Security Directory

W

WOLFF Werbetechnik

wolff-werbetechnik.de

52

WOLFF Werbetechnik is a small regional business based in Aurich, Germany, specializing in advertising technology services including graphic design, vehicle branding, digital printing, signage, and lighting solutions. The company offers end-to-end services from design through production to installation, targeting businesses and organizations primarily in the Ostfriesland region. Their market position is that of a trusted local specialist with a consistent brand presence and active social media engagement. Technically, the website is built on a modern WordPress platform using the Enfold theme and a suite of well-known plugins such as Yoast SEO and Complianz GDPR for compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices, with structured data implemented for enhanced search engine understanding. Hosting is provided by rzone.de, and the site uses HTTPS with a valid SSL certificate. From a security perspective, the site employs HTTPS, cookie consent mechanisms, and hCaptcha for form protection, indicating a good baseline security posture. However, no explicit security policies or incident response information are published, and security headers are not explicitly detected. No vulnerabilities or exposed sensitive data were found during analysis. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. It provides clear contact information and maintains a good user experience. Strategic recommendations include enhancing security headers, publishing security policies, and adding a vulnerability disclosure mechanism to further strengthen trust and security posture.

T

Tägi AG

taegi.ch

59

Tägi AG operates a regional leisure and sports center in Wettingen, Switzerland, offering year-round facilities including indoor and outdoor swimming pools, an ice rink, mini golf, sauna, and event spaces. The website reflects a well-established business with a clear focus on community recreation and event hosting. Their market position is that of a key local provider of sports and leisure services, targeting general public and sports enthusiasts. Technically, the website is built on WordPress with a modern theme and plugins, including Yoast SEO and Cookiebot for privacy compliance. The site is mobile-optimized and integrates social media channels effectively. Security posture is solid with HTTPS enforced and bot protection via Google reCAPTCHA, though some security headers could be improved. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

P

Palliative Care und Begleitung der Aargauer Landeskirchen

palliative-begleitung.ch

48

Palliative Care und Begleitung der Aargauer Landeskirchen is a non-profit organization providing volunteer-based accompaniment services for seriously ill and dying individuals and their families in the canton of Aargau, Switzerland. The organization also offers educational programs in palliative and spiritual care for both professionals and volunteers. The website is well-structured, professionally designed, and provides clear information about services, events, and educational offerings. Technically, the site is built on WordPress with modern plugins and themes, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS and some security best practices, though additional headers and policies could enhance protection. Privacy compliance is limited, lacking explicit privacy and cookie policies or consent mechanisms. WHOIS data confirms the legitimacy and consistency of the domain registration with the organization's identity. Overall, the website is trustworthy and serves its target audience effectively, but could improve in privacy and security transparency.

B

BTC d.d.

btc.si

48

BTC d.d. is a well-established Slovenian company specializing in real estate management, logistics, and retail operations, notably managing BTC City, one of Europe's largest shopping and business centers. The company targets business partners, tenants, and visitors, offering a broad range of services including property leasing, logistics, and event hosting. The website reflects a mature digital presence with multilingual support and strong SEO practices. Technically, the site is built on WordPress with modern plugins and optimized for performance and mobile use. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, BTC d.d. presents a trustworthy and professional online presence consistent with its business stature.

E

ENERGY PLUS d.o.o.

energyplus.hr

44

ENERGY PLUS d.o.o. is a Croatian company established in 2005 specializing in professional LED lighting, industrial machinery production, and renewable energy solutions such as photovoltaic systems. The company targets industrial and business clients seeking modern lighting and machinery solutions. Their website reflects a stable, small-sized manufacturing business with consistent branding and clear service offerings. Technically, the website is built on WordPress using the Divi theme, with standard libraries like jQuery and MediaElement.js, hosted likely under Croatian infrastructure. The site is moderately performant, mobile-optimized, and accessible at a basic level. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and documented security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is professional and trustworthy but could improve in compliance and security transparency.

K

Koninklijke Staalfederatie

staalfederatie.nl

51

Koninklijke Staalfederatie operates as a professional platform and representative body for steel and metal traders in the Netherlands, focusing on relationship management and knowledge exchange within the manufacturing sector. The website is built on WordPress using the Avada theme and integrates SEO and analytics tools such as Yoast SEO and Google Analytics with privacy features enabled. The technical infrastructure is modern and moderately optimized for performance and mobile use. Security posture is adequate with HTTPS enforced and tracking anonymization, but lacks explicit security headers and published security policies. Privacy compliance is limited due to absence of visible privacy and cookie policies. Overall, the website presents a credible and professional image consistent with its business purpose.

B

BTC d.d.

misijazeleno.si

48

BTC d.d. is a large Slovenian company specializing in sustainable urban development, real estate management, logistics, and innovation ecosystems. The company positions itself as a leader in sustainability with a strong focus on green energy, environmental protection, and social responsibility. Their website reflects a mature digital presence with comprehensive content, professional design, and clear navigation aimed at business partners, visitors, and the local community. Technically, the site is built on WordPress with modern plugins and SEO tools, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and no critical vulnerabilities detected, though some security headers could be improved. Privacy compliance is well addressed with visible cookie consent and privacy policies. Overall, BTC d.d. demonstrates high business credibility and trustworthiness supported by multiple awards and certifications.

Invest Pomurje is a regional development agency focused on promoting foreign direct investment in the Pomurje region of Slovenia. The website highlights the region's strategic location in Central Europe and offers detailed information on business opportunities in sectors such as tourism, sport, renewable energy, advanced agriculture, and metal processing. The agency provides support services to investors and showcases success stories to build credibility. The target audience includes foreign investors and businesses seeking expansion in Central and South-Eastern Europe. Technically, the website is built on WordPress using the Uncode theme and integrates common tools like Yoast SEO, Google Analytics, and Google Maps API. The site is mobile optimized and demonstrates good SEO practices. Security-wise, the site enforces HTTPS and includes a cookie consent mechanism, but lacks explicit security policies or incident response information. No vulnerabilities or suspicious content were detected, and the domain registration is consistent with a legitimate business entity. Overall, the website presents a professional and trustworthy front for regional investment promotion.

D

DÉVELOPPEMENT ÉCONOMIQUE DE LA VILLE DE VANDOEUVRE

vandeco.fr

45

The website www.vandeco.fr serves as the official digital platform for the economic development and employment services of the Ville de Vandœuvre-lès-Nancy, France. It targets local businesses, job seekers, institutions, students, and the general public by providing comprehensive information on business creation, development, employment opportunities, training, and local events. The platform is positioned as a key local government service to foster economic growth and employment within the community. Technically, the site is built on WordPress using Elementor and several popular plugins such as Yoast SEO and Contact Form 7. The infrastructure supports responsive design and basic accessibility features, with moderate performance. The site employs HTTPS with a valid SSL certificate, but lacks advanced security headers and explicit incident response policies. From a security perspective, the site demonstrates good baseline practices including encrypted connections and cookie consent mechanisms compliant with GDPR. However, the absence of security headers and vulnerability disclosure policies suggests room for improvement in security maturity. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site is trustworthy and professional, reflecting its role as a municipal service. The lack of WHOIS data reduces domain registration transparency but does not detract significantly from the site's legitimacy given the official branding and contact information. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility compliance to strengthen trust and resilience.

3

3 LAN, d.o.o. M.Sobota

mikk.si

38

MIKK is a youth information and cultural club based in Murska Sobota, Slovenia, operating since 2007. The organization focuses on providing cultural events and informational services to the local youth and community. The website serves as a digital platform to promote these activities and engage with its audience. Technically, the site is built on WordPress using the Metrolo Premium theme and several common plugins such as Jetpack and EventON Lite, indicating a moderate level of digital maturity. The site is mobile optimized and uses HTTPS, but lacks some advanced security headers and explicit privacy and security policies. Security posture is adequate but could be improved with better header implementation and formalized incident response information. Overall, the site is functional and trustworthy for its community role but would benefit from enhanced privacy compliance and security transparency.

P

PROHELP SERVICES, s.r.o.

komunikacni-systemy.cz

39

PROHELP SERVICES, s.r.o. operates the website komunikacni-systemy.cz, providing wireless full-duplex communication systems tailored for retail, hospitality, manufacturing, and service industries. Their key products, Quail Digital Pro9 and Pro10, target businesses requiring efficient team communication solutions such as quick service restaurants, drive-thru operations, warehouses, and hotels. The company positions itself as a specialist in communication technology within the Czech Republic and surrounding regions, leveraging a B2B business model. Technically, the website is built on WordPress CMS with a modern tech stack including jQuery, FontAwesome, and various plugins for GDPR compliance, customer support, and media embedding. The site is mobile-optimized, accessible, and SEO-friendly, with good performance metrics. HTTPS is enforced, and cookie consent mechanisms are implemented, reflecting a mature digital infrastructure. From a security perspective, the site benefits from HTTPS and cookie consent compliance but lacks visible HTTP security headers and explicit incident response information. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, impacting overall trustworthiness. Overall, the website presents a professional and trustworthy front for PROHELP SERVICES, s.r.o., but the missing WHOIS information and lack of some security best practices suggest areas for improvement to enhance credibility and security posture.

The Landesinnungsverband Elektro- und Informationstechnik Schleswig-Holstein is a regional trade association representing over 800 electrical and information technology companies in Schleswig-Holstein, Germany. The organization focuses on advocacy, member support, training, and standardization within the electrical trade sector. Their website provides comprehensive information about their services, events, and industry news, targeting professionals and apprentices in the electrical industry. Technically, the site is built on the Contao CMS platform and uses modern JavaScript libraries to enhance user experience. The site is well-structured, mobile-optimized, and maintains good SEO practices. Security-wise, the site enforces HTTPS and uses secure forms with CSRF tokens, but lacks advanced HTTP security headers and a public security policy. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism. Overall, the website is professional, trustworthy, and serves its business purpose effectively.

BIOK laboratorija is a Lithuanian cosmetics manufacturing company specializing in natural and innovative cosmetic and oral care products. They manage multiple brands and serve Nordic and European markets with over 250 products. The website is professionally designed, mobile-optimized, and includes comprehensive privacy and cookie policies compliant with GDPR. Technically, the site uses a mix of legacy and modern JavaScript libraries, Google Analytics, and Facebook SDK for marketing and tracking. Security posture is generally good with HTTPS and reCAPTCHA implemented, but lacks explicit security headers and uses an outdated jQuery version. WHOIS data is missing, which raises some concerns about domain registration transparency. Overall, the site is trustworthy and professional but could improve security and domain registration visibility.

TZ Stara Novalja is a local tourism organization dedicated to promoting the town of Stara Novalja on the island of Pag, Croatia. The website serves as a comprehensive portal offering event calendars, local attractions, outdoor activities, and useful information for tourists and property renters. It targets visitors interested in cultural events, outdoor sports, and local hospitality services. The organization appears well-established with a domain registered since 2001 and consistent WHOIS data. Technically, the website is built on WordPress using the Avada theme, leveraging common web technologies such as jQuery and MediaElement.js. It integrates Google Analytics for visitor tracking and implements cookie consent mechanisms. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS, includes standard security headers, and avoids exposing sensitive data. However, it lacks a formal security policy, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is basic, with a privacy notice present but limited GDPR-specific details. Overall, the website is trustworthy and professional, serving its purpose as a tourism information hub effectively. Strategic improvements in privacy compliance, security transparency, and accessibility could further enhance its posture and user trust.

T

Televize Přerov s.r.o.

tvprerov.cz

47

Televize Přerov s.r.o. is a small regional media company based in the Czech Republic, specializing in local news, video reports, and live TV streaming focused on the city of Přerov and its surroundings. The website serves residents and visitors interested in timely local information and event coverage. The business operates primarily as a media content provider with a focus on digital news delivery and community engagement through social media channels. Technically, the website is built on WordPress CMS with a modern plugin ecosystem including Jetpack and TD Composer, ensuring a good level of content management and user experience. The site is mobile optimized and uses HTTPS, but performance is moderate and accessibility features are basic. Security posture is adequate with HTTPS and no exposed sensitive data, but lacks advanced security headers and visible anti-CSRF protections on login forms. Privacy compliance is weak due to the absence of privacy and cookie policies, which poses a compliance risk under GDPR. Overall, the domain registration data is consistent with the business claims, showing a legitimate and established local media presence. Strategic improvements in privacy compliance and security hardening are recommended to enhance trust and regulatory adherence.

C

Comexposium

foiredeparis.fr

66

Foire de Paris is a prominent and historic French trade fair event organized by Comexposium, attracting over 400,000 visitors annually. The website provides comprehensive information about the event, including ticketing, exhibitors, and cultural programming. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and Sitecore CMS, with good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. WHOIS data is unavailable, likely due to privacy protection, but the site shows strong trust signals and professional branding. Overall, the website is well-designed, user-friendly, and trustworthy for its audience.

A

AFS Intercultural Programs

globalup.com

60

The Global Up website represents the AFS Intercultural Programs' Global Competence Certificate (GCC) initiative, a well-established non-profit educational program focused on developing global skills through blended learning. The site is professionally designed, content-rich, and targets students, educators, and professionals worldwide. It leverages modern web technologies including WordPress, Gravity Forms, and Google reCAPTCHA to provide a secure and user-friendly experience. The presence of multiple contact channels, social media integration, and downloadable resources enhances engagement and trust. However, the absence of WHOIS registration data for the domain www.globalup.com raises transparency concerns, although the website content and branding strongly align with the reputable AFS organization. Security posture is solid with HTTPS and CAPTCHA protections, but could be improved by implementing explicit security headers and formal incident response policies. Overall, the website is a credible and valuable resource for global competence education with moderate risk due to domain registration opacity.

Weingut Hauser is a traditional German winery located in Bötzingen am Kaiserstuhl with over 200 years of history. The company specializes in producing and selling a variety of regional wines including Burgunder, Spätburgunder, Müller-Thurgau, Riesling, and Gewürztraminer, as well as pilzwiderstandsfähige (fungus-resistant) grape varieties. Their business model focuses on quality wine production, direct sales, and wine tasting experiences, targeting wine enthusiasts and regional customers. The website reflects a well-established small business with consistent branding and a clear presentation of their offerings. Technically, the website is built on WordPress using the Enfold theme, hosted on Kasserver infrastructure. It employs standard web technologies such as jQuery and MediaElement.js, and includes SEO optimizations and mobile responsiveness. The site uses HTTPS with good SSL configuration and implements a GDPR-compliant cookie consent mechanism. However, there is room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and has implemented cookie consent, but lacks explicit security policies and incident response contacts. No vulnerabilities or exposed sensitive data were detected. The absence of terms of service and security policy pages suggests an opportunity to enhance trust and compliance. Overall, the security posture is solid but could benefit from additional formal documentation and security headers. The overall risk assessment is low, with no signs of malicious activity or blocking mechanisms. Strategic recommendations include publishing a security policy, adding incident response contacts, enhancing security headers, and maintaining up-to-date software. These steps will improve compliance, security posture, and user trust.

VšĮ Respublikinė Panevėžio ligoninė is a well-established public healthcare institution in Lithuania, founded in 2007. It provides a broad range of medical services including consultations, diagnostics, treatment, and rehabilitation, serving patients primarily in the Panevėžys region. The website reflects a professional and comprehensive digital presence with clear navigation, multilingual support, and extensive patient education resources. The institution maintains active communication channels including email, phone, and social media platforms, enhancing accessibility and engagement with its audience. The business model is focused on public healthcare service delivery, supported by government and healthcare partners.

M

Mangold Photovoltaik GmbH

mangold-photovoltaik.de

39

Mangold Photovoltaik GmbH is a German company specializing in photovoltaic solar energy solutions, offering a comprehensive range of products and services including solar modules, inverters, mounting, maintenance, and expert consulting. With over 20 years of experience and TÜV Rheinland certification, the company holds a strong regional market position in Schwäbisch Gmünd, Germany. Their business model focuses on direct sales, installation, and customer education through training courses. Technically, the website is built on custom HTML with JavaScript libraries such as jQuery and Highslide, hosted on kasserver.com. While the site is accessible and content-rich, it lacks advanced security headers and cookie consent mechanisms, which are recommended for improved GDPR compliance and security posture. Overall, the website demonstrates good professionalism and trustworthiness but could benefit from enhanced security and privacy features.

S

Solgal

solgal.ch

46

Solgal is a Swiss company specializing in photovoltaic system installations, targeting residential and commercial customers interested in solar energy solutions. The website is built on WordPress using the Divi theme and includes WooCommerce for e-commerce capabilities. The technical infrastructure is moderate with standard plugins and libraries but lacks advanced performance and accessibility optimizations. Security posture is weak due to the absence of security headers, privacy policies, and incident response information. No contact details or GDPR compliance indicators are present, which may affect user trust and regulatory compliance. Overall, the website provides basic information about the business but requires significant improvements in security, privacy, and user engagement to enhance credibility and compliance.

M

Ministarstvo rada, mirovinskog sustava, obitelji i socijalne politike

mrms.hr

54

The website represents the official online presence of the Croatian Ministry of Labour, Pension System, Family and Social Policy. It serves as a comprehensive information portal for Croatian citizens and stakeholders regarding labor laws, social welfare programs, pension regulations, and family policies. The site is well-positioned as a government resource, providing authoritative content and official communications. The target audience includes citizens, social service users, and public sector employees. Technically, the website employs a traditional web stack with jQuery, Modernizr, and various UI libraries such as Fancybox and Owl Carousel. It uses HTTPS with Google Analytics for visitor tracking, and includes cookie consent mechanisms compliant with GDPR. The site demonstrates good mobile optimization and accessibility features, though some libraries like jQuery are outdated, which could pose security risks. From a security perspective, the site enforces HTTPS and has implemented cookie consent, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is unavailable due to GDPR privacy restrictions, but the domain is a government .gov.hr domain, indicating high legitimacy. Overall, the website is a trustworthy and professional government portal with good content quality and privacy compliance. Strategic improvements include updating technical libraries, enhancing security headers, and publishing security policies to strengthen trust and resilience.

A

AFS Honduras

afs.hn

58

AFS Honduras operates as a local branch of the global AFS Intercultural Programs, providing intercultural exchange opportunities primarily for students, families, and volunteers. The organization is positioned as a reputable non-profit educational entity with a strong focus on cultural exchange, volunteerism, and global citizenship. The website is well-structured, professionally designed, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, it leverages WordPress with modern plugins and CDN hosting, ensuring moderate to good performance and accessibility. Security posture is adequate with HTTPS and reCAPTCHA integration, though some security headers could be improved. Privacy compliance is strong with clear policies and consent mechanisms. However, the WHOIS data is incomplete and shows a prohibited registration status, which is inconsistent with the active website presence and may warrant further investigation. Overall, the site demonstrates a trustworthy and professional front for AFS Honduras with minor technical and registration concerns.

A

AFS

afs.lv

49

AFS Latvia is a non-profit organization focused on providing intercultural learning opportunities through student exchange programs, hosting foreign students, and volunteer engagement. The website positions itself as a trusted platform for Latvian students and families interested in global cultural exchange. The business model revolves around educational and volunteer services, supported by a recognized international parent organization, AFS International. The site demonstrates a solid market position within Latvia's educational non-profit sector, targeting youth, families, and volunteers. Technically, the website is built on WordPress with modern SEO and security practices such as HTTPS and Google reCAPTCHA, ensuring a secure and user-friendly experience. However, there is room for improvement in security headers and incident response transparency. Overall, the site is professional, trustworthy, and well-structured, with clear contact information and social media presence.

A

AFS Intercultural Programs

afs-egypt.org

66

AFS Egypt is a regional branch of AFS Intercultural Programs, a well-established international non-profit organization focused on intercultural learning and global citizenship through study abroad, hosting international students, volunteering, and scholarships. The website demonstrates a mature digital presence with a WordPress CMS, modern web technologies, and integration of multimedia content and social media channels. The site is well-structured, mobile-optimized, and SEO-friendly, providing comprehensive information and resources for students, volunteers, and host families. From a security perspective, the website employs HTTPS, Google reCAPTCHA, and security best practices, although explicit security policies and incident response contacts are not visible. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms aligned with GDPR requirements. The WHOIS data is privacy protected, which is typical for organizations of this nature, and no suspicious patterns were detected. Overall, the website presents a trustworthy and professional image consistent with its educational and non-profit mission. The technical infrastructure is solid, though there is room for improvement in accessibility and explicit security disclosures. The risk profile is low, with no critical vulnerabilities or red flags identified.

F

Fibero G. Rojek, J. Rojek Sp. j.

fibero-textil.com

51

Fibero-Textil is a Polish textile company specializing in high-quality upholstery, curtain, and decorative fabrics for home and office interiors. Established in 2013, the company positions itself as a trend-conscious retailer offering tailored fabric solutions through both physical and online channels, including export services. The website reflects a professional and consistent brand image with clear business and contact information, supported by GDPR-compliant privacy and cookie policies. Technically, the site is built on WordPress with Elementor, leveraging modern web technologies and plugins, delivering a good user experience with mobile optimization and SEO considerations. Security posture is adequate with HTTPS and domain transfer protections, though improvements such as enabling DNSSEC and adding security headers are recommended. No critical vulnerabilities or blocking mechanisms were detected, and the site maintains moderate user tracking with privacy compliance. Overall, Fibero-Textil demonstrates a credible and trustworthy online presence suitable for its business scope.

SONNTAG Wirtschaftsprüfung is a medium-sized professional services firm based in Germany specializing in auditing, tax consulting, legal advice, and related financial services. The company emphasizes a risk-oriented auditing approach aligned with international standards and offers comprehensive consulting services including business valuation, restructuring, and IFRS transition support. Affiliated with the international MOORE network, SONNTAG positions itself as a reliable partner for both local and cross-border clients. The website reflects a professional and consistent brand image with clear service descriptions and contact information. Technically, the site is built on WordPress with modern plugins and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Overall, the site is trustworthy and well-maintained, supporting the company's credible market position.

E

Eduteam – centrum celoživotního vzdělávání z.s.

edugrant.cz

47

EDUgrant is a Czech Republic-based non-profit initiative focused on providing grants and educational support to primary and secondary vocational schools. The website serves as an informational and application portal for schools seeking funding and resources to modernize education. The organization partners with reputable foundations such as The Velux Foundations, enhancing its credibility and outreach. The business model centers on grant distribution and educational seminars, targeting educational institutions within the Czech market. The website content is well-structured, professionally designed, and clearly communicates its mission and services to its target audience. Technically, the website is built on WordPress using Oxygen Builder and several plugins like Toolset Views. It employs modern web technologies including jQuery and MediaElement.js for media handling. The site is hosted likely by Kraxnet, consistent with the domain registrar information. Performance is moderate with good mobile optimization and basic accessibility features. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers such as Content-Security-Policy and X-Frame-Options. There is no published security policy or incident response contact, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is weak due to the absence of privacy and cookie policies, which could pose regulatory risks under GDPR. Overall, EDUgrant presents a trustworthy and professional online presence with a clear educational mission. To enhance its security posture and compliance, it should implement security headers, publish privacy and cookie policies, and provide incident response information. These improvements will strengthen user trust and regulatory adherence while maintaining its positive market position.

S

Siegerland-Flughafen GmbH

siegerland-airport.de

47

Siegerland-Flughafen GmbH operates a regional airport in Germany, providing aviation services including pilot training, charter flights, business facilities, and community engagement. The website targets pilots, business partners, and local travelers, positioning itself as a key regional transportation hub. The digital infrastructure is built on WordPress with modern plugins and themes, offering a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking a dedicated security policy or incident response information. Overall, the site is professional, trustworthy, and compliant with GDPR regulations.

F

Fundacja Instytut Praw Pacjenta i Edukacji Zdrowotnej

fop2024.pl

44

The website represents the XVIII Forum Organizacji Pacjentów (Patient Organizations Forum) 2024, a significant non-profit conference in Poland focused on patient advocacy and healthcare system challenges. Organized by the Fundacja Instytut Praw Pacjenta i Edukacji Zdrowotnej, it targets patient organizations and healthcare stakeholders, providing a platform for dialogue, education, and recognition of contributions in healthcare. The site is professionally designed using WordPress and the Divi theme, with multilingual support and integration of modern web technologies. Security posture is adequate with HTTPS enabled, but lacks some advanced security headers and cookie consent mechanisms. WHOIS data confirms the domain is recently registered, aligning with the event timeline, and shows no suspicious indicators. Overall, the website is credible, well-structured, and serves its business purpose effectively.

A

Interreg ADRION Programme – Interreg ADRION Transnational Adriatic-Ionian Cooperation Programme EU

adrioninterreg.eu

8

The website represents the Interreg ADRION Programme, an EU-funded transnational cooperation initiative focused on the Adriatic-Ionian region. It serves as an informational portal providing resources, news, and project documentation to stakeholders and public sector entities involved in regional cooperation. The site is built on WordPress using the Enfold theme and includes standard web technologies such as jQuery and Google Fonts. The technical infrastructure is moderate in performance and mobile optimized, but lacks advanced security headers and privacy compliance features. No WHOIS registrant data is publicly available due to EURid's privacy policies for .eu domains, which limits domain trust analysis. Overall, the site appears legitimate and safe but would benefit from enhanced security and privacy practices.

S

Stiftung Kunststätte Johann und Jutta Bossard

bossard.de

46

Museum Kunststätte Bossard is a small non-profit cultural institution in Germany dedicated to preserving and showcasing the artistic legacy of Johann and Jutta Bossard. The website provides detailed information about exhibitions, guided tours, and visitor services, targeting art enthusiasts and the general public. The museum operates with a clear cultural mission and maintains a consistent brand presence online. Technically, the website uses a traditional CMS (Contao) with common JavaScript libraries and moderate performance and mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professionally maintained, though improvements in security and privacy transparency are recommended.

F

Fachstelle für Statistik Kanton St. Gallen

statistik-bodensee.org

10

The website statistik-bodensee.org serves as an official regional statistics platform for the Lake Constance Region, providing comprehensive data on land use, population, employment, economy, and tourism. It is supported by governmental institutions, notably the Fachstelle für Statistik Kanton St. Gallen, and targets researchers, policymakers, and the public interested in regional statistics. The platform is multilingual and uses a professional CMS (Contao) with modern frontend technologies to deliver a good user experience. Technically, the site employs a range of JavaScript libraries and frameworks including jQuery, Bootstrap, and others, ensuring moderate performance and good mobile optimization. However, some technical improvements are possible, such as enabling DNSSEC and adding security headers to enhance security posture. The site uses HTTPS but lacks advanced security policies and incident response information. From a security perspective, the website shows a moderate security maturity level with HTTPS enabled and domain transfer protection in place. However, the absence of DNSSEC, security headers, and comprehensive privacy and cookie policies indicates room for improvement. The newsletter form collects user emails but has minimal anti-spam protection. Overall, the site is trustworthy and professional but could benefit from enhanced security and privacy compliance measures. Strategically, the website is well-positioned as a niche governmental statistics resource with consistent branding and clear contact information. To improve, it should implement stronger privacy and security controls, publish security policies, and consider cookie consent mechanisms to align with GDPR requirements and enhance user trust.

S

Sonntag & Partner Partnerschaftsgesellschaft mbB

sonntag-karriere.de

57

Sonntag & Partner Partnerschaftsgesellschaft mbB is a well-established professional services firm in Germany specializing in auditing, tax consulting, legal advice, and economic consulting. The website focuses on career opportunities, emphasizing personal development, team collaboration, and flexible working conditions. The company has a strong regional presence with over 45 years of experience and maintains a consistent brand image across its digital assets. Technically, the website is built on WordPress with modern JavaScript libraries and includes a cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the site is professional, user-friendly, and trustworthy, targeting job seekers in finance and legal sectors.

Sonntag & Partner Partnerschaftsgesellschaft mbB operates as a specialized IT consulting and software development firm based in Augsburg, Germany. The company focuses on delivering tailored solutions in digital transformation, IT compliance, process management, and project management. Their market position is that of a boutique consultancy with a strong emphasis on compliance and innovative technologies such as AI and low-code development. The website reflects a professional and consistent brand image targeting business clients seeking expert IT services. Technically, the website is built on WordPress with modern plugins and libraries, including jQuery and Borlabs Cookie for consent management. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features could be enhanced. Performance is moderate, with no critical errors or broken elements detected. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, explicit security headers are not detected in the HTML content, and no dedicated security policy or incident response contacts are provided. No vulnerabilities or exposed sensitive data were found, indicating a solid baseline security posture. Overall, Sonntag IT Solutions presents a trustworthy and professional online presence with strong compliance and business credibility. Strategic improvements in security headers and incident response transparency would further enhance their security posture and client trust.

B

Breath:Sun:Bone:Blood

breathsunboneblood.com

46

Breath:Sun:Bone:Blood is a small independent music label based in Berlin, specializing in niche genres such as dark ambient, experimental, modern composition, black metal, and folk music. The website serves as a platform to showcase their releases, artists, and news, targeting music enthusiasts interested in these genres. The business model revolves around music distribution and artist promotion, with a presence on Bandcamp for direct music sales and streaming. Technically, the website is built on WordPress using the Enfold theme and several common plugins including LayerSlider and MediaElement.js. The site is moderately performant, mobile-optimized, and SEO-friendly with proper meta tags and structured data. Hosting and domain registration are consistent with the business location in Germany, using RegistryGate GmbH as the registrar. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks DNSSEC and explicit security headers, which are recommended to enhance security posture. No critical vulnerabilities or exposed sensitive data were detected. Privacy policies are present and written in German, reflecting compliance with EU regulations. Overall, the website is professional, trustworthy, and safe for general audiences. The main areas for improvement include adding explicit contact information, security policies, and enhancing DNS and HTTP security configurations to strengthen trust and resilience against attacks.

D

DIGITALNI SVEMIR, računalalno programiranje

digitalnisvemir.hr

10

DIGITALNI SVEMIR is a Croatian small technology service provider specializing in web design, mobile application development, ecommerce solutions, and IT maintenance. Founded in 2015, the company serves a variety of clients primarily in Croatia, including cultural institutions and businesses. Their website showcases a professional portfolio and clear contact information, reflecting a credible and established presence in the local market. Technically, the website is built on WordPress with Elementor and the Bridge theme, indicating a modern and maintainable infrastructure. The site is mobile optimized and SEO friendly, though some accessibility features could be improved. Security posture is good with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and formal security policies. Overall, the website is trustworthy and professional, though it would benefit from adding privacy and terms of service pages to improve compliance and user trust.

KARLINSKI is a small, self-employed graphic design business based in Mecklenburg, Germany, offering a range of creative services including logo design, corporate identity, print and web design, and production support. The website serves as a professional portfolio and contact point, targeting local businesses, cultural institutions, and agencies. The technical infrastructure is based on WordPress with common plugins for SEO and contact forms, hosted on kasserver.com. While the site is functional and well-structured with good content quality and GDPR-compliant privacy and cookie policies, it uses outdated WordPress and plugin versions, which pose potential security risks. No advanced security policies or incident response mechanisms are evident. Overall, the site is trustworthy and professional but would benefit from technical updates and enhanced security measures.

N

NielsenIQ

etilize.com

76

NielsenIQ is a global enterprise specializing in technology product content solutions, leveraging Brandbank's extensive product data to enhance product discoverability and sales for business clients. The website demonstrates a mature digital presence built on WordPress with modern SEO and analytics integrations, reflecting a strong technical infrastructure. Security posture is robust with HTTPS and CSP headers, though DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is partially addressed via cookie consent but lacks visible privacy and terms policies on the landing page. Overall, the site is professional, trustworthy, and well-positioned in the technology sector.

M

Ministarstvo gospodarstva

mingo.hr

55

The website represents the official online presence of the Ministry of Economy of the Republic of Croatia, serving as a central hub for disseminating information related to economic policies, energy approvals, public procurement, and consumer protection. It targets citizens, businesses, and government officials, providing access to news, documents, e-services, and public calls. The site is well-branded with consistent government identity and links to related official portals, reinforcing its authoritative position within the Croatian government ecosystem. From a technical perspective, the website employs a traditional tech stack including jQuery, Modernizr, and various UI libraries, alongside Google Analytics for visitor tracking. The site is mobile-optimized and accessible, with a cookie consent mechanism that aligns with GDPR requirements. However, some JavaScript libraries are outdated, which could pose security risks if not regularly updated. Security-wise, the site enforces HTTPS and implements cookie consent, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data confirms the domain's legitimacy as a government entity with consistent registration details. Overall, the website is a trustworthy and professional government portal with good content quality and privacy compliance. Strategic improvements include enhancing security headers, updating legacy scripts, and publishing explicit security and incident response policies to strengthen the security posture and user trust.

C

CIO

cio.com

67

CIO.com Netherlands is a regional edition of the established CIO media brand, providing technology news, analysis, and thought leadership content targeted at IT professionals and business leaders in the Netherlands. The website offers a broad range of content including news, opinion pieces, buyer’s guides, and event information, positioning itself as a trusted source for technology decision-makers. The parent company, Foundry, manages this and other technology media properties, indicating a strong market presence and professional media operations. Technically, the site is built on WordPress with a modern tech stack including Yoast SEO, Google Tag Manager, and various advertising and analytics integrations. The site is well-optimized for SEO, mobile-friendly, and includes accessibility features. Security posture is strong with HTTPS enforced, security headers present, and a GDPR-compliant consent management platform in use. However, explicit security policies, incident response information, and vulnerability disclosure mechanisms are not publicly visible, representing areas for improvement. Overall, the website demonstrates a mature digital presence with good privacy compliance and professional content quality, suitable for its target audience. The lack of public WHOIS data is consistent with privacy protection practices common among media companies and does not detract from the site's legitimacy.

C

Computer Sweden

idg.se

61

Computer Sweden is a leading Swedish IT news media outlet owned by Foundry, established in 2004. The website offers daily news and in-depth articles targeting IT decision makers and professionals, supported by newsletters and advertising revenue. The site is well-branded, professionally designed, and consistently updated, reflecting a mature digital presence. Technically, it is built on WordPress with modern SEO and analytics tools, including Google Tag Manager and Permutive, and uses Cloudflare for DNS services. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and consent management for GDPR and CCPA, though DNSSEC is not enabled and some security headers are not explicitly confirmed. No critical vulnerabilities or suspicious activities were detected. Overall, the site demonstrates a high level of professionalism, compliance, and trustworthiness.

R

Rozhledna Špulka

rozhlednaspulka.cz

43

Rozhledna Špulka is a community-driven project representing the microregion CHOPOS in the Czech Republic, focused on a lookout tower and educational trail developed in cooperation with 21 municipalities and multiple partners. The website serves as an informational and promotional platform for events, news, and gallery content related to the lookout tower. Technically, the site is built on WordPress using legacy JavaScript libraries such as jQuery 1.7.2, with moderate performance and basic mobile optimization. Security posture is moderate with HTTPS enabled but lacking modern security headers and using outdated libraries that may expose vulnerabilities. Privacy and cookie policies are absent, reducing compliance with GDPR and other regulations. The WHOIS data is unavailable, which limits domain trust assessment, but the presence of partner logos and regular content updates suggest a legitimate local initiative. Overall, the website is functional and informative but would benefit from technical and compliance improvements.

SAFETEC IT-SYSTEME Vertriebsgesellschaft mbH is a German-based company specializing in the sales, maintenance, and support of high-performance scanners and related hardware and software solutions. Established in 1999, the company emphasizes a strong customer service culture with nationwide support technicians and flexible maintenance contracts. Their business model focuses on B2B sales and after-sales services including repairs, training, and test device loans. The website reflects a professional and consistent brand presence targeting business customers in Germany. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern JavaScript libraries such as jQuery and MediaElement.js for enhanced user experience. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with no major technical issues detected. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. From a security perspective, the site enforces HTTPS and uses secure forms with CSRF tokens. However, explicit HTTP security headers are not detected, and no public security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the content. The domain WHOIS data is minimal but consistent with the business claims, though lacking detailed registrant information. Overall, SAFETEC presents a trustworthy and professional online presence with solid privacy and security foundations. Strategic improvements could include publishing explicit security policies, adding security headers, and implementing a vulnerability disclosure process to further enhance trust and compliance.

H

H. Anger's Söhne

angers-soehne.com

62

H. Anger's Söhne is a well-established German company specializing in drilling and well construction services, with a history dating back to 1863. The company offers a broad range of services including shallow and deep drilling, well regeneration, horizontal well construction, groundwater monitoring, and geothermal energy solutions. Their market position is strong within the energy and water sectors, targeting industrial clients and businesses requiring specialized drilling services. The website reflects a professional and consistent brand image, supporting multilingual access and providing comprehensive service information. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, indicating a mature digital infrastructure. Hosting is provided by IONOS SE, a reputable registrar and hosting provider. The site demonstrates good mobile optimization and SEO practices, although some accessibility features could be improved. Performance is moderate, suitable for the content and media-rich nature of the site. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks DNSSEC and some recommended security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR requirements. Contact information is transparent and professionally presented, enhancing business credibility. Overall, the website presents a low-risk profile with a solid security posture and good compliance. Strategic improvements in security headers and DNSSEC implementation would further strengthen their defenses. The company’s digital presence effectively supports their business operations and market positioning.

SONNTAG | Sonntag & Partner Partnerschaftsgesellschaft mbB is a large, multidisciplinary German economic law firm offering services in auditing, tax consulting, and legal advice. With over 500 experts and offices in Augsburg, Munich, Ulm, and Nuremberg, the firm targets medium-sized enterprises and corporate clients, providing integrated solutions across finance, law, and digital tax advisory. The website reflects a mature digital presence built on WordPress with modern SEO and cookie consent mechanisms, indicating a good level of digital maturity. Security posture is solid with HTTPS and cookie consent, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the firm presents a professional and trustworthy image with comprehensive service offerings and a strong market position in Germany.

PEENE TRANS GmbH is a German logistics company specializing in bulk material transport for construction sites, including mixing plants, concrete industry, and large-scale projects. The company positions itself as a reliable partner offering just-in-time delivery with a modern fleet of tractor-trailers. Their website is built on TYPO3 CMS and uses a variety of modern front-end libraries to provide a responsive and user-friendly experience. The content is professionally presented in German, targeting construction industry clients and logistics partners. Contact information is comprehensive, including multiple emails and phone numbers for key personnel. The website includes a cookie consent mechanism and a privacy policy, indicating awareness of GDPR compliance. However, no explicit terms of service or security policies are published.

D

Danone Magyarország

danone.hu

62

Danone Magyarország operates as a subsidiary of the global Danone Group, focusing on manufacturing and retailing nutrition and health-related food products in Hungary. The website reflects a mature digital presence with clear branding, comprehensive content about their products, corporate social responsibility, and scientific research initiatives. The company targets consumers interested in healthy nutrition, including specialized segments such as parents of children with cancer and healthcare professionals. Technically, the site is built on WordPress with the Divi theme, leveraging modern SEO and analytics tools, and demonstrates good mobile optimization and user experience. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although formal security policies and incident response contacts are not published. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and aligned with the company's business objectives.

P

Pučko Otvoreno Učilište Krapina

krapina.net

50

Pučko Otvoreno Učilište Krapina is a Croatian educational and cultural institution established in 1997, providing adult education, cultural programming, and venue rental services primarily serving the local community. The website is professionally designed using WordPress with Elementor and Yoast SEO, offering rich content about educational programs, cultural events, and organizational information. The technical infrastructure is modern and includes standard web technologies and Google Analytics for visitor insights. Security posture is good with HTTPS enabled and domain transfer protections, though DNSSEC is not enabled and no explicit security incident response information is provided. Privacy compliance is addressed with a GDPR-compliant privacy policy and cookie consent mechanism. Overall, the website is trustworthy, well-maintained, and serves its community effectively.

D

DEKOD d.o.o.

dekod.hr

52

DEKOD d.o.o. is a well-established Croatian ticketing organization with over two decades of experience and a leading market position in the region. The company offers a comprehensive suite of ticketing and event management services, including e-ticketing systems, payment solutions, and web shop capabilities. Their clientele includes cultural institutions, event organizers, and public venues, supported by a strong regional presence and trusted partnerships such as with ulaznice.hr. The website reflects a professional business focus with clear contact information and client testimonials, reinforcing their credibility. Technically, the site is built on WordPress with the Enfold theme and uses common web technologies, but it runs outdated software versions that pose security risks. Security posture is moderate with HTTPS enabled but lacks modern security headers and visible privacy or cookie policies, indicating room for compliance improvement. Overall, the website is functional and trustworthy but would benefit from technical and compliance updates to enhance security and user trust.