Security Directory

The FC St. Pauli Museum website serves as a digital gateway promoting the museum's mobile app, targeting fans and visitors interested in the cultural heritage of the FC St. Pauli football club. The business operates as a non-profit cultural institution based in Germany, leveraging digital platforms such as Google Play and Apple App Store to distribute its app. The website content is well-structured, visually consistent, and provides clear calls to action for app downloads, supported by official social media channels and endorsements from reputable German cultural bodies. Technically, the website employs standard web technologies including HTML5, CSS, and JavaScript, with minimal external dependencies. It integrates Umami analytics for privacy-conscious user tracking. The site is mobile-optimized and offers a good user experience, although accessibility and SEO optimizations are basic. No advanced CMS or hosting details are evident from the content. From a security perspective, the website lacks visible security headers and does not provide explicit security or incident response policies. The absence of a cookie consent mechanism indicates partial GDPR compliance, though a privacy policy is present and accessible. No forms or direct contact information are provided, limiting data exposure risks but also reducing user engagement options. Overall, the website presents a trustworthy and professional front for the museum app, with low risk from a security and privacy standpoint. Strategic improvements in security headers, cookie consent, and published policies would enhance compliance and user trust. The domain WHOIS data was not provided, limiting the ability to assess domain registration legitimacy and history fully.

L

LAMA kominictví s.r.o.

lamakominictvi.cz

0

LAMA kominictví s.r.o. is a Czech small business specializing in chimney maintenance services including cleaning, inspections, milling, lining, repairs, and removals. The company positions itself as a reliable local service provider with a focus on quality and customer trust, supported by testimonials and clear business registration details. The website is built on WordPress using Elementor, reflecting a modern and professional digital presence with good mobile optimization and user experience. Security posture is adequate with HTTPS and secure form handling, though improvements are recommended in security headers and cookie consent compliance. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

J

Jan Trojanec

trojanec.cz

0

Jan Trojanec operates a professional arborist service specializing in tree cutting, pruning, risk tree felling, and stump removal primarily in Brno and the South Moravia region of the Czech Republic. The website presents a well-structured, content-rich platform with clear service offerings and customer testimonials, positioning the business as a trusted local expert with international experience and certifications. Technically, the site is built on WordPress with modern SEO and tracking tools, delivering a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks some advanced security headers and explicit incident response contacts. The absence of WHOIS data for the domain reduces trustworthiness slightly but does not detract from the professional presentation and apparent legitimacy of the business. Overall, the site is a reliable and professional digital presence for a small arborist business.

E

EDF Renewables North America

edf-re.ca

0

EDF Renewables North America operates as a leading independent power producer and service provider specializing in renewable energy projects across Canada and the U.S. Their portfolio includes wind (onshore and offshore), solar photovoltaic, energy storage, and electric vehicle charging solutions. With over 200 employees and offices in major Canadian cities, they have developed nearly 2,000 MW of renewable energy capacity and continue to expand their pipeline. The company emphasizes environmental stewardship and community engagement, aligning with the broader EDF Group's sustainability goals. Technically, the website is built on WordPress with modern JavaScript libraries and SEO optimizations, providing a professional and accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. The absence of WHOIS data is a minor concern but is offset by strong branding and external trust signals. Overall, the company presents a credible and mature digital presence in the renewable energy sector.

E

EDF Renewables Australia

edf-re.com.au

0

EDF Renewables Australia is a large energy company specializing in the development, construction, and operation of renewable energy power generation plants including onshore wind, offshore wind, and solar projects. The company positions itself as a major player in the global energy transition, leveraging expertise and innovation to combat climate change. The website reflects a professional and consistent brand presence with clear business focus and target audience in Australia. Technically, the site is built on WordPress with modern plugins and libraries, offering good mobile optimization and SEO. Security posture is solid with HTTPS and secure forms, though lacking some security headers and visible privacy compliance elements. Overall, the site is trustworthy and well-maintained, though improvements in privacy policy visibility and security headers are recommended.

W

WCRP Coordinated Regional Climate Downscaling Experiment

cordex.org

0

The WCRP Coordinated Regional Climate Downscaling Experiment (CORDEX) website serves as a global scientific platform dedicated to advancing regional climate downscaling research through international collaboration. The site provides comprehensive resources including experiment guidelines, data access, strategic activities, and publications, targeting climate researchers, policymakers, and the scientific community. It is positioned as a reputable non-profit initiative under the World Climate Research Programme (WCRP), with a medium organizational size and a founding date consistent with the domain registration in 2015. Technically, the website is built on a modern WordPress CMS with a robust tech stack including Gantry5 framework, jQuery, and several plugins for search and sliders. Hosting and DNS services are provided by reputable providers, and the site employs HTTPS with good SSL configuration. Performance and mobile optimization are adequate, though accessibility features are basic. SEO practices are well implemented with proper meta tags and structured navigation. From a security perspective, the site enforces HTTPS and shows no signs of exposed sensitive data or vulnerable libraries. However, it lacks DNSSEC, security.txt, privacy and cookie policies, and a cookie consent mechanism, which are important for compliance and security transparency. The use of Matomo analytics indicates minimal user tracking, but privacy compliance is weak due to missing policies. Overall, the website is a trustworthy and professional scientific resource with strong business credibility and good technical implementation. The main risks relate to privacy compliance and DNS security enhancements. Strategic recommendations include publishing privacy and cookie policies, enabling DNSSEC, adding a security.txt file, and improving HTTP security headers to enhance trust and compliance.

S

Serbia | E-Commerce For All

ecommerce4all.rs

0

The ecommerce4all.rs website serves as a regional informational and resource platform focused on e-commerce development for Serbia and other CEFTA member countries. It provides modules covering e-commerce data, regulations, success stories, payment systems, delivery, and a regional trustmark badge. The platform targets stakeholders interested in e-commerce growth and regulatory compliance within the CEFTA region. Technically, the site is built on WordPress with modern plugins such as Yoast SEO, Google Analytics, and GDPR cookie compliance, indicating a moderate level of digital maturity. The design is professional and mobile-optimized, with good SEO practices implemented. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, but lacks advanced security headers and DNSSEC. No privacy policy or terms of service pages were found, which is a compliance gap. Overall, the domain registration data aligns well with the website's regional focus and business purpose, supporting legitimacy. The site does not contain any adult or questionable content and is safe for general audiences.

E

EDF Power Solutions

edf-powersolutions.com

0

EDF Power Solutions is a global energy company specializing in the development, construction, and operation of renewable and low-carbon power plants, as well as flexibility and transmission solutions. The company is positioned as a responsible and innovative industrial entity with a broad international presence, supported by multiple subsidiary websites across various countries. The website reflects a professional corporate image with consistent branding and a clear focus on sustainability and energy transition. Technically, the website is built on WordPress using Elementor and several plugins for SEO, marketing automation, and user experience enhancements. It employs modern web technologies and demonstrates good mobile optimization and SEO practices. Privacy compliance is well addressed with GDPR-compliant cookie consent mechanisms and detailed privacy and terms of service pages. From a security perspective, the site uses HTTPS and has domain status protections to prevent unauthorized changes. However, it lacks DNSSEC and explicit security headers, and no public security policy or incident response contacts are provided. The WHOIS data shows inconsistencies, notably a future domain creation date and minimal registrant information, which slightly detracts from trustworthiness. Overall, the website is professional, secure, and compliant with privacy regulations, but improvements in security transparency and WHOIS data accuracy are recommended to enhance trust and resilience.

M

Místní akční skupina Bobrava

masbobrava.cz

0

Místní akční skupina Bobrava is a Czech regional non-profit organization focused on supporting local municipalities, schools, entrepreneurs, non-profits, and the general public within the Bobrava region. The organization provides information on funding opportunities, promotes regional products and services, and engages the community through news updates and events. Their website reflects a professional and community-oriented approach with clear navigation and relevant content. Technically, the site is built on WordPress with common plugins and frameworks such as Bootstrap, and it employs Google reCAPTCHA for form security and a GDPR-compliant cookie consent mechanism. Security posture is solid with HTTPS enforced and no obvious vulnerabilities detected, though additional security headers could enhance protection. The absence of WHOIS data limits domain trust assessment, but the website's content and structure suggest legitimacy. Overall, the site is well-maintained, user-friendly, and compliant with privacy regulations.

E

Ekowatt

ekowatt.cz

0

Ekowatt is a Czech-based consulting company specializing in energy, economics, and environmental advisory services. Established since 1998, it offers a broad range of services including energy audits, building certifications (LEED, BREEAM, WELL, DGNB), energy performance certificates, economic optimization studies, and carbon footprint calculations. The company targets businesses and organizations seeking to improve energy efficiency and environmental compliance. The website is professionally designed using WordPress with Elementor and Astra theme, providing a good user experience and mobile optimization. Privacy and cookie compliance are well implemented with a visible consent mechanism and comprehensive privacy policy. Security posture is adequate with HTTPS enabled, though additional security headers and explicit security policies could enhance protection. No critical vulnerabilities or blocking mechanisms were detected, indicating stable and accessible infrastructure. Overall, Ekowatt presents a credible and professional online presence aligned with its business domain.

F

Frank Bold

frankbold.org

0

Frank Bold is a Czech-based expert group specializing in legal services, sustainability consulting, and public interest advocacy. Established in 2013, it operates multiple offices across Central Europe and combines legal expertise with consulting in green finance, energy, and public affairs. The organization is recognized as a certified B Corporation and holds a strong market position in the Czech Republic, particularly in construction, energy, and environmental law. Their business model integrates paid services with free public legal advice and active legislative advocacy. Technically, the website is built on Drupal CMS, employs modern analytics tools, and implements a cookie consent mechanism, reflecting a moderate to good level of digital maturity. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced DNSSEC and security headers. Overall, the site is professional, trustworthy, and well-aligned with the organization's mission and market presence.

G

GoldKnights

lastoricru.com

0

The Last Oricru website represents a small indie video game developer and publisher focused on an action RPG game emphasizing storytelling and player choices. The site is professionally designed using WordPress and integrates modern web technologies and analytics tools. The business is positioned as a niche player in the gaming industry with a clear target audience of gamers interested in story-driven RPGs with coop features. The domain registration and hosting align with the company's Czech origins and business timeline, indicating legitimacy and transparency. However, the website lacks critical privacy and cookie policies, which impacts compliance and user trust. Security posture is moderate with HTTPS enabled but missing key security headers and DNSSEC. Overall, the site is functional, trustworthy, and safe for general audiences but would benefit from enhanced privacy compliance and security hardening.

P

PratiMe

pratime.rs

0

PratiMe is a Serbian-based company specializing in GPS satellite vehicle tracking and fleet management solutions. Their platform offers real-time vehicle monitoring, fuel consumption control, driver behavior analytics, and comprehensive fleet management tools. The company targets businesses and fleet operators seeking to optimize operational efficiency and reduce costs through advanced telematics. The website is professionally designed, mobile-optimized, and provides clear navigation and contact channels, reflecting a mature digital presence for a company founded in 2020. Technically, the website employs modern web technologies including Bootstrap, jQuery, GSAP animations, and a 3D globe visualization library (Cobe). It integrates Google Fonts and uses a cookie consent mechanism to comply with privacy regulations. While the site is performant and accessible, there is room for improvement in security hardening, particularly in enabling DNSSEC and implementing security headers such as CSP and HSTS. From a security perspective, the site uses HTTPS and has a contact form with client-side validation, but lacks visible security policies, incident response contacts, and vulnerability disclosure mechanisms. The absence of a privacy policy and terms of service is a notable compliance gap. WHOIS data shows transparent and consistent domain registration aligned with the business location and sector, supporting legitimacy. Overall, PratiMe presents a trustworthy and professional online presence with strong business credibility and technical implementation. Enhancing security policies, privacy compliance documentation, and DNS security would further strengthen their posture and trustworthiness.

Pluton Media d.o.o. Beograd is a Serbian digital media company with a minimal web presence currently displayed as a coming soon or placeholder page. The website provides basic company contact information including email and physical address but lacks detailed business descriptions or service listings. The technical infrastructure is based on WordPress with Bootstrap and jQuery libraries, indicating a standard but basic digital setup. The site lacks HTTPS and security headers, which negatively impacts its security posture. No privacy or cookie policies are present, limiting compliance with data protection regulations. Overall, the website is functional but minimal, with room for significant improvements in content, security, and compliance.

G

Game Dev Graz

gamedevgraz.at

0

Game Dev Graz is a small non-profit association founded in 2015 that supports the game development community and gaming culture in Styria, Austria. It organizes various community events such as meetups, game jams, expos, and awards to foster collaboration and growth in the local game development ecosystem. The website is built on WordPress using a modern theme and common JavaScript libraries, providing a good user experience with clear navigation and mobile optimization. However, it lacks formal privacy and cookie policies, and no direct contact emails or phone numbers are published, relying mainly on a contact form. Security posture is moderate with HTTPS enabled but missing security headers and incident response contacts. Overall, the site is trustworthy and professional but could improve compliance and security practices.

W

Warezio s.r.o.

warezio.com

0

Warezio s.r.o. is a Czech Republic-based small technology company specializing in anti-piracy solutions targeting diverse sectors including Television/VOD, live streaming, software, gaming, and legal firms. Founded in 2022, the company positions itself as a niche provider offering comprehensive anti-piracy services to digital content providers. The website reflects a professional and consistent brand image with clear contact information and a focused business description. Technically, the website is built using the Astro framework and integrates modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. Hosting and DNS are managed via Cloudflare, ensuring good SSL configuration and moderate performance. The site is mobile optimized and SEO friendly but lacks some accessibility features. From a security perspective, the site uses HTTPS and reputable DNS providers but lacks important security headers and published security policies. No privacy or cookie policies are present, indicating gaps in privacy compliance. There is no visible incident response or vulnerability disclosure information, which could be improved to enhance trust and security posture. Overall, the website is safe, professional, and credible but would benefit from enhanced privacy compliance, security best practices, and transparency regarding security policies. Strategic improvements in these areas will strengthen the company’s trustworthiness and regulatory compliance.

J

James Printing & Signs

jamesprint.ca

0

James Printing & Signs is a small, family-owned print and signage company based in Bowmanville, Canada. The business emphasizes honesty, integrity, and quality service, offering a range of services including commercial printing, signage, vehicle graphics, graphic design, and laser & CNC cutting. The website reflects a professional and consistent brand image targeting local businesses and customers requiring custom print solutions. Technically, the site is built on WordPress using Elementor and integrates Google Analytics for visitor tracking. Performance and mobile optimization are good, though accessibility is basic. Security posture is moderate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration details align well with the business claims, supporting legitimacy. Strategic improvements in privacy compliance and security headers would enhance trust and regulatory adherence.

The website roynicholsmotors.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, presenting a security challenge page instead of business content. This prevents any direct analysis of the company's services, contact information, or policies. The domain is well-established, registered since 2001 with DomainSpot LLC, indicating a legitimate and stable registration history. However, the lack of DNSSEC and absence of visible content limits assessment of the site's digital maturity and business operations. The technical infrastructure includes Cloudflare protection and hosting via EasyDNS nameservers, but no CMS or frameworks are detectable due to the block. Security posture cannot be fully evaluated, but the presence of Cloudflare WAF indicates some level of protection. No privacy, cookie, or terms of service policies are found, and no contact or business information is visible, which negatively impacts trust and compliance evaluation. Overall, the site currently scores very low on content quality, technical implementation, security posture, privacy compliance, and business credibility due to the blocking and lack of accessible content.

A

AOC (Administració Oberta de Catalunya)

digicanvis.cat

0

Digicanvis is a government-affiliated digital observatory platform focused on showcasing best practices and innovative initiatives in the digital transformation of local administrations in Catalonia, Spain. It is supported by the Administració Oberta de Catalunya (AOC), which is evident from branding and linked partner domains. The platform provides a searchable database of projects and encourages submissions of new digital transformation initiatives. Technically, the website is built on WordPress using modern frameworks like Bootstrap and WPBakery Page Builder, with integration of Google Tag Manager and GTranslate for multilingual support. The site is mobile optimized and presents a professional design with clear navigation. Security posture is good with HTTPS enforced and no visible vulnerabilities, though it lacks explicit privacy and cookie policies and security headers, which are recommended for compliance and enhanced security. WHOIS data is unavailable publicly, likely due to privacy protection, which is common for government-related domains. Overall, the site is trustworthy, well-maintained, and serves a niche government audience effectively.

М

МАРнет

marnet.mk

0

МАРнет is a public institution operating as the Macedonian Academic Research Network, providing essential telecommunications infrastructure and domain registration services for the Republic of North Macedonia. It holds a key national position as the official registry for the .mk and .мкд top-level domains, serving academic, research, and institutional clients. The website presents a professional and consistent brand image, with comprehensive information about its services and governance. Technically, the site is built on WordPress with modern plugins and themes, offering good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent mechanisms, though explicit security headers are not clearly detected. The absence of WHOIS data due to server errors limits full domain legitimacy verification but does not detract from the apparent institutional nature of the entity. Overall, the website is trustworthy, well-maintained, and compliant with privacy regulations.

B

Blue Ocean Games

blueoceangames.com

0

Blue Ocean Games operates a niche platform focused on indie game developers, providing a venue for game validation, community feedback, and funding opportunities. The website highlights winners of their Rising Tide 2 challenge, showcasing games selected by public voting and judges. The company appears to have a small but focused market presence, targeting game developers and gaming enthusiasts. Technically, the site uses modern web technologies including React, Material UI, and Mux Player for video content, with Google Fonts and Plausible Analytics integrated. The site is mobile optimized and has good SEO practices, though accessibility features are basic. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite analytics usage. Overall, the domain is well aged and registered with a reputable registrar, supporting legitimacy. Strategic improvements in security policies, cookie consent, and accessibility would enhance trust and compliance.

H

HIBLend

hiblend.eu

0

HIBLend is an educational project focused on enhancing the quality of blended mobility in European higher education. The website serves as an informational platform for stakeholders involved in this EU initiative. The technical infrastructure is based on WordPress with the Divi theme and Yoast SEO plugin, indicating a moderate level of digital maturity. The site is hosted via GoDaddy and uses HTTPS, ensuring basic security standards. However, the absence of privacy and cookie policies, as well as contact information, limits its compliance and user trust. Security posture is adequate but could be improved with additional headers and policies. Overall, the website is professional and relevant to its niche audience but requires enhancements in privacy and security transparency.

Limecast is an emerging privacy-first, open-source podcasting platform aimed at podcasters and privacy-conscious users. The website serves as a coming soon landing page highlighting the platform's focus on privacy and distributed podcasting technology. The business is positioned as a startup founded in 2020, with a small team and a technology sector focus. The platform emphasizes open-source development and community involvement, as evidenced by links to their Codeberg repository and social media presence on Mastodon and Bluesky. Technically, the website is built with modern HTML5 and CSS3 standards, uses Google Fonts, and integrates an EmailOctopus subscription form for user engagement. Hosting appears to be managed via NameCheap, with domain registration consistent with the startup's timeline. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for improvement. Privacy compliance is currently poor due to the absence of privacy and cookie policies and consent mechanisms. No contact emails or phone numbers are provided, limiting direct communication channels. Overall, the website is professional and well-branded but requires enhancements in privacy compliance and security best practices to improve trust and user confidence.

F

Fiqus

farox.coop

0

Farox is a cooperative software development company based in Argentina, specializing in professional services related to Data Science, Machine Learning, high concurrency systems, and full-stack development. The company positions itself as a tech leader in the cooperative sector with over a decade of experience. Their website showcases key services such as product development, software consultancy, and team extension, targeting businesses seeking expert technology partners. The digital infrastructure is modern, leveraging React and Next.js frameworks hosted on AWS, with a professional and mobile-optimized website design. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced DNS security and security headers. Privacy compliance is limited due to absence of explicit policies and consent mechanisms. Overall, the website is trustworthy and professional, though improvements in privacy and security disclosures are recommended.

JWP.com is a minimalistic website primarily serving as a login portal for users with credentials. The site lacks public-facing business descriptions or detailed service information, indicating it is likely an internal or restricted access platform. The domain is long-established, dating back to 1996, which suggests a mature presence, although no registrant organization details are publicly available. The hosting is provided by DreamHost, and the domain is registered through Epik LLC without DNSSEC enabled. Technically, the website uses basic HTML, CSS, and JavaScript with a PHP backend for form submission. There is no evidence of modern frameworks or CMS usage. The site shows basic design and accessibility but lacks mobile optimization and advanced SEO features. Security posture is weak, with no HTTPS enforcement visible in the provided data, no security headers, and no anti-CSRF or CAPTCHA protections on the login form. Privacy and cookie policies are absent, and no analytics or marketing tools are detected. Overall, the security posture is below average, with critical recommendations including enabling HTTPS, adding security headers, and implementing protections against automated login attacks. The site content is safe for general audiences, with no adult or questionable content detected. Contact information is limited to an obfuscated email address (info@jwp.com) and a login form, with no phone numbers or physical addresses provided. The overall risk assessment indicates a low trustworthiness level due to minimal content, lack of security best practices, and absence of compliance documentation. Strategic improvements in security, privacy compliance, and content transparency are recommended to enhance business credibility and user trust.

I

I Worked On

iworkedon.com

0

I Worked On is a small technology-focused platform founded in 2006 that enables individuals, makers, and developers to create and share portfolios showcasing their projects. The website emphasizes a modern approach to professional experience by focusing on tangible work and outcomes rather than traditional resumes. The platform targets users who want an easy and visually appealing way to present their work to the world. Technically, the website uses modern web technologies including HTML5, CSS3, JavaScript, and Alpine.js for interactivity. It integrates Google Analytics and Google Tag Manager for user tracking and marketing insights. The site is mobile optimized with good SEO practices but lacks some accessibility features and security headers. Hosting details are not explicitly stated but the domain is registered with eNom, LLC and uses name-services.com for DNS. From a security perspective, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and important security headers such as Content-Security-Policy and Strict-Transport-Security. No privacy or cookie policies are published, which is a compliance gap. No incident response or vulnerability disclosure information is available. The domain is stable and legitimate with a long registration history, supporting trustworthiness. Overall, the website is professional and functional with moderate security posture and limited privacy compliance. Strategic improvements in security headers, privacy policies, and contact transparency would enhance trust and compliance.

L

Leafworks

leafworks.de

0

Leafworks is a small consulting firm specializing in customer experience and CX management, targeting businesses seeking to improve their customer interactions. The website is built on a modern WordPress infrastructure using popular plugins and themes such as Yoast SEO, Astra, Elementor, and WP Rocket, indicating a moderate level of digital maturity. The site is well-designed, mobile-optimized, and provides relevant content aligned with its consulting services. However, the security posture is limited, with no visible security headers, privacy or cookie policies, or incident response information, which could expose the business to compliance and security risks. The absence of explicit contact information reduces transparency and trust. Overall, the website is functional and professional but requires improvements in privacy compliance and security practices to enhance trustworthiness and regulatory adherence.

The website 'Zeit für Mich' is a German health promotion initiative operated by BKV - Interessengemeinschaft Betriebliche Krankenversicherung e. V., focusing on strengthening personal resources and promoting a healthy work-life balance. It offers information, online self-assessment tests, and access to quality-approved prevention courses such as relaxation techniques and yoga. The target audience primarily includes working adults interested in health and stress management. The business model is non-profit, supported by statutory health insurance entities in Germany, aiming to provide accessible health resources and course subsidies. Technically, the site is built on WordPress using the Understrap child theme, incorporating jQuery and Google Fonts. The infrastructure appears standard for a small non-profit website, with moderate performance and good mobile optimization. SEO and accessibility are basic but functional. No advanced analytics or tracking tools are detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS as indicated by resource URLs, but no explicit security headers were detected in the provided data. There is no evidence of vulnerability disclosure mechanisms or security policies. Contact information is clearly provided, but privacy and cookie policies are absent, which is a compliance gap. No forms or data collection points were found on the homepage, reducing immediate risk exposure. Overall, the website is professional, trustworthy, and safe for general audiences. However, improvements in privacy compliance and security hardening are recommended to enhance trust and regulatory adherence.

The website 'Ich hab's gecheckt!' is a German health awareness campaign focused on educating the public about metabolic syndrome and promoting a healthy lifestyle to prevent cardiovascular diseases. It is operated by the BKV – Interessengemeinschaft Betriebliche Krankenversicherung e. V., a non-profit health insurance interest group based in Berlin. The site provides educational content and an online health check tool to engage users in monitoring their health. The target audience is the general German-speaking public interested in health and wellness. Technically, the website is built on WordPress using the Understrap theme framework with a child theme. It employs common web technologies such as jQuery and Popper.js. The site is served over HTTPS with a moderate performance profile and good mobile optimization. However, it lacks advanced security headers and structured data markup, which could improve SEO and security posture. From a security perspective, the site uses HTTPS and a cookie consent mechanism, but it does not provide a privacy policy or incident response information. No security.txt file or vulnerability disclosure policy is present. The absence of security headers like CSP and HSTS reduces the overall security score. No tracking or advertising scripts were detected, indicating minimal user tracking. Overall, the website is trustworthy and professional with clear contact information and a consistent brand presence. The main risks relate to incomplete privacy compliance and security best practices. Strategic recommendations include publishing a privacy policy, implementing security headers, and providing incident response contacts to enhance user trust and regulatory compliance.

B

BKV – Interessengemeinschaft Betriebliche Krankenversicherung e. V.

bkk-bettgefluester.de

0

Bettgeflüster is a German health campaign operated by the BKV association, focusing on promoting healthy sleep habits through educational content, multimedia resources, and downloadable materials. The campaign targets the general public interested in improving sleep quality and overall health. The website is built on WordPress, leveraging modern web technologies such as Breeze caching and Google Fonts, and is hosted with domain control services consistent with the domain registration. The site is well-structured, mobile-optimized, and provides clear navigation and relevant content. Security posture is solid with HTTPS enforced, though it lacks some security headers and cookie consent mechanisms, which are recommended for GDPR compliance. Contact information is clearly provided with official email and physical address, enhancing business credibility.

The website alleswurscht.li is a government health promotion project operated by the Amt für Gesundheit des Fürstentums Liechtenstein. It provides a rich collection of healthy recipes emphasizing fresh, regional, and seasonal products, curated by a certified nutritionist. The site targets the general population of Liechtenstein, promoting balanced nutrition and healthy lifestyles through accessible content and community engagement via newsletters and a forum. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience. Technically, the site is built on the Contao Open Source CMS platform, utilizing common web technologies such as jQuery, Google Analytics, Google Tag Manager, and Google Maps API. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks important security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the security posture is solid but could be enhanced by implementing security headers, publishing incident response information, and adding cookie consent to improve GDPR compliance. The domain WHOIS data confirms official government ownership, reinforcing the site's legitimacy and trustworthiness. No adult or explicit content is present, making the site safe for general audiences. Strategic recommendations include improving security headers, adding cookie consent, publishing security and incident response policies, and enhancing privacy compliance to strengthen trust and regulatory adherence.

M

MaM Multimedia s.r.o.

mam.sk

0

MaM Multimedia s.r.o. is a Slovak technology service provider specializing in web design, e-commerce solutions, web hosting, and online marketing. Established in 2003, the company offers a comprehensive range of internet-related services including graphic design, IT equipment provisioning, and internet connectivity. Their market position is supported by a long domain age and references to notable projects such as the official city website of Žilina and various e-commerce clients. Technically, the website employs legacy technologies with JavaScript and Google Analytics integrations but lacks modern security and privacy features. The absence of HTTPS enforcement and security headers, combined with no visible privacy or cookie policies, indicates compliance and security gaps. Overall, the site is functional but requires modernization and enhanced security measures to improve trust and compliance.

A

Amt für Gesundheit (Office for Health, Liechtenstein)

hitze.li

0

The website 'Hitze und Gesundheit' is an official government health information portal managed by the Amt für Gesundheit of Liechtenstein. It focuses on educating the public about heat-related health risks, protective measures, and vulnerable groups. The site is well-positioned as a trusted source for health and climate-related information in the region, targeting the general population with clear, scientifically backed content. Technically, the site is built on WordPress with a modern theme and uses standard web technologies such as jQuery and Typekit fonts. It is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and obfuscates emails to reduce spam, but lacks some security headers and a formal vulnerability disclosure mechanism. Privacy compliance is partially met with a privacy policy present, but no cookie consent mechanism is detected, which could be improved. Overall, the site is credible, secure, and professionally maintained, serving its public health mission effectively.

The website at highfivve.com is currently inaccessible, returning a 403 Forbidden error page which blocks access to any meaningful content. As a result, no business information, contact details, or policy documents are available for analysis. The domain is registered since 2018 with a reputable registrar and no privacy protection, indicating a legitimate registration. However, the lack of accessible content and absence of security or privacy policies significantly limit the ability to assess the company's market position or digital maturity. The technical infrastructure appears to be hosted on SiteGround based on nameservers, but no further technology stack or analytics tools are detectable. Security posture cannot be fully evaluated due to the blocked content, but the absence of DNSSEC and security headers suggests room for improvement. Overall, the site currently presents a high risk due to inaccessibility and lack of transparency.

C

C4all Gesellschaft mbH & Co. KG

c4all.de

0

C4all Gesellschaft mbH & Co. KG is a German-based digital marketing service provider specializing in telephony, SMS, video, and image services to help businesses analyze campaigns, track customer touchpoints, and acquire new clients. With over 10 years of experience and a client base of 175 companies, C4all positions itself as a reliable partner in the digital marketing ecosystem. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content tailored to business customers seeking marketing measurement and communication solutions. Technically, the site is built on Umbraco CMS with modern HTML5, CSS3, and JavaScript technologies, leveraging the uSkinned sitebuilder framework. While performance and SEO are adequate, there is room for improvement in accessibility and security headers. Security posture is moderate, with secure form handling and CAPTCHA but lacking visible security policies and headers. Privacy compliance is partially met with a privacy policy and GDPR consent checkbox but missing a cookie consent mechanism. Overall, the domain registration data aligns with the business claims, indicating legitimacy and consistency.

B

BKV – Interessengemeinschaft Betriebliche Krankenversicherung e. V.

bkk-like-dich-selbst.de

0

The website 'BKK-Kampagne: Like Dich selbst!' is a health promotion platform operated by the non-profit association BKV – Interessengemeinschaft Betriebliche Krankenversicherung e. V. It focuses on educating the German public about nutrition, exercise, stress management, and addiction prevention through webinars and podcasts. The site targets a general audience interested in improving personal health and wellness. Technically, the site is built on WordPress with modern web technologies such as jQuery and Google Fonts, hosted with domain control via GoDaddy DNS. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional but could improve in security and privacy transparency.

B

BKV – Interessengemeinschaft Betriebliche Krankenversicherung e. V.

bkk-fokussiert.de

0

BKK fokussiert is a German health prevention campaign operated by the BKV – Interessengemeinschaft Betriebliche Krankenversicherung e. V., focusing on promoting healthy work environments and stress prevention for employees. The website serves as an informational platform offering videos, podcasts, and educational content targeting employees and companies interested in workplace health. The campaign positions itself as a niche player within the healthcare and non-profit sectors in Germany. Technically, the website is built on WordPress 6.8.3 with standard plugins including WPML for multilingual support. It uses Google Fonts and embeds media from Mixcloud. The site is hosted with domain control via GoDaddy name servers and employs HTTPS with good SSL configuration. The site is mobile optimized and provides a good user experience with clear navigation and consistent branding. From a security perspective, the website enforces HTTPS but lacks visible security headers and cookie consent mechanisms, which are recommended for GDPR compliance. No forms or data collection fields are present on the homepage, reducing attack surface. No vulnerability disclosure or incident response information is published. The WHOIS data is minimal but consistent with a legitimate domain registration. Overall, the website is professional, secure, and trustworthy with minor improvements recommended in privacy compliance and security headers to enhance protection and user trust.

B

BKV – Interessengemeinschaft Betriebliche Krankenversicherung e. V.

bkk-care-life.de

0

BKK Care & Life is a healthcare-focused website dedicated to raising awareness about testicular cancer and promoting early detection through self-examination. The platform is supported by the BKV – Interessengemeinschaft Betriebliche Krankenversicherung e. V., a German statutory health insurance association. The website provides detailed educational content, including anatomy, function, and practical guides for self-checking testicles, targeting men primarily between 25 and 45 years old. The site is professionally designed, multilingual, and well-structured to serve its niche audience effectively. Technically, the website is built on WordPress 6.8.3 with WPML for multilingual support and uses standard web technologies including jQuery and custom JavaScript. Hosting is managed via domaincontrol.com name servers, indicating a stable and reputable hosting environment. Performance and mobile optimization are good, with accessibility and SEO features well implemented. From a security perspective, the site uses HTTPS with excellent SSL configuration but lacks some advanced security headers and a cookie consent mechanism. No forms collecting personal data were detected on the main page, reducing immediate privacy risks. The WHOIS data is consistent and legitimate, with no suspicious patterns. However, the site could improve by publishing a security policy, incident response contacts, and vulnerability disclosure information. Overall, BKK Care & Life presents a trustworthy, professional, and secure platform for health education with minor areas for improvement in privacy compliance and security best practices.

A

Agence Nationale pour l'Information des Jeunes

jugendinfo.lu

0

Jugendinfo.lu is a government-affiliated youth information portal based in Luxembourg, operated by the Agence Nationale pour l'Information des Jeunes. The website provides comprehensive information and services targeted at young people aged 12 to 30, covering education, employment, engagement, housing, health, and daily life. It holds a strong market position as a national youth information service with a clear mission to support and inform the youth demographic. The business model is non-profit and government-supported, focusing on public service and youth empowerment. Technically, the website is built on a modern WordPress CMS platform with popular plugins such as Yoast SEO, WPBakery Page Builder, and Smart Slider 3. It integrates Google Analytics and Google Tag Manager for analytics and marketing purposes. The site demonstrates good mobile optimization and basic accessibility features, with a moderate performance profile. SEO is well addressed through meta tags and structured data. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and no published security or incident response policies are found. No vulnerabilities or suspicious activities are evident in the content or technical stack. The WHOIS data confirms domain legitimacy with consistent registration details aligned with the website's government affiliation. Overall, Jugendinfo.lu presents a trustworthy, professional, and well-maintained online presence for youth information in Luxembourg. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to further strengthen trust and compliance.

M

Myndigheten för ungdoms- och civilsamhällesfrågor (MUCF)

ungidag.se

0

Ung idag is an official Swedish government web-based monitoring system operated by the Myndigheten för ungdoms- och civilsamhällesfrågor (MUCF). It provides comprehensive statistics and information about the living conditions of young people aged 13-25 in Sweden, serving researchers, policymakers, and the public. The website is well-branded with consistent government agency logos and offers detailed statistical indicators across multiple youth-related domains. Technically, the site uses modern JavaScript libraries, Matomo analytics with a cookie consent mechanism, and is hosted by Loopia AB with HTTPS enforced. However, it lacks some security best practices such as DNSSEC and security headers. Privacy compliance is basic, with no dedicated privacy policy or terms of service pages found. Contact information is clearly provided with official email and phone contacts. Overall, the site is trustworthy and professional but could improve in security and privacy transparency.

D

Dopravný podnik mesta Žiliny s.r.o.

dpmz.sk

0

Dopravný podnik mesta Žiliny s.r.o. operates as the official public transportation provider for the city of Žilina, Slovakia. The website serves as a comprehensive portal offering schedules, ticketing information, news updates, and additional services such as charter transport and a tourist hostel. The company targets local residents and visitors, positioning itself as a key municipal service provider with a medium-sized operational footprint. The business model focuses on public transit services supported by digital tools like electronic ticketing and journey planning subdomains. Technically, the website employs a traditional web stack with jQuery and Nivo Slider for UI elements, alongside CookieYes for cookie consent management. While the site is functional and moderately optimized for mobile, it lacks advanced CMS indicators and modern frameworks. SEO and accessibility are basic but adequate for the target audience. Analytics integration includes Google Analytics and smartemailing.cz for newsletter management, reflecting a moderate level of digital maturity. From a security perspective, the site uses HTTPS and implements a detailed cookie consent mechanism, supporting GDPR compliance. However, it lacks visible HTTP security headers and published security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The absence of a terms of service page and limited mobile optimization are minor gaps. Overall, the security posture is moderate but could benefit from enhancements in header policies and formal security disclosures. The overall risk assessment is low, with the website demonstrating legitimacy, consistent business information, and a trustworthy digital presence. Strategic recommendations include implementing security headers, publishing security and incident response policies, improving mobile and accessibility features, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

I

Integrovaná doprava Žilinského a Trenčianskeho kraja, s.r.o.

idzk.sk

0

Integrovaná doprava Žilinského a Trenčianskeho kraja, s.r.o. operates as a regional integrated public transportation service provider in Slovakia, focusing on the Žilinský and Trenčiansky regions. The company aims to increase public transport usage by offering integrated ticketing, transport information, and a mobile application (IDS PLUS) to facilitate travel. The website reflects a professional and consistent brand presence with clear communication targeting the general public and transport users in the region. Technically, the site employs modern web technologies including Bootstrap, jQuery, and Google services, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS and reCAPTCHA usage, though it lacks some advanced security headers and explicit incident response information. Privacy compliance is well addressed with GDPR-aligned privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy, well-maintained, and aligned with its business objectives.

Н

Національна молодіжна рада України

nycukraine.org

0

Національна молодіжна рада України є національною неприбутковою організацією, що об'єднує молодіжні організації та активістів для сприяння розвитку молоді, їх участі у громадському житті, освіті та зайнятості. Вебсайт демонструє професійний рівень, з чіткою структурою, сучасним дизайном та мобільною адаптацією. Технічна інфраструктура базується на WordPress з використанням популярних плагінів і фреймворків, що забезпечує функціональність і зручність користування. З точки зору безпеки, сайт використовує HTTPS, має стабільну реєстрацію домену, але відсутні деякі сучасні заходи безпеки, такі як DNSSEC та розширені HTTP заголовки безпеки. Відсутність публічної політики безпеки та інцидентного реагування є потенційними прогалинами. Загальний ризик для користувачів низький, сайт не містить шкідливого чи сумнівного контенту, але рекомендується покращити політики конфіденційності та безпеки для підвищення довіри та відповідності GDPR. Рекомендації включають впровадження DNSSEC, додавання політик безпеки, та регулярний аудит плагінів.

Eurodesk Schweiz operates as a non-profit information network dedicated to facilitating mobility opportunities for young people across Europe. The organization provides free and accessible advice on various mobility options including jobs, internships, volunteering, studying, and language learning. It is part of a larger European network with offices in 34 countries, positioning itself as a trusted national resource in Switzerland. The website is professionally designed, multilingual, and offers relevant content targeted at youth and professionals in youth work. Technically, the site is built on TYPO3 CMS and integrates privacy-conscious analytics tools such as Matomo alongside Google Analytics with IP anonymization. Security posture is adequate with HTTPS enforced but lacks some advanced security headers and explicit security policies. Privacy compliance is partially met with a privacy policy present but no visible cookie consent mechanism. Overall, the site is trustworthy and well-positioned within its niche but could improve in security and privacy transparency.

Z

Zavod MOVIT

movit.si

0

Zavod MOVIT is a Slovenian non-profit organization dedicated to the development and management of youth mobility programs, particularly those aligned with European Union initiatives such as Erasmus+. The organization acts as a national coordinator for youth mobility, European youth policy, and international cooperation of local communities, focusing on young people and promoting European citizenship. The website reflects a well-structured and professional digital presence, leveraging TYPO3 CMS and integrating key tools such as Google Analytics and Facebook SDK for user engagement and analytics. However, some technical aspects such as outdated jQuery and mixed content loading indicate areas for modernization. Security posture is moderate, with HTTPS enforced and captcha protection on forms, but lacking advanced security headers and explicit security policies. Contact information is comprehensive, including email, phone, physical address, and a contact form with captcha, supporting user communication. Overall, the website is trustworthy and safe, targeting a general audience interested in youth programs and European initiatives.

A

ANPCDEFP

eurodesk.ro

0

Eurodesk Romania operates as an official national portal providing comprehensive information and resources related to European Union youth programs such as Erasmus+, DiscoverEU, and the European Solidarity Corps. The website serves youth, youth workers, and organizations by offering timely news, event announcements, and access to funding opportunities. It is supported and co-financed by the European Union and the Romanian government agency ANPCDEFP, establishing a strong market position within the government and non-profit sectors focused on youth development. From a technical perspective, the website employs a legacy JavaScript stack including Prototype.js and Scriptaculous, alongside modern analytics tools like Google Analytics and Google Tag Manager. The site is served over HTTPS with a cookie consent mechanism in place, indicating a moderate level of digital maturity and compliance with GDPR requirements. However, there is room for improvement in mobile optimization, performance, and implementation of modern security headers. Security posture is adequate with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The absence of explicit security policies or incident response information suggests an opportunity to enhance transparency and preparedness. WHOIS data is not publicly available due to ROTLD privacy policies, but the domain's association with official EU and government entities supports its legitimacy. Overall, the website presents a trustworthy and professional platform for youth-related EU program information, with moderate technical sophistication and compliance. Strategic improvements in security headers, mobile responsiveness, and incident response documentation would further strengthen its security and user trust.

A

AN E+ JA

juventude.pt

0

AN E+ JA is the Portuguese National Agency responsible for managing and promoting the Erasmus+ program, focusing on youth education, mobility, and strategic partnerships. The agency serves young people, youth organizations, and educational institutions, positioning itself as a key governmental entity facilitating European Union youth initiatives in Portugal. The website reflects a professional and consistent brand image, providing comprehensive information and resources related to Erasmus+ and youth policies. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, ShareThis, Bootstrap, and FontAwesome, ensuring a responsive and user-friendly experience. The site is well-structured with good SEO practices and mobile optimization, although accessibility features could be enhanced. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS, uses CSRF tokens in forms, and applies best practices such as rel="noopener noreferrer" on external links and CAPTCHA for form submissions. However, it lacks explicit security headers and a published security policy or incident response contact, which are recommended for improved security posture. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms aligned with GDPR requirements. Overall, the website is trustworthy, professionally maintained, and aligned with its governmental mission. Strategic recommendations include implementing security headers, publishing a security policy, enhancing accessibility, and maintaining vigilance on third-party scripts to sustain a robust security and compliance posture.

E

Eurodesk Luxembourg

eurodesk.lu

0

Eurodesk Luxembourg is a government-affiliated youth information service providing a range of opportunities and resources for young people in Luxembourg and Europe. The website serves as a portal for volunteering missions, European opportunities, youth testimonials, and educational content. It targets youth and young adults, operating as a non-profit public information agency with a consistent and professional online presence. The site is well-branded and supported by reputable European and national partners.

A

Audi BKK

audibkk.de

0

Audi BKK is a German statutory health insurance provider offering affordable nationwide coverage with a competitive contribution rate of 17.0%. The company emphasizes digital services such as electronic patient records, e-prescriptions, and a digital bonus program, positioning itself as a modern and customer-centric insurer. The website reflects a strong market position, highlighted by top rankings in customer satisfaction surveys. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and includes a consent management platform for GDPR compliance. Security posture is solid with HTTPS enforcement and security headers, though explicit security policies and incident response details are not publicly disclosed. Overall, the site is professional, trustworthy, and well-optimized for users.

U

Universitätsmedizin Frankfurt

gesundheitsforum-ukf.de

0

Gesundheitsforum is an educational platform affiliated with Universitätsmedizin Frankfurt, providing online lectures and health information targeted at citizens and patients to enhance health literacy. The website leverages TYPO3 CMS and modern web technologies, ensuring a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. The domain registration and hosting align with the university, supporting legitimacy and trust. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.