Security Directory

P

Program podeželja

program-podezelja.si

41

The website skp.si serves as the official portal for the Skupna kmetijska politika (Common Agricultural Policy) in Slovenia, managed under the auspices of the Slovenian Ministry of Agriculture, Forestry and Food and registered by the Ministry of Digital Transformation. It provides comprehensive information on agricultural policy, public tenders, news, and strategic plans relevant to stakeholders in the Slovenian agricultural sector. The site is well-structured, professionally designed, and optimized for SEO, leveraging WordPress CMS and modern web technologies. Security posture is solid with HTTPS and reCAPTCHA integration, though explicit privacy and terms policies are missing. Overall, the site demonstrates a high level of trustworthiness and professionalism appropriate for a government entity.

L

Lokalna akcijska skupina Od Pohorja do Bohorja

las-pohorje-bohor.si

64

Lokalna akcijska skupina Od Pohorja do Bohorja is a Slovenian local action group focused on regional development initiatives between Pohorje and Bohorje. The organization facilitates community projects, public calls for funding, and workshops to support rural and cultural development. The website serves as an information hub for local municipalities, project applicants, and stakeholders, providing news updates and project details. Technically, the site is built on a CMS platform (BCMS) using modern web technologies like Bootstrap and FontAwesome, with good mobile optimization and accessibility features. Security posture is adequate with HTTPS, CAPTCHA on contact forms, and cookie consent mechanisms, though some security headers are missing. The domain registration is consistent with the business profile, and no suspicious patterns were detected. Overall, the website is professional, trustworthy, and compliant with basic privacy regulations, though it lacks explicit privacy and terms of service pages.

H

Hüthig GmbH

lighting-jobs.de

55

HIGHLIGHT is a specialized media and job portal platform serving the lighting industry in Germany. The website offers job listings tailored to professionals and decision-makers in the lighting sector and has been active since 2008 under the Hüthig GmbH brand. The business model focuses on media publishing and providing a niche job market service, supported by advertising and subscription offerings. The site targets industry professionals seeking employment or recruitment opportunities within the lighting field. Technically, the website employs a modern technology stack including Bootstrap for responsive design, Matomo and Google Tag Manager for analytics, and Sourcepoint for GDPR-compliant consent management. The site is hosted with a reputable DNS provider (DomainControl) and uses HTTPS with strong SSL configuration. The site demonstrates good SEO practices with structured data and meta tags, and it is mobile optimized with basic accessibility features. From a security perspective, the site enforces HTTPS and uses consent management for cookies and tracking. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The site uses multiple third-party advertising and tracking services but manages user consent appropriately. Overall, the website presents a professional and trustworthy front for its niche market. It is well-structured and compliant with GDPR requirements. Strategic improvements could include publishing a formal security policy, adding incident response contacts, and implementing security headers to enhance protection. The risk profile is low, with no signs of malicious activity or content safety concerns.

C

CE-Markt

ce-markt.de

54

CE-Markt is a German business magazine focused on the consumer electronics and home appliances sectors, providing news, commentary, and industry insights. The website serves professionals and businesses in this niche, offering subscription-based magazine issues, newsletters, and event coverage such as IFA. The site demonstrates a solid market position within its industry segment, supported by consistent branding and quality content. Technically, the website employs modern JavaScript technologies, privacy-conscious analytics (Matomo), and a consent management platform (Sourcepoint) to comply with GDPR requirements. The site is mobile-optimized with good navigation and SEO practices, although the CMS is not explicitly identified. Hosting appears stable with dedicated nameservers. From a security perspective, the site enforces HTTPS and uses consent mechanisms but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is minimal but consistent with the business profile, and no WAF or blocking mechanisms interfere with access. Overall, CE-Markt presents a professional and trustworthy online presence with room for improvement in privacy policy transparency, security header implementation, and direct contact information availability.

Z

ZUM d.o.o.

zum-mb.si

45

ZUM d.o.o. is a Slovenian urban planning company with a long-standing history since 1959, specializing in spatial planning, urbanism, infrastructure development, and consulting services primarily for municipalities and government bodies in Slovenia. The company holds a strong market position as one of the leading providers of urban planning services in the region. Technically, the website is built on WordPress with modern plugins and frameworks, hosted by NEOSERV.si, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enabled and secure form handling, though it lacks some security headers and explicit GDPR compliance mechanisms. Overall, the website is professional and trustworthy, with clear contact information and business legitimacy supported by consistent WHOIS data.

J

Janitos Versicherung AG

janitos.de

59

Janitos Versicherung AG is a German insurance company offering a broad range of insurance products including liability, motor vehicle, accident, dental supplementary, household contents, building, and professional liability insurance. The company targets private individuals, families, seniors, medics, and business customers with smart and competitively priced insurance tariffs. Their market position is that of an established mid-sized insurer with a focus on customer-centric and affordable insurance solutions. The website reflects a professional and consistent brand image with clear navigation and relevant content. Technically, the site uses modern web technologies including Google Analytics, Usercentrics for consent management, and Vue.js components, hosted on a provider associated with the domain's nameservers. The site is mobile optimized and SEO friendly. Security posture is good with HTTPS enforced and consent mechanisms in place, though explicit security policies and incident response information are not publicly disclosed. Overall, the website is trustworthy and compliant with GDPR requirements, with clear contact information and multiple certifications enhancing credibility.

O

Ostfriesische Versicherungsbörse GmbH

ov-boerse.de

43

Ostfriesische Versicherungsbörse GmbH operates as a regional insurance brokerage company in Germany, focusing on providing insurance consulting and brokerage services. The website is built on the concrete5 CMS platform and utilizes modern frontend technologies such as Bootstrap, jQuery, and FontAwesome. The presence of Usercentrics consent management indicates an awareness of GDPR compliance, although explicit privacy and terms of service policies are not found on the site. Security posture is moderate with HTTPS enabled but lacks security headers and detailed security policies. The website content is business-focused, safe for general audiences, and targets German insurance customers and brokers. Overall, the site demonstrates basic digital maturity with room for improvement in privacy transparency and security best practices.

P

Programski atelje A&Z, informacijski inženiring d.o.o.

mojekarte.si

55

Mojekarte.si is a well-established Slovenian online ticketing platform operated by Programski atelje A&Z, informacijski inženiring d.o.o. Founded in 2008, it offers a broad range of ticket sales for cultural, sports, music, and other events, targeting a general audience in Slovenia and neighboring regions. The website supports multiple languages and provides comprehensive event categorization and search capabilities. Technically, the site uses modern web technologies including jQuery, Foundation framework, and various JavaScript libraries, hosted likely via Telekom Slovenije and Cloudflare DNS services. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS, uses basic security headers, and implements cookie consent mechanisms aligned with GDPR requirements. No critical vulnerabilities or exposed sensitive data were detected. Overall, Mojekarte.si demonstrates a mature digital presence with strong business credibility and compliance posture.

H

Hüthig GmbH

elektro.net

61

elektro.net is a professional German-language media portal operated by Hüthig GmbH, focusing on electrical installation, building technology, and renewable energy sectors. It provides industry news, product reports, subscription magazines, newsletters, event information, job listings, and an online shop for technical publications. The website targets professionals and companies within the electrical and building technology industries, positioning itself as a trusted and established information source in Germany. The technical infrastructure employs modern web technologies including Google Tag Manager, Matomo analytics, and Sourcepoint for consent management, ensuring GDPR compliance. The site is mobile-optimized, accessible, and features a well-structured navigation system. Performance is moderate with good SEO and accessibility practices. Security posture is solid with HTTPS enforced and consent mechanisms in place, though explicit security headers and policies are not evident. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data for the domain is a concern but does not detract significantly from the site's legitimacy given the professional content and branding. Overall, elektro.net presents a low-risk profile with strong business credibility and compliance. Strategic recommendations include enhancing security headers, publishing explicit security policies, and improving transparency around domain registration details.

I

interkey

interkey.de

63

Interkey is a German trade association established in 1964, representing security technology specialist shops. The website serves as a professional platform to promote experience, competence, trust, quality, and innovation within the security technology industry. The target audience includes security professionals and businesses operating in this sector. The site is built on WordPress, utilizing the Yoast SEO plugin and FontAwesome icons, indicating a moderate level of digital maturity. The website is accessible, well-structured, and optimized for mobile devices, providing a good user experience. However, it lacks visible privacy and cookie policies, contact information, and security headers, which are critical for compliance and trust. The absence of incident response and security policy information suggests room for improvement in security posture. Overall, the site is professional but would benefit from enhanced security and privacy features to improve trust and compliance.

S

Software & Design Loos

ferienprogramm-online.de

58

Software & Design Loos operates the website www.ferienprogramm-online.de, offering SFP+, a specialized software platform designed to streamline the organization and management of leisure and holiday programs primarily for German municipalities, youth offices, clubs, and schools. The platform supports both online and offline registrations, automated fair allocation of limited spots, and integrated billing with ePayment options. With over 35 years of experience and a growing customer base exceeding 300 clients nationwide, the company holds a strong market position in this niche. The website presents comprehensive product information, customer testimonials, and references, reinforcing its credibility. Technically, the website is built on a modern stack including HTML5, CSS3, Bootstrap, and JavaScript libraries such as Swiper.js and FontAwesome. It is hosted on Strato servers and employs HTTPS with good SSL configuration. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. No major performance issues or broken elements were detected. From a security perspective, the site uses HTTPS and secure forms with GDPR-compliant consent mechanisms. However, it lacks explicit security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were found in the HTML content. Privacy compliance is strong, with a clear privacy and cookie policy. No analytics or tracking scripts were detected, indicating minimal user tracking. Overall, the website is professional, trustworthy, and well-suited for its target audience. The absence of detailed WHOIS registrant information is a minor concern but does not detract significantly from legitimacy. Strategic recommendations include enhancing security headers, publishing incident response and security policies, and considering a security.txt file to improve transparency and trust.

D

DokuMe

dokume.net

48

DokuMe is a German-based service provider specializing in digital transformation and business strategy consulting for companies and sports organizations such as federations, trainers, and clubs. The website presents two main service areas targeting corporate clients and sports entities, emphasizing digitalization strategies. The business appears to be a small-sized entity founded in 2013, with a focused niche market and consistent branding. Technically, the website uses modern frontend technologies including Bootstrap and FontAwesome, and employs Matomo for analytics, indicating some attention to privacy. Hosting is provided by Cronon GmbH, a reputable German hosting provider. Security posture is basic with HTTPS enabled but lacking advanced security headers and DNSSEC. Privacy and cookie policies are absent, which impacts compliance. Contact information is minimal, limited to a single email address, with no phone or physical address details. Overall, the website is professional and safe, but could improve in privacy compliance and security best practices.

M

Media Pioneer

mediapioneer.com

69

Media Pioneer is a German media company founded by Gabor Steingart, focusing on independent journalism with a strong digital presence including podcasts and newsletters. The company operates a modern WordPress-based website with professional design and SEO optimization, targeting a German-speaking audience interested in politics and economics. The business model includes reader shareholding and subscription-based offerings, positioning Media Pioneer as a leading independent media outlet in Germany. Technically, the website uses a mature stack with popular plugins and frameworks, hosted likely via GoDaddy, and integrates Google Tag Manager for analytics. Security posture is good with HTTPS enforced, though some security headers and policies could be improved. Privacy compliance is well addressed with cookie consent and a comprehensive privacy policy. Overall, the website is trustworthy, professional, and content-rich, with no signs of malicious activity or content safety concerns.

O

Olimpijski komite Slovenije - Združenje športnih zvez (OKS-ZŠZ)

danslosporta.si

43

The website 'Dan slovenskega športa' serves as an official platform promoting the Day of Slovenian Sport, a national event established to encourage physical activity and celebrate sports culture in Slovenia. It is supported by the Olympic Committee of Slovenia and targets the general Slovenian public. The site provides historical context, event details, and sports recommendations for various demographic groups. Technically, the site is built on WordPress using Elementor and related plugins, delivering a good user experience with moderate performance and mobile optimization. Security posture is adequate with HTTPS enforced and a cookie consent banner present, but lacks advanced security headers and a privacy policy. No contact information or incident response details are provided, which limits user trust and compliance. Overall, the domain registration is consistent and transparent, supporting the site's legitimacy.

Universal LTD is a Latvian-based manufacturer specializing in buses and special vehicles, with over 32 years of experience. The company serves a diverse clientele including bus fleets, passenger carriers, tourism entrepreneurs, sports organizations, and government institutions. Their business model focuses on manufacturing, exporting seats and vehicle parts, and providing tailored solutions with 24/7 customer support. The company holds reputable certifications such as ISO 9001 and Mercedes-Benz Van Partner status, reinforcing its market credibility. Technically, the website is built on the Odoo CMS platform, utilizing modern web technologies like Bootstrap and FontAwesome. The site is moderately optimized for performance and mobile devices, with a clear navigation structure and professional design. However, accessibility and SEO optimizations are basic and could be improved. From a security perspective, the site uses HTTPS and includes CSRF tokens, but lacks explicit security headers and incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is basic, with privacy and cookie policies present but no explicit consent mechanisms or GDPR details. Contact information is clearly provided, enhancing business credibility. Overall, the website presents a professional and trustworthy image with a solid business foundation. Strategic improvements in security headers, privacy compliance, and accessibility would enhance its security posture and user trust.

E

European Avalanche Warning Services (EAWS)

avalanches.org

59

The European Avalanche Warning Services (EAWS) website serves as a cooperative platform for national and regional avalanche warning agencies across Europe. It provides standardized avalanche danger scales, educational resources, fatality statistics, and organizes conferences to enhance avalanche safety. The site targets professionals in avalanche forecasting as well as the general public interested in avalanche risk awareness. Technically, the website is built on WordPress with a modern JavaScript stack including jQuery, FontAwesome, and various UI libraries, delivering a good user experience with responsive design and clear navigation. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and cookie consent mechanisms suggests room for improvement. WHOIS data is unavailable due to privacy protection, which is justified for this non-profit entity. Overall, the site is trustworthy, professional, and well-maintained, supporting its mission effectively.

K

Ketterer Drives

ketterer-drives.nl

55

Ketterer Drives is a specialized Dutch company offering innovative, customized drive technology solutions for various industrial sectors. The website positions the company as a specialist in the field of 'aandrijftechniek' (drive technology), targeting businesses requiring tailored drive systems. The digital infrastructure is built on WordPress with the Divi theme, enhanced by SEO and analytics tools such as Yoast SEO, Microsoft Clarity, and Google Tag Manager, indicating a moderate level of digital maturity. Security posture is solid with HTTPS and DNSSEC enabled, though there is room for improvement in security headers and formal security policies. Privacy compliance is partially addressed through a cookie consent mechanism but lacks a formal privacy policy and terms of service. Overall, the website is professional and trustworthy but could benefit from enhanced transparency and security documentation.

E

EGT Energy Solutions GmbH

egt-energysolutions.de

71

EGT Energy Solutions GmbH is a medium-sized German company specializing in integrated energy solutions, including photovoltaics, energy storage, heat pumps, e-mobility charging infrastructure, and energy consulting. As part of the EGT Group, it serves as a key player in the sector-crossing digitalization of the energy transition, targeting both private and commercial customers. The website reflects a professional and consistent brand image with clear service offerings and contact channels. Technically, the site is built on TYPO3 CMS, hosted on AWS infrastructure, and employs modern web technologies such as Google Tag Manager and Cookiebot for analytics and consent management. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Privacy compliance is well addressed with a comprehensive cookie policy and GDPR-aligned consent mechanisms. Overall, the site is trustworthy, well-structured, and serves its business purpose effectively.

B

Behinderten- und Rehabilitationssportverband Hamburg e.V.

brs-hamburg.de

60

Behinderten- und Rehabilitationssportverband Hamburg e.V. (BRS Hamburg) is a regional non-profit sports association dedicated to promoting disabled and rehabilitation sports in Hamburg, Germany. The website serves as an information hub for athletes, clubs, medical professionals, and interested parties, offering news, sports offers, training, and educational resources. It maintains a clear market position as a specialized organization in the non-profit sports sector focused on accessibility and inclusion. The site provides comprehensive contact options and maintains active communication channels including newsletters and social media.

R

Rough Water& GmbH

dsv-swimandmore.de

51

Swim+More is a specialized German media platform operated by Rough Water& GmbH, focusing on aquatic sports including swimming, water polo, synchronized swimming, and diving. The site provides news, event coverage, training tips, and athlete profiles targeting the German aquatic sports community. It maintains partnerships with recognized brands and the German Swimming Federation (DSV), enhancing its credibility and market position within the niche sports media sector. The business model includes subscription-based premium content and advertising revenue streams.

C

ColorDruck Solutions

pmg.de

56

ColorDruck Solutions is a well-established German printing company specializing in high-quality sheet-fed and digital printing services. With a history dating back to 1996 and being part of the Print Media Group GmbH, the company serves industrial clients, publishers, and associations with a comprehensive portfolio including printing, finishing, logistics, and fulfillment. The website reflects a professional and modern digital presence built on WordPress, featuring strong branding and clear communication of services and contact channels. Technically, the site uses contemporary web technologies and complies with GDPR and cookie consent requirements, although some security best practices like DNSSEC and security headers could be improved. Overall, the security posture is good but could benefit from enhanced policies and incident response transparency. The domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

Quality Council of India (QCI) is a well-established autonomous national body founded in 1996 under the Ministry of Commerce and Industry, Government of India. It operates as a public-private partnership with key industry associations to promote quality standards, accreditation, and certification across various sectors in India. The organization holds a strong market position as the authoritative accreditation body with multiple specialized boards and divisions. The website reflects a professional and consistent brand image targeting government entities, industry stakeholders, and quality professionals. Key services include accreditations, certifications, training, and quality promotion initiatives.

pen.sec AG is a German-based IT security company specializing in penetration testing, cyber security consulting, and related services. With over 20 years of experience, the company positions itself as a full-service partner for businesses seeking to protect their digital assets. Their market position is strengthened by memberships in recognized cybersecurity clusters such as the Allianz für Cybersicherheit and IT-Sicherheitscluster e.V. The website presents a professional image with detailed service offerings and customer testimonials, targeting primarily German enterprises concerned with IT security risks. Technically, the website is built on WordPress using Elementor and several modern plugins for SEO and cookie management. The site is well-optimized for SEO and mobile devices, with good performance and accessibility features. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers are not explicitly detected. Privacy compliance is partial, with a cookie consent mechanism but no explicit privacy policy or terms of service pages. Overall, the security posture is solid, with strengths in penetration testing and incident response services. The lack of explicit privacy and vulnerability disclosure policies are areas for improvement. The domain WHOIS data aligns with the business claims, showing no suspicious patterns. The site is safe for general audiences and free from adult or questionable content.

P

Projekt 29 GmbH & Co. KG

projekt29.de

62

Projekt 29 GmbH & Co. KG is a well-established German full-service provider specializing in data protection, information security, and compliance consulting and solutions. Founded in 1996 and headquartered in Regensburg, the company serves over 4500 customers across various industries, offering services such as external data protection officers, IT compliance, ISO 27001 and TISAX certification support, and e-learning platforms. Their market position is strengthened by memberships in key industry associations and certifications, positioning them as a trusted partner for businesses seeking regulatory compliance and security assurance. Technically, the website is built on a modern WordPress CMS with professional design, responsive layout, and integration of relevant plugins and tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements in security headers and incident response transparency are recommended. Overall, Projekt 29 demonstrates a strong commitment to privacy compliance and business credibility, making it a reliable service provider in its domain.

V

VISTEC Internet Service GmbH

vistec.net

46

VISTEC Internet Service GmbH is a well-established German internet service provider based in Wiesbaden, with over 25 years of experience. The company offers a broad range of services including internet access, IT service, server housing, data backup, security solutions, telephony, and web hosting. Their business model focuses on providing reliable and secure internet and IT infrastructure services primarily to business customers, emphasizing close customer relationships. The website is professionally designed using WordPress and Elementor, optimized for mobile devices, and includes SEO best practices. Technically, the site uses modern web technologies but lacks some advanced security configurations such as DNSSEC and security headers. The security posture is adequate with HTTPS enabled and domain transfer protections in place, but there is room for improvement in publishing security policies and incident response information. Overall, the domain is legitimate, consistent with the business claims, and the website content is safe and professional.

C

Consensus Shipyard

ipc.space

66

Interplanetary Consensus (IPC) is a blockchain scaling framework designed to enable horizontal scalability through hierarchical subnets and customizable consensus algorithms. The website serves as a comprehensive technical documentation portal targeting developers and organizations building decentralized applications that require scalable and performant blockchain infrastructure. The platform leverages modern web technologies such as React, Next.js, and GitBook, ensuring a fast, mobile-optimized, and accessible user experience. Security practices are robust with HTTPS enforcement and standard security headers, although explicit security policies and incident response contacts are not published. Privacy compliance is basic with cookie consent and a privacy policy present. Overall, the website reflects a technically mature and trustworthy project with room for improvement in business transparency and security disclosures.

Welcome Center Schwarzwald-Baar-Heuberg is a regional service organization focused on supporting international skilled workers and local companies in the Schwarzwald-Baar-Heuberg region of Germany. The center offers multilingual consulting, seminars, and assistance with recruitment and integration of foreign professionals. It operates under the auspices of regional economic development and the local Chamber of Industry and Commerce, supported by the Baden-Württemberg Ministry of Economy, Labor, and Tourism. The website reflects a professional and consistent brand presence with clear contact channels and active social media engagement. Technically, the website is built on WordPress using modern plugins such as WPML for multilingual support, Contact Form 7 for forms, and Bootstrap for responsive design. It employs hCaptcha for bot protection and Fathom Analytics for privacy-focused visitor tracking. The site is moderately performant and mobile-optimized, though accessibility features are basic. SEO is present but could be enhanced with more comprehensive metadata and structured data. From a security perspective, the site uses HTTPS and implements CAPTCHA on forms, but lacks visible security headers and explicit security or privacy policies. No vulnerability disclosure or incident response information is provided. The WHOIS data is consistent with the website's regional and organizational claims, indicating legitimacy. No suspicious patterns or privacy protection in WHOIS are noted. Overall, the website is trustworthy and professionally maintained but would benefit from improved privacy compliance documentation and enhanced security headers to strengthen its security posture and user trust.

S

Stadt Frankfurt am Main

stadt-frankfurt.de

54

The website frankfurt.de serves as the official city portal for Frankfurt am Main, providing comprehensive information and services related to municipal administration, citizen services, cultural events, and city politics. It targets residents, visitors, and businesses in Frankfurt, offering multilingual support and extensive navigation to various city departments and services. The portal positions itself as a trusted government resource with a large-scale digital presence and active social media engagement. Technically, the site employs modern web technologies including Bootstrap utilities, FontAwesome icons, media players, and translation scripts, ensuring good mobile optimization and accessibility. The site loads with moderate performance and includes SEO-friendly metadata and Open Graph tags, enhancing discoverability and social sharing. From a security perspective, the site enforces HTTPS and uses secure libraries, but lacks visible security headers and published security or incident response policies. No vulnerability disclosure or security.txt files were found. Privacy and cookie policies are not evident, which is a compliance gap. Contact information such as emails and phone numbers are not explicitly presented, limiting direct communication channels. Overall, the site is a professional and trustworthy government portal with good content quality and technical implementation. However, it would benefit from enhanced privacy compliance, explicit security policies, and clearer contact information to improve user trust and regulatory adherence.

S

Seeberger Professional GmbH

seeberger-b2b-shop.de

51

Seeberger Professional GmbH operates a B2B e-commerce platform targeting business customers in the food retail sector in Germany. The website serves as a login portal for customers to access ordering services. The business is positioned as a medium-sized regional player with a focus on professional clients. The platform is built on legacy ASP.NET Web Forms technology with basic mobile optimization and moderate performance. Security measures include standard ASP.NET anti-CSRF tokens and POST-based login forms, but lack modern security headers and bot protections. Privacy compliance is supported by a comprehensive privacy policy, though cookie consent mechanisms are absent. Overall, the site demonstrates moderate business credibility but could benefit from technical modernization and enhanced security practices.

D

Domains By Proxy, LLC

bnncollege.org

48

BNN College is a small-scale media and news website providing latest news and updates primarily in categories such as automobile, journal, and general news. The website operates on a WordPress CMS platform with a moderate technical infrastructure including common plugins like Yoast SEO and uses Cloudflare for DNS services. The site is well-branded with consistent design and regularly updated content authored by identified contributors. Security posture is adequate with HTTPS enabled and domain status locks in place, but lacks advanced DNS security features like DNSSEC and does not publish detailed security or incident response policies. Privacy compliance is basic with a privacy policy and terms of service present but no cookie consent mechanism or GDPR-specific indicators. Advertising is managed via Google Adsense and tracking is performed by TrackTheTech, indicating moderate user tracking. Overall, the website is functional, moderately secure, and credible but could improve privacy and security transparency.

R

Rough Water& GmbH

roughwaterand.com

46

Rough Water& GmbH is a German startup specializing in modern sports management with a focus on water sports. The company acts as an innovation driver and spokesperson for the German Swimming Federation, organizing national and international events and providing services in digitalization, marketing, communication, and consulting. Their website is professionally designed, mobile-optimized, and provides clear contact information, reflecting a credible and focused business entity. Technically, the site is built on WordPress with modern frameworks and plugins, hosted likely on a German hosting provider. Security posture is adequate with HTTPS enabled and domain transfer protection, though improvements like DNSSEC and security headers are recommended. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy, but terms of service and incident response information are missing. Overall, the website presents a trustworthy and professional image suitable for its niche market.

B

BNN College

borl.in

48

BNN College operates as a niche news and updates website primarily focused on social benefits, government policies, and financial relief programs across multiple countries. The website is built on WordPress and employs modern web technologies including Yoast SEO, jQuery, and Cloudflare DNS services. The content is regularly updated and professionally presented, targeting a general audience interested in financial and governmental news. The business model relies on content publishing and advertising revenue, with Google Adsense integrated for monetization. Technically, the website demonstrates a moderate level of digital maturity with good mobile optimization and SEO practices. The use of HTTPS and reputable hosting and DNS providers contributes to a solid technical foundation. However, the absence of DNSSEC and security headers indicates room for improvement in security hardening. Privacy compliance is weak due to missing privacy and cookie policies, which poses a risk for regulatory adherence. From a security perspective, the site benefits from HTTPS and domain registration protections but lacks explicit security policies and incident response information. No critical vulnerabilities or suspicious patterns were detected, and the domain age supports legitimacy. Overall, the website presents a moderate security posture with recommendations to enhance privacy compliance and security best practices. Strategically, BNN College should prioritize implementing comprehensive privacy and cookie policies, enable DNSSEC, and adopt security headers to improve trust and compliance. Enhancing transparency around security and incident response will further strengthen its credibility and user confidence.

B

Bharat PetroResources Limited

bharatpetroresources.in

52

Bharat PetroResources Limited (BPRL) is a medium-sized Indian energy company specializing in upstream oil and gas exploration and production. As a wholly owned subsidiary of Bharat Petroleum Corporation Limited, BPRL plays a strategic role in securing crude supply and expanding the parent company's portfolio. The website reflects a professional corporate presence with relevant content targeting industry stakeholders, investors, and partners. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and GSAP, and is built on ASP.NET Web Forms, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and secure form tokens, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR indicators. Overall, the site is trustworthy and well-maintained, with room for improvement in security and privacy transparency.

R

Rough Water& GmbH

germanaquatics.de

51

Swim+More is a specialized German media platform operated by Rough Water& GmbH, focusing on aquatic sports including swimming, water polo, synchronized swimming, and diving. The website offers news, event coverage, training tips, and athlete profiles targeting German-speaking aquatic sports enthusiasts and professionals. It operates a subscription model alongside advertising partnerships with recognized brands such as DSV, Speedo, and Aquafeel. Technically, the site is built on WordPress with WooCommerce for subscription management, enhanced by modern frameworks like Foundation and various JavaScript libraries. SEO is well-implemented using Yoast SEO Premium, and GDPR compliance is addressed through Borlabs Cookie consent management. Security posture is solid with HTTPS enforced and no critical vulnerabilities detected, though some security headers could be improved. No WAF or blocking mechanisms interfere with content accessibility. Overall, the site presents a professional, trustworthy, and user-friendly experience with moderate user tracking primarily via Google Analytics and Tag Manager.

I

Startseite

idm2025.de

50

The website idm2025.de serves as the official platform for the Internationale Deutsche Meisterschaften Deutsche Jugend- und Junioren-Meisterschaften im Freiwasserschwimmen 2025 held in Rostock, Germany. It provides comprehensive event-related information including schedules, results, downloadable official documents, and greetings from relevant officials. The target audience primarily consists of athletes, officials, organizers, and swimming enthusiasts interested in the event. The business model is focused on event information dissemination and participant support within a niche sports domain. Technically, the website is built on the Joomla CMS platform, utilizing standard Joomla scripts and FontAwesome for icons. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO features. Hosting appears to be via German providers consistent with the event's location. No advanced analytics or tracking tools are detected, indicating a minimal data collection approach. From a security perspective, the site uses HTTPS but lacks important security headers such as Content-Security-Policy and Strict-Transport-Security. There is no visible cookie consent mechanism, which is a GDPR compliance gap given the site's European audience. No incident response or security policy information is published, and no contact emails or phone numbers are provided on the main pages. These factors suggest a moderate security posture with room for improvement. Overall, the website is functional and professional for its purpose but would benefit from enhanced security practices, privacy compliance improvements, and clearer contact information to increase trust and compliance with European regulations.

V

vhs Landkreis Gießen

vhs-kreis-giessen.de

53

vhs Landkreis Gießen is a regional adult education institution providing a broad range of local and digital educational offerings to residents of Landkreis Gießen, Germany. The website clearly communicates its mission and services, targeting learners interested in accessible and community-based education. The organization maintains a professional online presence with consistent branding and active social media channels. Technically, the site is built on WordPress using Elementor and Bootstrap, ensuring responsive design and moderate performance. SEO and metadata are well implemented, enhancing discoverability. Security posture is solid with HTTPS enforced and GDPR-compliant cookie consent mechanisms in place, though formal security policies and incident response contacts are not published. Overall, the site is trustworthy, well-maintained, and suitable for its educational purpose.

C

Comoedienhaus Wilhelmsbad

comoedienhaus.de

62

Comoedienhaus Wilhelmsbad is a cultural event venue located in Hanau, Germany, offering events in a baroque ambiance. The website is built on WordPress using popular plugins such as Modern Events Calendar Lite and Borlabs Cookie for cookie consent management. The site demonstrates a good level of technical maturity with HTTPS enabled and a responsive design optimized for mobile devices. However, it lacks explicit privacy policy and terms of service pages, which are important for GDPR compliance and user trust. Security posture is moderate with HTTPS but missing security headers and incident response information. Overall, the site is functional and professional but could improve in privacy and security transparency.

vhs Hanau is a public adult education institution serving the city of Hanau, Germany. It offers a wide range of educational courses across categories such as languages, culture, health, career development, and basic education. The website is built on TYPO3 CMS with a modern frontend framework, providing a good user experience and clear navigation for its target audience of adult learners and community members. The institution is well-positioned locally with affiliations to regional and national Volkshochschule associations, enhancing its credibility and trustworthiness. Technically, the site uses standard web technologies and is mobile optimized, though performance is moderate. Security posture is average with no visible advanced security headers or incident response contacts, and privacy compliance is weak due to missing policies. Overall, the website is professional and trustworthy but would benefit from enhanced security and privacy transparency.

M

Magistrat der Stadt Hanau

festspiele-hanau.de

59

The Brüder Grimm Festspiele Hanau website represents a well-established cultural event organized by the Magistrat der Stadt Hanau. It provides comprehensive information about the 41st festival season, including detailed event schedules, ticketing options, workshops, and partner acknowledgments. The site targets families, schools, and cultural enthusiasts, positioning itself as a key regional cultural event with strong local government and sponsor support. Technically, the website employs a modern tech stack including Bootstrap, jQuery, and Matomo analytics, hosted likely under the city’s infrastructure, ensuring a moderate to good performance and mobile optimization. Security posture is solid with HTTPS and privacy-respecting analytics, though some security headers are not explicitly detected. Privacy compliance is strong with clear privacy and cookie policies, and GDPR adherence is evident. Overall, the site is professional, trustworthy, and user-friendly, with no signs of malicious content or security risks.

M

monta Klebebandwerk GmbH

monta.de

49

Monta Klebebandwerk GmbH operates as a manufacturer and supplier of adhesive tapes tailored for various industrial and packaging applications. The company targets a B2B audience including industry users, packaging specialists, printers, converters, and packaging machine manufacturers. Their website reflects a medium-sized enterprise with a focus on sustainability and product innovation, offering tools like a product finder and detailed technical information. The multilingual site supports German, English, French, Spanish, and Italian, indicating a European market focus. Technically, the website employs modern JavaScript libraries, Cookiebot for consent management, and Google Analytics for tracking, demonstrating a moderate level of digital maturity. Security posture is adequate with HTTPS and consent-based tracking, but lacks advanced security headers and explicit security policies. Privacy compliance is supported by a comprehensive cookie consent mechanism, though a formal privacy policy page was not detected in the provided content. Overall, the site is professional, trustworthy, and well-structured, but could improve transparency and security documentation.

G

gurado GmbH

gurado.de

58

gurado GmbH operates a leading voucher system platform tailored for businesses of all sizes, primarily in Germany. Their services include online voucher sales, event ticketing, coupon campaigns, and customer loyalty programs. The company positions itself as a comprehensive SaaS provider enabling businesses to efficiently manage and sell vouchers and related products both online and on-site. The website is professionally designed, content-rich, and targets a broad business audience including retail, hospitality, wellness, and leisure sectors. Technically, the site is built on TYPO3 CMS, hosted on AWS infrastructure, and employs modern web technologies such as Bootstrap, jQuery, and Google Tag Manager, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are not published. Privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms. Overall, the domain registration and hosting details align well with the business claims, indicating legitimacy and trustworthiness.

I

Initiative – Die Stadtretter

die-stadtretter.de

58

The website 'Initiative – Die Stadtretter' serves as a knowledge transfer and collaboration platform primarily targeting municipalities, economic development agencies, and city marketing organizations in Germany. It positions itself as a niche network facilitating exchange of best practices and tools for urban development projects. The site is built on a modern WordPress infrastructure using the Enfold theme and several plugins for events management, user membership, and SEO optimization. Accessibility is a key focus, evidenced by a comprehensive custom accessibility tool integrated into the site. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, though explicit security headers and formal security policies are absent. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy or terms of service pages. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security documentation.

R

Raaberbahn Cargo GmbH

raaberbahncargo.at

51

Raaberbahn Cargo GmbH is a medium-sized, dynamically growing rail freight logistics company operating primarily along the Danube corridor between Austria and Hungary. Founded in 2011 as a wholly owned subsidiary of GYSEV CARGO Zrt., it provides national and international rail freight services, including export-import and combined transport. The company emphasizes efficiency, safety, and quality in its operations and maintains an integrated management system covering these aspects. The website is professionally designed, mobile-optimized, and provides clear business information and social media links, reflecting a mature digital presence. Technically, the site uses modern frontend technologies and integrates Google services for analytics and security, including reCAPTCHA and Tag Manager. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data is unavailable due to NIC.AT restrictions, but the domain appears legitimate and consistent with the business history. Overall, the site presents a trustworthy and professional image suitable for its business sector.

L

LookUs Scientific

kongrem.com

58

Kongrem.com is a website operated by LookUs Scientific, providing GDPR-compliant privacy policy and legal notification solutions tailored for event and congress websites. The site emphasizes privacy, security, and responsive web design to ensure compliance with EU regulations. The business targets event organizers and partners who require legal and privacy infrastructure for their web presence. Technically, the site uses standard web technologies including jQuery, Google Analytics, and Google Tag Manager, hosted behind Cloudflare DNS services, with SSL enabled ensuring secure connections. The website is moderately optimized for mobile and basic in accessibility and SEO. Security posture is adequate with HTTPS and domain transfer protections but lacks advanced security headers and explicit incident response information. No cookie consent mechanism was detected despite cookie usage claims. Overall, the domain is long-established and trustworthy, with no blocking or WAF challenges detected.

D

Domains By Proxy, LLC

apothem.network

50

Apothem.Network serves as the official testnet platform for the XinFin blockchain ecosystem, providing essential services such as network statistics, masternode management, block explorer, and wallet access. The website targets blockchain developers, masternode operators, and users interested in testing and interacting with the XinFin network in a non-production environment. It positions itself as a critical infrastructure component supporting the broader XinFin ecosystem. Technically, the website employs a modern tech stack including Bootstrap, jQuery, and FontAwesome, hosted behind Cloudflare DNS services. The site is moderately optimized for mobile devices and includes Google Analytics for user tracking. However, it lacks advanced SEO and accessibility features and does not implement DNSSEC or security headers, which are recommended for improved security posture. From a security perspective, the site uses HTTPS and domain registration protections such as EPP locks and privacy-protected WHOIS. Nonetheless, the absence of DNSSEC, security headers, and formal privacy or cookie policies indicates room for improvement in compliance and security best practices. No forms or direct contact information are provided, limiting user engagement and transparency. Overall, the website is functional and professional but would benefit from enhanced security measures, privacy compliance, and clearer contact channels to improve trustworthiness and regulatory adherence.

D

Domains By Proxy, LLC

xinfin.network

51

XinFin.Network operates as a blockchain platform providing the XDC MainNet infrastructure, including network statistics, masternode hosting, block explorer, web wallet, and developer APIs. The platform targets blockchain users and developers seeking decentralized finance and enterprise blockchain solutions. The website demonstrates a moderate level of digital maturity with a modern frontend stack using Bootstrap and jQuery, mobile optimization, and integration of Google Analytics for user tracking. Hosting and DNS are managed via reputable providers including Cloudflare and GoDaddy, with domain privacy protection in place. From a security perspective, the site uses HTTPS and enforces domain status locks to prevent unauthorized changes. However, DNSSEC is not enabled, and no security headers were detected in the provided data, indicating room for improvement in hardening the web presence. Privacy and cookie policies are absent, which may impact compliance with GDPR and other privacy regulations. No contact or incident response information is provided, limiting transparency and user trust. Overall, the website is functional and professional but lacks some critical compliance and security features. The domain registration is consistent with legitimate blockchain projects, and the site links to multiple official subdomains and partner resources. The risk level is moderate with recommendations to enhance security posture and privacy compliance to improve trust and regulatory adherence.

E.INFRA GmbH is a medium-sized German company specializing in electrotechnical and communication technology solutions. With over 200 employees and multiple regional offices, the company offers a broad range of services including plant construction, energy and switchgear systems, security technology, network technology, media technology, IoT and sustainability solutions, as well as maintenance and service. Their business model focuses on B2B services targeting organizations requiring complex electrical and communication infrastructure. The website is professionally designed, mobile-optimized, and provides comprehensive information about their offerings and corporate presence. Technically, the website employs modern JavaScript libraries such as jQuery, Bootstrap, and FontAwesome, with client-side validation and cookie consent mechanisms implemented. While the site performs moderately well and is mobile-friendly, there is room for improvement in accessibility and SEO optimization. Security-wise, the site uses HTTPS but lacks explicit security headers like CSP and HSTS, which are recommended to enhance protection. No incident response or vulnerability disclosure information is publicly available. The WHOIS data is unavailable, which reduces transparency and trust slightly; however, the professional presentation, multiple physical locations, and active social media presence support the legitimacy of the business. Privacy compliance is well addressed with a detailed privacy policy and cookie consent banner, indicating adherence to GDPR requirements. Overall, the website presents a trustworthy and professional image with moderate technical maturity and security posture. Strategic improvements in security headers, WHOIS transparency, and accessibility would further strengthen their digital presence and trustworthiness.

The website www.costcopaymentprocessing.ca represents Elavon Canada Company, a large payment processing service provider partnered with Costco Canada. The site offers a range of payment solutions including online, mobile, and in-person payments, with a focus on secure, fast, and reliable transaction processing. The business targets Canadian businesses seeking payment processing services and emphasizes customer satisfaction and operational efficiency. The website is professionally designed, mobile-optimized, and provides clear navigation and contact options including phone numbers and a contact form protected by Google reCAPTCHA. Privacy and cookie policies are present and indicate GDPR compliance. Technically, the site uses Adobe Experience Manager CMS and integrates multiple analytics and marketing tools such as Google Analytics, Google Tag Manager, Invoca, and Tealium. Security posture is strong with HTTPS enforced and secure form handling, though explicit security headers are not detected in the HTML source. WHOIS data is unavailable, suggesting privacy protection or a new domain registration, which slightly impacts trust but is common for this business type. Overall, the website is trustworthy, well-maintained, and aligned with industry standards for payment processing services.

R

Raaberbahn AG

raaberbahn.at

61

Raaberbahn AG is a regional private railway company operating in Austria's Burgenland region with cross-border services. It provides passenger transportation, ticketing, customer service, and network access services. The company is a subsidiary or closely affiliated with GYSEV Zrt., a larger railway operator. The website is professionally designed using TYPO3 CMS and modern web technologies, offering comprehensive information and services to passengers, partners, and job seekers. Privacy and cookie policies are well implemented with user consent mechanisms. Security posture is good with HTTPS and secure forms, though some security headers could be improved. WHOIS data is not publicly available, which slightly reduces transparency but does not detract from the overall legitimacy given the official contact details and business context. Overall, the site is trustworthy, well-maintained, and serves its audience effectively.

G

GYSEV CARGO Zrt.

gysevcargo.hu

71

GYSEV CARGO Zrt. is a medium-sized Hungarian rail freight and logistics company with over 150 years of group experience, offering comprehensive rail, intermodal, and logistics services including warehousing and customs clearance. The company targets freight forwarders, transport operators, and businesses seeking reliable and environmentally friendly transport solutions. The website reflects a professional digital presence with modern technologies such as Google Tag Manager, reCAPTCHA, and a responsive design. Security posture is solid with HTTPS, CSRF protection, and cookie consent mechanisms, though some security headers could be improved. The company demonstrates compliance with GDPR and provides clear contact information and certifications, enhancing trust. Overall, the site is well-structured, content-rich, and trustworthy, supporting the company's market position as a reliable regional freight service provider.