Security Directory

B

BundesTelefonbuch

bundes-telefonbuch.de

9

BundesTelefonbuch operates as an online telephone directory service targeting the German market, providing users with quick access to telephone numbers and business contact information. The website is professionally designed using Bootstrap and includes standard web technologies, with a focus on usability and mobile responsiveness. It integrates advertising via Google Adsense and analytics through eTracker, indicating a moderate level of digital maturity. Security-wise, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published privacy or terms of service policies, which are important for compliance and trust. Overall, the site appears legitimate and functional but would benefit from enhanced transparency and security practices to improve user trust and regulatory compliance.

A

AN E+ JA

juventude.pt

48

AN E+ JA is the Portuguese National Agency responsible for managing and promoting the Erasmus+ program, focusing on youth education, mobility, and strategic partnerships. The agency serves young people, youth organizations, and educational institutions, positioning itself as a key governmental entity facilitating European Union youth initiatives in Portugal. The website reflects a professional and consistent brand image, providing comprehensive information and resources related to Erasmus+ and youth policies. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, ShareThis, Bootstrap, and FontAwesome, ensuring a responsive and user-friendly experience. The site is well-structured with good SEO practices and mobile optimization, although accessibility features could be enhanced. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS, uses CSRF tokens in forms, and applies best practices such as rel="noopener noreferrer" on external links and CAPTCHA for form submissions. However, it lacks explicit security headers and a published security policy or incident response contact, which are recommended for improved security posture. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms aligned with GDPR requirements. Overall, the website is trustworthy, professionally maintained, and aligned with its governmental mission. Strategic recommendations include implementing security headers, publishing a security policy, enhancing accessibility, and maintaining vigilance on third-party scripts to sustain a robust security and compliance posture.

The website extra-plus.de serves as a dedicated portal for supplementary health insurance products offered by Barmenia Versicherungen, a large independent insurance group in Germany. It targets BKK insured customers and provides detailed information on ambulant, dental, hospital, travel, and other supplementary insurance products. The site is well-branded, consistent with the parent company Barmenia, and offers clear contact channels including phone, email, and physical address. The presence of structured data and social media links further reinforces its legitimacy and market presence. Technically, the website employs modern JavaScript libraries such as Slick Slider and FontAwesome, and uses RichFaces indicating a Java Server Faces backend. Usercentrics is integrated for cookie consent management, ensuring GDPR compliance. Google Tag Manager is used for analytics and marketing tags. The site is mobile optimized, accessible, and SEO friendly, with good performance characteristics. From a security perspective, the site enforces HTTPS and uses consent management for cookies, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or suspicious content were detected. The WHOIS data aligns well with the website branding and domain registration, indicating a trustworthy and legitimate online presence. Overall, the website demonstrates a strong business credibility and privacy compliance posture, with room for improvement in explicit security policy publication and security header implementation.

A

AdmiralCloud

admiralcloud.com

71

AdmiralCloud is a technology company specializing in Digital Asset Management solutions for enterprises. Their website presents a professional and well-structured platform built on WordPress with the Divi theme, indicating a moderate level of digital maturity. The site includes modern web technologies such as lazy loading scripts and font optimizations, contributing to a good user experience and performance. However, the absence of WHOIS data raises questions about domain registration transparency. Security posture is moderate, with cookie consent implemented but lacking visible security headers and explicit privacy or terms of service pages. Overall, the website is functional and business-focused but would benefit from enhanced transparency and security practices to improve trust and compliance.

F

Freizeit Guru

freizeit-guru.li

49

Freizeit Guru is a specialized leisure activity portal focused on Liechtenstein and its surrounding regions, offering over 250 curated activities for various seasons and group sizes. The platform targets a broad audience including families, groups, and individuals seeking recreational options. It holds a strong regional market position as a comprehensive guide for local leisure activities. Technically, the website is built on WordPress using the GeneratePress theme and several modern plugins for SEO, search filtering, and user engagement features. The site demonstrates good digital maturity with mobile optimization, structured data, and SEO best practices. Security posture is adequate with HTTPS enforced and no exposed sensitive data, but lacks some security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional, trustworthy, and serves its business purpose effectively.

T

Tempus Közalapítvány

tka.hu

44

Tempus Közalapítvány is a Hungarian non-profit organization specializing in coordinating European and international educational mobility and scholarship programs such as Erasmus+, CEEPUS, Campus Mundi, and Stipendium Hungaricum. It serves a broad audience including students, educators, higher education institutions, and civil organizations. The website reflects a well-established entity with a domain age since 2003, consistent with its long-term operational history. The organization maintains a strong market position as a key national coordinator for EU-funded educational initiatives. Technically, the website employs modern web technologies including Bootstrap, jQuery, and Google Tag Manager, with good mobile optimization and moderate performance. Security posture is solid with HTTPS enforcement and use of reCAPTCHA, though security headers and explicit security policies are not evident. Privacy compliance is well addressed with cookie consent mechanisms and accessible privacy policies. Overall, the site is professional, trustworthy, and content-rich, supporting the organization's mission effectively.

C

City of Saint John

saintjohn.ca

63

The City of Saint John website serves as the official digital presence for the municipal government of Saint John, New Brunswick. It provides residents, businesses, and visitors with comprehensive information on city services, transit, community events, public safety, and governance. The site positions itself as a trusted source for local news, emergency alerts, and civic engagement platforms, targeting a broad audience within the city and surrounding areas. Technically, the website is built on Drupal 10, leveraging modern web technologies including Google Analytics for user tracking and Google Maps API for transit and location services. The site is hosted behind Cloudflare DNS and CDN services, ensuring reliable performance and security. Mobile optimization and accessibility features are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs domain transfer protections. However, it lacks advanced security headers and does not provide publicly accessible security or incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. No vulnerabilities or suspicious content were detected. Overall, the website demonstrates a solid business credibility and technical foundation suitable for a government entity, but could improve in privacy compliance and security transparency to enhance trust and regulatory adherence.

V

Vista Analyse AS

vista-analyse.no

53

Vista Analyse AS is a Norwegian social science analysis company specializing in economic analysis, evaluation, advisory, and research services. Established in 2000, it holds a strong market position within the Norwegian public and private sectors, offering a broad range of services across multiple industries including energy, environment, transportation, welfare, and more. The website reflects a professional and consistent brand image with comprehensive content about services, staff, and publications. Technically, the site uses a modern technology stack including ProcessWire CMS, jQuery, UIkit, and Google Analytics, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS enforced and basic security headers, though there is room for improvement in explicit security policies and headers. Overall, the site is trustworthy, compliant with GDPR indications, and well-maintained.

W

WebsiteOut

websiteout.net

49

WebsiteOut is a French web hosting provider established since 1999, offering comprehensive hosting services including domain registration, free SSL certificates, email hosting, and CMS installation support. The company targets individuals, small businesses, and professionals seeking affordable and quality web hosting solutions. The website is professionally designed with clear navigation and good content relevance, primarily in French. Technically, the site uses Apache, PHP, MySQL, and Cloudflare DNS, with a Revolution Slider framework for UI elements. Performance and mobile optimization are moderate to good. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is limited to a contact form with no direct emails or phone numbers visible. Overall, the site is trustworthy and safe, with no adult or questionable content detected.

Adrecord is a Swedish affiliate marketing platform established since 2010, recently unified with the Adtraction group to enhance service and technology. The company focuses on performance-based digital marketing through affiliates, influencers, and ambassadors, targeting e-merchants primarily in the Nordic region. Their platform offers measurable results, transparency, and personal support, positioning them as a reliable player in the e-commerce marketing sector. Technically, the website uses modern frameworks like Bootstrap and Google Tag Manager, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though lacks explicit security headers and incident response information. The absence of WHOIS data for the domain reduces trust slightly, but the strong branding and partnership with Adtraction support legitimacy. Overall, the site is professional, user-friendly, and compliant with GDPR requirements.

B

Beinfeld Productions- Antique Arms Show

antiquearmsshow.com

9

Beinfeld Productions operates the Antique Arms Show, a long-standing event focused on antique arms and collectible knives, with a history spanning over 60 years. The website targets collectors and enthusiasts, offering a large-scale event with over 1,300 tables featuring dealers and craftsmen. The business model centers on event production and exhibitor services, positioning itself as a premier antique arms show in the United States. Technically, the website is built on WordPress with WooCommerce and uses modern front-end libraries such as Bootstrap, jQuery, and various carousel plugins. It is mobile optimized and employs SEO best practices, though accessibility features are basic. Security posture is moderate with HTTPS enabled but lacks visible security headers and privacy compliance mechanisms. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and partner affiliations suggest a legitimate business presence. Overall, the site is professional and trustworthy but would benefit from improved security and privacy transparency.

S

Senzoor

senzoor.cz

48

Senzoor is a Czech-based technology company specializing in the development and manufacture of SOS buttons and security sensors designed to protect individuals and property. Their product line includes devices with long battery life and integrated locators, targeting consumers concerned with personal safety and asset security. The company maintains a localized presence with multiple country-specific domains and emphasizes local manufacturing in the Czech Republic. Technically, the website is built on WordPress and employs modern web technologies including Google Tag Manager and FontAwesome for icons. While the site is accessible and well-structured with good SEO practices, it lacks explicit privacy, cookie, and security policies, which impacts its compliance posture. Security-wise, HTTPS is enabled, but the absence of security headers and incident response information suggests room for improvement. Overall, the website presents a moderate risk profile with recommendations to enhance privacy compliance and security best practices.

T

TriUV

triuv.com

44

TriUV is a small company founded in 2021 specializing in UV air purifiers aimed at improving indoor air quality with efficient single-pass cleaning technology. The website presents a professional and consistent brand image targeting consumers and businesses interested in air purification solutions. Technically, the site is built on WordPress, uses FontAwesome for icons, and integrates Google Analytics and Tag Manager for tracking. Hosting is provided by Active24, with valid SSL but lacking DNSSEC and security headers. Security posture is moderate with no critical vulnerabilities detected, but privacy compliance is weak due to missing policies and consent mechanisms. Overall, the domain registration is legitimate and consistent with the business age, supporting trustworthiness.

M

MatSight – Evolution in Plasma Process and Equipment Simulation

matsight.com

49

The website matsight.com appears to represent a technology-focused business established in 2020. The site uses modern web technologies including Google Fonts, Typekit, Microsoft Clarity analytics, LinkedIn Insight Tag, Google Tag Manager, Google Analytics, and reCAPTCHA for bot protection. The domain is registered with Tucows Domains Inc. and is not privacy protected, indicating transparency in domain ownership. However, the website content is minimal and lacks critical legal and compliance pages such as privacy policy, cookie policy, and terms of service. Contact information and business details are not present in the provided HTML content, limiting the ability to fully assess business credibility. Security posture is basic with HTTPS enabled and use of reCAPTCHA, but no advanced security headers or published security policies are detected. Overall, the site demonstrates moderate technical maturity but falls short in privacy compliance and business transparency.

Z

Zenfolio

zenfoliosite.com

67

Zenfolio is an established technology company founded in 2004, specializing in providing website and gallery solutions tailored for photographers. Their platform offers an all-in-one solution including professional portfolio websites, shareable client galleries, e-commerce capabilities, and workflow automation tools. The company targets photographers seeking to build and grow their photography business online. Technically, the website is built on WordPress CMS with modern SEO and marketing plugins such as Yoast SEO Premium and Kadence Blocks. Hosting and DNS services are managed via Cloudflare, ensuring good performance and security. Cookie consent is managed through CookieYes, indicating attention to privacy compliance, although no explicit privacy policy or terms of service were detected in the provided content. Security posture is solid with HTTPS enabled and domain transfer protections in place, but DNSSEC is not enabled and security headers are not evident, suggesting room for improvement. Overall, the website is professional, well-branded, and trustworthy with a strong social media presence. The domain registration is consistent with the business history, enhancing credibility.

A

Agentur Zentral GmbH

agenturzentral.de

48

Agentur Zentral GmbH is a German web design agency based in Braunschweig specializing in creating modern, SEO-optimized websites primarily for the Mittelstand (small and medium-sized enterprises). With over 10 years of experience, the company offers comprehensive digital services including web design using the Contao CMS, search engine optimization, content creation, and tiered support packages. Their market position is that of a trusted regional agency with a professional online presence and recognized certifications such as Contao Premium Partner. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern web technologies like jQuery and FontAwesome. The site is mobile-optimized, accessible, and performs moderately well. Hosting appears to be managed via kasserver.com nameservers. The site implements HTTPS with secure cookies and a cookie consent mechanism, reflecting good privacy compliance. From a security perspective, the site demonstrates solid practices including CSRF protection and session management cookies. However, explicit security headers are not detected, and no formal security or incident response policies are published. No vulnerabilities or exposed sensitive data were found. Overall, the security posture is good but could be improved with additional headers and formal policies. The overall risk assessment is low, with no signs of malicious content or suspicious WHOIS data. The site is professional, trustworthy, and compliant with GDPR. Strategic recommendations include enhancing security headers, publishing a security policy, and implementing a vulnerability disclosure process to further strengthen trust and security culture.

A

American Society of Arms Collectors

americansocietyofarmscollectors.org

45

The American Society of Arms Collectors is a small, established non-profit organization founded in 1953, dedicated to the collection, research, and preservation of vintage arms, armor, and related accessories. The organization operates a membership model limited to 250 active members by invitation, providing scholarly publications, archival resources, and an exclusive member forum. Their market position is niche, serving collectors and researchers interested in historical arms and armor. The website serves as an informational and resource hub for members and interested parties, featuring galleries, bulletins, and foundation activities supporting educational initiatives. Technically, the website is built on WordPress using the Elementor page builder and Astra theme, hosted on HostGator. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO features. It employs modern JavaScript libraries and tracking via Google Analytics, but lacks advanced security headers and DNSSEC. From a security perspective, the site uses HTTPS and has domain transfer protections enabled, but lacks DNSSEC and explicit security policies such as privacy or cookie policies. No vulnerability disclosure or incident response contacts are provided. The absence of privacy and cookie policies represents a compliance gap, especially regarding GDPR. No WAF or blocking mechanisms are detected, and the site content is fully accessible and safe for general audiences. Overall, the site is professionally designed and trustworthy, with a strong business credibility score. However, improvements in privacy compliance and security best practices are recommended to enhance user trust and regulatory adherence.

F

Forgotten Weapons

forgottenweapons.com

45

Forgotten Weapons is a specialized media website dedicated to rare, exotic, and prototype firearms. It serves a niche audience of firearms enthusiasts, historians, and collectors by providing detailed articles, videos, and curated content. The site maintains a strong market position within its niche through consistent content updates, active community engagement, and merchandise offerings. Technically, the website is built on WordPress using a modern theme with performance optimizations such as WP Rocket and uses Matomo and Jetpack for analytics. The site is mobile-optimized and accessible, with a professional design and clear navigation. Security-wise, the site enforces HTTPS and uses secure form inputs but lacks explicit security headers and formal privacy or cookie policies, which are areas for improvement. The WHOIS data is missing, which slightly reduces trust but does not negate the site's evident legitimacy based on content and social presence. Overall, Forgotten Weapons is a credible and well-maintained niche media site with room to enhance privacy and security transparency.

Formula Student Germany operates as a premier educational competition focused on the design and construction of prototype racing cars, emphasizing electric and autonomous vehicle technologies. It serves students, educational institutions, and automotive industry partners by providing a platform for practical engineering experience and industry networking. The website reflects a well-established presence with consistent branding and comprehensive content about the competition's structure and disciplines. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries, hosted behind Cloudflare, ensuring good performance and security. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements in security headers and explicit policies could enhance trust. Privacy compliance is adequate with a clear privacy policy but lacks cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-suited for its educational and industry audience.

V

VC Lab 2.0

govclab.com

10

VC Lab 2.0 operates as a premier venture capital accelerator, providing structured programs to help venture capital managers raise capital efficiently within 4 to 6 months. The company offers multiple educational tracks including the VC Lab accelerator, LP Institute, and Venture Institute, targeting venture capital professionals, limited partners, and those pursuing VC careers. The website reflects a strong market position as a leading accelerator with a comprehensive suite of services and resources, including events and application portals. Technically, the website is built on WordPress with modern frameworks such as React and Gutenberg, supported by plugins like Smart Slider 3 and Jetpack. Hosting is managed via WordPress.com infrastructure, ensuring reliable uptime and moderate performance. Security posture is solid with HTTPS enforced and domain transfer protections in place, though DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high professionalism, good SEO, and accessibility standards, making it a trustworthy platform in the venture capital education and acceleration space.

Q

Qorbi World an Estonia Company

qorbiworld.com

54

Qorbi World is a small Estonia-based technology company specializing in a free-to-play multi-game esports ecosystem that integrates blockchain technology and NFTs. Their platform offers unique gaming experiences with crypto rewards using the $QORBI token, exclusive NFT assets such as Qorbs, pets, and skins, and a marketplace for trading these assets. The company targets gamers interested in esports and blockchain gaming, positioning itself as a niche player in the emerging Web3 gaming market. The website is professionally designed with consistent branding and good content quality, supporting their business model and market positioning. Technically, the website leverages modern web technologies including React, Cloudflare hosting, and multiple analytics and marketing tools such as Google Analytics, FullStory, and Visual Website Optimizer. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Security posture is adequate with HTTPS enabled and domain protection flags set, but lacks DNSSEC and important security headers. Privacy compliance is basic, with privacy and terms policies available but no cookie consent mechanism or explicit GDPR compliance indicators. Security-wise, the site shows moderate maturity but could enhance its defenses by enabling DNSSEC, adding security headers, and publishing incident response contacts. No critical vulnerabilities or phishing indicators were detected. Overall, the risk level is moderate with recommendations to improve security and privacy transparency. Strategically, Qorbi World should focus on strengthening its security posture, enhancing privacy compliance especially cookie consent, and improving transparency around contact and incident response. These steps will build greater trust with users and regulators, supporting sustainable growth in the competitive blockchain gaming sector.

U

University of Hohenheim

uni-hohenheim.de

11

The University of Hohenheim is a well-established German higher education institution specializing in agricultural sciences, natural sciences, business, economics, and social sciences. The website serves as a comprehensive portal for prospective students, staff, alumni, and other stakeholders, offering detailed information on degree programs, research, events, and university news. The institution positions itself as a leading university with a strong emphasis on research and international collaboration. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies such as Bootstrap and Matomo for analytics. The site demonstrates good performance, mobile optimization, and accessibility features, reflecting a mature digital infrastructure. Hosting is managed via academic network nameservers (belwue.de), indicating reliable and specialized hosting. From a security perspective, the site enforces HTTPS, disables cookies in analytics, and respects Do Not Track settings, showcasing a privacy-conscious approach. However, there is room for improvement in implementing security headers and explicit cookie consent mechanisms. No vulnerabilities or exposed sensitive data were detected, and the login form appears secure. Overall, the website reflects a high level of professionalism, trustworthiness, and compliance with GDPR. The risk profile is low, with recommendations focusing on enhancing security headers and privacy transparency to further strengthen the security posture.

I

IQS Directory

iqsdirectory.com

49

IQS Directory is a well-established online industrial directory specializing in connecting industry buyers with OEM manufacturers, suppliers, and distributors. The company offers a comprehensive platform featuring supplier searches, marketing services, and manufacturing-related resources. With a physical presence in Grand Rapids, Michigan, and a history dating back to 2000, IQS Directory serves a broad audience of manufacturing professionals and industry buyers. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, supporting its market position as a trusted resource in the manufacturing sector. Technically, the website employs modern frontend technologies including jQuery, Materialize CSS, and FontAwesome, alongside robust analytics and marketing tools such as Google Tag Manager, Google Analytics, and Bing Ads. The site is secured with HTTPS and demonstrates good performance and SEO practices. However, it lacks some security headers and a cookie consent mechanism, which are areas for improvement in privacy compliance. From a security perspective, the site shows a solid baseline with encrypted connections and no visible vulnerabilities or exposed sensitive data. The absence of explicit security policies or incident response information suggests room for enhancing transparency and preparedness. The WHOIS data is incomplete, which slightly diminishes trustworthiness, but the overall business presence and content quality support legitimacy. Overall, IQS Directory presents a reliable and professional online platform for the manufacturing industry, with recommendations to strengthen privacy compliance and security posture to further enhance user trust and regulatory adherence.

S

STORE MEDIA, s. r. o.

storemedia.eu

54

STORE MEDIA, s. r. o. is a small Slovakian company specializing in sensory marketing solutions including aroma marketing, in-store radio, digital signage, and POS advertising. The company positions itself as an expert in sensory marketing, targeting retail and marketing professionals seeking to enhance customer experience through multi-sensory engagement. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience. Technical infrastructure is based on WordPress with modern SEO and analytics tools such as Yoast SEO, Google Tag Manager, and Cookiebot for GDPR compliance. The site implements HTTPS with good security headers and a comprehensive cookie consent mechanism, reflecting a mature approach to privacy and security. However, WHOIS data is not publicly available due to EURid privacy policies, which is common for .eu domains and does not detract from the site's legitimacy. Overall, the website demonstrates a solid digital presence with good privacy and security practices.

B

Beskyd House s.r.o.

wolfenergy.cz

49

Wolf Energy, operated by Beskyd House s.r.o., is a Czech-based company specializing in energy-saving solutions including photovoltaic systems, heat pumps, and energy consulting. The company targets residential and commercial customers seeking energy independence and sustainability. Their business model encompasses tailored design, installation, administrative support for subsidies, and ongoing service. The website reflects a professional and consistent brand with clear contact information and community partnerships, notably with iKomunita. Technically, the site is built on WordPress with modern libraries and optimized images, offering good performance and mobile responsiveness. Security posture is adequate with HTTPS and cookie consent, but lacks advanced security headers and formal policies. Overall, the domain registration aligns with the company's founding date and location, supporting legitimacy.

A

AquaSolarTech s.r.o.

aquasolartech.cz

47

AquaSolarTech s.r.o. operates the website aquasolar.tech, providing professional photovoltaic and heating/cooling solutions primarily in the Czech Republic. The company offers turnkey photovoltaic installations for residential and commercial clients, including additional services such as heat pumps, gas boilers, floor heating, and air conditioning. The business model focuses on comprehensive service delivery with financing and subsidy assistance, supported by a stock e-shop for photovoltaic goods. The website is well-positioned in the renewable energy sector with strong local market presence and partnerships with recognized brands like Benekov and Viessmann. Technically, the website is built on WordPress using Elementor and Yoast SEO, with modern web technologies including Google reCAPTCHA and Google Analytics. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Security posture is solid with HTTPS enforced and reCAPTCHA protecting forms, though some security headers are missing and minor image loading issues exist. Overall, the security posture is good but could be improved by implementing additional HTTP security headers and fixing minor technical issues. Privacy compliance is strong with clear GDPR policies and cookie consent mechanisms. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Strategically, AquaSolarTech should focus on enhancing security headers, maintaining up-to-date software, and possibly adding a vulnerability disclosure policy to further strengthen trust and security culture.

P

Pure Silver Creative

clienttasks.com

57

CIARA is a technology portal system used by Pure Silver Creative, providing a login interface for clients or users to access various internal modules and services. The website is built on WordPress with a modern tech stack including Vue.js and several JavaScript libraries, indicating a moderate level of digital maturity. The portal focuses on user authentication and access management, with no public-facing business content or marketing information on the login page. Security posture is adequate with HTTPS enforced and secure form handling, but lacks visible security headers and privacy compliance documentation. Overall, the site appears functional for its intended purpose but would benefit from enhanced security headers and privacy policies to improve trust and compliance.

F

FSR magazine

fsrmagazine.com

62

FSR magazine is a media publication focused on providing news and insights related to the full service restaurant industry. The website targets professionals and stakeholders within this niche sector, offering industry news, supplier directories, and market analysis. The business model centers on media content delivery, likely monetized through advertising and partnerships. The site demonstrates a consistent brand presence and good content quality, positioning it as a specialized media outlet within its market segment. Technically, the website is built on WordPress with modern SEO tools such as Yoast SEO Premium and integrates Google Tag Manager and reCAPTCHA for enhanced user experience and security. The site uses common web technologies including jQuery and FontAwesome, and employs Google Ad Manager and AdRoll for advertising and retargeting. Performance and mobile optimization are good, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the provided content. However, the absence of privacy and cookie policies, as well as missing contact information, represent compliance and trust gaps. The WHOIS data is unavailable, which reduces domain trustworthiness, though the website content and technical setup appear professional. Overall, the site is functional and professional but would benefit from improved privacy compliance, clearer contact information, and enhanced security disclosures to strengthen trust and regulatory adherence.

W

WindEurope

windeurope.org

58

WindEurope is a well-established European industry association advocating for wind energy policies and representing over 450 member companies. It operates as a key voice in the European renewable energy sector, providing policy advocacy, organizing industry events, and offering data and career resources. The organization is headquartered in Brussels, Belgium, and has a domain age consistent with its founding date in 2014, reinforcing its legitimacy and market presence. The website is professionally designed with excellent content quality, targeting industry stakeholders, policymakers, and professionals in the wind energy sector. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses multiple analytics platforms including Google Analytics, Matomo, and Microsoft Clarity. It is hosted behind Cloudflare, ensuring good performance and security. The site is mobile-optimized, accessible, and SEO-friendly, leveraging Yoast SEO Premium for enhanced search engine visibility. The technical infrastructure supports a positive user experience with fast loading and clear navigation. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. However, DNSSEC is not enabled, and security headers are not explicitly detected, suggesting room for improvement. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism, aligned with GDPR requirements. Contact information is clearly provided, enhancing trust and transparency. Overall, WindEurope's website demonstrates a high level of professionalism, security, and compliance suitable for an essential industry association. Strategic recommendations include enabling DNSSEC, adding security headers, publishing a security policy, and establishing a vulnerability disclosure program to further strengthen security posture and stakeholder trust.

D

DATEA Services GmbH / ATEOS Services e.U.

datea.at

47

DATEA Services GmbH is a small Austrian technology company specializing in digital transformation consulting, software development, and managed IT services. Their website presents a professional image with clear service offerings under the themes discover, create, and operate. The company targets businesses seeking to leverage digital opportunities and make strategic decisions to advance their operations. The website is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, indicating a mature digital infrastructure. Performance and mobile optimization are good, though accessibility is basic. Security posture is adequate with HTTPS enforced but lacks explicit security headers and published security policies. Privacy compliance is good with a privacy policy and cookie policy present, though no cookie consent mechanism is implemented due to the absence of cookies. WHOIS data confirms the legitimacy and consistency of the domain registration, matching the business claims and founding date. Overall, the website is trustworthy and professional, with room for improvement in security best practices and incident response transparency.

H

Harry's Biketours

harrys-biketours.at

10

Harry's Biketours is a small, specialized tourism company offering motorcycle tours and travel experiences primarily in the South-Alps region covering Austria, Italy, and Slovenia. Their services include guided and self-guided motorcycle tours, travel packages, and accommodation options such as Apartment Panorama. The website is professionally designed, mobile-optimized, and provides clear contact information and GDPR-compliant privacy and cookie policies. Technically, the site is built on WordPress with common plugins and frameworks, delivering moderate performance and good SEO. Security posture is adequate with HTTPS enabled and cookie consent mechanisms, but lacks advanced security headers and explicit security policies. WHOIS data is unavailable, likely due to privacy protection, which is typical for small businesses in this sector. Overall, the site is trustworthy and well-positioned within its niche market.

S

Slovenská asociácia organizátorov verejnej dopravy

saovd.sk

39

Slovenská asociácia organizátorov verejnej dopravy (SAOVD) is a Slovak non-profit association dedicated to coordinating and supporting regional integrated public transportation systems. It acts as a platform for its members to collaborate, advocate for legislative changes, and promote integrated transport solutions across Slovakia. The website reflects a professional and focused organization with clear contact information and partner affiliations to regional transport entities. Technically, the site uses established libraries such as jQuery, Bootstrap, and FontAwesome, providing a moderate performance and good mobile responsiveness. However, there is room for improvement in accessibility and security headers. The security posture is adequate with HTTPS usage implied, but lacks explicit security policies and cookie consent mechanisms. Overall, the domain registration data aligns well with the organization's claims, supporting legitimacy and trustworthiness.

ا

ایران وب هاست

irwebhost.com

56

ایران وب هاست is a Persian-language web hosting and domain registration provider established since at least 2014, serving a broad range of customers from small businesses to large organizations in Iran. The company offers shared hosting, VPS, dedicated servers, SSL certificates, and domain services, positioning itself as a trusted hosting provider with over 14,000 websites hosted. The website is professionally designed using WordPress with the Enfold theme, optimized for SEO and mobile devices, and includes multiple trust seals such as eNamad and Samandehi. Technical infrastructure includes modern web technologies and cloud-based servers both inside and outside Iran. Security posture is good with HTTPS enforced and secure forms, but lacks some security headers and explicit privacy/cookie consent mechanisms. WHOIS data is missing or unavailable, which reduces domain trustworthiness despite the active business presence. Overall, the website is functional, professional, and trustworthy for its target market, but would benefit from improved transparency in domain registration and enhanced privacy compliance.

N

NNPC Marine Insurance

nnpc-marine.com

68

NNPC Marine Insurance is a specialized marine insurance provider positioned as the only Dutch P&I club offering global marine insurance and risk solutions. The company targets marine industry clients such as ship owners and charterers, providing services including P&I Mutual, Fixed Premium, FD&D, Crew Insurance, Charterers Liability, and Inland Shipping Insurance. The website is professionally designed, multilingual, and uses a modern WordPress infrastructure with plugins for SEO, analytics, and marketing. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and explicit incident response information. The domain WHOIS data shows an inconsistency with a future creation date, which raises some trust concerns. Overall, the website is functional, compliant with GDPR, and presents a credible business presence with room for security and transparency improvements.

N

NorthStandard

north-standard.com

58

NorthStandard is a marine insurance provider specializing in Protection & Indemnity (P&I) coverage, positioning itself as one of the largest P&I clubs within the International Group. The company targets marine industry professionals including ship owners and operators, offering specialized insurance services. The website reflects a professional and consistent brand image with a focus on marine insurance services. Technically, the site employs modern web technologies such as Google Tag Manager, Cookiebot for consent management, Hotjar for analytics, Adobe Typekit, and Google Fonts, hosted under a reputable registrar IONOS SE. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Security posture is moderate with HTTPS implied, clientTransferProhibited domain status, and cookie consent mechanisms in place; however, DNSSEC is not enabled and no explicit security headers or incident response policies are found. Overall, the site is safe, professional, and trustworthy with no adult or questionable content detected.

R

Ríkisskattstjóri

skattur.is

68

The website innskraning.rsk.is serves as the official login portal for the Icelandic tax authority (Ríkisskattstjóri). It provides secure authentication mechanisms including electronic identification and web key login, integrating with the national island.is authentication service. The portal targets Icelandic taxpayers and businesses requiring access to tax-related services. The site is branded consistently with government standards and offers a professional user experience with modern web technologies such as Bootstrap and IBM Watson Assistant chat integration. While WHOIS data for the subdomain is unavailable, this is typical for subdomains and does not detract from the site's legitimacy. The portal uses HTTPS and includes CSRF protection tokens in forms, but lacks visible security headers and explicit security or incident response contact information.

G

Global Game Jam, Inc.

globalgamejam.org

61

Global Game Jam, Inc. operates the Global Game Jam website, which serves as the central hub for the world's largest game creation event. The organization facilitates tens of thousands of participants worldwide, providing event registration, educational resources, and community engagement. The website reflects a mature and well-established non-profit entity with a strong global presence and reputable sponsors. Technically, the site is built on Drupal 10, integrates modern marketing and analytics tools, and is hosted with Cloudflare DNS services, ensuring reliable performance and security. However, there are minor gaps in privacy compliance, such as the absence of a cookie consent mechanism and no visible GDPR-specific policies. Security posture is solid with HTTPS and domain registration protections, but could be improved by enabling DNSSEC and publishing explicit security policies. Overall, the website is professional, trustworthy, and well-positioned in its niche, with recommendations to enhance privacy compliance and DNS security to further strengthen its digital maturity.

Quicket is an established online event ticketing platform serving primarily the African market. It offers a comprehensive suite of services for event organizers and attendees, including ticket sales, event creation, ticket scanning, real-time analytics, and marketing tools. The platform supports a wide range of event types from large festivals to boutique events, positioning itself as a trusted and versatile solution with over 200,000 events served. Technically, the website leverages modern web technologies such as Angular and integrates multiple marketing and analytics tools, indicating a mature digital infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security headers and published security policies, which are areas for improvement. The absence of WHOIS data for the domain is a concern for domain legitimacy, though the website content and branding suggest a legitimate business. Overall, Quicket presents a solid platform with room to enhance transparency and security posture.

S

S.H.O.P. CENTAR d.o.o.

croatiaopen.hr

68

Croatia Open Umag is an official ATP tennis tournament organized by S.H.O.P. CENTAR d.o.o., established in 2011 and held in Croatia. The website serves as a platform for disseminating tournament news, schedules, player information, and ticket sales, targeting tennis fans and sports enthusiasts. The business operates primarily in the hospitality and sports event sector, maintaining a consistent brand presence and affiliation with the ATP Tour. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, and New Relic for monitoring, with good mobile optimization and moderate performance. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security headers and policies are lacking. Privacy compliance is limited due to missing privacy and terms of service pages. Overall, the site is professional and trustworthy, with room for improvement in compliance and security transparency.

2

24/7 Software

247software.com

66

24/7 Software is a B2B technology company specializing in operations and facility management software designed to enhance real-time communications, maximize user experience, and reduce operational risk. The company targets facility managers and operations teams in sectors such as sports venues, entertainment, convention centers, and airports. Their platform offers a comprehensive suite of tools including incident management, real-time communication, computerized maintenance management, guard tours, and advanced analytics. The website reflects a professional market position with notable clients and partners, supported by customer testimonials and a consistent brand presence. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies such as Google Analytics, AdRoll, and Wistia for marketing and analytics. The site is mobile-optimized with good SEO and accessibility features, though some improvements in security headers and published security policies could enhance its posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Security-wise, the site enforces HTTPS and avoids exposing sensitive data, but lacks explicit security policy documentation and vulnerability disclosure mechanisms. The WHOIS data is unavailable, likely due to privacy protection, but the website's professionalism and trust indicators suggest legitimacy. Overall, the site presents a solid digital presence with room for security and compliance enhancements. The risk assessment indicates a moderate to low risk profile with recommendations to improve security headers, publish incident response information, and consider vulnerability disclosure to strengthen trust and compliance.

S

Stratos

stratos-ad.com

71

Stratos is a well-established online community platform founded in 1998, serving video game and multimedia developers primarily in Spain. The website offers industry news, job listings, collaboration opportunities, forums, and educational resources, positioning itself as a niche hub for professionals and enthusiasts in the multimedia development sector. The platform maintains active engagement through frequent job and collaboration postings and integrates social media channels for broader community interaction. Technically, the site employs modern web standards including responsive design, Google Fonts, FontAwesome icons, and Google Tag Manager for analytics, hosted by DonDominio. The website is mobile-optimized and provides a consistent user experience with clear navigation and professional design. Security-wise, the site uses HTTPS with good SSL configuration but lacks some advanced security headers and DNSSEC. Privacy compliance is addressed with dedicated pages for privacy policy, cookie policy with consent mechanisms, and terms of service, though incident response and vulnerability disclosure policies are absent. Overall, the site demonstrates a solid security posture with room for improvement in security headers and incident response transparency. The domain's long registration history and consistent WHOIS data reinforce the site's legitimacy and trustworthiness.

Skillshot.pl is a specialized online job board platform focused on the Polish game development industry, operated by Orchid Games since 2011. It provides a niche marketplace connecting game development companies with job seekers, offering a variety of roles including programming, art, design, audio, testing, and management. The platform supports job ad posting and email notifications, serving a targeted audience of Polish gamedev professionals and employers. The website is professionally designed with good content relevance and navigation, optimized for mobile devices, and regularly updated with active job listings. Technically, it is built on Ruby on Rails with Bootstrap and FontAwesome, hosted by home.pl S.A., and uses Google Analytics and Tag Manager for user tracking. Security posture is moderate with HTTPS enabled and CSRF protections, but lacks DNSSEC and security headers, and does not implement a cookie consent mechanism. Privacy compliance is basic with a privacy policy and terms of service present but no explicit GDPR compliance indicators or data protection officer contact. Overall, the domain is legitimate, stable, and consistent with the business claims, with no signs of suspicious activity or content safety concerns.

V

VIDEO GAMES EUROPE

videogameseurope.eu

73

Video Games Europe is an established industry association representing the European video games sector since 1998. The organization focuses on advocacy, supporting the creative and economic potential of the sector, and promoting responsible gaming experiences. The website reflects a professional digital presence built on WordPress with the Divi theme, incorporating modern web technologies and SEO best practices. While the site is well-structured and visually consistent, it lacks visible privacy and terms of service policies, as well as explicit contact information, which are important for trust and compliance. Security posture is adequate with HTTPS and cookie consent mechanisms, but could be improved by adding security headers and vulnerability disclosure information. Overall, the domain WHOIS data is privacy protected, which is typical for such organizations, but limits verification of domain age and registrant details.

I

InMotion Hosting

inmotionhosting.com

67

InMotion Hosting is a well-established web hosting provider specializing in Linux-based hosting solutions including shared hosting, VPS, dedicated servers, domain registration, email, and WordPress hosting. The company targets businesses and individuals seeking reliable and scalable hosting services, supported by 24/7 human customer support. Their market position is strong with a reputation for quality and customer service. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery and Optimizely for optimization and analytics. The site is well-optimized for performance, mobile responsiveness, and accessibility, indicating a mature digital infrastructure. Security best practices are observed with HTTPS enforcement and appropriate security headers, although explicit incident response and vulnerability disclosure policies are not publicly detailed. The security posture is robust with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Contact information is clearly provided, enhancing business credibility. However, the WHOIS data is unavailable, which slightly reduces trust but is mitigated by the professional website and business presence. Overall, InMotion Hosting presents a secure, professional, and trustworthy web presence suitable for its business domain. Strategic recommendations include publishing a vulnerability disclosure policy and incident response details to further enhance transparency and trust.

B

Built In

builtin.com

71

Built In is a well-established online platform specializing in technology sector job listings, company profiles, and community content. Founded in 1999, it serves tech professionals and employers primarily in the United States, offering a comprehensive and personalized job search experience. The website demonstrates a strong market position as a niche leader in tech recruitment and industry insights. Technically, the site employs modern web technologies including Cloudflare for DNS and CDN, Google Tag Manager for analytics, and Alpine.js for interactivity, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS enforced and domain registration protections in place, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy compliance is addressed with clear privacy and cookie policies and a consent mechanism. Overall, the site is professional, trustworthy, and user-friendly, with room for improvement in explicit security disclosures and DNS security enhancements.

A

ART-KON-TOR Digital GmbH

art-kon-tor-digital.de

65

ART-KON-TOR Digital GmbH is a small-sized, technology-focused full-service digital agency based in Jena, Germany. The company offers integrated services including web development, IT infrastructure, online marketing, cloud hosting, and AI automation, targeting businesses seeking digital transformation and enhanced online presence. It operates as part of the ART-KON-TOR agency group, leveraging a strong partner ecosystem and subsidiaries to deliver comprehensive solutions. The website reflects a professional and modern digital presence with clear branding and consistent messaging. Technically, the website is built on WordPress with popular plugins for SEO, analytics, accessibility, and cookie compliance. It uses Cloudflare for DNS and security, Matomo and Google Tag Manager for analytics, and Hotjar for user behavior insights. The site is mobile-optimized, accessible, and performs moderately well. Security posture is good with HTTPS enforced and cookie consent implemented, though additional HTTP security headers could enhance protection. No critical vulnerabilities or suspicious content were detected. Privacy compliance is strong with a comprehensive GDPR-aligned privacy policy and cookie consent mechanism. Contact information is transparent and complete, supporting business credibility. Overall, the site demonstrates a mature digital infrastructure and sound security practices appropriate for its business scale. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and continuous monitoring of third-party scripts to maintain privacy compliance and security posture.

D

Dune Novels – The Official Dune Website

dunenovels.com

52

DuneNovels.com is the official website dedicated to the Dune series of novels, providing information and content related to the literary works. The website is built on the WordPress platform, utilizing the Betheme framework and hosted by Bluehost. It employs common web technologies such as jQuery and Google reCAPTCHA to enhance user experience and security. The site presents a professional design with good mobile optimization and basic accessibility features. However, it lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security posture is moderate with HTTPS enabled and reCAPTCHA in use, but the absence of DNSSEC and security headers indicates room for improvement. No contact emails or phone numbers are directly available, and no incident response or security policy information is published. Overall, the website is legitimate and safe for general audiences but would benefit from enhanced privacy and security disclosures.

B

BDA - Berufsverband Deutscher Anästhesisten e.V.

bda-ev.de

51

The BDA - Berufsverband Deutscher Anästhesisten e.V. is a leading professional association in Germany dedicated to anesthesiology. The organization provides comprehensive services including professional representation, education, legal and insurance advice, publications, and events targeted at anesthesiologists, medical professionals, students, and patients. The website serves as an information platform and member resource, reflecting a strong market position within the healthcare sector in Germany. Technically, the site is built on Joomla CMS with modern libraries such as Bootstrap and jQuery, offering good mobile optimization and navigation clarity. Security posture is adequate with HTTPS and CSRF protections, though lacking some security headers and cookie consent mechanisms. The site uses Matomo analytics with privacy-conscious settings. Overall, the website is professional, trustworthy, and well-aligned with its business goals.

K

KULTI Biesenthal

kulti-biesenthal.de

60

KULTI Biesenthal is a small non-profit youth information and media center based in Germany, focused on providing community services, events, and leisure activities for children and youth. The website showcases their key offerings including an annual youth band festival, holiday leisure programs, and opportunities for voluntary social service. Technically, the site is built on WordPress using a modern theme and plugins, with good SEO practices including structured data and cookie consent mechanisms. Security posture is adequate with HTTPS and some security best practices, but lacks explicit privacy policies, terms of service, and vulnerability disclosure information. Contact information is primarily via a contact form with no direct emails or phone numbers visible. Overall, the site is professional and trustworthy for its community role but could improve compliance and transparency aspects.

N

Nachhaltiges Handeln der Hoffnungstaler Stiftung Lobetal

lobetal-nachhaltig.de

54

The Hoffnungstaler Stiftung Lobetal operates as a diaconal non-profit organization focused on sustainability and environmental stewardship. Their website highlights various sustainability activities including climate action, mobility, nature and environment, energy, education, products, and everyday sustainable living. The organization targets individuals and groups interested in sustainable development and social welfare. Technically, the website is built on WordPress using the Astra theme and Beaver Builder, with good SEO and mobile optimization but lacks advanced security headers and privacy policies. Security posture is moderate with HTTPS enabled but missing explicit security policies and headers. Overall, the site is professional and trustworthy but could improve privacy compliance and security transparency.