Security Directory

E

Über 20 Jahre Kompetenz für die Energiewirtschaft - Energy4u GmbH

energy4u.org

62

Energy4U is a German-based energy sector service provider with a long-established domain since 2000. The company appears to offer energy consultancy and related services targeting businesses and consumers interested in energy solutions. The website is professionally designed using WordPress CMS with Bootstrap and Font Awesome, providing a good user experience and mobile optimization. However, the site lacks explicit privacy and cookie policies, which impacts its privacy compliance score. Security posture is moderate with HTTPS enabled but missing security headers and DNSSEC. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional and trustworthy but would benefit from improved privacy compliance and enhanced security measures.

F

Foundation for Environmental Education

fee.global

63

The Foundation for Environmental Education (FEE) is a well-established non-profit organization focused on environmental education and sustainable development with a global presence spanning over 110 member organizations in 85 countries. Their core activities include managing internationally recognized sustainability certification programs such as Blue Flag and Green Key, youth empowerment initiatives like Eco-Schools and Young Reporters for the Environment, and global campaigns addressing climate action and ecosystem restoration. The website reflects a professional and consistent brand image aligned with their mission. Technically, the website is built on the Squarespace platform, leveraging modern web technologies including Google Tag Manager and Mailchimp for analytics and marketing. The site is mobile-optimized and performs moderately well, though accessibility features could be enhanced. Security posture is strong with HTTPS enforced and HSTS enabled, but the absence of visible privacy and cookie policies indicates room for improvement in compliance. Overall, the security posture is solid with no evident vulnerabilities or exposed sensitive data. However, the lack of explicit privacy and cookie policies, as well as missing contact information for security incidents, represents compliance and transparency gaps. The domain WHOIS data is privacy protected, which is common for non-profits, and no suspicious patterns were detected. The website is safe for general audiences and free from adult or questionable content. Strategically, the organization should prioritize publishing comprehensive privacy and cookie policies with consent mechanisms, establish a vulnerability disclosure process, and improve accessibility to enhance trust and compliance. These steps will strengthen their security culture and align with global data protection standards.

The website www.neverbounce.com is currently inaccessible due to a Web Application Firewall (WAF) security challenge implemented by PerimeterX, which blocks automated or suspicious access. The WHOIS lookup for the domain failed, returning no registration data, which raises significant concerns about the domain's legitimacy or registration status. Due to the lack of accessible content, metadata, or business information, a comprehensive analysis of the company's business model, services, or compliance posture is not possible. The only visible element is a security challenge page with no usable content or contact information. From a technical perspective, the site employs PerimeterX for bot mitigation and security, but no other technologies, frameworks, or hosting details are discernible. The absence of security headers, privacy policies, or contact details further limits the ability to assess the security and compliance maturity of the website. The domain's WHOIS data absence is a critical red flag, suggesting either a non-registered domain or privacy-protected data that is not publicly available. Security posture evaluation is severely limited due to the blocked content, but the presence of a WAF indicates some level of security awareness. However, the lack of visible HTTPS enforcement, security headers, or compliance documentation suggests potential gaps. Overall, the website's risk profile is high due to inaccessibility and missing registration data, and it is recommended to verify domain registration and ensure proper public-facing security and compliance disclosures. Strategic recommendations include enabling access for legitimate users, publishing clear privacy and security policies, and ensuring WHOIS data is accurate and publicly available to improve trust and legitimacy.

L

Lidl Slovenija

lidl.si

76

Lidl Slovenija operates as a leading retail supermarket chain in Slovenia, providing a broad assortment of grocery and household products to general consumers. The website serves as a digital storefront and information portal, reflecting the company's strong market position and brand consistency. The business is part of the larger Schwarz Gruppe, indicating a solid backing and extensive retail experience. The site is well-structured, professionally designed, and targets Slovenian consumers effectively. From a technical perspective, the website employs modern web technologies including JavaScript frameworks, YouTube integration, and advanced cookie consent management via OneTrust. Hosting is managed through Akamai, ensuring reliable content delivery. The site demonstrates good performance, mobile optimization, and accessibility features, supporting a positive user experience. Security posture is robust with HTTPS enforced, comprehensive cookie consent, and no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response contacts are not publicly detailed, representing an area for improvement. Privacy compliance is strong, with GDPR-aligned policies and a dedicated data protection officer contact. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include publishing detailed security policies and vulnerability disclosure information to enhance transparency and trust further.

K

Kantonsspital Baden

kantonsspitalbaden.ch

75

Kantonsspital Baden is a large regional healthcare provider in Switzerland offering comprehensive medical services, research, and patient care. The website reflects a mature digital presence with a modern tech stack including Next.js and React, hosted on Vercel, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response information are not publicly detailed. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

G

Gemeinde Wettingen

wettingen.ch

59

Gemeinde Wettingen operates as the official municipal government website for the town of Wettingen in Switzerland. It provides comprehensive information about local government services, political participation, community events, and administrative resources. The site targets residents and visitors seeking municipal services and information. The business model is centered on public service and community engagement, positioning itself as a trusted local government portal. Technically, the website employs modern web technologies including JavaScript modules, CSS, and HTML5, and is built on the i-web CMS platform. It demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO features. The site uses HTTPS and includes a privacy policy and cookie consent mechanism, reflecting a reasonable level of digital maturity. From a security perspective, the site enforces HTTPS and anonymizes web statistics data, but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is adequate but could be improved by implementing additional headers and formalizing security policies. The website is safe for general audiences, containing no adult or questionable content. The domain registration details align well with the municipal identity, supporting high legitimacy and trustworthiness. Strategic recommendations include enhancing security headers, publishing incident response information, and improving SEO and accessibility compliance.

G

Gemeinde Suhr

suhr.ch

62

The website www.suhr.ch serves as the official digital presence of the municipality of Suhr in Switzerland. It provides comprehensive information about the community, local government, services, events, and digital offerings such as an online service portal. The site targets residents and visitors seeking municipal information and services. The business model is that of a government service portal, focusing on transparency, accessibility, and community engagement. The website is well-branded, consistent, and trustworthy, reflecting its official status. Technically, the site is built on a modern stack including HTML5, CSS3, JavaScript, and a proprietary CMS platform (i-web.ch). It uses Matomo for analytics, indicating a privacy-conscious approach. The site is mobile-optimized, accessible, and SEO-friendly, with good performance characteristics. The presence of accessibility features and a dedicated accessibility mode enhances inclusivity. From a security perspective, the site enforces HTTPS and employs secure login forms with password reset capabilities. However, it lacks explicit security headers and does not publish a security policy or vulnerability disclosure information. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is solid but could be improved with additional headers and transparency. The overall risk assessment is low, with no critical issues detected. Strategic recommendations include implementing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms to enhance trust and security culture. The site is suitable for its purpose as a municipal information portal and demonstrates good digital maturity.

K

Kursaal Engelberg AG

kursaalengelberg.ch

62

Kursaal Engelberg AG operates as a regional hospitality venue in Engelberg, Switzerland, specializing in hosting weddings, congresses, seminars, banquets, and cultural events. The company targets private, business, and cultural event organizers seeking a stylish and well-equipped location. The website is professionally designed using the Wix platform, featuring relevant content and structured data that supports business legitimacy. However, the site lacks critical privacy and cookie policies, which impacts compliance and user trust. Technically, the site leverages Wix's Thunderbolt framework and standard web technologies, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and incident response information. Overall, the business presents a trustworthy and professional image but should improve privacy compliance and security transparency to enhance user confidence and regulatory adherence.

Z

Zürcher Oberland Medien AG, Verlags- und Medienhaus, 8620 Wetzikon

zo-medien.ch

56

The website www.zo-medien.ch appears to be a small Swiss media or business-related site built on the Wix platform using Wix Thunderbolt technology. The site content is minimal in the provided HTML snippet, with no visible privacy, cookie, or terms of service policies, and no explicit contact information. The technical infrastructure relies heavily on Wix's hosting and content delivery network, indicating a moderate level of digital maturity. Security posture is basic with HTTPS enabled but lacking security headers and visible security policies. Overall, the site shows low business credibility and limited compliance with privacy regulations. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, and providing clear contact information to improve trust and compliance.

The website www.stadtwil.ch serves as the official digital presence of the city of Wil in Switzerland, providing residents and visitors with comprehensive information about municipal services, local news, and community resources. The site is built on the OneGov Town CMS platform, which is widely used by Swiss municipalities, indicating a mature and specialized technical infrastructure. The website demonstrates good design quality, clear navigation, and mobile optimization, supporting a positive user experience. Security posture is strong with HTTPS enforced and minimal third-party tracking, though the absence of explicit privacy and cookie policies suggests room for improvement in compliance. Overall, the site reflects a trustworthy government entity with a focus on public service delivery.

T

TablePress

tablepress.org

72

TablePress is a well-established WordPress plugin provider specializing in creating and managing tables easily and efficiently on WordPress websites. The company offers a freemium business model with premium plans that enhance functionality and support. The website is professionally designed, highly accessible, and optimized for mobile devices, targeting WordPress users who need advanced table features without coding. Technically, the site leverages WordPress CMS, modern JavaScript libraries like DataTables, and is hosted with Cloudflare DNS and registrar services, ensuring good performance and security. Security posture is strong with HTTPS enforced and multiple security headers present, though DNSSEC is not enabled. Privacy compliance is limited due to the absence of explicit privacy and cookie policies. Overall, the site is trustworthy and credible with strong user testimonials and a clear market position as a leading WordPress table plugin.

S

saarVV

saarfahrplan.de

50

The website 'saarfahrplan.de' serves as a public transportation schedule and route planning platform for the Saarland region in Germany. It provides users with timetable information and journey planning tools primarily through a web application built on the HAFAS WebApp framework. The target audience is general commuters and residents within the Saarland area seeking transit information. The business model focuses on delivering transit data and real-time updates, positioning itself as a regional transportation information provider. Technically, the site employs a modern JavaScript-based tech stack with Leaflet.js for mapping and a modular HAFAS framework. While the site is functional and moderately optimized for performance and mobile use, it lacks advanced SEO and accessibility features. The absence of a CMS or hosting details limits deeper infrastructure insights. From a security perspective, the site uses HTTPS as indicated by the URL, but no explicit security headers are present in the HTML content. There are no visible forms or data collection points, reducing attack surface but also limiting user interaction. The lack of privacy, cookie, and terms of service policies indicates compliance gaps, especially under GDPR. No incident response or security contact information is provided. Overall, the site is moderately trustworthy and functional for its purpose but would benefit from enhanced security practices, privacy compliance, and clearer business identity disclosures. Strategic improvements in these areas would strengthen user trust and regulatory adherence.

F

Flughafen Nürnberg GmbH

flughafen-nuernberg.de

64

Flughafen Nürnberg GmbH operates the regional airport in Nuremberg, Germany, providing comprehensive flight information, parking services, VIP offerings, and travel bookings. The website serves a broad audience of travelers and business partners with a well-structured, bilingual interface. Technically, the site uses modern CMS technology (Scrivito) and integrates consent management via Usercentrics, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response details could be improved. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site projects professionalism and trustworthiness consistent with a public transportation entity.

P

PowNed

helpmee.tv

54

The website www.helpmee.tv serves as a membership enrollment portal for PowNed, a Dutch media organization focused on providing an alternative voice in the Hilversum broadcasting landscape. The business model revolves around annual membership fees (€8.50 per year) to support their media activities. The site is well-branded, consistent, and targets Dutch-speaking individuals interested in media and alternative perspectives. The content is relevant and professionally presented, with clear calls to action for membership sign-up. Technically, the website employs modern tracking and analytics technologies including Google Tag Manager, Google Analytics, Facebook Pixel, and DoubleClick advertising services. The site is served over HTTPS with CSRF protection tokens present, indicating a baseline of security awareness. However, there is no evidence of advanced security headers or cookie consent mechanisms, which are important for compliance and security hardening. The site is mobile optimized and SEO friendly but lacks accessibility features beyond basic levels. From a security perspective, the site shows good use of HTTPS and some security best practices but lacks visible security headers and formal security policies or incident response contacts. The absence of WHOIS data and domain registration transparency reduces trustworthiness, although the website content and business appear legitimate. No critical vulnerabilities or adult content were detected, and the site is fully accessible without WAF or blocking mechanisms. Overall, the website scores moderately well on content quality, technical implementation, and business credibility but has room for improvement in privacy compliance and security posture. Strategic recommendations include implementing cookie consent, adding security headers, publishing security policies, and improving domain registration transparency to enhance trust and compliance.

R

Radenska d.o.o.

srcnozajutri.si

40

The website www.srcnozajutri.si is a well-developed corporate campaign platform for Radenska d.o.o., a Slovenian company focused on mineral water production and environmental sustainability. The site highlights Radenska's commitment to ecological projects such as tree planting, circular economy, green energy, water resource protection, and social sponsorships. It targets environmentally conscious consumers and local communities. Technically, the site uses modern web technologies, is mobile-optimized, and hosted behind Cloudflare, ensuring good performance and security. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response contacts are absent. Privacy compliance is well addressed with cookie consent and a comprehensive cookie policy. Overall, the site reflects a trustworthy and professional brand presence with strong environmental and social responsibility messaging.

R

Revija GLOBAL

revijaglobal.si

55

Revija GLOBAL is a Slovenian media publication focused on issuing a monthly magazine, targeting Slovenian-speaking readers interested in its content. The website serves primarily as an informational portal for the magazine, offering sections about the publication, content, advertising, contact, and subscription. The business model revolves around magazine sales and advertising revenue, positioning it as a small local media entity founded in 2020. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript with jQuery, Google Fonts, and Google Tag Manager for analytics. The site shows basic mobile optimization and SEO practices but lacks advanced frameworks or CMS detection. Performance is moderate with room for improvement in accessibility and modern technical implementations. From a security perspective, the site lacks visible security headers and privacy or cookie policies, indicating potential GDPR compliance gaps. The SSL configuration could not be verified from the provided data, and no incident response or security policy information is available. Google Tag Manager is used for tracking, but no explicit consent mechanism is present. The WHOIS data is consistent and supports the legitimacy of the domain and business. Overall, the website is functional but basic, with moderate trustworthiness. Key recommendations include implementing HTTPS with strong SSL, adding security headers, publishing privacy and cookie policies, and providing clear contact information to improve compliance and user trust.

K

Konzervatívny inštitút M. R. Štefánika

monitoringfondov.sk

42

The website monitoringfondov.sk is a Slovak non-profit transparency platform focused on monitoring and visualizing EU fund projects, their utilization, and recipients. Operated by the Conservative Institute M. R. Štefánika and supported by the Pontis Foundation, it serves government transparency advocates, researchers, and the general public interested in EU fund allocation. The platform uses modern web technologies including Angular and Ionic, providing a mobile-optimized experience with a professional design and clear navigation. However, it lacks key compliance documents such as privacy and cookie policies and does not provide explicit contact information, which are areas for improvement. Security posture is moderate with HTTPS assumed but missing explicit security headers and incident response information. Overall, the site is legitimate, well-structured, and serves a niche transparency function in Slovakia.

G

Gostovanje in domene NEOSERV.si

neoserv.si

58

NEOSERV.si is a well-established Slovenian web hosting and domain registration provider founded in 2009. The company offers a broad range of services including domain registration, web hosting (shared, reseller, turbo), email hosting, VPS and dedicated servers, and SSL certificates. Their market position is strong within Slovenia, targeting businesses, developers, and IT agencies seeking reliable and fast hosting solutions. The website demonstrates a professional design with clear navigation and good mobile optimization, supported by modern technologies and analytics tools. Security practices include HTTPS, anti-spam and anti-virus protections, and 2FA for email servers, although explicit security policies and incident response contacts are not publicly visible. Overall, the domain registration data aligns well with the business claims, indicating high legitimacy and trustworthiness.

H

Hostinger

hosting24.com

71

Hostinger is a global web hosting provider offering a wide range of hosting solutions including shared, VPS, cloud hosting, domain registration, and email marketing services. The company targets individuals, small to medium businesses, and agencies seeking affordable and scalable online presence solutions. Their website demonstrates a mature digital infrastructure with modern technologies such as Vue.js and integrations with major analytics and advertising platforms. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly detailed. The absence of WHOIS registrant data suggests privacy protection, common for hosting providers. Overall, Hostinger presents a professional, trustworthy, and technically sound online presence with room for enhanced transparency in security and contact information.

R

Radenska ADRIATIC

radenska.si

51

Radenska ADRIATIC is a well-established beverage manufacturing company with a history dating back to 1869, specializing in mineral and spring waters, as well as carbonated and non-carbonated soft drinks. The company operates primarily in Slovenia and Croatia, offering a diverse portfolio of beverage brands and emphasizing quality and corporate responsibility. The website reflects a mature digital presence with good design, clear navigation, and active social media engagement. Technically, the site uses modern web technologies and Google Analytics for visitor insights, hosted with Cloudflare DNS services. Security posture is adequate with HTTPS enabled, but lacks some security headers and explicit privacy and cookie policies, indicating room for compliance and security improvements. Overall, the domain registration is consistent with the company's profile, supporting legitimacy and trustworthiness.

A

Atlantic Droga Kolinska d.o.o.

cockta.eu

62

Cockta.eu is the official website for the beverage brand Cockta, operated by Atlantic Droga Kolinska d.o.o., a subsidiary of Atlantic Grupa. The site promotes the brand's authentic beverage made from a unique blend of herbal extracts, targeting a mature audience that values tradition and authenticity. The website is professionally designed with multi-language support and consistent branding, reflecting a medium-sized retail beverage business with a strong regional presence. Technically, the site uses modern web technologies including Google Tag Manager and Facebook Pixel for analytics and marketing, hosted by Plus Hosting Grupa d.o.o. The site is accessible, mobile-optimized, and includes cookie consent mechanisms, though it lacks explicit security policies and incident response contacts. Security posture is moderate with room for improvement in security headers and vulnerability disclosures. Overall, the domain registration and website content are consistent and trustworthy, with no signs of blocking or WAF interference.

Š

ŠS d.o.o.

studentski-servis.com

51

Študentski Servis (ŠS d.o.o.) operates an online platform focused on connecting students and pupils with job opportunities in Slovenia, while also providing companies with tools to manage and account for student work. The website positions itself as the largest offer of student jobs in Slovenia, targeting both students and business partners. The business has an established presence since 1998, indicating a mature market position within the education sector. Technically, the website uses modern JavaScript libraries, Google Tag Manager for analytics, and service workers for progressive web app capabilities. The site is hosted behind Cloudflare DNS and CDN services, ensuring good performance and availability. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy and cookie policies are absent, which is a compliance gap. No contact information or incident response details are published, limiting transparency. Overall, the website is professional and functional but would benefit from improved security and privacy compliance measures.

U

University of Washington Athletics

gohuskies.com

58

The University of Washington Athletics official website serves as the primary digital platform for disseminating news, schedules, scores, and multimedia content related to the university's sports teams. It targets students, alumni, and sports fans, positioning itself as a trusted and authoritative source within collegiate athletics. The website leverages modern web technologies including JavaScript frameworks, Google Tag Manager, and Facebook Pixel for analytics and marketing purposes, hosted on Rackspace infrastructure with Sidearm Sports CMS powering content management. Security measures include HTTPS enforcement and privacy compliance via Transcend consent management, although DNSSEC is not enabled and no explicit vulnerability disclosure or incident response policies are published. Overall, the site demonstrates a solid security posture with good content quality and user experience, suitable for a large educational institution. Recommendations include enabling DNSSEC, publishing security policies, and enhancing incident response transparency to further strengthen trust and compliance.

The website a-mo.net currently presents minimal content, displaying only a 'Page Not Found' message with no metadata, structured data, or business information. The domain is registered since 2017 with GoDaddy and uses AWS DNS servers, indicating a legitimate registration and hosting setup. However, the lack of accessible content and absence of privacy, cookie, or terms of service policies suggest the site is either inactive, under construction, or abandoned. The technical infrastructure is basic, with a single tracking pixel script and no detected CMS or frameworks. Security posture is weak due to missing security headers and no DNSSEC enabled. Overall, the site lacks business credibility and user engagement features.

R

Renault Hrvatska

renault.hr

54

Renault Hrvatska operates as the official Croatian website for the Renault automotive brand, providing comprehensive information on new and used vehicles, financing options, after-sales services, and vehicle configurators. The website targets Croatian consumers interested in purchasing Renault vehicles, offering a broad portfolio including electric and hybrid models. The site reflects a mature digital presence consistent with a large automotive brand, supported by structured navigation and official branding. Technically, the site employs modern JavaScript libraries, Google Tag Manager, and Plausible Analytics, alongside a cookie consent mechanism compliant with GDPR signals. Security posture is strong with HTTPS enforced and privacy-respecting analytics loading conditioned on user privacy signals. However, explicit privacy policies, terms of service, and security incident response information are not directly visible in the provided content. WHOIS data confirms domain legitimacy and consistency with Renault's global presence. Overall, the site is professional, trustworthy, and well-optimized for its audience.

M

MONERE DIGITAL

themonere.net

45

MONERE DIGITAL is a Croatia-based small technology company specializing in innovative digital experiences, including 3D holographic displays and sound masking solutions. Their website showcases a professional portfolio with client testimonials and emphasizes creativity and problem-solving in marketing and communication technologies. The technical infrastructure is based on standard web technologies with moderate performance and good mobile optimization. However, the site lacks advanced security headers and explicit HTTPS enforcement details, and no privacy or cookie policies are present, indicating gaps in privacy compliance. The WHOIS data is consistent with the business claims, showing a domain registered since 2017 without privacy protection, supporting legitimacy. Overall, the website is professional but could improve security and privacy posture.

E

euroAWK spol s.r.o.

bilbordovka.sk

66

Bilbordovka.sk is an established Slovak online platform specializing in the rental of outdoor advertising spaces such as billboards and citylights. Operated by euroAWK spol s.r.o., the website offers a user-friendly interface for searching, selecting, and ordering advertising spaces with integrated payment options. The company leverages its long-standing experience since 1991 to provide comprehensive services including printing and graphic design support. Technically, the website employs modern web technologies including Stimulus JS, Google Analytics, and Google Tag Manager, ensuring a responsive and accessible user experience. Security measures include HTTPS enforcement and cookie consent mechanisms, though explicit security headers could be improved. Overall, the site demonstrates a strong security posture with no critical vulnerabilities detected. The domain registration details align well with the business claims, supporting the legitimacy of the entity. Strategic recommendations include enhancing security headers, publishing a security policy, and continuous monitoring of third-party scripts to maintain security and compliance.

V

VDE VERLAG GmbH

ehp-magazine.com

59

The website energie.de hosts the EUROHEAT&POWER international trade magazine, a leading publication focused on district heating, district cooling, and cogeneration markets in Europe. Operated by VDE VERLAG GmbH, the site targets decision makers and professionals in the heating and energy sectors, offering print and digital magazine editions, newsletters, and advertising opportunities. The content is professionally curated, with a clear focus on industry developments, technical innovations, and energy policy trends. The website is built on TYPO3 CMS and integrates modern web technologies including JavaScript and CSS, with advertising managed through AdSpirit and analytics via eTracker. GDPR compliance is evident through comprehensive privacy and cookie policies with user consent mechanisms.

V

VDE VERLAG GmbH

et-magazin.de

58

The website energie.de hosts the magazine 'et - Energiewirtschaftliche Tagesfragen', a professional publication focused on the energy sector, covering news, expert articles, interviews, and future-oriented topics. Operated by VDE VERLAG GmbH, it targets professionals and stakeholders in the energy industry, providing specialized content and subscription services. The site demonstrates a solid market position as a specialized energy media publisher in Germany. Technically, the website is built on TYPO3 CMS with Yoast SEO integration, employing modern web technologies including JavaScript and CSS. Hosting is managed via agenturserver nameservers, indicating a professional hosting environment. The site is mobile-optimized with good SEO and basic accessibility features, delivering moderate performance. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Advertising is managed transparently with GDPR consent, and analytics are performed via etracker with moderate user tracking. Overall, the website is professional, secure, and compliant with privacy regulations, suitable for its target audience. Recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and security posture.

V

VDE VERLAG GmbH

ew-magazin.de

58

The website energie.de hosts the ew-Magazin, a specialized media platform focused on the energy sector in Germany. It provides current news, expert articles, interviews, and industry insights targeted at energy professionals and decision makers. The business operates as a media publisher under VDE VERLAG GmbH, offering both print and digital magazine content, including e-magazines and job listings. The site is well-positioned in the German energy media market with a consistent brand and professional content quality. Technically, the site is built on TYPO3 CMS with Yoast SEO integration, hosted on a professional hosting provider (agenturserver). It employs modern web technologies, is mobile optimized, and uses structured data for SEO. Performance is moderate with good SEO and accessibility basics. Advertising and analytics are implemented with user consent, primarily using AdSpirit and etracker. From a security perspective, the site enforces HTTPS and respects privacy with cookie consent mechanisms. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The domain WHOIS data is consistent and legitimate, supporting trustworthiness. Overall, the website demonstrates a solid business and technical foundation with good privacy compliance and a professional security posture. Strategic improvements could focus on enhancing security headers, publishing security policies, and improving accessibility to further strengthen trust and compliance.

J

JOER s.r.o.

vasaskrina.sk

40

JOER s.r.o. operates the website vasaskrina.sk, offering luxury custom furniture manufacturing services including built-in wardrobes, kitchen units, and wardrobes with an emphasis on online configurators for customer convenience. The company positions itself as a specialist with 15 years of experience in Slovakia, targeting consumers seeking tailored furniture solutions. The website is professionally designed with good navigation and content relevance, supporting a positive user experience. Technically, the site uses modern web standards, Google Fonts, and Google Tag Manager for analytics, hosted on a provider indicated by the nameservers (websupport.sk). Security posture is solid with HTTPS and DNSSEC enabled, though explicit security headers and cookie consent mechanisms are absent. Contact information is clearly provided, enhancing business credibility. Overall, the site is trustworthy and functional with room for improvement in privacy compliance and security transparency.

3

365 Fit&Co

365fitco.sk

55

365 Fit&Co is a modern fitness center chain operating multiple locations in Slovakia, including Bratislava, Košice, and Prešov. The company offers well-equipped gym facilities, group training spaces, and wellness amenities such as Finnish saunas. Their market position is that of a regional fitness provider targeting health-conscious individuals seeking quality fitness and wellness services. The website reflects a professional digital presence with localized content and social media integration. Technically, the site is built on WordPress using the Salient theme and includes modern technologies such as Google Tag Manager and reCAPTCHA for security and analytics. Security posture is solid with HTTPS enforced and GDPR cookie compliance implemented, though explicit privacy policies and security disclosures are absent. Overall, the site is trustworthy and well-maintained, supporting the company's business credibility.

Nomad Gym in Ericeira is a new fitness facility targeting nomadic travelers and fitness enthusiasts, scheduled to open in 2025 in Ericeira, Portugal. The website serves as a promotional landing page highlighting the gym's focus on flexible workout spaces, top-tier equipment, and ultra-fast Wi-Fi to support a mobile lifestyle. The business is positioned as a niche gym catering to the growing nomad community, with a small-scale operation and a clear target audience. Technically, the website is built with standard HTML, CSS, and JavaScript, hosted and DNS managed via Cloudflare. The site is mobile optimized and presents a professional design with good user experience. However, it lacks advanced frameworks, CMS, or analytics integrations, indicating a simple but effective digital presence. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and security headers such as Content-Security-Policy or Strict-Transport-Security. No privacy or cookie policies are present, and no contact or incident response information is provided, which limits compliance and trust. There are no visible vulnerabilities or exposed sensitive data. Overall, the website is safe and professional but would benefit from enhanced privacy compliance, security headers, and contact information to improve trust and regulatory adherence. The domain registration is consistent with a new business launch, registered through a reputable registrar without privacy protection, which aligns with the business profile.

E

EU–INC

eu-inc.org

56

EU–INC is a pan-European initiative proposing a standardized legal entity to facilitate startup scaling across Europe. The website serves as an advocacy platform, providing information about the proposal, political engagement, and ways to support the initiative. It targets European startups, founders, investors, and policymakers, aiming to reduce fragmentation and regulatory burdens across EU member states. The site references collaboration with European Commission officials and includes media coverage links, enhancing its credibility. Technically, the website is built using Framer, a modern web design platform, employing JavaScript and web fonts for a professional and responsive user experience. The site loads moderately fast and is optimized for mobile devices. However, it lacks explicit security headers and privacy policies, which are important for compliance and trust. Security posture is generally good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The absence of privacy and cookie policies, contact information for security incidents, and WHOIS transparency are notable gaps. The WHOIS data is unavailable due to a malformed query response, limiting domain trust assessment. Overall, the website is professional and informative but would benefit from enhanced privacy compliance, security best practices, and transparent contact information to improve trust and regulatory adherence.

T

The International Sava River Basin Commission

savagis.org

47

The International Sava River Basin Commission operates the Sava GIS Geoportal, a specialized platform providing geospatial data and tools for river basin management and navigation safety in the Sava River Basin region. The portal offers access to real-time and historical hydrological data, waterway marking, navigation safety inspection information, and a metadata catalogue, targeting government agencies, environmental professionals, and stakeholders. Technically, the site employs established JavaScript frameworks such as Ext JS and OpenLayers, integrates Google Maps API, and uses Google Analytics for user tracking. The domain is registered since 2015 with transparent WHOIS data, consistent with the organization's profile. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and privacy compliance documentation. Overall, the site is professional, trustworthy, and serves a niche governmental/non-profit audience effectively.

The website sbc.si is currently protected by a security mechanism, likely a Web Application Firewall (WAF), which presents a security challenge page to visitors. This page performs browser integrity checks and an automated redirect, preventing direct access to the actual website content. The domain is registered in Slovenia since 2017, consistent with a small business or project age. The site uses outdated CMS technologies, Joomla 1.5 and WordPress 2.5, which are known to have multiple security vulnerabilities. No privacy, cookie, or terms of service policies are present, and no contact information is available on the page. The security check is powered by BitNinja.IO, indicating some level of security protection. Overall, the site lacks visible business content and trust indicators, and the security posture is weak due to legacy software and missing policies.

T

Ton a.s.

ton.cz

65

Ton a.s. is a well-established furniture manufacturer specializing in designed chairs and tables, with a heritage spanning over 160 years. The company targets a general audience interested in quality handcrafted furniture, positioning itself as a reputable player in the manufacturing sector. The website reflects this with professional design and clear branding, emphasizing craftsmanship and design excellence. Technically, the website employs modern web technologies including JavaScript frameworks, Google Tag Manager, and Cookiebot for cookie consent management. The site is mobile-optimized and includes SEO best practices such as meta tags and structured data. However, some technical improvements could be made, such as adding security headers to enhance protection. From a security perspective, the site uses HTTPS and implements a comprehensive cookie consent mechanism, indicating good privacy compliance. The extensive use of third-party analytics and marketing tools suggests a moderate to extensive user tracking level, but the presence of consent mechanisms aligns with GDPR requirements. The lack of a visible privacy policy or terms of service page is a minor gap. Overall, the website is professional and trustworthy, with no signs of malicious content or security risks. The domain WHOIS data is privacy protected, which is standard for .eu domains, and does not raise concerns. Strategic recommendations include publishing explicit privacy and security policies, enhancing security headers, and providing more direct contact information to improve transparency and trust.

I

InfluxData

influxdata.com

64

InfluxData operates a leading time series data platform, InfluxDB, which is widely adopted by developers and enterprises for real-time data ingestion, analytics, and monitoring. The company offers both open source and enterprise-grade solutions, including cloud-managed and self-managed deployments, targeting industries such as IoT, AI, and infrastructure monitoring. Their market position is strong, supported by a large developer community, extensive integrations, and recognized industry leadership. Technically, the website is built on modern frameworks and technologies, with excellent performance, mobile optimization, and SEO. The presence of multiple client libraries and code examples demonstrates a mature developer ecosystem. Security posture is robust with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and vulnerability disclosures are not published. WHOIS data is missing, which is unusual but does not detract significantly from the site's legitimacy given its professional presentation and community trust. Overall, InfluxData presents a credible, professional, and technically advanced platform with room to improve transparency around security policies and incident response.

W

Web studio Sto2

sto2.hr

41

Web studio Sto2 is a Croatian-based small technology company specializing in web design, online and mobile application development, graphic and print design, and software solutions. Established in 2012, the company serves primarily regional clients in Croatia and neighboring countries, with a portfolio including automotive, shipbuilding, healthcare, and other sectors. The website showcases a professional portfolio of client projects and emphasizes responsive design and custom CMS solutions. Technically, the site uses modern web technologies including Vue.js and jQuery, and integrates Google Analytics for user tracking. However, there are gaps in privacy compliance, notably the absence of privacy and cookie policies, which is critical for GDPR adherence given the regional focus. Security posture is moderate with no visible security headers or incident response information, but no critical vulnerabilities were detected in the content. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security practices.

M

Microsoft

dot.net

73

The website https://dotnet.microsoft.com/en-us/ is an official Microsoft subdomain dedicated to the .NET developer platform. It provides tools, libraries, and resources for building modern applications across various platforms including web, mobile, desktop, games, IoT, and cloud services. The site is professionally designed, well-branded, and targets software developers and IT professionals globally. It leverages Microsoft Azure for hosting and monitoring, indicating a mature technical infrastructure. Security posture is strong with HTTPS enforced and modern security headers present, although explicit security policies and incident response contacts are not directly visible. Privacy compliance is partially addressed with a cookie consent mechanism but lacks visible privacy policy and terms of service links. Overall, the site is trustworthy, technically sound, and aligned with Microsoft’s enterprise standards.

M

Mono Project

mono-project.com

63

The Mono Project website presents a mature, open source software platform focused on cross platform .NET development. Sponsored by Microsoft and part of the .NET Foundation, it serves developers seeking to build applications across multiple operating systems. The site emphasizes the project's history, community involvement, and transition of stewardship to WineHQ, reflecting a legacy technology with ongoing maintenance and migration recommendations. Technically, the website employs modern web technologies including Foundation CSS, jQuery, FontAwesome, and Highlight.js, delivering a responsive and accessible user experience. The presence of a cookie consent banner and privacy links indicates attention to privacy compliance, though explicit security headers and vulnerability disclosure mechanisms are absent. Security posture is moderate with HTTPS implied but no visible security headers or incident response contacts. The lack of WHOIS data for the domain introduces uncertainty about domain registration legitimacy, though the website content and external links strongly support authenticity. No adult or questionable content is present, and the site is free from blocking or WAF challenges. Overall, the site is professional and trustworthy from a content perspective but would benefit from improved transparency in domain registration, enhanced security headers, and published security policies to strengthen trust and compliance.

@

@levelsio.com | techno optimist wear

levelsio.com

10

The website levelsio.com operates as a niche e-commerce platform specializing in techno optimism themed merchandise, including apparel and accessories. Founded in 2017, it targets a small but dedicated audience interested in technology-positive lifestyle products. The business leverages the Fourthwall e-commerce platform for its online store, integrating modern payment processing and analytics tools. The site demonstrates a good level of digital maturity with fast performance, mobile optimization, and consistent branding. However, it lacks visible privacy and cookie policies, which impacts its privacy compliance score. Technically, the site uses a modern tech stack including HTML5, CSS3, JavaScript, Google Tag Manager, Microsoft Clarity, and Stripe for payments. Hosting and DNS are managed via Cloudflare, providing robust infrastructure and security. The site employs HTTPS with excellent SSL configuration and some security best practices such as reCAPTCHA Enterprise for bot protection. However, DNSSEC is not enabled, and explicit security headers like Content-Security-Policy are not evident. From a security perspective, the site is well-protected against common threats but could improve by publishing formal privacy, cookie, and security policies, as well as a vulnerability disclosure mechanism. No critical vulnerabilities or exposed sensitive data were detected. The absence of contact information and data protection officer details limits transparency and trust. Overall, levelsio.com is a professionally designed and secure e-commerce site with moderate privacy compliance and business credibility. Strategic improvements in privacy documentation and user consent mechanisms would enhance its trustworthiness and compliance posture.

X

X Corp.

levels.io

11

The website represents a verified personal profile (@levelsio) on the X.com platform, owned by X Corp. The profile highlights multiple business ventures generating significant monthly revenues, targeting a broad audience of tech enthusiasts and entrepreneurs. The digital infrastructure is modern, leveraging React, Tailwind CSS, and Google Identity Services, ensuring a responsive and user-friendly experience. Security measures are robust, with HTTPS enforced and multiple security headers present, although DNSSEC is not enabled. Privacy and cookie policies are comprehensive and accessible, indicating good compliance with GDPR and related regulations. Overall, the site is trustworthy, professional, and well-maintained, with no critical security or content issues detected.

S

Sirma

sirma.com

74

Sirma is a well-established technology company specializing in AI, data, cloud migration, tailored software development, managed IT services, business and IT consulting, cyber security, and system integration. With over 33 years of experience and a presence in more than 170 countries, Sirma serves a broad enterprise audience seeking advanced technology solutions. The company maintains multiple global offices and partners with leading technology providers such as Apple, IBM, Oracle, Microsoft, and VMware. Technically, the website employs modern web technologies including Astro framework, JavaScript libraries like jQuery, Tiny Slider, and Headroom.js, and integrates advanced analytics and tracking tools such as Google Analytics, Amplitude, Facebook Pixel, and LinkedIn Insight Tag. The site is mobile-optimized with good SEO and accessibility features, hosted via GoDaddy with HTTPS enabled. From a security perspective, the site uses HTTPS and Google reCAPTCHA v3 for form protection but lacks DNSSEC and security headers, and does not publish a security policy or incident response contacts. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. No terms of service page was found. Overall, the website is professional, trustworthy, and content-rich, with moderate security posture and privacy compliance. Strategic improvements in DNS security, cookie consent, and security transparency would enhance trust and compliance.

B

Blaukontor für Gestaltung GmbH

walle-aktuell.de

45

Walle-Aktuell is a local community information portal focused on the Walle district in Bremen, Germany. It provides residents and visitors with event listings, local news, business directories, and promotes the community magazine 'ECHT WALLE'. The website is a project of Blaukontor für Gestaltung GmbH, a local design agency. The site is built on TYPO3 CMS, featuring structured data for SEO and clear contact information. The technical infrastructure is modern and supports HTTPS, but lacks some security headers and cookie consent mechanisms. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. Security posture is good but could be improved with additional headers and policies. Overall, the site is professional, trustworthy, and safe for general audiences.

Rosetta Code is a well-established programming chrestomathy website founded in 2007, providing a collaborative platform for programmers to compare solutions to the same tasks across multiple programming languages. It serves a niche audience of developers and learners seeking to understand language differences and similarities. The site is hosted on the Miraheze platform, leveraging MediaWiki and Semantic MediaWiki technologies, with a moderate performance profile and basic mobile optimization. Security posture is solid with HTTPS enabled and no evident vulnerabilities, though security headers and explicit security policies are absent. Privacy compliance is good, with clear privacy and cookie policies linked to the hosting provider's meta wiki. No direct company contact information or incident response contacts are provided, reflecting its community-driven nature rather than a commercial enterprise. Overall, the site is trustworthy, safe, and professionally maintained.

H

Hrvatsko društvo sudskih vještaka i procjenitelja

sudski-vjestaci.hr

53

Hrvatsko društvo sudskih vještaka i procjenitelja (HDSVIP) is a Croatian non-profit professional association dedicated to the advancement of court experts and appraisers. Established in 2004, it serves as a voluntary, non-governmental, and non-partisan organization focused on improving the role and institution of court experts within the judiciary and related institutions. The association is a recognized member of international bodies such as EuroExpert, HUM, and TEGoVA, enhancing its credibility and network. The website provides information about the association's initiatives, news, events, and resources for members and the public. Technically, the website is built using standard HTML5, CSS, and JavaScript with jQuery 1.8.3. It is hosted behind Cloudflare DNS services, suggesting HTTPS usage, although explicit security headers are not visible in the provided data. The site has a moderate performance profile with basic mobile optimization and accessibility features. Navigation is clear and content is professionally presented, targeting professionals in the judiciary and appraisal sectors primarily in Croatia. From a security perspective, the site shows some good practices such as using Cloudflare and secure form submission for member login. However, the use of an outdated jQuery version and absence of visible security headers indicate potential vulnerabilities. There is no visible privacy or cookie policy, which is a compliance gap under GDPR. No incident response or vulnerability disclosure information is provided, limiting transparency in security management. Overall, the website is trustworthy and professional but would benefit from updates to its security posture and privacy compliance. Strategic improvements in these areas would enhance user trust and regulatory adherence.

H

Handelsbanken

handelsbanken.se

72

Handelsbanken is a well-established Swedish bank offering a wide range of financial services including mortgages, personal loans, savings, pensions, and private banking. The website reflects a strong market position with a focus on personalized customer service and digital banking solutions. The content is professionally presented, targeting both private individuals and businesses in Sweden. Technically, the site uses modern JavaScript frameworks and analytics tools, ensuring good performance and mobile optimization. Security practices are solid with HTTPS enforcement and user guidance on fraud prevention, although explicit security headers and a public security policy could enhance trust further. The absence of WHOIS data for the www subdomain is likely a technical artifact rather than a legitimacy concern. Overall, the site is trustworthy, compliant with privacy regulations, and provides comprehensive customer support.

H

Handelsbanken

handelsbanken.no

74

Handelsbanken is a well-established personal and private banking institution operating primarily in Norway, with strong ties to its parent company Svenska Handelsbanken AB (publ). The website emphasizes personalized advisory services without sales targets, positioning itself as a trusted and stable bank with Europe's safest commercial bank ranking and the highest customer satisfaction in Norway. The digital presence is modern, mobile-optimized, and content-rich, targeting private banking customers seeking reliable financial services. Technically, the site uses modern JavaScript frameworks and Adobe Analytics for user insights, with good SEO and accessibility practices. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit security headers and vulnerability disclosure are absent. WHOIS data is unavailable due to Norid's privacy policies, but the domain's legitimacy is supported by consistent branding and external references.

@

@levelsio.com | techno optimist wear

makeeuropegreatagain.co

67

The website levelsio.com is an e-commerce platform specializing in branded apparel and merchandise themed around techno optimism and European identity. It offers a niche collection of products such as organic cotton t-shirts, hats, hoodies, mugs, and stickers. The business appears to be small-sized, founded in 2017, and operates primarily online with a focused target audience interested in techno optimism and European culture. The site is powered by the Fourthwall platform and hosted via Cloudflare, indicating a modern and scalable technical infrastructure. Technically, the website employs a robust stack including Google Tag Manager, Google Analytics, Microsoft Clarity, Facebook Pixel, TikTok Analytics, Klaviyo for marketing, Stripe for payments, and Google reCAPTCHA Enterprise for bot protection. The site is mobile-optimized, fast-loading, and uses HTTPS with a valid SSL configuration. However, DNSSEC is not enabled, and some recommended security headers are missing, which could be improved to enhance security posture. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, cookie consent mechanisms, and bot protection. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and appear GDPR compliant, though no explicit security policy or incident response information is published. The domain WHOIS data is consistent and legitimate, with no privacy protection, indicating transparency. Overall, the website is professionally designed, secure, and compliant with privacy regulations, serving a niche retail market effectively. Strategic recommendations include enabling DNSSEC, adding security headers, publishing a security policy, and considering a vulnerability disclosure program to further strengthen trust and security posture.