Security Directory

S

Sveučilišni računski centar (Srce)

srce.hr

54

Sveučilišni računski centar (Srce) is a central academic infrastructure institution affiliated with the University of Zagreb, providing comprehensive computing, networking, identity management, data repository, and digital education services to the Croatian academic and research community. The website reflects a mature digital presence with a professional design, clear navigation, and extensive content tailored to its target audience of students, researchers, and academic institutions. Technically, the site is built on Drupal 9 with modern libraries and frameworks, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS, cookie consent, and anti-bot measures, though explicit security headers could be enhanced. Privacy compliance is well addressed with detailed policies and consent mechanisms. Overall, the site demonstrates high business credibility and trustworthiness, despite the WHOIS data being privacy protected, which is justified for this type of institution.

Sherpas TECH, s.r.o. is a Czech-based technology and marketing company specializing in retention marketing, email marketing strategies, CRM data engineering, and advanced customer analytics. The company targets B2B clients seeking to integrate technology with marketing to improve campaign performance and customer engagement. Their website reflects a professional and consistent brand image, showcasing client references and a clear service portfolio. Technically, the site employs modern tools such as Google Analytics, Google Tag Manager, and Google reCAPTCHA Enterprise, ensuring a secure and data-driven user experience. Security posture is strong with HTTPS and form protections, although explicit security policies and incident response information are absent. Overall, the website is well-structured, GDPR-compliant with cookie consent mechanisms, and provides multiple contact channels, supporting trust and credibility.

O

OKsystem a.s.

checkbot.com

74

Checkbot is a specialized software solution developed by OKsystem a.s. for real-time monitoring and management of Yaskawa robotic production lines. The product offers comprehensive features including remote monitoring, automated backups, predictive maintenance, troubleshooting alerts, and customizable dashboards. The business model is subscription-based SaaS with options for on-premise deployment, targeting manufacturing companies and automation professionals globally. The website demonstrates a strong market position supported by client testimonials, ISO certifications, and integration within the Yaskawa ecosystem. Technically, the site is built with modern web standards, employs Google Analytics and Tag Manager for analytics, and uses reCAPTCHA for form security. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is solid with HTTPS, penetration testing claims, and encrypted communications, though it lacks some explicit security headers and published incident response contacts. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. However, the absence of WHOIS domain registration data reduces domain trustworthiness and should be investigated. Overall, Checkbot presents as a professional, secure, and credible industrial software offering with room for minor security and transparency improvements.

JSB realitní is a small Czech Republic-based real estate company specializing in brokerage services for residential and commercial properties, including sales, rentals, and problematic property solutions such as debt and foreclosure management. The company also operates a related construction business for property renovations. The website is professionally designed with clear navigation and relevant content targeting local clients in Prague and surrounding areas. However, the absence of WHOIS data and security policies reduces trustworthiness. Technically, the site uses common web technologies like jQuery and Bootstrap but lacks visible HTTPS and security headers, which are critical for secure operations. No privacy or cookie policies are present, indicating compliance gaps. Overall, the business appears legitimate but would benefit from improved security and compliance measures.

Č

Česká gymnastická federace

gymfed.cz

49

Česká gymnastická federace is the official national governing body for gymnastics sports in the Czech Republic, providing comprehensive information, event calendars, results, and resources for multiple gymnastics disciplines including artistic gymnastics, TeamGym, aerobics, acrobatic gymnastics, trampoline, parkour, and more. The website targets athletes, coaches, referees, clubs, and gymnastics enthusiasts, offering news updates, directories, and an e-shop for gymnastics equipment. Technically, the site employs modern frontend technologies such as Bootstrap, jQuery, Flickity, and Google Analytics, with good mobile optimization and accessibility features. However, the absence of explicit privacy and cookie policies and lack of security headers indicate areas for improvement in privacy compliance and security posture. The WHOIS data is unavailable, limiting domain legitimacy verification, but the presence of official contact details and social media links supports the site's credibility. Overall, the site is professional, content-rich, and trustworthy within its domain.

A

Altisima software SE

dorsys.cz

46

Dorsys.cz is a professional website representing Altisima software SE's access control system offering tailored solutions for schools, hotels, residential buildings, and attendance tracking. The company positions itself as a niche technology provider with agile development capabilities, targeting businesses and institutions primarily in the Czech Republic. The website demonstrates a modern technical infrastructure using Vue.js and Quasar Framework, integrated with common analytics and retargeting tools. Security posture is moderate with cookie consent implemented but lacks published privacy policies and explicit security frameworks. Contact information is clearly provided, enhancing business credibility. Overall, the site is well-designed and functional but would benefit from enhanced privacy and security disclosures.

A

Altisima software SE

jidelnasql.cz

10

JídelnaSQL is a specialized software solution developed by Altisima software SE, focused on managing food service operations including diner evidence, meal ordering, payment processing, and point-of-sale functionalities. The company targets gastronomic businesses of various sizes, including schools and commercial entities, offering modular and scalable software solutions. The website demonstrates a professional digital presence with clear product offerings and contact channels, supported by a modern technical stack based on Vue.js and PostgreSQL. Security posture is moderate with cookie consent implemented but lacks explicit privacy and security policies. WHOIS data confirms domain legitimacy and consistent business registration. Overall, the website is functional and trustworthy but would benefit from enhanced privacy and security disclosures.

A

Altisima software SE

altisima.cz

46

Altisima.cz is a Czech software supplier specializing in software solutions for catering, stock management, access control, and attendance systems. They provide comprehensive service support, implementation, training, integration, customization, and development services. Their products include JídelnaSQL, Gekon, and Dorsys.

W

Wiky s.r.o.

b2bwiky.cz

57

Wiky s.r.o. operates a Czech-language wholesale B2B e-commerce platform specializing in toys and stationery products. With a 30-year tradition as a direct importer, the company targets business customers seeking quality products for resale. The website presents a professional and consistent brand image, providing detailed contact information and compliance with GDPR through privacy and cookie policies. Technically, the site uses legacy JavaScript libraries such as jQuery 1.11.1 and includes common UI plugins like select2 and bxSlider. While the site is accessible and functional, it lacks modern security headers and uses outdated libraries, which could pose security risks. The absence of WHOIS data reduces domain trustworthiness, but the overall business presentation and contact transparency support legitimacy. No signs of adult or questionable content are present, and the site is optimized at a basic level for mobile and accessibility.

S

Sense4code s.r.o.

scormium.com

65

Scormium is a Czech-based company operating under Sense4code s.r.o., providing a modern, scalable learning management system (LMS) and learning experience platform (LXP) designed for corporate training and customer education. The platform emphasizes personalized, multimedia-rich content delivery, actionable reporting, and seamless integration with enterprise systems. It holds recognized certifications such as ISO 27001, ISO 9001, and GxP validation, underscoring its commitment to security and compliance. The company is part of the OKsystem Group, enhancing its market credibility. Technically, the website is built on Webflow CMS and leverages modern web technologies including Google Tag Manager, Facebook Pixel, Bing Ads, and LinkedIn Insight Tag for analytics and marketing. The site is well-optimized for performance, mobile responsiveness, and accessibility, with a comprehensive cookie consent mechanism ensuring GDPR compliance. Hosting and security are supported by Cloudflare services, including bot management. Security posture is strong with HTTPS enforced, penetration testing mentioned, and adherence to international standards. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. No explicit incident response or vulnerability disclosure information is provided, which could be improved to enhance trust. Overall, Scormium presents as a professional, trustworthy educational technology provider with robust technical and security foundations. Strategic recommendations include improving domain registration transparency, publishing incident response contacts, and enhancing security header implementation to further strengthen its security posture.

O

OKsystem a.s.

okskoleni.cz

10

OKškolení, operated by OKsystem a.s., is a well-established certified training center specializing in authorized IT courses including Microsoft, Cisco, and Linux. The company targets IT professionals, corporate clients, and government institutions, offering both standard and tailored training solutions. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content that supports their market position as a trusted education provider in the Czech Republic. The site integrates multiple marketing and analytics tools with user consent mechanisms, demonstrating compliance with GDPR and modern privacy standards. Security posture is solid with HTTPS and reCAPTCHA protections, though there is room for improvement in HTTP security headers and explicit security policies. Overall, the domain and website present a credible and professional business with strong trust indicators.

O

OKsystem a.s.

okmzdy.cz

10

OKsystem a.s. operates the website www.okmzdy.cz, offering the OKmzdy accounting software focused on basic payroll processing for businesses ranging from small entrepreneurs to large companies with hundreds of employees. The company is transitioning customers to a modern HR solution called OKbase, reflecting a strategic shift to updated technology and enhanced security. The website provides detailed information about this transition, including timelines, FAQs, and contact points for support. Technically, the website employs modern web standards with responsive design, uses JavaScript frameworks, and integrates Google Tag Manager for analytics and marketing. The site is well-structured with clear navigation and includes GDPR-compliant cookie consent mechanisms. However, no advanced security headers were detected, and no explicit security or incident response policies are published. From a security perspective, the site uses HTTPS and cookie consent but lacks visible security policies or vulnerability disclosure information. The absence of WHOIS data reduces domain registration transparency, but the website content and contact details support legitimacy. Overall, the site presents a professional and trustworthy front with room for improvement in security disclosures. Strategically, the company should enhance its security posture by publishing clear security policies, adding security headers, and providing incident response contacts. Maintaining GDPR compliance and transparent communication during the software transition will support customer trust and regulatory adherence.

O

OKsystem a.s.

checkbot.cz

69

Checkbot is a specialized software solution developed by OKsystem a.s. for real-time monitoring and management of Yaskawa industrial robots. The platform offers comprehensive features including remote access, automated backups, predictive maintenance, alarm notifications, and detailed analytics, targeting manufacturing and automation professionals. The company maintains strong partnerships with major industrial players and emphasizes continuous improvement and security compliance. The website is professionally designed, mobile-optimized, and provides extensive client references and support resources. However, the absence of WHOIS registration data for the domain www.checkbot.com raises concerns about domain legitimacy that should be addressed. The technical infrastructure leverages modern web technologies, Google Analytics, and reCAPTCHA for security and user tracking, with GDPR-compliant privacy and cookie policies in place. Security posture is solid with HTTPS and penetration testing mentioned, but could be improved by adding explicit security headers and incident response disclosures.

O

OKsystem a.s.

okbase.cz

47

OKsystem a.s. operates the OKbase platform, a comprehensive HR digitalization system targeting companies seeking to streamline HR processes such as attendance, payroll, personnel management, and catering. The company holds a strong market position in the Czech Republic and Slovakia with over 350 large implementations and more than 330,000 users. The website reflects a mature, professional B2B SaaS business model with additional outsourcing services. Technically, the site employs modern JavaScript frameworks, integrates multiple analytics and advertising tools, and implements GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS and reCAPTCHA protections, though explicit security headers and policies could be improved. Overall, the site is well-designed, mobile-optimized, and trustworthy, though the absence of WHOIS data slightly reduces domain trust. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to further strengthen trust and compliance.

C

CancanIT

cancanit.com

63

CancanIT is a specialized online certification provider focused on professional web developers. Established in 2010, it offers a broad range of certification exams covering front-end and back-end web technologies, including HTML5, CSS3, JavaScript, PHP, MySQL, and more. The company targets freelance workers, job seekers, and career starters aiming to validate their skills and improve marketability. The website is well-structured with clear navigation and professional branding, supporting a positive user experience and trustworthiness. Technically, the site employs modern web technologies such as Bootstrap, Font Awesome, and jQuery, hosted likely via GoDaddy infrastructure. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is moderate with HTTPS enabled and domain locks in place, but lacks advanced security headers and explicit security policies. Privacy compliance is basic with visible privacy and cookie policies and a consent banner, but no detailed GDPR compliance indicators or data protection officer information. Overall, the security posture is adequate for the business type, with no critical vulnerabilities detected. The domain WHOIS data is consistent and supports legitimacy with a long registration history and no privacy protection. The site does not employ tracking or advertising technologies, indicating a privacy-conscious approach. The content is safe for general audiences, focused on education and certification without any adult or questionable material. Strategic recommendations include enhancing security headers, enabling DNSSEC, publishing incident response contacts, and improving privacy compliance transparency to strengthen trust and security culture.

P

Predsjednik Republike Hrvatske - Zoran Milanović

predsjednik.hr

53

The website represents the official online presence of the President of the Republic of Croatia, Zoran Milanović. It serves as a government portal providing official information, news, announcements, and contact mechanisms for citizens and stakeholders. The site is positioned as a trusted source of governmental communication and public service. Technically, the site is built on WordPress CMS with common plugins such as Yoast SEO and integrates Google Analytics and Facebook SDK for analytics and social media engagement. The hosting is managed by CARNET, a reputable Croatian academic network, which aligns with the governmental nature of the site. Security posture is adequate with HTTPS enforced and use of reCAPTCHA on forms; however, some security headers are missing and no explicit security or vulnerability disclosure policies are present. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the site is professional, trustworthy, and safe for general audiences, but could improve in privacy transparency and security hardening.

S

SMART Design | Gregic Advisory

digital-adviser.eu

49

SMART Design | Gregic Advisory operates as a specialized provider of advanced SMART web solutions based in Zagreb, Croatia. The company offers a range of services including customized web shops, web pages, and web applications designed with a focus on performance, security, and user experience. Their market position is that of a leader in SMART web solutions, targeting businesses and professionals seeking innovative digital presence. The website reflects a professional and modern approach with strong branding and client references including government entities. Technically, the site is built on WordPress using Elementor and OceanWP theme, integrating modern analytics and marketing tools such as Google Analytics, Hotjar, and HubSpot. The site is GDPR compliant with a detailed cookie consent mechanism and privacy policy. Security posture is good with HTTPS enforced and secure forms, though explicit security headers and incident response policies are not evident. The domain WHOIS data is missing, which raises some concerns about domain registration legitimacy, but the website content and business information support a credible operation. Overall, the site demonstrates a mature digital infrastructure with room for security enhancements and domain registration verification.

I

IQM Destination

iqmdestination.com

64

IQM Destination is a medium-sized project focused on integrated quality management systems for tourism destinations. It aims to enhance service quality, provide education for tourism workers, and strengthen destination branding through a comprehensive, data-driven approach involving stakeholders and guests. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms, though additional security headers and policies could improve resilience. The domain registration is consistent with the business history, supporting legitimacy. Overall, the site presents a trustworthy and professional image in the hospitality sector.

I.M. Matters from ACP is a professional medical news and information website targeting internal medicine physicians. It is affiliated with the American College of Physicians (ACP), providing news, clinical newsletters, and updates on medical policies and practices. The website serves as a trusted source for healthcare professionals with a focus on internal medicine. Technically, the site uses a modern technology stack including jQuery, Google Tag Manager, Google Analytics, and various marketing automation and tracking tools. Hosting is via Amazon AWS DNS infrastructure, and the site is mobile optimized with good navigation and content structure. Security posture is solid with HTTPS enabled and domain transfer protection, though DNSSEC is not enabled and security headers are not evident. Privacy compliance is strong with a clear privacy policy and cookie consent mechanism. Business credibility is supported by ACP affiliation and award recognition. Overall, the site is professional, trustworthy, and well maintained.

A

American College of Physicians

acpjournals.org

65

The American College of Physicians (ACP) operates the ACP Journals website, a professional platform hosting multiple medical journals including the Annals of Internal Medicine and Clinical Cases. The site serves physicians, healthcare professionals, and researchers by providing peer-reviewed medical content and educational resources. It holds a strong market position as a leading publisher in internal medicine with a large audience and a subscription-based business model complemented by open access content. Technically, the website employs modern web technologies, including Google Tag Manager, Google Analytics, and Cloudflare services, ensuring good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS enforcement, secure forms, and script nonce usage, though explicit security headers and cookie consent mechanisms could be improved. The absence of WHOIS data due to privacy protection is typical for such organizations and does not detract from the site's legitimacy. Overall, the website is professional, trustworthy, and well-maintained, with minor recommendations for enhanced privacy compliance and security transparency.

Pěkné Bydlení is a Czech online magazine operated by Časopisy pro volný čas s.r.o., focusing on home living, interior design, construction, garden care, and lifestyle inspiration. The website serves a target audience of homeowners and individuals interested in improving their living spaces. It operates a content publishing business model supported by advertising and magazine subscriptions. The company is positioned as an established media outlet within the Czech Republic, offering quality content and consistent branding. Technically, the website is built on WordPress 4.7.3 with integration of jQuery, Google Publisher Tags, Google Analytics, and Seznam retargeting services. It uses the Foundation CSS/JS framework for responsive design and is mobile optimized with good navigation and SEO practices. Performance is moderate, with room for improvement in accessibility and modernization of the CMS. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but it uses an outdated WordPress version which poses potential security risks. Advanced security headers are missing, and no explicit security or incident response policies are found on the site. The privacy policy is present and GDPR compliant, enhancing trustworthiness. Overall, the website is safe, professional, and trustworthy with moderate security posture. Strategic improvements in CMS updates and security headers would enhance its security and compliance standing.

F

Finanční správa České republiky

finfoveskole.cz

61

The website finfoveskole.gov.cz is an official Czech government educational portal dedicated to supporting financial literacy and tax education for students and teachers. It is a collaborative project between the Financial Administration and Customs Administration of the Czech Republic, providing comprehensive information and resources related to taxes and customs. The site is well-structured, professionally designed, and targets primarily educational institutions and individuals seeking knowledge in financial matters. The presence of official government domains and partner links reinforces its legitimacy and authoritative position in the market. From a technical perspective, the website employs modern web technologies including HTML5, CSS3, JavaScript, Google Fonts, and integrates Cookiebot for cookie consent management and Matomo for privacy-conscious analytics. The site is mobile optimized, accessible, and demonstrates good SEO practices. However, there is no detected CMS or explicit hosting provider information. Performance is moderate, with room for optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of security headers and explicit security or incident response policies publicly available suggests areas for improvement. The lack of WHOIS data is notable but likely due to registry policies for government domains rather than malicious intent. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and improving transparency around contact information for security matters.

Y

Yesme s chutí FOOD TRUCK

yesme.cz

45

Yesme s chutí FOOD TRUCK is a small Czech hospitality business specializing in food truck and catering services, targeting both public events and corporate clients primarily in Prague. The website provides basic information about upcoming events and catering offerings, with clear contact details and a cookie consent mechanism. Technically, the site uses older but functional technologies such as Bootstrap 3.4 and jQuery, with a CMS platform identified as inPage. Security posture is moderate with no detected blocking or WAF, but lacks advanced security headers and a privacy policy, which are areas for improvement. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact information appear legitimate for a small local business.

E

eEducation Austria

eeducation.at

64

eEducation Austria is a well-established non-profit organization dedicated to advancing digital education across Austrian schools. The website serves as a comprehensive platform offering digital competence models, educational resources, tools, and community networking to support educators and institutions in their digital transformation journey. The organization targets schools and educators primarily within Austria, positioning itself as a key player in the national digital education landscape. Technically, the website is built on TYPO3 CMS with modern frontend technologies such as Bootstrap, jQuery, and FontAwesome, providing a responsive and user-friendly experience. While the site is well-structured and content-rich, it lacks visible privacy and cookie policies, which are critical for GDPR compliance. Security-wise, HTTPS is enforced, but additional security headers are not evident, and no explicit incident response or security policies are published. Overall, the website demonstrates a solid business credibility and technical foundation but would benefit from enhanced privacy compliance and security best practices to strengthen trust and regulatory adherence.

M

mica BUFFET & CATERING

mica-catering.at

42

mica BUFFET & CATERING is a small hospitality business specializing in buffet and catering services primarily for schools and educational institutions in the Linz region of Austria. The company emphasizes fresh, regionally sourced ingredients and seasonal menus, operating at multiple school locations. The website is built on TYPO3 CMS with a moderate technical stack including jQuery and Unslider, indicating a stable but somewhat dated infrastructure. The site is accessible, uses HTTPS, and employs Piwik analytics, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enforced but lacks advanced security headers and modern JavaScript libraries. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the business presents a professional and trustworthy online presence with room for technical and security improvements.

P

Pädagogische Hochschule Oberösterreich

europaschule-linz.at

70

Europaschule Linz is an educational institution affiliated with the Pädagogische Hochschule Oberösterreich, serving students and educators in the Linz region. The website provides comprehensive information about the school, its services, projects, and contact details, targeting students, parents, and educational professionals. The institution holds a stable regional position as a pedagogical school with a medium-sized operational scale. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies such as Bootstrap and jQuery, and integrates Google Analytics for visitor insights. The site is mobile-optimized and implements a detailed cookie consent mechanism compliant with GDPR requirements. Hosting and domain registration are managed by reputable providers, ensuring stable infrastructure. From a security perspective, the site enforces HTTPS and uses cookie consent banners to manage user privacy. However, explicit security policies and incident response contacts are not published, representing an area for improvement. No critical vulnerabilities or suspicious activities were detected, and the site maintains good privacy compliance. Overall, Europaschule Linz presents a professional, trustworthy, and user-friendly web presence aligned with its educational mission. Strategic enhancements in security transparency and incident response readiness would further strengthen its posture.

P

Prandia Augustinum

prandia.at

42

Prandia Augustinum is a specialized food service provider focused on delivering fresh, regional, and biologically sourced meals primarily for the Campus Augustinum community in Graz, Austria. Their offerings include cafeteria and mensa services, school and kindergarten catering, event catering, and menu planning. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content in German. Technically, the site uses modern web technologies including UKit and Piwik PRO for analytics, with secure HTTPS and cookie consent mechanisms in place. Security posture is solid with secure forms and CSRF protection, though explicit security policies and incident response contacts are absent. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business. The site is free from adult or questionable content, targeting a general audience including students, staff, and event organizers.

B

Bischöflicher Campus Augustinum

augustinum.at

49

Bischöflicher Campus Augustinum is a well-established Austrian educational institution offering a comprehensive range of educational services including kindergarten, primary school, gymnasium, boarding school, social pedagogy college, church music conservatory, and a private pedagogical university. The institution also operates a gastronomy service (Prandia Augustinum) and maintains a large park area, positioning itself as a regional leader in education and religious community services. The website reflects a mature digital presence with clear branding and extensive content tailored to students, parents, and the church community. Technically, the site is built on ProcessWire CMS, uses modern web technologies, and is mobile-optimized with good accessibility and SEO practices. Security posture is solid with HTTPS enforced and secure forms, though it lacks some security headers and published security policies. Privacy compliance is partially met with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional, with a strong alignment between domain registration data and business claims.

FOTOma.sk is a Slovak-language photography portal operated by PRO.Laika, offering a comprehensive range of content including news, reviews, galleries, forums, contests, and workshops. The site targets photography enthusiasts and professionals within Slovakia and Slovak-speaking communities. It maintains a consistent brand presence and provides regular content updates, supported by active social media channels and a newsletter subscription service. Technically, the website employs a custom CMS with modern JavaScript libraries and tracking tools such as Google Analytics, Facebook Pixel, and Hotjar, ensuring good user experience and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and incident response contacts are absent. Overall, the site demonstrates a mature digital presence with moderate tracking and advertising practices, aligned with GDPR compliance. WHOIS data confirms legitimacy and consistency with the business profile.

°

°celseo Heizung

celseo-heizung.de

48

°celseo Heizung operates a professional website focused on heating system modernization and installation services in Germany. The company connects homeowners with local heating professionals, offering consultation, configuration tools, and price comparison services. The website is built on TYPO3 CMS and integrates modern web technologies including Google Analytics and Facebook Pixel for marketing and analytics purposes. It provides clear contact options including a prominently displayed phone number and a contact page. Privacy and cookie policies are present and appear GDPR compliant. The site demonstrates good SEO practices and mobile optimization, with consistent branding and customer testimonials enhancing trust. Security posture is adequate with HTTPS enforced, though additional security headers and explicit security policies could improve it. WHOIS data is limited but does not raise concerns. Overall, the website is professional, trustworthy, and well-suited for its target audience.

A

A.D Shop AB

morework.se

53

Morework.se is an established Swedish e-commerce business specializing in material handling, carts, and storage solutions for workplaces. It operates under the parent company A.D Shop AB and has been active since 2006, offering a broad product range with a focus on quality and fast delivery. The website targets business customers needing reliable workplace equipment and storage products. Technically, the site is built on a custom ASP.NET platform using mature JavaScript libraries and integrates Google reCAPTCHA for form security. Analytics and marketing tools such as Google Analytics, Google Ads, and LiveChat are employed to enhance user engagement and track performance. Security posture is solid with HTTPS and form protections, though improvements in HTTP security headers are recommended. The WHOIS data for the www subdomain is missing, but the overall business legitimacy is supported by consistent branding, contact information, and a strong credit rating. Privacy compliance is addressed with a GDPR-compliant privacy policy and cookie consent mechanisms.

A

A.D Shop AB

more.nu

56

More.nu is a Swedish retail and manufacturing business specializing in store fixtures, glass showcases, wall systems, mannequins, and office furniture. It operates as part of A.D Shop AB, targeting retail businesses and office environments with a focus on quality products and direct import. The website is professionally designed with clear navigation and mobile optimization, supporting multiple customer interaction forms protected by Google reCAPTCHA. Technically, the site uses ASP.NET WebForms with common JavaScript libraries, though some libraries are outdated. Security posture is moderate with HTTPS enabled and CAPTCHA protection but lacks advanced security headers and uses older jQuery versions. Privacy compliance is basic with a cookie consent banner and privacy policy present. The domain WHOIS data is missing, which reduces trust from a domain registration perspective but the website content and business information are consistent and professional.

H

HSH Soft- und Hardware Vertriebs GmbH

hsh-berlin.com

71

HSH Soft- und Hardware Vertriebs GmbH is a medium-sized German company specializing in software and hardware solutions for public administration, particularly in the government sector. Their offerings include a range of specialized software products such as MESO, GESO, AUSO, and biometric solutions like Biometric Go®, positioning them as a market leader in municipal resident registration software in Germany. The company actively participates in federal IT modernization initiatives, demonstrating a strong presence in the eGovernment domain. Technically, the website employs a modern but standard technology stack including jQuery and Bootstrap, with a custom CMS backend. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. However, performance is moderate and accessibility features are basic. Privacy and cookie policies are implemented with GDPR compliance, but no direct contact emails or phone numbers are visible on the homepage. From a security perspective, the site lacks explicit security headers and there is no information about HTTPS or SSL configuration in the provided data. The presence of BSI-certified biometric software indicates some level of security awareness. The absence of WHOIS data for the domain is a concern, as it is inconsistent with the active and professional website presence, reducing overall trustworthiness. Overall, the website is professional and content-rich, serving a specialized government software market. The main risks relate to domain registration transparency and security header implementation. Strategic improvements in these areas would enhance trust and security posture significantly.

N

Neuland visuelle Gestaltung GmbH

neuland.li

67

Neuland visuelle Gestaltung GmbH is a professional graphic design agency based in Schaan, Liechtenstein, specializing in functional visual concepts for digital and analog applications. The company serves a diverse clientele including government bodies, cultural institutions, and private enterprises, positioning itself as a trusted local design partner. Their portfolio showcases expertise in branding, corporate design, signage, digital interfaces, and campaign development. Technically, the website is built on the concrete5 CMS and leverages modern JavaScript libraries such as jQuery, Pixi.js, and Anime.js, alongside the Foundation framework, providing a responsive and visually engaging user experience. Security posture is moderate with HTTPS presumably enabled but lacking visible security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website reflects a credible and professional business with room for improvement in security and privacy transparency.

S

Streetwork Liechtenstein

streetwork.li

61

Streetwork Liechtenstein operates as a non-profit social outreach organization focused on providing support and counseling services in public and semi-public spaces within Liechtenstein. The organization emphasizes confidentiality and flexible engagement schedules, targeting youth and community members. The website reflects a professional and consistent brand presence with clear contact points and organizational governance details. Technically, the site is built on Concrete5 CMS, leveraging modern frontend libraries such as jQuery and Foundation, and employs Matomo for privacy-conscious analytics. Security posture is solid with HTTPS enforced and email obfuscation implemented, though there is room for improvement in security headers and formal policies. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the site is trustworthy and well-positioned within its niche, with a moderate to good technical and security maturity.

S

Stiftung Sovort (Soziale Arbeit vor Ort) Liechtenstein

sovort.li

62

Stiftung Sovort (Soziale Arbeit vor Ort) Liechtenstein is a non-profit foundation established in 2023 by 10 municipalities in Liechtenstein to consolidate youth social work services including Open Youth Work and Streetwork. The organization targets local youth and communities, providing social support under a unified foundation structure. The website reflects a regional, small-sized non-profit entity with clear business focus and community engagement. Technically, the website is built on the concrete5 CMS platform, leveraging modern JavaScript frameworks such as Vue.js and Axios, and uses the Foundation framework for responsive design. The site is mobile-optimized with good SEO practices and clear navigation, though accessibility features are basic. Security posture is solid with HTTPS enforced and email obfuscation implemented, but lacks advanced security headers and explicit security policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism or terms of service. Overall, the website is professional, trustworthy, and well-aligned with the organization's mission and regional scope.

Minhembio.com is a Swedish niche community platform operated by Prisjakt Sverige AB, targeting home cinema and hi-fi enthusiasts. The site offers forums, galleries, news, and reviews, serving as a meeting place for enthusiasts to share experiences and content. The business model appears to be community-driven with advertising and affiliate partnerships, notably with Prisjakt.nu and Blocket Jobb. The website content is primarily in Swedish and focuses on relevant topics for its audience. Technically, the site uses standard web technologies including JavaScript and CSS, with Google Analytics and a local analytics service for tracking. The site implements a cookie consent mechanism and provides privacy and cookie policies, indicating basic GDPR compliance. However, no explicit security policies or incident response information are publicly available.

I

International Contrast Ultrasound Society

icus-society.org

56

The International Contrast Ultrasound Society (ICUS) operates a professional website dedicated to promoting the safe and effective use of contrast-enhanced ultrasound (CEUS) globally. The organization functions as a non-profit medical society providing education, advocacy, and resources to medical professionals and sonographers. Their market position is unique as the only global society exclusively focused on CEUS, offering webinars, training, protocols, and safety information. The website is built on WordPress with Elementor and integrates modern SEO and analytics tools, reflecting a moderate level of digital maturity. The site is mobile-optimized and professionally designed, facilitating good user experience and navigation. Security posture is adequate with HTTPS and domain registrar protections, but lacks DNSSEC and explicit security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and credible but would benefit from enhanced privacy and security disclosures.

W

World Health Organization (WHO)

openwho.org

67

OpenWHO.org is a reputable online learning platform operated by the World Health Organization, focusing on public health emergency preparedness and response. It serves a global audience of health professionals and the public, providing authoritative training resources. The platform is well-branded, professionally designed, and leverages modern web technologies including React and Kaltura for media delivery. The domain registration is consistent with WHO ownership and the platform's founding date. Technically, the website demonstrates good digital maturity with responsive design, accessibility considerations, and integration of media analytics. However, there is room for improvement in security posture, notably the absence of DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is limited by the lack of explicit privacy and cookie policies in the analyzed content. Overall, the security posture is moderate with no critical vulnerabilities detected, but improvements in security headers and privacy disclosures would strengthen trust. The platform does not engage in advertising or affiliate marketing, focusing solely on educational content. The website is safe for general audiences with no adult or questionable content. Strategic recommendations include enabling DNSSEC, implementing comprehensive security headers, publishing clear privacy and cookie policies, and enhancing incident response contact visibility to improve compliance and security transparency.

V

Verband der Veranstaltungsorganisatoren e.V.

vdvo.de

59

The website vdvo.de represents the Verband der Veranstaltungsorganisatoren e.V., a German industry association focused on innovation within the MICE (Meetings, Incentives, Conferences, and Exhibitions) sector. The organization provides startup support, education, political advocacy, and sustainability initiatives tailored to the event industry. The site positions itself as a niche player supporting MICE innovation with a clear target audience of industry professionals and startups. The business model revolves around membership, education, and sector advocacy, with a small organizational size and a strong German regional focus. Technically, the website is built on the Squarespace platform, leveraging modern web technologies such as Google Fonts, Google Tag Manager, and reCAPTCHA for security and analytics. The site demonstrates good mobile optimization, a professional design, and clear navigation, although accessibility features are basic. Performance is moderate, typical for a CMS-based site. Structured data in JSON-LD format enhances SEO and provides clear organization and local business information. From a security perspective, the site enforces HTTPS with HSTS enabled, uses Google reCAPTCHA to protect forms, and includes security headers. However, it lacks explicit security policies, vulnerability disclosure mechanisms, and comprehensive privacy and cookie consent implementations, which are areas for improvement. No critical vulnerabilities or suspicious patterns were detected. The WHOIS data is minimal but consistent enough with the website's claims, supporting legitimacy. Overall, vdvo.de is a professionally presented, secure, and credible website for a specialized industry association. Strategic recommendations include adding explicit privacy and cookie consent policies, implementing a security.txt file, enhancing accessibility, and maintaining regular security audits to uphold compliance and trust.

L

LiveMusikKommission e.V.

livekomm.org

40

LiveMusikKommission e.V. is a well-established non-profit association founded in 2012, representing over 750 music clubs and festivals across Germany. It serves as a key advocate and partner for the live music scene, focusing on cultural event promotion, talent development, and industry representation. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its target audience of music venues and cultural stakeholders. Technically, the site is built on WordPress with a standard theme and uses modern libraries like jQuery, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and safe for general audiences, with strong industry partnerships evident through linked domains and logos.

I

isdv e.V.

isdv.net

52

isdv e.V. is a professional association representing self-employed and freelance service providers in the event industry in Germany. The organization serves as a lobby and voice for various professions within the event sector, including technical, logistical, and creative roles. The website is well-structured, professionally designed, and provides comprehensive information about the association's mission, services, and news updates. Technically, the site is built on WordPress with Elementor, uses HTTPS, and integrates Google Analytics and Tag Manager for visitor tracking. Privacy and cookie policies are detailed and GDPR-compliant, with active consent mechanisms. However, no explicit security or incident response policies are publicly available, and WHOIS data for the domain is missing, which raises some concerns about domain registration transparency. Overall, the site demonstrates a solid digital presence with room for improvement in security transparency and domain legitimacy verification.

A

Arbeitsgemeinschaft der Evangelischen Jugend in Deutschland e. V. (aej)

evangelische-jugend.de

52

The Arbeitsgemeinschaft der Evangelischen Jugend in Deutschland e. V. (aej) operates as a national umbrella organization for Protestant youth work in Germany. Their website serves as a comprehensive portal offering resources, advocacy information, funding guidance, and project details targeted at children, youth, and professionals in youth work. The organization maintains a strong presence with clear contact channels, social media engagement, and a newsletter subscription service. Technically, the site is built on TYPO3 CMS with modern frontend technologies including jQuery and FontAwesome, supported by Matomo analytics for privacy-conscious tracking. The site is well-structured, mobile-optimized, and accessible, reflecting a mature digital infrastructure.

V

Verband Schweizer Plastic Recycler (VSPR)

plasticrecycler.ch

51

The Verband Schweizer Plastic Recycler (VSPR) is a Swiss non-profit association serving as the competence center for plastic recycling in Switzerland. It connects municipalities, collection systems, and recycling companies to promote sustainable, high-quality plastic recycling and circular economy principles. The website reflects a strong commitment to sustainability, quality assurance, and transparency, supported by a monitoring and licensing system that awards a quality label to certified collection systems. The target audience includes municipalities, industry partners, and the general public interested in environmental sustainability within Switzerland. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery, Slick Carousel, LazyLoad, and Fancybox. It employs multilingual support via Weglot and integrates Google reCAPTCHA for form security. Cookie consent is managed through the Complianz GDPR plugin, ensuring compliance with European privacy regulations. The site is well-optimized for mobile devices and demonstrates good SEO practices. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms. Email addresses are obfuscated to prevent scraping. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly configured, representing an area for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional, trustworthy, and compliant digital presence for the VSPR. It effectively communicates its mission and services while maintaining good technical and security standards. Strategic recommendations include enhancing security headers, fixing minor image loading issues, and publishing a formal security policy or incident response contact to further strengthen trust and compliance.

F

Ferro Recycling

ferrorecycling.ch

25

Ferro Recycling is a Swiss non-profit association dedicated to promoting the recycling of steel packaging. The website serves as an informational platform targeting a general audience interested in environmental sustainability and recycling practices. It positions itself as a niche player within the Swiss recycling sector, focusing on awareness and stakeholder engagement rather than commercial activities. The site is multilingual, primarily in German, with French and Italian versions, reflecting its Swiss market focus. Technically, the website is built on WordPress, leveraging popular plugins such as Yoast SEO for search optimization and Real Cookie Banner Pro for privacy compliance. The inclusion of WPML enables multilingual content delivery, enhancing accessibility for diverse Swiss audiences. The site integrates YouTube video content with appropriate consent mechanisms, demonstrating attention to privacy regulations.

VetroSwiss operates as a key organization managing glass recycling processes and fees in Switzerland, focusing on the administration of the 'vorgezogene Entsorgungsgebühr' (VEG) for glass beverage packaging. The website targets business partners involved in fee payments and compensation, providing a user-friendly customer portal and extensive informational resources about glass recycling. The organization positions itself as a central authority in the Swiss glass recycling ecosystem, emphasizing efficiency and digital transformation. Technically, the website is built on WordPress 6.6.4 with the Yoast SEO plugin, leveraging UIkit for frontend components and Matomo for privacy-respecting analytics. The site is well-structured with multi-language support (German, French, Italian), good SEO practices, and a cookie consent mechanism, reflecting a moderate to advanced digital maturity. Hosting details are not explicit but suggest a professional setup possibly involving Cubetech services. From a security perspective, the site enforces HTTPS and implements cookie consent but lacks explicit security headers and incident response information. No vulnerabilities or exposed sensitive data were detected. The absence of a vulnerability disclosure policy or security.txt file indicates room for improvement in transparency and security communication. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, with a strong focus on business credibility and user experience. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility to further strengthen the security posture and compliance.

S

SENS eRecycling

erecycling.ch

67

SENS eRecycling is a Swiss non-profit foundation specializing in the sustainable recycling of electrical and electronic equipment. The organization operates a well-established take-back system that facilitates environmentally friendly disposal for both private individuals and business partners across Switzerland. Their website reflects a mature market position with comprehensive services including collection, recycling, awareness campaigns, and a partner network. The content is professionally presented, multilingual, and targets a broad audience concerned with environmental sustainability. Technically, the website employs modern web technologies including Magnolia CMS, JavaScript frameworks, and integrates multiple analytics and marketing tools such as Google Tag Manager, Facebook Pixel, TikTok Pixel, and Intercom. The site is mobile-optimized, fast-loading, and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and secure form handling, though some improvements are recommended in security headers and explicit policies. The security evaluation shows no critical vulnerabilities or blocking mechanisms, indicating a trustworthy and stable platform. However, the absence of a cookie consent mechanism and formal security policies suggests room for compliance enhancement. Overall, the website demonstrates a high level of professionalism and trustworthiness suitable for its non-profit environmental mission. Strategic recommendations include implementing cookie consent banners, publishing security and incident response policies, adding vulnerability disclosure information, and enhancing security headers to further strengthen the security posture and regulatory compliance.

I

INOBAT

inobat.ch

66

INOBAT is a Swiss organization responsible for collecting and managing advance disposal fees related to batteries and accumulators. It serves as a key player in Switzerland's battery recycling ecosystem, providing information, education, and support to consumers, manufacturers, importers, and recycling partners. The website is well-structured, professionally designed, and offers comprehensive content relevant to its mission. Technically, the site uses modern web technologies including Bootstrap and JavaScript frameworks, with a cookie consent mechanism ensuring GDPR compliance. Security posture is strong with HTTPS enforced and no evident vulnerabilities, though some security headers could be improved. Overall, the domain registration and WHOIS data align well with the organization's claims, indicating legitimacy and trustworthiness.

I

IGORA-Genossenschaft für Aluminium-Recycling Schweiz

igora.ch

38

IGORA-Genossenschaft für Aluminium-Recycling Schweiz operates as a cooperative focused on the collection and recycling of aluminium packaging in Switzerland. The organization emphasizes environmental protection by promoting aluminium recycling, which significantly reduces energy consumption and greenhouse gas emissions compared to new aluminium production. The website positions IGORA as a key player in the Swiss aluminium recycling sector, targeting both consumers and businesses interested in sustainable waste management. Technically, the website is built on WordPress and integrates modern technologies such as Google reCAPTCHA for security, Google Maps for location services, and EmbedSocial for social media content integration. The site employs a professional cookie consent mechanism compliant with GDPR and Swiss data protection laws, indicating a mature digital infrastructure. Performance and mobile optimization are adequate, supporting a good user experience. From a security perspective, the site enforces HTTPS, uses multiple security headers, and manages user consent effectively. No critical vulnerabilities or suspicious activities were detected. However, the absence of a dedicated security policy or incident response page suggests room for improvement in transparency and preparedness. Overall, IGORA's website reflects a trustworthy and professional organization with a solid security posture and compliance framework. Strategic enhancements in security documentation and accessibility could further strengthen its digital maturity and stakeholder trust.