional and comprehensive digital presence with clear navigation and detailed service offerings. Technically, the website employs modern web technologies including jQuery, Owl Carousel, and a proprietary CMS platform by Audaris. It is mobile-optimized, accessible, and SEO-friendly, with appropriate meta tags and structured content. Google Analytics is used with consent management configured to deny tracking by default, indicating privacy awareness. From a security perspective, the site uses HTTPS with secure cookie flags and basic security best practices. However, it lacks explicit security headers and a public security policy or incident response contact. No vulnerabilities or suspicious content were detected. The WHOIS data aligns well with the business claims, supporting legitimacy and trustworthiness. Overall, the website is professional, secure, and compliant with GDPR requirements, providing a trustworthy platform for customers. Strategic improvements could include enhanced security headers and published security policies to further strengthen trust and compliance.

D

Deutsche Gesellschaft für Kardiologie e.V.

kardiale-bildgebung.de

41

The website kardiale-bildgebung.de represents the DGK Kardiale Bildgebung congress, a specialized medical event focused on cardiac imaging techniques such as echocardiography, cardiac MRI, CT, and nuclear medicine. It is organized by the Deutsche Gesellschaft für Kardiologie e.V., a reputable German cardiology society, and targets cardiology professionals and researchers primarily in Germany and neighboring countries. The site provides detailed event information, program schedules, and partner details, supporting professional education and networking in the cardiology field. Technically, the site is built on WordPress with WPBakery Page Builder, uses HTTPS with valid SSL, and includes cookie consent mechanisms, reflecting a moderate to good level of digital maturity. However, some security best practices like security headers and explicit incident response contacts are missing. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, with no detected adult or questionable content.

A

ABX software s.r.o.

kestolu.cz

41

kestolu.cz is a Czech-based software solution specializing in providing an integrated e-shop module for the ABX Harsys gastro program. The company, ABX software s.r.o., founded in 2021, targets restaurants and gastro businesses seeking seamless online ordering and payment integration. The website offers demos, customer references, and detailed feature descriptions, positioning itself as a niche player in the hospitality technology sector. Technically, the site uses modern frontend libraries such as Bootstrap, FontAwesome, and Swiper.js, with responsive design and moderate performance. However, it lacks visible backend CMS indicators and advanced SEO or accessibility features. Security posture is moderate with HTTPS implied but missing explicit security headers and privacy policies, indicating compliance gaps. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional and functional but would benefit from improved privacy compliance and security hardening.

C

Chaos Computer Club Wien (C3W)

c3w.at

69

The Chaos Computer Club Wien (C3W) is a non-profit community organization based in Austria focused on promoting information freedom, critical engagement with electronic media, and the dissemination of free technologies and standards. The website serves as an informational hub for the community, providing contact details, event information, and advocacy resources. The organization targets technology enthusiasts, civil society members, and activists interested in digital rights and open technologies. Technically, the website is built using the Hugo static site generator with modern JavaScript libraries enhancing user experience. It is well-optimized for mobile devices and accessibility, with good SEO practices and a clean, professional design. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response policies could be improved. Privacy compliance is adequate with a privacy policy present, but no explicit cookie consent mechanism. Overall, the site is trustworthy, professional, and aligned with the organization's mission.

H

Hotel u Ledu*** / Wellness

hoteluledu.cz

62

Hotel u Ledu is a hospitality business located in Velké Popovice, Czech Republic, offering comfortable accommodation, wellness services, and gastronomic experiences. The website positions the hotel as an ideal location for both leisure and corporate events, targeting a general audience seeking quality hospitality services. The business appears to be small-sized and has been operating since 2015, with a consistent brand presence and good content quality on its website. Technically, the website is built on WordPress using the Divi theme, leveraging modern web technologies such as Google Tag Manager and Google Analytics for tracking and marketing purposes. The site demonstrates good SEO practices, mobile optimization, and basic accessibility features. Hosting and domain registration are consistent with the business location and sector, indicating a stable digital infrastructure. From a security perspective, the website uses HTTPS and implements cookie consent mechanisms compliant with GDPR. However, explicit security headers and incident response policies are not evident, suggesting room for improvement in security posture. No vulnerabilities or suspicious activities were detected in the content or technical setup. Overall, the website presents a professional and trustworthy online presence for the hotel business, with moderate tracking and marketing tools in use. Strategic recommendations include enhancing security headers, publishing clear security and incident response policies, and maintaining regular updates to the CMS and plugins to mitigate potential vulnerabilities.

S

Saratoga County Chamber of Commerce

saratoga.org

58

The Saratoga County Chamber of Commerce website serves as a regional hub for local business support, community engagement, and event promotion within Saratoga County, United States. The site targets local businesses and community members, offering services such as networking opportunities and promotional campaigns. The business model is membership-based, focusing on fostering local economic growth and community involvement. The website is professionally designed with consistent branding and good content quality, reflecting a small-sized organization with a clear regional focus. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, Yoast SEO Premium, and various analytics and tracking tools such as Google Analytics and Facebook Pixel. Hosting is supported by Azure CDN, contributing to moderate performance and good mobile optimization. SEO practices are well implemented with structured data and meta tags, although accessibility features are basic. From a security perspective, the site enforces HTTPS and includes some best practices such as reCAPTCHA integration. However, explicit security headers are not detected, and no vulnerability disclosure or incident response policies are present. The WHOIS data is privacy protected or unavailable, which is common for such organizations but slightly reduces transparency. Overall, the security posture is good but could be improved with enhanced headers and formal policies. The overall risk assessment indicates a legitimate and professionally maintained website with moderate user tracking and some gaps in privacy compliance. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, and establishing vulnerability disclosure mechanisms to improve trust and compliance.

N

Nemocnice Na Františku

nnfp.cz

48

Nemocnice Na Františku is a modern healthcare institution located in the heart of Prague, Czech Republic. The hospital offers a wide range of medical services including inpatient and outpatient care, emergency services, plastic surgery, orthopedics, and rehabilitation. It positions itself as a leading healthcare provider with a focus on professional care, modern equipment, and patient comfort. The website reflects a well-structured digital presence with clear navigation, patient testimonials, and social media engagement. Technically, the website is built on WordPress 6.8 using Oxygen Builder and integrates common libraries such as jQuery and FontAwesome. It employs cookie consent mechanisms and GDPR-compliant privacy policies, indicating awareness of privacy regulations. Performance is moderate with good mobile optimization, though some security headers are missing which could be improved. From a security perspective, the site uses HTTPS and includes cookie consent but lacks explicit security headers like Content-Security-Policy and X-Frame-Options. No critical vulnerabilities were detected in the visible content. The absence of WHOIS data reduces trustworthiness slightly but the presence of certifications, social media, and professional content supports legitimacy. Overall, the website is professional and trustworthy with room for technical and security enhancements. Strategic recommendations include implementing comprehensive security headers, improving WHOIS transparency, and enhancing accessibility features.

K

Krankenhaus Buchholz und Winsen gemeinnützige GmbH

krankenhaus-winsen.de

49

Krankenhaus Winsen is a regional acute care hospital located near Hamburg, Germany, operating under the umbrella of Krankenhaus Buchholz und Winsen gGmbH. The hospital offers a broad range of medical services across multiple specialized departments and competence centers, including surgery, anesthesiology, gynecology, orthopedics, and emergency care. The website targets patients, visitors, and healthcare professionals, providing comprehensive information about medical services, patient preparation, and events. The hospital maintains partnerships with related healthcare and educational institutions, enhancing its service offerings and training capabilities. Technically, the website is built on TYPO3 CMS, utilizing modern JavaScript libraries such as jQuery and Owl Carousel for interactive elements. The site is mobile-optimized with good navigation clarity and SEO practices. Hosting is provided by kundenserver.de, with HTTPS enforced and cookie consent implemented via an opt-in mechanism. Analytics are handled through Matomo, respecting user privacy. From a security perspective, the site uses HTTPS and cookie consent but lacks explicit security headers in the provided data. No vulnerabilities or exposed sensitive data were detected. The absence of a public incident response or vulnerability disclosure policy is noted as an area for improvement. The WHOIS data aligns with the hospital's identity, showing consistent domain registration without privacy protection, supporting legitimacy. Overall, Krankenhaus Winsen's website demonstrates a solid digital presence with good content quality, privacy compliance, and business credibility. Strategic recommendations include enhancing security headers, publishing incident response contacts, and formalizing vulnerability disclosure to strengthen security posture and trust.

K

Krankenhaus Buchholz und Winsen gemeinnützige GmbH

krankenhaus-buchholz.de

49

Krankenhaus Buchholz und Winsen gemeinnützige GmbH operates as a regional healthcare provider located near Hamburg, Germany, offering a broad range of medical services including surgery, anesthesiology, gynecology, neurology, and emergency care. The hospital positions itself as a medium-sized non-profit institution with specialized competence centers and partnerships, notably with Krankenhaus Winsen. The website is professionally designed using TYPO3 CMS, featuring good mobile optimization and clear navigation, supporting a positive user experience for patients, visitors, and healthcare professionals. Compliance with GDPR and cookie consent regulations is well implemented, reflecting a mature privacy posture. Security practices include HTTPS enforcement and cookie opt-in mechanisms, though there is room for improvement in security headers and incident response transparency. The website integrates Matomo analytics with minimal user tracking, aligning with privacy best practices. Overall, the domain registration and website content are consistent and trustworthy, supporting a high legitimacy score. Strategic recommendations include enhancing security headers, publishing incident response contacts, and maintaining regular security audits to further strengthen the security posture.

F

Fabas Luce S.p.A.

lamialuce.eu

47

Fabas Luce S.p.A. is an Italian company specializing in the manufacturing and distribution of lighting products, including various lamp types such as wall, table, suspension, ceiling, spotlights, and under-cabinet lamps. The website serves as a product catalog and brand presence platform, explicitly clarifying that the company does not sell products directly online and warning users about unauthorized sellers. The company targets consumers and businesses interested in quality lighting solutions, positioning itself as an established player in the retail lighting sector. Technically, the website employs modern web technologies including Bootstrap for responsive design, jQuery for scripting, and Google Analytics and Tag Manager for user tracking and marketing insights. The site is mobile-optimized with a clear navigation structure and cookie consent mechanisms in place, reflecting a moderate level of digital maturity. However, some areas such as accessibility and SEO could be improved. From a security perspective, the site uses HTTPS and implements cookie consent but lacks visible security headers and formal security policies or incident response information. No critical vulnerabilities or exposed sensitive data were detected, but the absence of a security.txt or vulnerability disclosure page indicates room for improvement in transparency and security culture. Overall, the website is professional and trustworthy with moderate risk. The lack of WHOIS transparency is mitigated by consistent business information and official contact details. Strategic recommendations include enhancing security headers, publishing security policies, improving accessibility, and expanding privacy compliance documentation.

Princeton in Africa is a well-established non-profit organization dedicated to developing young leaders through yearlong fellowships with impactful African organizations. The website reflects a mature program with a strong network of fellows, host organizations, and alumni, emphasizing leadership development and contributions across multiple sectors in Africa. The site is professionally designed using WordPress and integrates common web technologies such as jQuery, Google Analytics, and Gravity Forms for user engagement and data collection. Security posture is generally good with HTTPS enforced and secure form handling, though the absence of security headers and explicit privacy/cookie policies indicates room for improvement. The WHOIS data is unavailable or malformed, which slightly reduces domain trustworthiness, but the website content and contact information strongly support legitimacy. Overall, the site is accessible, safe, and provides comprehensive information for its target audience.

1

19.jamka - české golfové fórum | 19jamka.cz - české golfové fórum

19jamka.cz

57

19.jamka.cz is a Czech language online golf community platform offering forums, articles, quizzes, a marketplace for golf equipment, and golf course reviews. It serves as a niche media site targeting golf enthusiasts primarily in the Czech Republic. The site is built on the XenForo forum platform, leveraging modern web technologies including HTTPS, Google Analytics, and Google Fonts. The technical infrastructure is moderately optimized with good mobile responsiveness and basic accessibility features. Security posture is solid with HTTPS enforcement and CSRF protections, though some security headers are missing. Privacy compliance is limited due to absence of explicit privacy and cookie policies, though a cookie consent mechanism is present. Business credibility is moderate with no public WHOIS data or company contact information, but active community engagement and consistent branding support legitimacy.

P

Praktikum Westküste

praktikum-westkueste.de

47

Praktikum Westküste operates as a regional internship network platform focused on connecting students, pupils, and young people with internship opportunities in the Westküste region of Germany, including Nordfriesland, Dithmarschen, Steinburg, and Pinneberg. The platform hosts thousands of internship offers from over two thousand registered companies, positioning itself as a key regional player in educational and vocational placement services. The website is designed to serve both the internship seekers and companies looking to fill internship positions, with specialized offerings for various voluntary service programs such as FSJ, FÖJ, FKJ, and Bundesfreiwilligendienst. Technically, the website is built on the Contao Open Source CMS and leverages modern web technologies including jQuery, the Foundation framework, and FontAwesome for UI elements. It integrates Matomo Analytics for privacy-conscious visitor tracking and implements GDPR-compliant cookie consent mechanisms. The site demonstrates good mobile optimization and accessibility basics, with a clear navigation structure and professional design quality. However, some security headers are not explicitly detected, and no dedicated security or incident response policies are publicly available. From a security perspective, the site enforces HTTPS and uses cookie consent banners aligned with GDPR requirements. The use of Matomo Analytics with DoNotTrack enabled reflects a privacy-aware approach. No critical vulnerabilities or exposed sensitive data were identified in the HTML content. The WHOIS data is consistent with the website's regional focus and shows no privacy protection or suspicious registration patterns, supporting the platform's legitimacy. Overall, Praktikum Westküste presents a trustworthy, well-maintained regional educational platform with solid privacy compliance and a moderate security posture. Strategic improvements could include enhancing security headers, publishing explicit security policies, and providing clearer contact information for incident response. These steps would further strengthen trust and compliance in the evolving regulatory landscape.

S

Schröder Elektrotechnik

schroederelektrotechnik.de

55

Schröder Elektrotechnik is a regional electrical services company operating primarily in Rellingen, Holstein, and Hamburg, Germany. The company offers services including lighting, electrical installations, household appliances, and environmental technology catering to both private and commercial clients. The website reflects a small-sized local business with a clear focus on its target audience and service offerings. The digital infrastructure is built on WordPress CMS, utilizing modern technologies such as Bootstrap, jQuery, and FontAwesome, complemented by plugins for cookie consent and portfolio management. The site is optimized for mobile devices and demonstrates good SEO practices. Security posture is solid with HTTPS enforced, standard security headers present, and no exposed sensitive data. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. However, the site lacks explicit terms of service and security policy pages, and contact information is limited to an email address and contact form without phone or physical address details. Overall, the website presents a professional and trustworthy digital presence for a local electrical services provider.

L

LETECKÉ ZÁŽITKY.CZ - vyhlídkové lety, pilotem na zkoušku, lety balónem, tandemové sekoky padákem a další tipy na originální dárky - Letecké zážitky

leteckezazitky.cz

42

The website www.leteckezazitky.cz is a Czech e-commerce platform specializing in aviation-related experiences such as sightseeing flights, pilot training experiences, balloon flights, parachute jumps, and flight simulators. It targets consumers in the Czech Republic seeking unique aviation gifts and experiences. The site presents a professional and consistent brand image with a good quality of content and user experience. Technically, it employs modern web technologies including Bootstrap, jQuery, and integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, and LinkedIn Insight. The site is mobile-optimized and uses HTTPS for secure communication. However, the absence of WHOIS data and lack of explicit privacy policy and contact information reduce transparency and trustworthiness. The cookie consent mechanism is implemented, indicating some level of privacy compliance. Overall, the site appears legitimate and well-maintained but would benefit from improved transparency and security disclosures.

Enno Makoschey Heizung- und Sanitär GmbH is a small German company specializing in heating and sanitary services, including installation, maintenance, and emergency services. The company positions itself as a reliable local specialist offering a broad range of services such as heating systems, bathroom renovations, solar thermal solutions, and funding consultation. The website reflects a professional business with clear service descriptions and contact information, targeting a general audience in Germany. Technically, the website uses modern JavaScript libraries and the Foundation framework, ensuring good mobile optimization and user experience. Security-wise, the site employs HTTPS and a cookie consent mechanism but lacks visible advanced security headers or explicit incident response policies. Overall, the website is trustworthy and well-maintained, though improvements in security headers and explicit policies could enhance its posture.

Gosau GbR is a small, specialized master craftsman company based in Oelixdorf, Germany, focusing on heating, ventilation, and sanitary services. The company offers a broad range of modern heating solutions including oil, gas, pellet, biomass, heat pumps, and solar energy systems, complemented by maintenance and customer service. Their market position is that of a trusted local provider emphasizing quality and customer care, supported by certifications such as a Stiftung Warentest award. Technically, the website is built on a modern stack using jQuery, Foundation framework, and various UI libraries, with good mobile optimization and SEO practices. Security posture is moderate with cookie consent implemented but lacking visible advanced security headers. Overall, the site is professional, trustworthy, and compliant with GDPR, with clear contact information and social media presence. No critical security issues or content safety concerns were detected.

Arfst Bohn GmbH is a small, family-owned specialist company based on Amrum island, Germany, providing heating, sanitation, ventilation, climate technology, solar energy solutions, and related services. The company emphasizes quality, reliability, and comprehensive customer support from planning to installation and maintenance. Their market position is that of a trusted local expert with a focus on renewable energy and modern heating technologies. Technically, the website uses a modern but straightforward stack including jQuery, Foundation framework, and various UI libraries, hosted likely on a standard web hosting platform. The site is mobile-optimized and provides clear navigation and content relevant to its target audience. Security posture is moderate with HTTPS implied but lacks explicit security headers and detailed security policies. Privacy compliance is good with a cookie consent mechanism and a privacy policy present. Overall, the website is professional and trustworthy, though improvements in security headers and incident response information are recommended.

J

Jugendcafé Camäleon

camaleon.li

50

Jugendcafé Camäleon is a small non-profit youth center based in Vaduz, Liechtenstein, providing a community space for youth engagement, projects, and events. The website serves as an informational and promotional platform targeting local youth and community members, offering details about their services, events, and gallery. The organization appears well-established since 2018 with a clear local focus and active social media presence. Technically, the website is built on WordPress with standard plugins such as Yoast SEO and Contact Form 7, ensuring basic SEO and contact functionalities. The site is mobile-optimized and uses modern libraries like Swiper.js and FontAwesome for UI enhancements. Security posture is adequate with HTTPS enforced and Google reCAPTCHA protecting forms, though it lacks advanced security headers and explicit incident response policies. Privacy and cookie policies are present but lack an explicit consent mechanism. Overall, the site is trustworthy, professional, and safe for general audiences.

The Liechtensteinisches Rotes Kreuz website represents the national Red Cross society of Liechtenstein, offering emergency medical services, first aid courses, and parental counseling. It serves residents of Liechtenstein and nearby areas, operating as a non-profit humanitarian organization funded by donations and memberships. The website is well-branded, professionally designed, and provides clear contact information and social media presence, reinforcing its trustworthiness and community engagement. Technically, the site is built on WordPress using the Astra theme and several plugins including Modern Events Calendar Lite and MonsterInsights for analytics. The infrastructure supports good mobile optimization, accessibility, and SEO practices. Performance is moderate, with modern technologies and standard web analytics integration. From a security perspective, the site enforces HTTPS, employs security headers, and includes privacy and cookie policies compliant with GDPR. However, it lacks a dedicated security policy or incident response page and does not publish a vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a strong security posture and business credibility appropriate for a national humanitarian organization. Strategic improvements could include publishing explicit security policies and incident response contacts to enhance transparency and trust further.

E

easyfind.ch

easyfind.ch

65

easyfind.ch operates as a Swiss-based lost and found service platform connecting individuals who have lost or found items with over 2,500 participating lost property offices across Europe. The platform supports multiple languages and integrates with services like Swisspass and easyfind.com codes, positioning itself as the largest network in this niche. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. Social media presence and customer ratings indicate a trustworthy and established service. Technically, the site uses modern web technologies and maintains good security practices with HTTPS and no exposed sensitive data. However, it lacks explicit security policies, incident response information, and cookie consent mechanisms, which are areas for improvement. Overall, the site is reliable, accessible, and serves a clear public service function.

L

Liechtensteinische Kraftwerke

lkw.li

11

Liechtensteinische Kraftwerke (LKW) is a well-established energy and telecommunications provider in Liechtenstein, operating since 1923. The company offers a broad range of services including electricity and heat supply, network provision, fiber optic communication, electrical installation, electromobility, and photovoltaic solutions. Their digital presence includes an energy portal and a physical EnergieLaden store, targeting both private and business customers within the region. The website reflects a professional and consistent brand image with active content updates and customer service information.

G

GEF Ingenieur AG

siskmr.com

42

The website sisKMR.com represents GEF Ingenieur AG, a specialized engineering company providing software solutions for static calculations and optimization of district heating pipelines. The company holds a strong market position in Europe with over 30 years of experience and offers software, engineering services, training, and support primarily targeting planners, engineers, and manufacturers in the energy sector. The website is professionally designed, multilingual, and provides clear contact channels including forms, email, phone, and physical address. Technically, the site is built on WordPress with modern plugins and frameworks, delivering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is good with a comprehensive GDPR-aligned privacy policy, though no cookie consent mechanism or terms of service are present. Overall, the site is trustworthy and business credible, with minor improvements recommended in security and privacy transparency.

A

All In One Security

aiosecurity.com

62

All In One Security is a small business specializing in comprehensive commercial and residential security solutions, including ADT authorized installations. The company positions itself as a trusted provider offering surveillance cameras, access control, monitored fire systems, and audio/video integration. The website is built on WordPress using Elementor and Astra theme, reflecting a moderate level of digital maturity with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and anti-spam protections, but lacks advanced security headers and formal policies such as privacy and cookie policies. Overall, the site is professional and trustworthy but could improve compliance and security transparency.

W

Wildwechsel

wildwechsel.de

63

Wildwechsel is a regional German media platform specializing in event listings and cultural information for areas including Kassel, Paderborn, Marburg, Nordhessen, and OWL. The website offers comprehensive event data such as concerts, parties, theater, and local activities, targeting a general audience interested in regional happenings. Technically, the site is built on WordPress and integrates various modern web technologies including Google Fonts, FontAwesome, and multiple analytics and advertising scripts. Hosting is provided via GoDaddy, and the site uses HTTPS with a good SSL configuration. Security measures include anti-spam and bot detection services, but explicit security headers are lacking, and no formal privacy or cookie policies are detected, indicating room for compliance improvement. Overall, the site presents a professional and trustworthy front with moderate technical performance and good content quality.

B

Bücher Pustet

pustet.de

67

Bücher Pustet is a well-established regional bookstore chain in Bavaria, Germany, with a nearly 200-year history. The company operates multiple physical stores and a comprehensive online shop offering books, eBooks, audiobooks, calendars, games, and related products. Their services include community events, gift vouchers, and specialized offerings for schools, libraries, and corporate clients. The website reflects a mature retail business with a focus on customer engagement and regional presence. Technically, the website uses modern web technologies including Bootstrap and FontAwesome, with a custom CMS managing rich content modules. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security is well-implemented with HTTPS and multiple security headers, but lacks visible privacy and cookie policies, which are important for GDPR compliance. The security posture is strong with no detected vulnerabilities or exposed sensitive data. However, the absence of public incident response information and vulnerability disclosure mechanisms suggests room for improvement in transparency and preparedness. Overall, the site is trustworthy and professional but should enhance privacy compliance and user consent mechanisms. Strategically, Bücher Pustet should prioritize publishing comprehensive privacy and cookie policies, implement consent banners, and provide clear security and incident response information to strengthen user trust and regulatory compliance. Enhancing accessibility and continuous security audits will further improve the site's quality and resilience.

T

Thomas Engbert

engbert.de

48

Thomas Engbert is a small German-based communications design business specializing in visual and digital solutions, including UI/UX design and Joomla CMS development. The company serves a European clientele across various sectors such as economy, shipping, healthcare, and sports. The website is professionally designed with excellent content quality and clear navigation, reflecting a mature digital presence. Technically, the site uses Joomla CMS with YOOtheme Pro and UIkit frameworks, ensuring modern and responsive design. Security posture is good with HTTPS enabled and CSRF tokens present, though the absence of explicit privacy and cookie policies and security headers indicates room for improvement. Overall, the domain registration is consistent and trustworthy, with no blocking or WAF detected, supporting a high legitimacy score.

D

DBRD Akademie GmbH

tecc-germany.de

54

TECC Germany, operated by DBRD Akademie GmbH, is a specialized educational provider offering Tactical Emergency Casualty Care courses tailored for police, fire services, personal protection, and rescue personnel in Germany. The website presents detailed course offerings, schedules, and pricing, establishing a clear market position as a niche training provider in tactical emergency medical care. The business model focuses on in-person and scenario-based training with transparent pricing and no sponsorship conflicts. Technically, the website is built on Joomla CMS with Yootheme templates and UIkit framework, incorporating modern web technologies such as Typed.js and Google Fonts. The site is mobile-optimized and includes accessibility features, providing a good user experience. However, some improvements in security headers and cookie consent mechanisms could enhance compliance and security posture. Security-wise, the site enforces HTTPS and uses CSRF tokens, with no visible sensitive data exposure. The absence of explicit security policies and incident response contacts is noted. The domain registration data is consistent with the business claims, showing legitimacy and stability. Overall, the site demonstrates a solid security posture with room for improvement in privacy compliance. The overall risk assessment is low, with recommendations focusing on enhancing privacy compliance, adding security headers, and publishing security policies to strengthen trust and regulatory adherence.

D

DBRD Akademie GmbH

epc-germany.de

53

EPC Deutschland, operated by DBRD Akademie GmbH, provides specialized Emergency Pediatric Care training courses in Germany targeting preclinical emergency responders. The website is professionally designed using Joomla CMS with modern UIkit framework, offering good mobile optimization and accessibility features. The business is well positioned in the healthcare education sector with clear contact details and partner affiliations. Security posture is solid with HTTPS and CSRF protections, though lacking some security headers and incident response disclosures. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the website is trustworthy and functional with room for security and compliance improvements.

A

Abfallwirtschaft Schleswig-Flensburg GmbH

asf-online.de

57

Abfallwirtschaft Schleswig-Flensburg GmbH operates as a regional public waste management service provider in Germany, focusing on waste collection, recycling, and environmental education for residents and businesses in the Schleswig-Flensburg area. The website serves as an information hub offering schedules, service details, and contact options, positioning the company as a trusted regional authority in waste management. Technically, the site is built on TYPO3 CMS with modern frontend technologies such as Bootstrap and jQuery, providing a responsive and accessible user experience. Security posture is adequate with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and incident response transparency. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, supporting the company's credibility and public service mission.

D

DCF Verlag GmbH

unternehmerjournal.de

44

UnternehmerJournal is a German online media platform dedicated to the Mittelstand business sector, providing news, interviews, and expert advice tailored for business executives and entrepreneurs. The platform is operated by DCF Verlag GmbH and positions itself as a niche media outlet for the digital German Mittelstand, emphasizing quality content and business insights. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, and Iubenda for cookie compliance, ensuring a good level of digital maturity and user experience. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security policies and incident response contacts, which could be improved. Overall, the website is professional, trustworthy, and compliant with GDPR, serving its target audience effectively.

The website www.wsb-agency.com represents a communication agency formerly known as WSB, now rebranded as mêtis to celebrate its 20th anniversary. The agency focuses on providing communication and marketing services to businesses that view communication as a catalyst for change. The site serves primarily as an announcement landing page directing visitors to the new brand website and LinkedIn profile. Technically, the site is built on WordPress using common libraries such as jQuery, Tailwind CSS, and FontAwesome. However, it suffers from visible WordPress debug notices indicating suboptimal configuration and early loading of translation files. Security posture is basic with no visible security headers or advanced protections, and no privacy or cookie policies are present, which impacts compliance. The WHOIS data for the domain is missing or unavailable, which raises concerns about domain legitimacy and registration consistency. Overall, the site is functional but minimal, with moderate technical maturity and basic content quality.

D

DMK Vall 042 d.o.o.

okusi.hr

41

Okusi hrvatske tradicije is a Croatian tourism and gastronomy promotion platform operated by DMK Vall 042 d.o.o., focusing on showcasing traditional Croatian cuisine, wines, and local agricultural products. The website targets tourists and gastronomy enthusiasts interested in authentic Croatian culinary experiences. It collaborates with local and county tourist boards to enrich the tourism offer with gastronomic content. Technically, the website is built on Joomla CMS using Bootstrap 3 and FontAwesome, with moderate performance and good mobile optimization. Security posture is moderate with no detected security headers or privacy policies, and SSL status is unknown from the provided data. Contact information is clearly provided, and social media presence includes Facebook and YouTube. Overall, the site is professional and trustworthy but lacks formal privacy and security disclosures.

E

EDUin, o. p. s.

eduina.cz

38

EDUína is a Czech non-profit organization focused on recognizing and awarding innovative projects in formal and informal education. The organization has been active for over 10 years, celebrating educational achievements and honoring significant contributors to Czech education. The website reflects a well-structured digital presence with clear branding, contact information, and social media integration. Technically, the site is built on WordPress using popular plugins such as Yoast SEO and Elementor, ensuring good SEO and user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers are missing. The absence of WHOIS data is a concern for domain legitimacy verification but does not detract from the professional presentation and trust signals on the site. Overall, EDUína presents a credible and professional front for its educational award activities.

K

Karlsruher Kind

karlsruher-kind.de

64

Karlsruher Kind is a regional magazine targeting parents and children in the Karlsruhe area, providing editorial content, event calendars, and community engagement features. The website is built on WordPress with a modern plugin ecosystem supporting event management and user interaction. The technical infrastructure includes HTTPS, security headers, and structured data for SEO, reflecting a mature digital presence. Security posture is strong with no evident vulnerabilities or exposed sensitive data, though privacy compliance could be improved by publishing explicit privacy and terms policies. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

H

HAMAG BICRO

hamagbicro.hr

47

HAMAG BICRO is a Croatian government agency dedicated to supporting small businesses and investments. The agency provides comprehensive assistance to entrepreneurs throughout all stages of business development, from idea research and development to commercialization and market placement. The website reflects a national-level institution with a focus on fostering economic growth and innovation in Croatia. Technically, the website is built on WordPress with SEO optimization plugins, indicating a moderate level of digital maturity. The site is accessible, mobile-optimized, and presents content in Croatian, targeting local entrepreneurs. Security posture shows room for improvement, with no detected security headers and missing privacy and cookie policies, which are critical for GDPR compliance. Overall, the domain registration and WHOIS data align well with the agency's profile, confirming legitimacy. Strategic recommendations include enhancing security headers, adding privacy and cookie policies with consent mechanisms, and publishing clear contact and incident response information to improve trust and compliance.

The website www.javnanabava.hr serves as the official Croatian government portal dedicated to public procurement. It provides authoritative information, legal frameworks, news updates, statistical data, and educational resources aimed at public sector entities, suppliers, and other stakeholders involved in public procurement processes. The portal is managed by the Ministry of Economy's Directorate for Public Procurement Policy, reflecting a strong government presence and trustworthiness. Technically, the site leverages modern web technologies including Blazor, Bootstrap, and Oqtane CMS, ensuring a responsive and accessible user experience. Accessibility tools and cookie consent mechanisms are implemented, demonstrating compliance with privacy regulations such as GDPR. Security posture is solid with HTTPS enforced and CSRF protections in place, though some security headers could be improved. No critical vulnerabilities or suspicious activities were detected. Overall, the site is professional, well-maintained, and serves its governmental informational purpose effectively.

Na kole is a Czech language niche blog focused on urban cycling, sports, and healthy lifestyle topics. The website provides articles, event information, cycling route maps, and a sports catalog, targeting cycling enthusiasts and health-conscious individuals primarily in the Czech Republic. The site is built on WordPress with common plugins for SEO and forms, indicating a moderate level of digital maturity. The content is well-structured, regularly updated, and professionally presented, supporting good user experience and SEO. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but lacks advanced security headers and formal privacy or cookie policies, which are compliance gaps. The absence of public WHOIS data suggests domain privacy protection, common for small content sites. Overall, the site is legitimate and trustworthy but would benefit from enhanced privacy compliance and security best practices.

G

Grow

grow.me

54

Grow is a technology-driven platform focused on enabling readers to curate and save content from their favorite creators for free. The platform emphasizes ease of use with a single login for content bookmarking and subscription, targeting content consumers who value efficient content management. Affiliated with Mediavine, Grow benefits from established market presence and resources. Technically, the website is built on WordPress with modern JavaScript libraries and integrates advanced consent management and analytics tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforcement and consent-based tracking, though there is room for improvement in security headers and explicit security policies. Overall, the site is professional, privacy-conscious, and trustworthy, with no signs of malicious activity or content safety concerns.

Manganga Team is a small Brazilian entity focused on retro 16-BIT gaming culture, including Mega Drive and Sega Genesis games, pixel art, and chiptune music. The website is built using a website builder platform and hosted on HostGator Brazil, reflecting a modest but consistent digital presence. The content is primarily in Portuguese and targets enthusiasts of retro gaming and related creative arts. Technically, the site uses standard web fonts and icon libraries but lacks advanced frameworks or analytics tools. Security posture is basic, with no evident security headers or privacy policies, indicating room for improvement in compliance and protection. Overall, the site is safe with no adult or questionable content detected, but it lacks critical privacy and security features that would enhance trust and compliance.

U

Udruženje građana EmPower

empower.rs

42

Udruženje građana EmPower is a Serbian non-profit organization focused on empowering youth through educational projects and workshops. Their offerings include digital learning tools like eBukvar, internet safety workshops, Erasmus Plus international youth exchanges, and programming workshops. The organization targets young people and children, aiming to improve community life through education and digital literacy. The website is professionally designed using WordPress and common web technologies, providing a good user experience and mobile optimization. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is moderate with HTTPS enabled but missing security headers and DNSSEC. Contact information and social media presence support business credibility. Overall, the site is safe and trustworthy with room for improvement in privacy and security practices.

S

Spravia Sp. z o.o.

spravia.pl

52

Spravia Sp. z o.o. is a Polish real estate developer specializing in new apartment sales in Warsaw districts such as Mokotów, Bemowo, and Praga Południe. Founded in 2021, the company presents a professional online presence with a well-structured website optimized for SEO and user experience. The site targets general consumers interested in purchasing residential properties in Warsaw, offering detailed plans and pricing information. Technically, the website is built on WordPress with modern marketing and analytics integrations including Google Tag Manager, Hotjar, and Cookiebot for GDPR compliance. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though security headers and incident response policies are not explicitly published. Overall, the website reflects a medium-sized real estate business with a consistent brand and good digital maturity.

G

Game Lab Graz

gamelabgraz.com

42

Game Lab Graz is an academic research group led by Johanna Pirker, focusing on exploring the full potential of video games through designing and researching virtual, engaging, and immersive experiences. The website serves as a platform to showcase projects, publications, courses, and team information related to game design and virtual reality. The target audience primarily includes students, researchers, and professionals interested in game development and immersive technologies. The business model is centered around education and research within the academic sector, positioning itself as a niche player in the field of game design and virtual reality research. Technically, the website is built on WordPress CMS with Elementor page builder and uses common web technologies such as jQuery, Bootstrap grid, and FontAwesome icons. Hosting appears to be provided by Alfahosting based on DNS nameservers. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO features. The design is professional and consistent with academic branding, providing a good user experience and clear navigation. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and security headers such as Content-Security-Policy or X-Frame-Options. No exposed sensitive data or vulnerable libraries were detected. However, the absence of privacy and cookie policies indicates compliance gaps with GDPR and other data protection regulations. No incident response or security contact information is provided, which could be improved to enhance trust and readiness. Overall, the website is trustworthy and professionally maintained, with a strong academic focus. The main risks relate to privacy compliance and security best practices, which should be addressed to improve the security posture and regulatory adherence. Strategic recommendations include implementing privacy and cookie policies, enabling DNSSEC, adding security headers, and providing clear contact information for security incidents.

S

SUBOTRON

subotron.com

10

SUBOTRON is a Vienna-based platform dedicated to digital game culture, focusing on organizing events such as talks, panels, and workshops, as well as providing news and networking opportunities for indie game developers and enthusiasts. The website positions itself as a niche community hub for Austrian and international digital game culture, with a history dating back to 2002. The business model appears to be community-oriented, possibly non-profit, emphasizing cultural and educational activities in the gaming sector. Technically, the website is built on WordPress using the Divi theme, incorporating modern web technologies such as jQuery, Google reCAPTCHA v3 for spam protection, and FontAwesome for icons. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms. However, it lacks DNSSEC, security headers, and published security policies or incident response contacts. No privacy or cookie policies were found, indicating gaps in compliance with GDPR and related regulations. The domain is well-established with consistent WHOIS data, enhancing trustworthiness. Overall, SUBOTRON presents a professional and trustworthy online presence with solid business credibility and technical implementation. The main areas for improvement include enhancing privacy compliance, implementing security best practices such as DNSSEC and security headers, and publishing clear policies to improve user trust and regulatory adherence.

M

Masáže Hořovice Martin Crk

masaze-martincrk.cz

37

Masáže Hořovice Martin Crk is a small local business providing massage and wellness services in the Czech Republic. The website presents a professional and clean design with clear contact information and a focus on natural massage oils and stress relief. The business is relatively new, founded in 2022, and targets general consumers seeking relaxation and physical well-being. The site uses WordPress CMS with common plugins such as Yoast SEO and jQuery, indicating a standard modern web infrastructure. Performance and mobile optimization are adequate, though accessibility features are basic. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is trustworthy for its business purpose but would benefit from enhanced privacy and security practices.

N

Nadační fond Flaminia

nfflaminia.cz

55

Nadační fond Flaminia is a Czech non-profit foundation established in 2007, dedicated to supporting mental health and psychological wellbeing projects for children and youth. The organization collaborates with various partner projects and runs awareness campaigns to promote mental health care as equally important as physical health. Their website reflects a professional and consistent brand image, providing clear contact information and detailed descriptions of their initiatives and supported projects. Technically, the website uses modern web technologies including Bootstrap, jQuery, FontAwesome, and Google Fonts, with good mobile optimization and SEO practices. The site is accessible and well-structured, though it uses multiple versions of Bootstrap and jQuery which could be streamlined. No CMS or hosting provider details were detected. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data, but lacks important security headers and privacy/cookie policies, which are compliance gaps. No WHOIS data was found for the domain, which reduces trustworthiness and raises questions about domain registration legitimacy. No analytics or tracking scripts were detected, indicating minimal user tracking. Overall, the site is trustworthy and professional in content and presentation but would benefit from improved privacy compliance and security hardening. The lack of WHOIS data is a notable concern that should be investigated further.