Security Directory

V

Voice of the Ocean Foundation

voiceoftheocean.org

11

Voice of the Ocean Foundation is a small non-profit organization based in Sweden, dedicated to supporting ocean science, education, and stewardship. Their website clearly communicates their mission to increase ocean awareness and knowledge through research support, cultural visualization, and public engagement. The foundation targets a broad audience including researchers, educators, and the general public interested in ocean sustainability. Technically, the website is built on WordPress with modern plugins such as Gravity Forms and Swiper Carousel, and it uses Cloudflare for DNS and domain registration. The site is well-optimized for SEO and mobile devices, with good accessibility features. Security posture is solid with HTTPS and domain transfer protection, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is partially met with a clear privacy policy and terms of service, but lacks a cookie consent mechanism. Overall, the website presents a professional and trustworthy image consistent with a reputable non-profit foundation.

E

Emirates Group

emiratesgroupcareers.com

64

The Emirates Group Careers website serves as a comprehensive employment portal for the Emirates Group, a major global airline and aviation services provider headquartered in the United Arab Emirates. The site offers detailed information on career opportunities across various sectors including airline operations, corporate roles, IT, and more. It highlights employee benefits, company awards, and promotes a diverse and inclusive work environment. The website is professionally designed with a strong brand presence and multimedia content that enhances user engagement. Technically, the site employs modern web technologies including Google Tag Manager, Google Analytics, Hotjar for user behavior analytics, and integrates YouTube content. It is optimized for mobile devices and demonstrates good SEO and accessibility practices. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms, though some security headers could be improved for enhanced protection. The WHOIS data for the domain is unavailable, indicating possible privacy protection or a new registration. Despite this, the website content and external references strongly support the legitimacy of the site as an official Emirates Group platform. No critical security vulnerabilities or compliance issues were detected. Overall, the site presents a secure, user-friendly, and trustworthy platform for prospective employees. Strategic recommendations include enhancing security headers, maintaining up-to-date privacy compliance, and improving contact information visibility to strengthen user trust and engagement.

B

Beacon CRM

beaconproducts.co.uk

73

Beacon CRM is a specialized SaaS platform designed to empower charities with a comprehensive CRM solution tailored to their unique needs. The company positions itself as a market leader in the UK charity sector, offering a broad suite of features including fundraising, event ticketing, membership management, case management, and AI-powered automation. The website reflects a mature digital presence with excellent design, clear navigation, and strong trust signals such as ISO 27001 certification and positive customer testimonials. Technically, the site leverages modern web technologies including Webflow CMS, Cloudflare for security and performance, and integrates analytics and marketing tools responsibly with user consent mechanisms. Security posture is robust with HTTPS, security headers, and bot protection in place, though the absence of a public vulnerability disclosure policy and incident response contacts suggests room for improvement. Overall, Beacon CRM demonstrates a strong balance of business credibility, technical sophistication, and privacy compliance, making it a trustworthy platform for charities seeking CRM solutions.

I

International Tennis Federation

itftennis.com

57

The International Tennis Federation (ITF) operates as the global governing body for tennis, providing authoritative rankings, tournament calendars, and news for the sport worldwide. The website serves a broad audience including players, officials, fans, and sports organizations, positioning ITF as a key entity in international tennis governance. The digital infrastructure is modern, leveraging React and major analytics platforms, hosted on Microsoft Azure, ensuring fast and responsive user experience across devices. Security posture is strong with HTTPS and security headers implemented, though the absence of a public security policy and incident response details suggests room for improvement. The missing WHOIS data raises questions about domain registration transparency but does not detract from the professional presentation and trustworthiness of the site content. Strategic recommendations include publishing security and incident response policies, verifying domain registration details, and enhancing accessibility features to maintain leadership in digital maturity.

G

GPTCA AG

gptcatennis.org

58

The Global Professional Tennis Coach Association (GPTCA) is a Switzerland-based organization founded in 2012, dedicated to educating and supporting professional tennis coaches aiming to work at ATP Tour and women's pro tennis levels. The website serves as a global hub offering membership, educational courses, events, and resources tailored to tennis coaching professionals. It maintains partnerships with recognized entities such as ATP, ITIA, and Golden Set Analytics, enhancing its credibility and market position. Technically, the website employs a modern tech stack including Google Analytics, Google Tag Manager, Alpine.js, Swiper.js, and AOS for animations, hosted likely on home.pl infrastructure. The site is mobile-optimized with good SEO practices and a consistent branding approach. However, some accessibility features are basic, and performance is moderate. From a security perspective, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and visible security headers. There are no privacy or cookie policies published, representing compliance gaps. No incident response or vulnerability disclosure information is provided. The domain WHOIS data is consistent and legitimate, supporting trustworthiness. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, security headers, and incident response transparency to improve its security posture and regulatory adherence.

M

Manifest

manifest.com

58

Manifest is a marketing and brand performance company focused on accelerating consumer journeys and delivering measurable impact bridging brand and performance. The website is built on WordPress using Elementor and integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, Hotjar, and Crazy Egg. The technical infrastructure is modern and hosted on AWS, providing moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain locks in place, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Business credibility is supported by professional content and a long-established domain. Overall, the website is functional and professional but would benefit from enhanced privacy and security disclosures.

N

nbkc bank

nbkc.com

11

nbkc bank is a reputable online bank and mortgage lender based in the United States, offering a range of financial products including home loans, checking and savings accounts, personal loans, and digital banking services. The company is recognized for its customer-centric approach and has received notable awards such as NerdWallet’s 2023 Best Mortgage Lender Overall. The website reflects a mature financial institution with a strong market position targeting consumers seeking convenient online banking solutions. The business model focuses on direct-to-consumer online services with competitive rates and knowledgeable support.

C

CULLIGAN PORTUGAL S.A.

culligan.pt

57

Culligan Portugal S.A. is a well-established company specializing in water solutions for residential customers in Portugal. The company offers a range of products including bottled water dispensers, filtration systems, premium faucets, and accessories, emphasizing quality, sustainability, and excellent customer service. The website reflects a professional and consistent brand image, targeting Portuguese-speaking consumers with localized content and services. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools such as Google Analytics, TikTok Pixel, and Facebook Pixel. Security measures include HTTPS enforcement, reCAPTCHA on forms, and a cookie consent mechanism, although a dedicated security policy or incident response information is not present. Overall, the website is accessible, well-structured, and GDPR compliant, with a strong business credibility and trustworthiness profile.

C

Culligan Water Spain

culligan.es

55

Culligan Water Spain is a medium-sized company specializing in water treatment solutions, including water purification and conditioning products and services. The company targets both business and consumer markets within Spain, positioning itself as a recognized brand in the water treatment sector. The website reflects a professional presence with a focus on product offerings and customer engagement. Technically, the site is built on WordPress and integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, and Visual Website Optimizer, indicating a mature digital marketing strategy. The site is mobile-optimized and performs moderately well in terms of speed and accessibility. Security-wise, the website enforces HTTPS and uses reCAPTCHA for form protection, but lacks visible security headers and explicit privacy and cookie policies, which are areas for improvement. Overall, the domain appears legitimate, though WHOIS data is unavailable due to registry restrictions, limiting full verification. Strategic recommendations include enhancing privacy compliance, adding security headers, and providing clear contact and incident response information to improve trust and security posture.

C

Culligan Colombia

culligan.co

59

Culligan Colombia is a well-established provider of premium water purification and hydration solutions tailored for commercial and institutional clients such as offices, schools, hospitals, and restaurants. The company emphasizes sustainability and advanced technology, including proprietary purification systems like Firewall® UVC and BioCote® protection. Their market position is strong within Colombia, supported by a professional and user-friendly website that clearly communicates their offerings and value proposition. The site targets business customers seeking reliable and eco-friendly hydration solutions, offering both product sales and flexible rental services with ongoing maintenance and support.

C

Culligan UK Limited

culligan.co.uk

57

Culligan UK Limited operates a professional website offering a wide range of water dispensers and hydration solutions tailored for businesses and residential customers in the United Kingdom. The company positions itself as a trusted provider with a strong market presence, serving over 20,000 companies daily and boasting a high customer satisfaction rating. Their services include bottled water coolers, mains-fed water coolers, instant boiling and chilled taps, hospitality systems, and related accessories. The website is well-branded, content-rich, and optimized for user experience and SEO. Technically, the website is built on WordPress using modern frameworks such as Bootstrap and integrates multiple analytics and marketing tools including Google Analytics, Piwik PRO, Visual Website Optimizer, and Trustpilot widgets. The site is mobile-optimized and demonstrates good performance and accessibility standards. Security measures include HTTPS enforcement and use of Google reCAPTCHA on forms, although some security headers could be improved. The security posture is solid with no evident vulnerabilities in the provided content, but the absence of a public security policy or incident response contact is noted. Privacy and cookie policies are present with consent mechanisms, indicating compliance with GDPR requirements. The WHOIS lookup failed due to an invalid query for the subdomain rather than the registered domain, but the website's legitimacy is supported by branding and trust signals. Overall, Culligan UK Limited presents a professional, trustworthy online presence with strong business credibility and a good security baseline. Strategic improvements in security headers and public security disclosures would enhance their security posture further.

C

Culligan Belgium

culligan.be

61

Culligan Belgium operates as a regional provider of water treatment solutions, specializing in water coolers, water softeners, and filtration systems for both residential and business customers. The company maintains a professional online presence with a well-structured website optimized for multiple languages and regions within Belgium. Their market position is supported by consistent branding and a clear focus on water-related products and services. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates advanced marketing and analytics tools such as HubSpot, Google Analytics, and Microsoft Clarity, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforcement, cookie consent mechanisms, and use of reCAPTCHA, although some security headers could be improved. Overall, the site demonstrates good privacy compliance and business credibility, with no signs of malicious activity or content blocking.

F

Fitshop

sport-tiedje.de

66

Fitshop is a leading European retailer specializing in home fitness equipment, operating both online and through 69 physical stores across Europe. The company offers a wide range of fitness products, supported by expert customer service and multiple industry awards, positioning itself as Europe's number one in home fitness. The website is professionally designed, mobile-optimized, and provides comprehensive content relevant to its target audience of fitness consumers. Technically, the site employs modern frameworks such as Bootstrap and jQuery, integrates Google Tag Manager and Analytics, and uses Cloudflare for hosting and security. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the site demonstrates a mature digital presence with good privacy compliance and business credibility.

P

Praxis am Landhaus Flottbek

praxisamlandhaus.de

48

Praxis am Landhaus Flottbek is a specialized physiotherapy practice located in Hamburg, Germany, with a history dating back to 2001. The business focuses on musculoskeletal treatment, rehabilitation, and training services, targeting patients in the Hamburg Elbvororte region. The website reflects a professional healthcare service provider with a clear market position as a local trusted physiotherapy provider. Technically, the site is built on WordPress using Elementor, integrating modern tools such as hCaptcha for form security and Borlabs Cookie for GDPR-compliant cookie management. The presence of Google Analytics and external media embeds is managed with user consent, indicating a mature digital infrastructure. Security posture is good with HTTPS enabled and some best practices observed, though additional security headers could enhance protection. Overall, the website is well-designed, accessible, and trustworthy, with comprehensive privacy and cookie policies. No critical vulnerabilities or suspicious elements were detected, and the domain registration data aligns well with the business claims, supporting legitimacy.

F

FitGutSchein.de CTM Gesundheitsservice GmbH

fitgutschein.de

45

FitGutSchein.de CTM Gesundheitsservice GmbH operates a specialized health promotion voucher platform aimed at improving employer branding and employee health in Germany. The company connects employers, employees, and health service providers through a cooperative network offering flexible, tax-advantaged health services. The website is professionally designed using WordPress with modern SEO and caching technologies, providing a good user experience and clear navigation. Contact information and social media presence are transparent and accessible. Security posture is solid with HTTPS and privacy compliance, though explicit security policies and incident response details are absent. Overall, the site is legitimate, well-maintained, and focused on its niche market.

Y

Yonex

yonex.com

10

Yonex is a globally recognized leader in the manufacturing and retail of sports equipment, specializing in badminton, tennis, and golf products. Their website serves as a comprehensive e-commerce platform showcasing a wide range of racquets, strings, clubs, apparel, footwear, and accessories. The brand emphasizes technology-driven innovation to enhance athletic performance. The site targets sports enthusiasts and professional athletes, offering a seamless shopping experience with clear navigation and professional design. Technically, the website is built on the Magento platform, leveraging modern web technologies such as RequireJS, jQuery, and Bootstrap. It integrates advanced analytics and monitoring tools including Google Analytics, Google Tag Manager, and New Relic Browser for performance and user behavior insights. The site demonstrates good mobile optimization, accessibility features, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements key security headers like Content Security Policy and Strict-Transport-Security. While no critical vulnerabilities were detected, the absence of explicit security policy and incident response pages suggests room for improvement in transparency and readiness. Privacy compliance is well addressed with visible privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, Yonex's website reflects a mature digital presence with strong business credibility and technical infrastructure. The lack of WHOIS data is likely due to privacy protection and does not detract from the site's legitimacy. Strategic recommendations include publishing security and incident response information, enhancing contact transparency, and maintaining regular security audits to uphold trust and compliance.

T

Tennisplaza

tennisplaza.be

49

Tennisplaza is a well-established Belgian media website focused on delivering tennis news, live streaming information, and expert analysis to tennis enthusiasts primarily in Belgium. Founded in 2011, it serves as a comprehensive source for tennis fans with regularly updated content and active social media engagement. The website leverages WordPress CMS with Elementor and Jet plugins, supported by Google Analytics, Microsoft Clarity, and other marketing tools to optimize user experience and track engagement. While the site is technically sound with HTTPS and modern web technologies, it lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security posture is adequate with SSL but could be improved by adding security headers and incident response information. Overall, Tennisplaza presents a professional and trustworthy platform for tennis news but should enhance its privacy and security disclosures to align with best practices.

F

FAIR SHARE

fairsharewl.org

54

FAIR SHARE is a small non-profit organization dedicated to promoting gender equality in leadership within the social impact sector. Their website highlights their mission to achieve a fair share of women leaders by 2030, supported by monitoring tools, advocacy, and feminist leadership projects. The organization is positioned as a niche player focused on feminist leadership and social justice. Technically, the website is built on WordPress using modern plugins and frameworks, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and cookie consent mechanisms, though DNSSEC is not enabled and some advanced security headers are missing. Privacy compliance is strong with clear policies and consent banners. Overall, the website is professional, trustworthy, and well-aligned with its mission, though it lacks explicit contact information and formal security policies.

L

Logo-Solution GmbH

4bowl.de

53

4bowl is a German-based SaaS provider specializing in online reservation and booking systems tailored for bowling centers and leisure facilities. The company, operated by Logo-Solution GmbH, offers a comprehensive platform that enables professional management of bookings and staff, accessible via multiple devices including PC, Mac, tablets, and smartphones. With over 200 centers relying on their system, 4bowl holds a strong market position in the hospitality and leisure sector in Germany and surrounding countries. The website is well-branded, professionally designed, and provides clear information about its services and customer base. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and integrates multiple marketing and analytics tools including Google Analytics, Facebook Pixel, and Tawk.to live chat. Hosting and DNS services are managed via Cloudflare, ensuring robust infrastructure and performance. The site is mobile-optimized and SEO-friendly, though accessibility features could be improved. From a security perspective, the site enforces HTTPS with strong SSL configuration and uses Cloudflare for DNS and CDN services. It implements a cookie consent banner and maintains GDPR compliance with a privacy policy. However, it lacks visible security headers, an incident response policy, and a vulnerability disclosure mechanism, which are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, 4bowl presents a trustworthy and professional online presence with a solid technical foundation and good privacy practices. Strategic enhancements in security policies and compliance documentation would further strengthen its security posture and business credibility.

T

Time Service B.V.

getraceresults.com

49

RaceResults, operated by Time Service B.V., is a specialized online platform providing comprehensive motorsport race results, live timing, and race tracking services. The website hosts an extensive database of event results timed with RSTime software dating back to 2004, serving motorsport enthusiasts, event organizers, and racers globally. The platform leverages DotNetNuke CMS and integrates Google Analytics for user tracking. The business operates primarily in the transportation sector with a niche focus on motorsport timing services. The domain is well-established since 2016, aligning with the business's operational history.

H

Hofer Fotos

hoferfotos.at

67

Hofer Fotos is a small local photography service based in Austria, specializing in portrait, event, and commercial photography. The website presents a professional image with good design quality and clear navigation, targeting individuals and businesses seeking photography services. The technical infrastructure includes modern JavaScript libraries such as jQuery and PrimeFaces, with integration of marketing and analytics tools like Google Analytics and Visual Website Optimizer. While the website uses HTTPS and secure cookies, it lacks several security headers and visible privacy or terms of service pages, indicating room for improvement in compliance and security posture. No direct contact information or incident response policies are visible, which may affect user trust and regulatory compliance.

B

Beiersdorf

beiersdorf.at

76

Beiersdorf is a globally recognized enterprise specializing in skin care products with a portfolio of strong brands such as NIVEA, Eucerin, and La Prairie. The website reflects a mature digital presence with comprehensive corporate information, a focus on consumer needs, and a commitment to sustainability. Technically, the site employs modern frameworks like UIkit, integrates Google Analytics and Tag Manager for data insights, and uses a robust consent management platform to ensure GDPR compliance. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not publicly disclosed. Overall, the site is professional, trustworthy, and well-optimized for user experience and privacy.

E

Escape The City Ltd.

escapethecity.org

57

Escape The City Ltd. operates a leading UK-based online platform dedicated to connecting ambitious professionals with purposeful jobs, volunteering roles, and career change programmes. The company has established a strong market position as a purpose-driven job board and employer certification provider, targeting professionals seeking meaningful work aligned with progressive values. Their services include curated job listings, employer services such as Top 1% Employer certification, and career development resources. The website is professionally designed, well-branded, and offers a seamless user experience with clear navigation and mobile optimization. Technically, the website leverages modern web technologies including Vue.js, Algolia for search, and Google Analytics for tracking. It is hosted on Bubble.io's CDN infrastructure, ensuring fast performance and reliable availability. The site implements security best practices such as HTTPS, CSRF tokens, and secure form handling, although explicit security policies and incident response information are not publicly disclosed. Privacy compliance is addressed with comprehensive privacy and cookie policies, though a cookie consent mechanism is not explicitly implemented. Overall, the security posture is strong with no evident vulnerabilities or exposed sensitive data. The business credibility is high, supported by company registration details, VAT number, and Certified B Corporation status. The domain age aligns well with the company's founding year, reinforcing legitimacy. Recommendations include enhancing transparency around security policies, adding a cookie consent mechanism, and publishing vulnerability disclosure information to further strengthen trust and compliance.

MicroPayment.com is currently a parked domain sales landing page offering the premium domain name for sale. The site is brokered by AbdulBasit Makrani and targets domain investors or businesses interested in acquiring the domain. The business model is straightforward domain brokerage with inquiry via email, WhatsApp, or contact form. The website uses modern frontend technologies such as Bootstrap 5, jQuery, and Font Awesome, and integrates Google Analytics for visitor tracking. However, the content is minimal and primarily focused on domain sale inquiry. From a technical perspective, the site is moderately optimized with responsive design and basic SEO elements. The SSL configuration is excellent, enforcing HTTPS, but no advanced security headers were detected. The contact form includes a consent checkbox for data collection, indicating some privacy awareness, though no cookie policy or terms of service pages were found. Security posture is moderate but could be improved by adding security headers and explicit privacy and cookie policies. The WHOIS data is missing or indicates the domain is unregistered or expired, which lowers trust and legitimacy scores. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the site is low risk with no adult or explicit content, but the lack of WHOIS data and minimal content limits business credibility. Strategic recommendations include improving security headers, adding comprehensive privacy and cookie policies, and clarifying domain registration status to enhance trust.

P

Cookie-Information

pfeifergroup.com

46

The website analyzed is primarily a cookie information and consent page for www.pfeifergroup.com, providing detailed information about cookie usage including third-party cookies from major providers such as Google, Hotjar, LinkedIn, Matomo, Meta, and Microsoft. The site implements a cookie consent mechanism compliant with GDPR, allowing users to accept all cookies, only essential cookies, or customize their preferences. However, the website content is minimal and focused solely on cookie information without broader business or contact details. WHOIS data for the domain is unavailable, indicating either a recent registration, privacy protection, or a domain registration issue, which impacts trust and legitimacy assessments. Technically, the site uses standard web technologies including JavaScript and CSS, with integrations for analytics and marketing tools, but lacks visible security headers and detailed business information.

P

Pieper Holz GmbH

pieperholz.de

41

Pieper Holz GmbH is a medium-sized German manufacturing company specializing in woodworking products including sawmill operations, raw wood trade, playground equipment, and bridge construction. Their website emphasizes sustainability and future-oriented wood solutions, targeting businesses and organizations in need of quality wood products and landscape construction materials. The company maintains a professional online presence with clear contact information and basic compliance with privacy regulations. Technically, the website uses common JavaScript libraries and Google Analytics with privacy-conscious configurations such as IP anonymization and opt-in cookie consent. However, no explicit security policies or incident response information are published, and security headers are not evident, indicating room for improvement in security posture. WHOIS data is limited but consistent with a legitimate hosting provider, supporting the website's credibility. Overall, the site is well-structured, user-friendly, and trustworthy with a moderate security maturity level.

R

Rettenmeier

rettenmeier.com

56

Rettenmeier operates as a large manufacturing company specializing in wood products and related services, targeting B2B customers and dealers primarily in Germany and neighboring countries. The website is professionally designed using TYPO3 CMS, featuring a clear navigation structure and multilingual support. The company demonstrates compliance with GDPR through a comprehensive privacy policy and an integrated Cookiebot consent mechanism. Google Analytics is used with IP anonymization to monitor website traffic and user behavior. Security posture is generally good with HTTPS enabled and privacy controls in place, though some security headers and explicit incident response information are absent. WHOIS data is unavailable or privacy protected, which slightly reduces transparency but does not detract significantly from the site's legitimacy. Overall, the website reflects a mature digital presence suitable for a large manufacturing business.

T

The Reef-World Foundation

reef-world.org

66

The Reef-World Foundation is a well-established non-profit organization dedicated to coral reef conservation globally, leveraging marine conservation, sustainable tourism, and community engagement. Founded in 1999, it has a strong market position with extensive reach across 80+ countries and significant engagement with marine tourism businesses and tourists. The website reflects a professional and consistent brand image, targeting environmental stakeholders and the general public interested in marine conservation. Technically, the website is built on the Squarespace platform, utilizing modern web technologies including Google Analytics and Tag Manager for tracking, and a video player for rich media content. The site is mobile-optimized and performs moderately well, with good SEO and basic accessibility features. From a security perspective, the site enforces HTTPS with HSTS and has domain transfer protections in place. However, it lacks DNSSEC and explicit security or privacy policies, which are areas for improvement. No vulnerabilities or suspicious activities were detected. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and explicit security documentation to improve user trust and regulatory adherence.

O

One’

one-event.ch

51

One’ is a non-profit Christian event organizer based in Switzerland, focusing on uniting the Christian community in the French-speaking region through a large annual event. The website provides detailed information about the event scheduled for November 15, 2025, including speakers, program, ticketing, and partner organizations. The technical infrastructure is built on WordPress with Elementor and uses reputable third-party services for ticketing and analytics. Security posture is good with HTTPS and security headers, but lacks published privacy and cookie policies, which impacts compliance. Overall, the site is professional and trustworthy but should improve privacy compliance and incident response transparency.

Schloss - Herbersteins Brasserie is a small hospitality business based in Linz, Austria, offering restaurant dining, catering, exclusive event hosting, and special events such as Candle Light Dinners. The website positions the business as a local venue with a focus on quality dining experiences and private celebrations. The technical infrastructure is based on an older TYPO3 CMS version 4.5, with JavaScript libraries such as jQuery 1.4.4, and uses Google Analytics and Google Tag Manager for tracking. While the site is functional and provides clear contact information and event details, it lacks modern security headers and cookie consent mechanisms, which are important for GDPR compliance. The security posture is moderate but could be improved by updating outdated libraries and implementing security best practices. Overall, the website is professional and trustworthy but would benefit from technical modernization and enhanced privacy compliance.

O

OX Steaks & Grill Ried

ox-ried.at

55

OX Steaks & Grill Ried is a hospitality business specializing in high-quality steaks, burgers, fish dishes, and Mediterranean appetizers. The restaurant positions itself as a premium dining location with a unique ambiance and a loyalty app for customers. The business is currently closed for renovation until November 2025, aiming to relaunch with a new concept. The website is built on TYPO3 CMS and integrates modern web technologies including Google Analytics and Facebook Pixel for marketing and analytics purposes. Privacy and cookie policies are well implemented with user consent mechanisms. Contact information and legal disclosures are clearly presented, enhancing business credibility. Security posture is good with HTTPS and anonymized IP tracking, though formal security policies and incident response contacts are not published. Overall, the website is professional, secure, and compliant with GDPR, serving a general audience in Austria.

O

OX-Fischapark GmbH

ox-wrneustadt.at

56

OX-Fischapark GmbH operates a hospitality business in Wiener Neustadt, Austria, specializing in steaks, pizza, and burgers served in a high-quality ambiance. The website reflects a well-established regional restaurant brand with multiple sister locations, offering dine-in services, online reservations, and gift vouchers. The business targets local residents and visitors seeking quality dining experiences. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates Google Analytics and Facebook Pixel for marketing and analytics. The site is mobile-optimized and provides clear navigation and content relevant to its audience. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms compliant with GDPR. However, it lacks explicit security policies and incident response contacts. Overall, the website is professional, trustworthy, and compliant with privacy regulations, supporting the business's credibility and customer engagement.

O

OX Wels Steaks&Grill GmbH & Co KG

ox-wels.at

56

OX Wels Steaks&Grill GmbH & Co KG operates a hospitality business specializing in high-quality steaks, fish dishes, Mediterranean appetizers, and a broad selection of wines in Wels, Austria. The website serves as a digital front for the restaurant, offering online reservations, gift voucher sales, and promoting a loyalty app. The business targets local and regional customers seeking premium dining experiences. The company maintains a network of partner hospitality sites, indicating a strong local market presence. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries such as jQuery, Fancybox, and carousel plugins. It integrates Google Analytics and Google Tag Manager with privacy-conscious configurations like IP anonymization. The site is mobile-optimized and provides a good user experience with clear navigation and downloadable menus. Cookie consent mechanisms and a comprehensive privacy policy demonstrate GDPR compliance. From a security perspective, the site uses HTTPS with no visible critical vulnerabilities or exposed sensitive data. However, it lacks explicit security policies and incident response contacts. The use of third-party scripts is standard but should be regularly audited. Overall, the security posture is solid but could be enhanced with additional headers and formal policies. The overall risk is low with no signs of malicious activity or suspicious registrations. Strategic recommendations include formalizing security policies, enhancing incident response readiness, and continuous monitoring of third-party components to maintain compliance and security standards.

C

Center for International Private Enterprise

cipe.org

71

The Center for International Private Enterprise (CIPE) is a well-established non-profit organization founded in 1983, focused on promoting democracy and economic development through private sector engagement. The organization partners with local entities worldwide to craft business-driven solutions addressing socio-economic challenges. The website reflects a mature digital presence with a clear mission, professional design, and comprehensive content targeting business leaders, policymakers, and international development stakeholders. Technically, the website is built on WordPress, leveraging modern technologies such as Google Analytics, Microsoft Clarity, and Google Tag Manager for analytics and user tracking. The site is mobile-optimized, accessible, and SEO-friendly, with appropriate meta tags and structured data enhancing search visibility. Security best practices are observed with HTTPS enforcement and security headers, although explicit security policies and incident response information are not publicly available. From a security perspective, the site demonstrates a good posture with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. However, the absence of a vulnerability disclosure program or security.txt file suggests room for improvement in transparency and incident handling readiness. Overall, the website presents a trustworthy and professional image consistent with the organization's mission and history. The lack of WHOIS data limits domain registration insights, but privacy protection is justified for this non-profit entity. Strategic recommendations include publishing detailed security policies, incident response contacts, and vulnerability disclosure information to enhance trust and security maturity.

S

SlovakAid

slovakaid.sk

57

SlovakAid is the official Slovak government agency responsible for international development cooperation and humanitarian aid. Established in 2003, it operates as a medium-sized government entity focused on delivering development projects, humanitarian assistance, microgrants, and fostering international partnerships. The agency targets governmental bodies, NGOs, and the general public interested in Slovakia's global development efforts. The website reflects a mature digital presence with comprehensive content, multilingual support, and clear navigation. Technically, it is built on WordPress with Elementor, leveraging modern web technologies and Cloudflare DNS for hosting and performance. Security posture is strong with HTTPS, security headers, and privacy compliance including GDPR. No critical vulnerabilities or WAF blocking were detected. The site integrates Google Analytics and Facebook Pixel for analytics and marketing, with appropriate consent mechanisms. Overall, SlovakAid presents a trustworthy, professional, and well-maintained online presence aligned with its governmental mission.

N

Nadácia Pontis

nadaciapontis.sk

59

Nadácia Pontis is a Slovak non-profit foundation dedicated to fostering positive changes through social innovation, philanthropy, and responsible business practices. The organization connects companies, organizations, and individuals to promote social impact initiatives. The website reflects a medium-sized, established non-profit entity with a clear mission and a professional online presence. The target audience includes firms, organizations, and individuals interested in social responsibility and innovation. The foundation offers services such as events, seminars, volunteer programs, and internships to engage its community. Technically, the website is built on WordPress 6.7.1 and leverages modern tools including Google Tag Manager, Google Analytics, Facebook Pixel, and various WordPress plugins for multilingual support, forms, and social media integration. The site is hosted with CDN support (Cloudfront) and uses HTTPS with strong SSL configuration. Performance and mobile optimization are good, though accessibility features are basic. SEO is well implemented with proper meta tags and structured data. From a security perspective, the site enforces HTTPS and uses reCAPTCHA for forms, indicating good baseline security practices. However, explicit security headers are missing, and there is no published security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Overall, the website is trustworthy and professional, with extensive user tracking and marketing tools. The absence of explicit privacy and security policies is a gap that should be addressed to enhance compliance and user trust. The domain registration data aligns well with the organization's identity, supporting legitimacy. Strategic recommendations include adding privacy and security policies, implementing security headers, and publishing vulnerability disclosure information.

G

Global Education Network Europe (GENE)

gene.eu

64

Global Education Network Europe (GENE) is a well-established European network of Ministries, Agencies, and national bodies focused on policymaking, funding, and support in Global Education. Founded in 2001, it has grown to include over 50 members from more than 25 countries. The website serves as an informational and networking platform, providing news, peer reviews, research, and awards related to Global Education. Technically, the site is built on Squarespace, leveraging modern web technologies and Google Analytics for tracking. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and HSTS. Privacy compliance is partial, with a cookie banner present but no explicit privacy policy or terms of service found. Business credibility is strong given the organization's partnerships and transparent content. Overall, the site is professional and trustworthy but could improve security and privacy disclosures.

E

Eglise MLK

eglisemlk.fr

54

Eglise MLK is a French non-profit religious organization focused on providing spiritual services, community engagement, and religious events. The website serves as a portal for church activities, donations, and community involvement, targeting French-speaking Christian audiences. The organization has an established domain since 2014, consistent with its operational history. Technically, the website is built on WordPress with common plugins and uses AWS for hosting static content. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional and trustworthy but could improve in security and privacy transparency.

A

AMS Technologies AG

amstechnologies.com

45

AMS Technologies AG is a well-established European technology company specializing in optical technologies, thermal management, and electronics solutions. With over 40 years of industry expertise and a broad customer base across high-tech sectors, the company positions itself as a trusted advisor and one-stop-shop for advanced technology solutions. Their website reflects a professional and modern digital presence, leveraging WordPress CMS and contemporary web technologies such as Swiper.js and Google Analytics for user engagement and performance tracking. Security posture is adequate with HTTPS enabled and domain transfer protection, though improvements such as enabling DNSSEC and implementing security headers are recommended. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but lacks a visible cookie consent mechanism. Overall, the website is accessible, content-rich, and trustworthy, supporting AMS Technologies' market position and business credibility.

C

CARDET – Center for the Advancement of Research and Development in Educational Technology

cardet.org

55

CARDET is a well-established non-profit organization based in Cyprus, specializing in educational technology research and development. With a history dating back to 2004, it operates internationally, engaging millions through innovative education programs, training, and collaborative projects. The website reflects a mature digital presence with comprehensive content, clear navigation, and active social media engagement. Technically, the site is built on WordPress with modern frameworks and includes essential security features such as HTTPS and reCAPTCHA. Privacy and cookie policies are well implemented, supporting GDPR compliance. However, the absence of explicit security policies and incident response contacts suggests room for improvement in security transparency. Overall, CARDET demonstrates a strong market position in the education and non-profit sectors with a trustworthy and professional online presence.

A

ADRA Europe

adra.eu

50

ADRA Europe is a well-established Christian humanitarian aid organization operating globally with a focus on disaster relief, health, education, and livelihoods. The website presents a professional and consistent brand image, targeting donors, volunteers, and partners interested in humanitarian causes. Technically, the site is built on WordPress using Elementor and WooCommerce, integrating Google Analytics and Tag Manager for marketing and analytics purposes. The site is mobile-optimized and SEO-friendly but could improve accessibility features. Security posture is good with HTTPS enforced and cookie consent implemented, though the absence of security headers and privacy policy pages indicates room for improvement. Overall, the domain registration is consistent with a legitimate non-profit entity, enhancing trustworthiness. Strategic recommendations include publishing privacy and terms of service policies, adding security headers, and establishing incident response contacts to strengthen compliance and security.

A

ActionAid International

actionaid.org

65

ActionAid International is a well-established global non-profit federation dedicated to eradicating poverty and injustice through humanitarian aid, advocacy, and development programs. The organization operates in multiple countries worldwide, focusing on key themes such as women's rights, climate justice, emergencies, and economic and political issues. Their website reflects a professional and consistent brand image, providing comprehensive information about their mission, activities, and resources. The presence of multiple country-specific domains underscores their global footprint and operational scale. Technically, the website is built on Drupal 10, leveraging modern analytics tools like Google Analytics, Google Tag Manager, and Hotjar for user behavior insights. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Hosting and DNS services utilize Cloudflare, enhancing availability and resilience. Privacy and cookie compliance are well implemented, including user consent mechanisms aligned with GDPR requirements. From a security perspective, the site enforces HTTPS and employs domain transfer protection. However, DNSSEC is not enabled, and no explicit security headers were detected in the HTML content, representing areas for improvement. No vulnerability disclosure or incident response contacts are publicly available, which could be enhanced to improve transparency and trust. Overall, the security posture is solid but could benefit from additional hardening and disclosure practices. The overall risk assessment is low, with no indications of malicious content or suspicious activity. The site is trustworthy, professionally maintained, and compliant with privacy regulations. Strategic recommendations include enabling DNSSEC, publishing a vulnerability disclosure policy, adding security headers, and providing clear incident response contacts to further strengthen security and compliance posture.

A

AMS Technologies AG

ams.de

45

AMS Technologies AG is a well-established European technology company specializing in optical technologies, thermal management, and electronics solutions. With over 40 years of industry expertise and a broad customer base across high-tech sectors, the company positions itself as a trusted advisor and one-stop-shop for custom solutions and expert consulting. Their website reflects a professional and consistent brand image targeting high-tech companies and research institutions. Technically, the site is built on WordPress with modern JavaScript libraries and integrates Google Analytics for user tracking. The site is mobile-optimized and offers a multi-step contact form for detailed customer inquiries. Security-wise, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and visible security headers. Privacy compliance is partially addressed with a privacy policy and terms of service available on the shop subdomain, though no cookie consent mechanism is evident. Overall, the website demonstrates a solid business credibility and technical foundation with room for security and privacy improvements.

N

Netxp GmbH

netxp-verein.de

62

Netxp GmbH operates the website www.netxp-verein.de, providing specialized online software solutions for clubs and associations to manage memberships, finances, and communications efficiently. The company positions itself as a trusted provider with a focus on ease of use, multi-user access, and comprehensive club management features. The website is professionally designed, well-structured, and targets German-speaking clubs and associations. Technically, the site uses modern web technologies including jQuery, Bootstrap, and tracking tools such as Google Analytics and Facebook Pixel, hosted on Schlund Technologies infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit security policies are absent. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact information and social media presence.

P

Pedalo®

pedalo.de

49

Pedalo® is a well-established German company specializing in innovative products and concepts for movement, play, sport, and therapy. Founded in 1963, it targets a broad demographic from children to seniors, emphasizing quality, sustainability, and health promotion. The company operates an e-commerce platform powered by Shopware, integrating modern payment methods such as PayPal and Amazon Pay, and employs Google Tag Manager and analytics for marketing and user behavior tracking. The website is professionally designed, mobile-optimized, and provides clear navigation and customer support channels including phone and email contact. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly available. Overall, the site reflects a credible and trustworthy business with a solid digital presence.

G

Green Fins

greenfins.net

53

Green Fins is a well-established non-profit initiative dedicated to protecting coral reefs through sustainable marine tourism. Supported by the United Nations Environment Programme and partnered with Reef-World, it offers certified and digital memberships to dive centers, snorkelling centers, and liveaboard businesses globally. The website provides educational e-courses for recreational divers and professional guides, promoting responsible tourism practices. The organization targets eco-conscious tourists and marine operators, positioning itself as a trusted global leader in marine conservation education and certification. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, Google Analytics, and Google Maps API integration. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Hosting and DNS services leverage Cloudflare and NameCheap, ensuring reliable performance and domain security. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. However, DNSSEC is not enabled, and some security headers are missing. There is no public vulnerability disclosure or incident response policy, and cookie consent mechanisms are absent, which may impact GDPR compliance. No exposed sensitive data or vulnerabilities were detected. Overall, Green Fins presents a professional, trustworthy, and content-rich platform with a strong business credibility score. Strategic improvements in privacy compliance and enhanced security practices are recommended to further strengthen its security posture and regulatory adherence.

L

lafree.ch - Site évangélique d'information

eglisesfree.ch

50

The website eglisesfree.ch serves as the official online presence for the Fédération romande d'Églises évangéliques (FREE), a non-profit federation of evangelical churches in French-speaking Switzerland. It provides news, event information, resources, and community support tailored to evangelical communities. The site is well-structured, content-rich, and targets a specific religious audience with relevant services such as podcasts, theological commissions, and youth programs. The business model is non-profit and community-focused, with partnerships to support its mission. Technically, the site is built on Joomla CMS using the Helix3 framework, integrating common web technologies like jQuery, Google Analytics, and YouTube embeds. The site is mobile-optimized and performs moderately well, with good SEO practices. However, it lacks some advanced accessibility features and security headers that could enhance its robustness. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. No vulnerability disclosure or security.txt files are present, and security headers are missing, indicating room for improvement in security posture. The WHOIS data aligns well with the website's identity, supporting legitimacy. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices to reduce risk and improve user trust.

L

lafree.ch - Site évangélique d'information

myfreelife.ch

50

Myfreelife.ch is a French-language evangelical Christian news and community website operated under the Fédération romande d’Églises évangéliques (FREE), targeting the Suisse romande evangelical community. The site provides news, portraits, spiritual reflections, and societal articles relevant to its audience. It maintains a consistent brand identity aligned with the federation and integrates social media channels for broader engagement. Technically, the site is built on Joomla CMS with the Helix3 template framework and uses common web technologies such as jQuery and Bootstrap. Google Analytics and Tag Manager are employed for user tracking. Security posture is adequate with HTTPS enabled and CSRF protections in forms, but lacks security headers and explicit privacy or cookie policies. Contact information and incident response details are not directly visible, which may impact user trust and compliance. Overall, the site is professionally presented, content-rich, and trustworthy within its niche, but could improve privacy compliance and security best practices.

C

CCEJ

cckj.ch

48

The website cckj.ch represents a small non-profit organization focused on promoting a charter for Christian children and youth work in Switzerland. The site provides information about the charter, encourages signatories, and targets Christian youth organizations and stakeholders. The business model is centered on advocacy and community engagement within a niche religious and youth sector. Technically, the website is built on WordPress using common plugins such as WPML for multilingual support and Contact Form 7 for user interaction. The site employs Google Analytics and Tag Manager for user tracking, indicating moderate digital maturity. Security posture is basic with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is partial, with a privacy policy PDF available but no cookie consent mechanism or GDPR explicit indicators. Overall, the site is functional and professional but could improve in security and privacy compliance to enhance trust and regulatory adherence.

S

Scoutisme Neuchâtelois

scoutne.ch

45

Scoutisme Neuchâtelois is a regional non-profit youth organization based in the canton of Neuchâtel, Switzerland, focused on providing scouting activities, outdoor adventures, and community engagement for young people starting from age 5. The website serves as an informational and engagement platform for local scouting groups, offering details about activities, groups, and contact options. The organization positions itself as a trusted community resource promoting friendship, nature, and adventure.