Security Directory

S

Sächsische Aufbaubank

sn-cz2027.eu

64

The website www.sn-cz2027.eu represents the official Interreg Sachsen - Tschechien 2021-2027 program, a European Union funded initiative supporting cross-border cooperation projects between Saxony (Germany) and the Czech Republic. The site is managed by the Sächsische Aufbaubank and provides comprehensive information, project details, event calendars, and application guidance for stakeholders. The platform targets project applicants, beneficiaries, and interested parties in regional development and cooperation. Technically, the website is built on modern web standards with HTML5, CSS3, JavaScript, and uses Matomo analytics for privacy-conscious visitor tracking. It is mobile optimized and features a cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and client-side form validation, though HTTP security headers and incident response information are not visibly published. WHOIS data is unavailable due to EURid privacy policies for .eu domains, which is typical and justified for official entities. Overall, the site is professional, trustworthy, and well-aligned with its governmental and non-profit mission.

R

Red Stag Casino

go2redstag.com

49

Red Stag Casino operates as an online gambling platform offering over 200 casino games, exclusive bonuses, and VIP-level customer support. The website targets adult users interested in online casino gaming and positions itself as a niche operator with a focus on user engagement and loyalty programs. The business model revolves around online gaming revenue through player deposits and bonuses. The site branding is consistent and professional, with clear navigation and a focus on gaming content.

D

Daikin

daikin.cz

63

Daikin.cz is a professionally maintained website representing Daikin's Czech Republic operations, focusing on heating, cooling, and air purification solutions for residential and commercial customers. The site offers comprehensive product information, services, and a partner network, targeting homeowners, installers, architects, and commercial clients. Technically, the site is built on Adobe Experience Manager, leveraging modern analytics and marketing tools such as Matomo and Google Tag Manager, with good mobile optimization and accessibility. Security posture is moderate with room for improvement in security headers and explicit incident response policies. Privacy compliance is strong, with clear cookie consent and privacy policy pages in Czech, indicating GDPR adherence. The absence of WHOIS data is due to privacy protection, which is typical for corporate domains. Overall, the site is trustworthy, well-branded, and professionally executed, suitable for its market and audience.

N

Nexus Exit

nexus-exit.de

62

Nexus Exit is a specialized entertainment provider offering next-level escape room experiences in Gelnhausen, Germany. The company holds a strong market position as the highest-rated escape room provider in the Hessen region, supported by excellent customer reviews on Tripadvisor, Facebook, and Google. Their services include a variety of escape rooms, outdoor adventures, online games, group offers for companies, schools, bachelor parties, and consulting services under Nexus Creations. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, enhancing user experience and trust. Technically, the website is built on the Webflow CMS platform, utilizing modern web technologies such as Google Fonts, Matomo analytics, and Google reCAPTCHA for security. Hosting is provided by a reputable German provider (Netcup), and the site employs HTTPS with good SSL configuration. While security headers are not explicitly detected, the site follows good security practices including cookie consent and bot protection. Analytics usage is moderate with privacy compliance considered good. From a security perspective, the site shows a mature posture with no visible vulnerabilities or exposed sensitive data. However, there is room for improvement by implementing additional security headers and publishing a security policy or incident response contact. The absence of terms of service and vulnerability disclosure pages are minor gaps. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness. The overall risk assessment is low, with the site presenting a professional and secure front to customers. Strategic recommendations include enhancing security headers, formalizing security policies, and maintaining up-to-date software to sustain and improve security posture.

T

Time-Busters Wien

time-busters.at

59

Time-Busters Wien is a specialized provider of handcrafted escape room experiences located in Vienna, Austria. The company emphasizes sustainability by using up to 90% recycled materials in their escape rooms and offers a variety of missions suitable for small groups, families, corporate teams, and large groups. Their market position is strong within the local hospitality and entertainment sector, supported by excellent customer reviews and a professional online presence. Technically, the website is built on WordPress with modern SEO and privacy compliance tools, including cookie consent management and analytics tracking via Matomo and Google Tag Manager. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. The absence of WHOIS data limits domain trust verification but does not detract significantly from the overall legitimacy given the detailed contact information and business transparency. Overall, the website and business demonstrate a mature digital presence with strong compliance and user experience.

R

Ripper Casino

ripperpokies.com

51

Ripper Casino operates as an online gambling platform offering a variety of casino games to adult users. The website's content and branding focus on providing a simple and engaging gambling experience. The domain is relatively new, registered in 2021, which aligns with a startup or recently launched online casino business. The technical infrastructure includes Matomo analytics for tracking and Kameleoon for marketing optimization, hosted behind Cloudflare DNS services. However, the site lacks visible privacy, cookie, and terms of service policies, which are critical for compliance and user trust in the gambling industry. Security measures such as DNSSEC and security headers are absent, indicating room for improvement in protecting user data and site integrity.

D

Desert Nights

desertnightscasino.com

63

Desert Nights Casino is an online gambling platform offering a wide variety of real money casino games, including slots, table games, and video poker. The website features a desert and genie-themed branding with numerous promotions, bonuses, and a VIP club to engage players. The platform targets adult online casino players seeking a secure and entertaining gaming experience. Technically, the site is built on Joomla CMS with Bootstrap and jQuery, enhanced by Matomo analytics and live chat support, indicating a moderate to advanced digital maturity. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure, though the absence of security headers and cookie consent mechanisms suggests room for improvement. The lack of WHOIS data for the domain is a notable concern, potentially indicating privacy protection or registration inconsistencies, which slightly impacts trustworthiness. Overall, the site presents a professional and engaging user experience with a solid foundation but would benefit from enhanced transparency and compliance features.

O

Claim Your Generous Welcome Bonus at Ozwin Casino!

ozwincasino.com

58

Ozwin Casino is an online gambling platform offering a variety of casino games including slots, jackpots, and live action games. The website targets adult users interested in online casino entertainment, providing generous welcome bonuses and 24/7 support. The platform is built on Joomla CMS with Bootstrap framework, integrating Matomo analytics and PushAlert for user engagement. The site demonstrates good mobile responsiveness and a professional design, enhancing user experience. However, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. Security posture is moderate with HTTPS enabled and CSRF tokens present, but lacks visible security headers and formal privacy or cookie policies. Overall, the site is functional and appealing to its target audience but would benefit from improved transparency and compliance documentation.

R

Red Stag Casino

redstagcasino.eu

56

Red Stag Casino operates as an online gambling platform offering over 200 games, exclusive bonuses, and VIP-level support. The website targets adult users interested in online casino gaming and positions itself as a niche player with a focus on customer experience and exclusive offers. The business model revolves around online gambling services with a VIP customer support approach. The site content and branding are consistent and professionally presented, catering to an adult audience with gambling interests. Technically, the website employs modern web technologies including Bootstrap 5 for responsive design and Matomo for analytics and tracking. The site is well-optimized for mobile devices and includes standard SEO and accessibility features, though accessibility could be improved. The infrastructure appears stable with no signs of blocking or WAF interference, and the site uses HTTPS with appropriate security headers, indicating a good security posture. Security-wise, the site implements HTTPS and several security headers, and maintains a security policy page. However, it lacks a public vulnerability disclosure policy and incident response contact details, which are recommended for enhanced transparency and security readiness. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is supported by comprehensive privacy and cookie policies with GDPR considerations. Overall, the site presents a moderate risk profile typical for online gambling platforms. The lack of WHOIS registrant transparency due to privacy protection is common in this industry but slightly reduces trust. Strategic recommendations include adding a vulnerability disclosure policy, improving incident response contact visibility, and enhancing accessibility features to strengthen compliance and user trust.

U

Uptown Aces

uptownaces.eu

57

Uptown Aces is an online casino platform offering a wide range of slot games, promotions, and VIP programs targeting adult gambling enthusiasts. The site is built on Joomla CMS with modern frontend technologies like Bootstrap and slick sliders, and uses Matomo for analytics, indicating a moderate level of digital maturity. Security posture is decent with HTTPS and CSRF tokens, but lacks explicit security headers and a cookie consent mechanism, which are recommended for compliance and protection. The business information is consistent with an online casino operator, though no direct contact emails or phone numbers are provided on the site. Overall, the website is professional, user-friendly, and provides a safe gambling environment for adults.

bpw.directory is a specialized networking platform designed exclusively for BPW International members to showcase professional competencies and facilitate international connections. The platform operates as a member directory without interactive social media features, focusing on email-based contact outside the platform. The website is built on a modern Angular framework and hosted by Infomaniak Network SA in Switzerland, reflecting a moderate level of digital maturity with privacy-conscious analytics via Matomo. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced security headers and cookie consent mechanisms, indicating room for improvement in compliance and security best practices. Overall, the site presents a professional and trustworthy image suitable for its niche audience.

B

BPW International

bpw-projects.org

63

BPW International Projects is a non-profit platform dedicated to showcasing and registering projects from BPW International clubs, federations, members, standing committees, and task forces worldwide. The platform aims to increase visibility, foster cooperation, and provide a base for sponsorship opportunities within the BPW community. The website is built on the Jimdo CMS platform and integrates third-party services such as Matomo analytics, POWr widgets, Google Maps, and YouTube embeds, reflecting a moderate level of digital maturity. The site is mobile-optimized with a clear navigation structure and professional design. From a security perspective, the website enforces HTTPS and implements a cookie consent mechanism, demonstrating compliance with privacy regulations such as GDPR. However, no advanced security headers or incident response policies are evident, and WHOIS data is unavailable, which limits domain trust verification. The absence of phone numbers and physical addresses reduces direct contact options but professional contact emails are provided. Overall, the website presents a trustworthy and professional front for BPW International's project platform, with moderate technical sophistication and good privacy compliance. The main risk lies in the lack of WHOIS transparency and limited security policy disclosures, which should be addressed to enhance trust and security posture.

F

Fondation C.Genial

cgenial.org

47

Fondation CGénial is a French non-profit organization established in 2006, dedicated to promoting science, technology, and related careers among youth. It acts as a bridge between the education sector and industry, engaging students, educators, engineers, and companies through various programs and contests. The foundation enjoys a solid market position supported by partnerships with major corporations such as EDF, Sanofi, and Arkema. The website reflects this mission with relevant content, testimonials, and partner showcases. Technically, the site uses a modern JavaScript stack including jQuery, Matomo analytics, Google Tag Manager, and Google reCAPTCHA for form security. Hosting is provided by OVH, a reputable French provider. Security posture is good with HTTPS enforced and anti-bot measures on forms, but lacks published security policies and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional, trustworthy, and well-structured, serving its educational and non-profit goals effectively.

The DRK-Blutspendedienste website serves as a comprehensive platform for blood donation appointment scheduling and information dissemination in Germany. It is operated under the Deutsches Rotes Kreuz (DRK) umbrella, a well-established non-profit organization. The site targets potential and existing blood donors, providing educational content, campaign information, and access to donor services. The platform enjoys a strong market position as a key coordinator of blood donation services in Germany, supported by official branding and partnerships with regional blood donation organizations. Technically, the website employs a modern tech stack including Ruby on Rails, Matomo analytics, and Cookiefirst for consent management. It is hosted on reputable providers and demonstrates good mobile optimization and SEO practices. The site uses HTTPS with strong SSL configuration and includes CSRF protection in forms, indicating a solid security foundation. However, some security headers are missing, and no explicit security policy or incident response contacts are published. From a security perspective, the site maintains a good posture with encrypted communications and privacy compliance, including GDPR-aligned cookie consent. No vulnerabilities or exposed sensitive data were detected. The absence of a vulnerability disclosure policy and security.txt file is noted as an area for improvement. Overall, the site is trustworthy, professional, and safe for general audiences. Strategically, the website could enhance its security transparency by publishing incident response contacts and security policies. Adding security headers and a vulnerability disclosure mechanism would further strengthen its security maturity. The business credibility is high, supported by consistent branding, partner links, and clear contact channels.

The website www.drk-haemotherapie.de serves as a specialized digital magazine dedicated to transfusion medicine, targeting medical professionals and users of blood products. It is affiliated with the German Red Cross Blood Donation Services (DRK-Blutspendedienste), providing authoritative and up-to-date scientific content, regulatory updates, and practical guidance. The platform offers digital subscriptions and hosts a variety of articles authored by experts in the field, reinforcing its position as a trusted resource within the healthcare sector. Technically, the site employs modern web technologies including Ruby on Rails, Bootstrap, and Hotwired frameworks, ensuring a responsive and accessible user experience across devices. Privacy and cookie compliance are well implemented with a consent management system, and the site uses Matomo for analytics, reflecting a moderate level of user tracking with respect to privacy. Security posture is strong with HTTPS enforced and CSRF protections in place, although explicit security headers and incident response policies are not publicly documented. Overall, the domain and website content align with a reputable healthcare entity, with no signs of malicious activity or content blocking. Strategic recommendations include publishing a terms of service, security policy, and incident response contacts to enhance transparency and trust.

The Deutsche Stammzellspenderdatei (DSSD) website serves as an informational and engagement platform for a German non-profit initiative focused on stem cell and bone marrow donation. Affiliated with the German Red Cross blood donation services, it targets potential donors, patients' families, and medical professionals. The site provides educational content, donation registration pathways, event organization support, and fundraising opportunities. Technically, the website employs common web technologies including jQuery, Bootstrap, and Matomo analytics, with a cookie consent mechanism ensuring GDPR compliance. The site is mobile-optimized with good navigation and content quality. Security posture is solid with HTTPS and CSRF protections, though it lacks explicit security policies and some security headers. Overall, the domain and website present a trustworthy and professional image consistent with a healthcare non-profit organization.

B

BPW International

bpw-international.org

61

BPW International is a well-established non-profit international federation focused on empowering business and professional women worldwide. Founded in 1930, it operates across more than 100 countries with consultative status at the United Nations ECOSOC. The organization offers mentoring, networking, skill-building, and economic empowerment programs to its members. The website reflects a mature digital presence with good content quality, clear navigation, and consistent branding. Technically, it is built on the Jimdo CMS platform, utilizing modern web technologies and analytics tools such as Matomo and Google Analytics. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though improvements in security headers are recommended. Privacy compliance is strong with accessible privacy and cookie policies. However, the lack of WHOIS data limits domain trust verification, though the organization's legitimacy is supported by its UN status and active social media presence.

Stadler is a leading global manufacturer of rail vehicles and provider of signalling and service solutions, committed to delivering safe, sustainable, and reliable mobility. The company targets transport operators, governments, and rail industry stakeholders with a comprehensive portfolio of rolling stock and customised solutions. The website reflects a mature digital presence with professional branding and clear business messaging. Technically, the site leverages modern frameworks such as Next.js and React, integrates Matomo for analytics, and uses Cookiebot for GDPR-compliant cookie management. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities, although the absence of public WHOIS data slightly reduces trust. Overall, the site is well-optimized for performance, accessibility, and SEO, supporting a positive user experience and business credibility.

T

talentsconnect

talentsconnect.com

63

talentsconnect is a German-based HR software and consulting company specializing in recruiting and employee retention solutions for medium to large enterprises. Their offerings include innovative products such as JobShop, Conversational AI, and Internal JobShop, designed to optimize the talent acquisition and retention lifecycle. The company has a strong market presence with over 600 corporate clients and is recognized on independent review platforms like OMR Reviews. Technically, the website is built on Webflow CMS, uses modern web technologies, and integrates privacy-respecting analytics via Matomo. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit security policies and incident response information are not publicly available. The WHOIS data is unavailable, which limits domain trust verification, but the professional website content and business indicators suggest legitimacy. Overall, talentsconnect demonstrates a mature digital presence with good compliance and security practices.

F

Firemné Microsoft licencie - LicencePro

licencepro.sk

41

LicencePro is a Slovak-based company specializing in providing cost-effective Microsoft software licenses for businesses. Established in 2012, the company positions itself as an alternative to expensive official Microsoft licenses, offering the same quality at significantly reduced prices while maintaining compliance with licensing agreements and legal standards. The website targets business customers seeking affordable and legal software licensing solutions. Technically, the site is built on WordPress using the Divi theme, integrating modern analytics and marketing tools such as Google Tag Manager, Facebook Pixel, Matomo Analytics, and Cookiebot for GDPR compliance. Security posture is solid with HTTPS enforced, security headers present, and use of reCAPTCHA on forms, although explicit security policies and incident response information are not published. Overall, the website is professional, well-structured, and trustworthy, with room for improvement in transparency of security and contact information.

F

Firemní Microsoft licence

licencepro.cz

37

LicencePro.cz is a Czech-based small business specializing in providing discounted Microsoft software licenses to corporate clients. Founded in 2012, the company offers a range of Microsoft products including Office, SQL Server, Windows Server, Exchange Server, SharePoint Server, Windows OS, and Microsoft 365 licenses. The website is built on WordPress using the Divi theme and incorporates modern web technologies such as Google Tag Manager, Matomo analytics, and Cookiebot for cookie consent management. The site is well-structured, mobile-optimized, and provides a good user experience with clear navigation and relevant content tailored to business customers seeking cost-effective software licensing solutions. Security posture is adequate with HTTPS enforced and use of reCAPTCHA, though additional security headers and explicit security policies could enhance protection. Privacy compliance is supported by a cookie consent mechanism and presence of privacy and terms pages, though more explicit GDPR-related disclosures would be beneficial. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

E

ENVIEL Systems s.r.o.

enviel.cz

36

ENVIEL Systems s.r.o. is a Czech-based company specializing in the design and manufacture of environmentally friendly electric utility vehicles targeted primarily at municipal services, landscaping, construction, and production area management. Their flagship product, the ENVIEL electric vehicle, emphasizes sustainability, low operating costs, and multifunctionality, supported by state and EU grants. The company positions itself as a niche provider within the transportation sector, focusing on smart city readiness and eco-friendly solutions. The website reflects a professional and consistent brand image with clear business information and contact channels. Technically, the website is built on WordPress 6.8.1 using modern web technologies including Google Fonts, jQuery, Google reCAPTCHA v3 for form security, and Matomo Analytics for user tracking. Hosting is provided via WPMU DEV CDN, ensuring moderate performance and good mobile optimization. SEO and accessibility are adequately addressed, though accessibility could be improved further. From a security perspective, the site enforces HTTPS and employs reCAPTCHA to protect forms. Cookie consent is managed via the Complianz GDPR plugin with an opt-in mechanism, indicating good privacy compliance. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and no public security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility to further strengthen trust and compliance.

E

EMEA s.r.o.

emea.cz

36

EMEA s.r.o. is a Czech-based company established in 2003, specializing in outsourced communication services including contact centers, active call centers, protected workshops, and software licensing solutions. The company serves business clients seeking professional customer communication and telemarketing services. Their market position is supported by a stable client base and a parent company, NWT a.s., one of the top 100 Czech firms. The website reflects a mature digital presence with good content quality and clear service offerings. Technically, the site is built on WordPress with modern plugins and analytics tools, ensuring moderate performance and good mobile optimization. Security posture is strong with HTTPS, reCAPTCHA, and GDPR-compliant cookie management, though formal security policies and headers could be improved. Overall, the site is trustworthy, professional, and compliant with relevant privacy regulations.

Z

Zážitkové centrum vedy Aurelium

aurelium.sk

56

Zážitkové centrum vedy Aurelium is an established interactive science center based in Slovakia, founded in 2014 and affiliated with the Centrum vedecko-technických informácií SR (CVTI SR). The center focuses on providing educational workshops, interactive exhibits, and science-related events primarily targeting children, youth, educators, and families. It holds a reputable position in the Slovak educational and government-supported non-profit sector. Technically, the website is built on WordPress CMS with a modern tech stack including Bootstrap, jQuery, and NextGEN Gallery, and integrates Matomo for analytics and CookieYes for GDPR-compliant cookie consent. The site is well-optimized for mobile and accessibility, with good SEO practices and a professional design. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks explicit security policy and incident response information. Overall, the website is trustworthy, compliant with privacy regulations, and provides a positive user experience.

Q

Quark

quark.sk

48

Časopis Quark is a Slovak popular science magazine focused on science and technology topics, targeting curious readers of all ages. It operates under the auspices of CVTI SR, a Slovak scientific institution, and has a strong market presence as a trusted educational media source. The website is built on WordPress with modern plugins and SEO optimizations, providing a good user experience with mobile responsiveness and clear navigation. Privacy and cookie compliance are well implemented with explicit consent mechanisms. Security posture is solid with HTTPS and security plugins, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-maintained.

D

DRK-Blutspendedienst Nord-Ost gemeinnützige Gesellschaft mit beschränkter Haftung

blutspende-nordost.de

60

DRK-Blutspendedienst Nord-Ost is a reputable non-profit organization dedicated to blood donation services across several German federal states. The website serves as a comprehensive portal for donors, medical professionals, and volunteers, offering appointment scheduling, educational content, and community engagement. The organization maintains a strong regional presence with consistent branding and trusted partnerships. Technically, the website is built on Drupal 10, leveraging modern web technologies and privacy-conscious analytics via Matomo. It is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. The hosting appears stable with EPAG nameservers. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, but lacks explicit security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is minimal but consistent with the organization's profile, supporting legitimacy. Overall, the site presents a low-risk profile with strong business credibility and good privacy compliance. Strategic improvements could focus on enhancing security headers and publishing formal security and incident response policies.

D

DRK-Blutspendedienst NSTOB

blutspende-leben.de

60

The website www.blutspende-leben.de serves as the official portal for the DRK-Blutspendedienst NSTOB, a regional blood donation service under the German Red Cross. It provides comprehensive information and services related to blood donation, including appointment booking, donor services, educational content, and resources for medical professionals. The site targets blood donors and healthcare stakeholders in Germany, emphasizing community health and non-profit service. Technically, the site is built on Drupal 10 with modern libraries such as Bootstrap and FontAwesome, and integrates Matomo for analytics and Cookiefirst for cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Security-wise, HTTPS is enforced and privacy compliance is well implemented with clear privacy and cookie policies. However, some security headers are missing and no explicit incident response or vulnerability disclosure information is provided. Overall, the site demonstrates a strong security posture with room for improvement in header security and incident transparency. The domain WHOIS data aligns well with the website's claims, showing legitimacy and consistency. The site is trustworthy, professional, and safe for general audiences.

B

Blutspendedienst des Bayerischen Roten Kreuzes gemeinnützige GmbH

blutspendedienst.com

67

Blutspendedienst des Bayerischen Roten Kreuzes gemeinnützige GmbH operates a comprehensive blood donation service platform primarily serving the Bavarian region in Germany. The organization is a non-profit entity affiliated with the Bavarian Red Cross, providing blood donation appointment scheduling, donor education, digital donor services via a mobile app, and health checks. The website is professionally designed with clear navigation and extensive content tailored to blood donors and healthcare partners. Technically, the site uses modern web technologies including Bootstrap, Matomo analytics, and cookie consent management, ensuring a good user experience and privacy compliance. Security posture is strong with HTTPS enforced and CSRF protections, though some security headers could be improved. The WHOIS data is unavailable, which is unusual but the website's legitimacy is supported by its branding and external references. Overall, the site scores highly on content quality, technical implementation, security, privacy compliance, and business credibility.

D

DRK-Blutspendedienst Baden-Württemberg – Hessen gemeinnützige Gesellschaft mit beschränkter Haftung

blutspende.de

62

The website www.blutspende.de represents the DRK-Blutspendedienst Baden-Württemberg – Hessen, a key regional entity within the German Red Cross responsible for coordinating blood donation services across Germany. The site serves as a nationwide distribution portal linking users to regional blood donation services, offering approximately 38,000 blood donation appointments annually. The target audience is the general German public interested in donating blood. The business operates as a non-profit healthcare service, playing a critical role in the national blood supply chain. Technically, the website is built on Drupal 10 CMS, leveraging modern web technologies and integrating Matomo analytics with a consent management platform (CookieFirst) to ensure privacy compliance. The site is hosted on German infrastructure with nameservers pointing to nats.de, indicating a stable and localized hosting environment. The website demonstrates good mobile optimization, accessibility, and SEO practices, with consistent branding and professional design. From a security perspective, the site enforces HTTPS, implements standard security headers, and uses a cookie consent mechanism. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit privacy policy and terms of service pages, as well as lack of incident response contacts and data protection officer information, represent areas for improvement in compliance and transparency. Overall, the website is trustworthy, professionally maintained, and fulfills its mission effectively. Strategic recommendations include publishing comprehensive privacy and terms documents, establishing vulnerability disclosure channels, and enhancing transparency around data protection roles to strengthen user trust and regulatory compliance.

C

Consiglio Nazionale degli Ingegneri

cni.it

63

The Consiglio Nazionale degli Ingegneri (CNI) is the national council representing engineers in Italy, serving as a professional association and regulatory body. The website provides comprehensive resources including news, events, regulatory updates, training, and publications targeted at engineering professionals. It holds a strong market position as the authoritative engineering council in Italy. The digital infrastructure is built on Joomla CMS with Bootstrap and jQuery, integrating Matomo for analytics, reflecting a mature and modern technical setup. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and CSRF protections, though some security headers are missing and no explicit security policy or vulnerability disclosure is published. Privacy compliance is well addressed with a clear cookie consent mechanism and GDPR-aligned privacy policy. Overall, the website is trustworthy, professional, and well-maintained, serving its audience effectively.

C

Centrum vedecko-technických informácií SR (CVTI SR)

tyzdenvedy.sk

57

The website 'Týždeň vedy a techniky na Slovensku – TVT' is a government-backed platform managed by the Centrum vedecko-technických informácií SR (CVTI SR) under the Ministry of Education of Slovakia. It focuses on popularizing science and technology, targeting the general public and especially young people interested in scientific disciplines. The site offers event information, competitions, and media resources to promote science awareness nationally. Technically, the site is built on WordPress with a modern tech stack including Bootstrap and jQuery, enhanced by plugins for galleries and user management. It employs Matomo analytics with privacy-conscious settings and a GDPR-compliant cookie consent mechanism. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and policies could be improved. Overall, the site is professional, trustworthy, and well-aligned with its government mission.

The website www.drk-blutspende.de serves as the official platform for the DRK-Blutspendedienste, the blood donation services under the German Red Cross. It provides comprehensive information about blood donation, appointment scheduling, and donor services, targeting the general public in Germany. The site is well-branded, consistent, and professionally designed, reflecting its position as a leading non-profit healthcare service provider. Technically, the site employs modern JavaScript libraries such as Swiper.js and AOS for UI enhancements, uses Matomo for analytics, and integrates a consent management platform to comply with GDPR requirements. The presence of CSRF tokens and HTTPS indicates a good security posture, although some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the site demonstrates a mature digital infrastructure suitable for its healthcare and non-profit mission.

N

NWT a.s.

nwt.cz

48

NWT a.s. is a well-established Czech technology and innovation company with over 25 years of experience, specializing in IT services, renewable energy, and related sectors. The company operates multiple divisions including cloud services, hydroponic greenhouse construction, electrical engineering, renewable energy installations, e-commerce, and investment in startups. Their market position is strong within the Czech Republic, serving a diverse audience from individuals to municipalities and businesses. The website reflects a professional and consistent brand image with clear business information and multiple subsidiary domains. Technically, the site is built on WordPress using modern plugins and frameworks, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and formal security policies. Overall, the site is trustworthy, compliant with GDPR, and provides transparent contact information.

Z

Zentralrat der Juden in Deutschland K.d.ö.R.

juedische-allgemeine.de

53

Jüdische Allgemeine is a well-established German weekly newspaper focusing on politics, culture, religion, and Jewish life. It operates under the Zentralrat der Juden in Deutschland K.d.ö.R., serving primarily the German-speaking Jewish community and interested audiences. The website offers rich content including news, opinion pieces, and cultural commentary, supported by subscription models for print and digital editions. The brand maintains consistent and professional presentation with strong social media engagement.

B

Brunnen Verlag GmbH

brunnen-verlag.de

60

Brunnen Verlag GmbH operates as a German publishing company specializing in books, gifts, cards, and calendars with a focus on spiritual and religious content. Their e-commerce platform is built on Magento, offering a range of products to German-speaking customers. The website demonstrates a moderate level of digital maturity with a modern tech stack including RequireJS, jQuery, KnockoutJS, and Matomo analytics. Social media integration and a Trusted Shops widget enhance customer trust. Security posture is adequate with HTTPS and CAPTCHA protections, but lacks security headers and published privacy or cookie policies, indicating room for improvement in compliance and security transparency. Overall, the site is functional, safe, and professionally presented but would benefit from enhanced privacy and security disclosures.

Ö

Ökumenische Arbeitsgemeinschaft für Bibellesen (ÖAB)

oeab.de

42

The Ökumenische Arbeitsgemeinschaft für Bibellesen (ÖAB) is a small non-profit organization based in Germany focused on providing ecumenical Bible reading resources such as monthly and yearly Bible verses, reading plans, and related publications. Their website serves as an informational hub for their community, offering downloadable graphics, flyers, and links to related religious content. Technically, the site is built on TYPO3 CMS with Bootstrap styling and uses Matomo analytics configured to respect user privacy by disabling cookies. The site is accessible, mobile-optimized, and well-structured, though it lacks some modern security headers and cookie consent mechanisms. Security posture is moderate with room for improvement in published policies and headers. Overall, the domain and website appear legitimate and trustworthy for their niche audience.

S

SCM Verlagsgruppe

scm-verlag.de

66

SCM-Shop.de is a professional e-commerce website operated by the SCM Verlagsgruppe, specializing in Christian books, music, gifts, and related products. The site targets Christian readers and customers in Germany, offering a broad catalog with convenient features such as free shipping over a threshold and a customer service hotline. The business model is retail-focused with an established market presence in the religious publishing sector. The website demonstrates consistent branding and good content quality, supporting a trustworthy user experience. Technically, the site is built on Magento, a robust e-commerce platform, enhanced with modern JavaScript libraries like jQuery and integrated search via Doofinder. Analytics are implemented using Google Analytics and Matomo, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, though hosting provider details are not explicitly disclosed. From a security perspective, the website enforces HTTPS and includes cookie consent mechanisms aligned with GDPR requirements. While some security headers are not explicitly detected, the site uses secure login forms with CSRF tokens and avoids exposing sensitive data. No vulnerabilities or security incidents are evident. However, publishing a dedicated security policy and security.txt file would enhance transparency and incident response readiness. Overall, SCM-Shop.de presents a low-risk profile with strong business credibility and compliance posture. Strategic recommendations include enhancing security headers, formalizing incident response documentation, and maintaining up-to-date third-party components to sustain security and trust.

M

midi - Evangelische Arbeitsstelle für missionarische Dienste und Innovation in der Diakonie

mi-di.de

57

midi is a non-profit organization serving as a future workshop for church and diaconal innovation in Germany. It provides research, publications, workshops, and networking opportunities targeted at church and diaconal actors. The organization is affiliated with the Evangelisches Werk für Diakonie und Entwicklung e.V. and partners with major church bodies such as EKD and Diakonie. The website is professionally designed, content-rich, and regularly updated, reflecting a strong market position within its niche. Technically, the website uses modern web standards with HTML5, CSS3, and JavaScript, and integrates Matomo for analytics. Hosting is managed via INWX nameservers. The site is mobile-optimized and performs moderately well, though accessibility features are basic. SEO practices are good with proper meta tags and Open Graph data. Security posture is solid with HTTPS enforced and secure form handling, but lacks some advanced security headers and a cookie consent mechanism. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with a comprehensive privacy policy and GDPR consent on forms, but cookie policy and terms of service are missing. Overall, midi presents a trustworthy and professional online presence with minor areas for improvement in privacy and security transparency. Strategic enhancements in cookie consent and security headers would further strengthen compliance and user trust.

T

TV Okazje

tvo.pl

57

TV Okazje is a Polish e-commerce retailer specializing in home, kitchen, garden, health, and fitness products, operating with a tele-shopping business model. The website offers a broad product catalog with installment payment options and free delivery above a purchase threshold, targeting Polish consumers interested in convenient shopping solutions. Technically, the site is built on PrestaShop CMS, leveraging modern JavaScript libraries and multiple analytics and marketing tools including Matomo, Google Analytics 4, MailerLite, and AudienceOrb. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though some security headers could be improved. The absence of WHOIS data limits domain legitimacy verification, but the website content and infrastructure indicate a legitimate business. Privacy policy and terms of service pages were not clearly found, suggesting room for compliance improvement.

Ekofest.eu is the official website for the Ekofest ecological festival, a well-established non-profit event focused on environmental protection and sustainability in Prague, Czech Republic. The festival has a strong local and national presence with a tradition dating back to 2004. The website serves as an information hub for visitors, participants, and partners, offering event details, multimedia content, and engagement opportunities. The business model centers on community engagement and environmental education, supported by governmental and non-governmental organizations.

The website 'Mapa tepelných čerpadiel — SZ CHKT' is operated by the Slovak Association for Refrigeration, Air Conditioning and Heat Pumps (SZ CHKT). It provides a comprehensive map and database of installed heat pumps across Slovakia, serving as a valuable resource for industry professionals and stakeholders interested in renewable energy systems. The site acts as a certification authority, reinforcing its authoritative position in the Slovak energy sector. Technically, the website employs a custom or proprietary CMS with a technology stack including jQuery 1.8.3, jQuery UI, Google Maps API, and Matomo analytics. While the site uses HTTPS and DNSSEC, indicating a strong security foundation, it lacks modern security headers and uses an outdated jQuery version, which could pose risks. Privacy compliance is partial, with cookie consent mechanisms in place but no explicit privacy or cookie policies found. Overall, the website is professional, trustworthy, and relevant to its niche audience, but there is room for improvement in security and privacy transparency.

S

Slovensky zvaz pre chladiacu a klimatizacnu techniku

leaklog.org

64

Leaklog.org is a specialized web platform operated by the Slovensky zvaz pre chladiacu a klimatizacnu techniku, focused on providing a leak control system compliant with EU regulation 2024/573. The platform targets service organizations and operators in the refrigeration and air conditioning sector, offering tools for logging leak inspections, diagnostics, compliance reporting, and agenda management. The website is professionally designed with good content relevance and clear navigation, supporting multiple platforms including Windows, Mac, and mobile browsers. Technically, the site uses JavaScript and Matomo analytics, hosted on Websupport.sk, with moderate performance and basic accessibility features. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks explicit security headers and published privacy or terms policies. The domain registration is consistent with the business entity and country, indicating legitimacy and stable ownership. Overall, the site presents a trustworthy and functional service platform with room for improvement in privacy compliance and security best practices.

M

Mango

mango.pl

53

Mango.pl is a Polish e-commerce website specializing in retail sales of household, health, beauty, and small appliance products. The site offers a broad product catalog with detailed listings, pricing, and installment payment options via PayU. The platform uses PrestaShop CMS and integrates modern analytics and marketing tools such as Google Tag Manager, Matomo, and MailerLite, with a cookie consent mechanism ensuring GDPR compliance. Contact information including a dedicated phone number is clearly presented, enhancing customer trust. However, the absence of WHOIS data from the official .pl registry introduces some uncertainty regarding domain registration legitimacy. The website is accessible without WAF or security challenge blocks, and no adult or explicit content is present, making it suitable for general audiences.

T

TV Okazje

tvokazje.pl

57

TV Okazje is a Polish e-commerce retailer specializing in household, kitchen, health, and fitness products, operating a tele-shopping business model. The website is professionally designed, mobile-optimized, and integrates multiple analytics and marketing tools. It uses PrestaShop CMS and offers installment payment options via PayU. Contact information is clearly provided, including a Polish phone number. However, the absence of WHOIS registrant data and explicit privacy and terms of service pages slightly reduce transparency. The cookie consent mechanism is implemented with granular controls, indicating some privacy compliance efforts. Overall, the business appears legitimate and well-positioned in its niche market.

FUNKE Mediengruppe operates one of Germany's largest media houses, offering a wide range of career opportunities across various media sectors including magazines, regional media, digital, and logistics. The website serves as a professional recruitment and employer branding platform targeting professionals, students, trainees, and apprentices interested in media careers. Technically, the site is built on the Contao CMS platform and integrates modern analytics and consent management tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement and GDPR-compliant consent mechanisms, although some security headers and explicit security policies are not evident. Overall, the site is professional, well-branded, and trustworthy, with no signs of blocking or malicious activity.

Slovensky zvaz pre chladiacu a klimatizacnu techniku (SZ CHKT) is a Slovak professional association specializing in refrigeration, air conditioning, and heat pump technologies. Established in 2009, it serves as a certification body and training provider, offering courses, exams, and technical resources to professionals and companies in the energy and HVAC sectors. The organization maintains strong ties with international bodies and promotes regulatory compliance and industry best practices in Slovakia. The website reflects a mature digital presence with comprehensive content including events, e-learning, and certification services. Technically, the site uses a custom CMS with legacy JavaScript libraries and integrates Matomo analytics with cookie consent mechanisms. Security posture is generally good with HTTPS and domain transfer protections, though improvements are needed in updating libraries, enabling DNSSEC, and adding security headers. Privacy policy and terms of service pages are not found, indicating a compliance gap. Overall, the site is professional, trustworthy, and well-positioned in its niche.

B

Bundesinstitut für Öffentliche Gesundheit (BIÖG)

bzga-essstoerungen.de

63

The website www.bzga-essstoerungen.de is operated by the Bundesinstitut für Öffentliche Gesundheit (BIÖG), a governmental public health institute in Germany focused on providing comprehensive information and support related to eating disorders. The site offers detailed educational content, counseling options, therapy guidance, and a database for finding local support centers. It targets a broad audience including affected individuals, families, and healthcare professionals. The business model centers on public health awareness and support services without commercial intent, positioning it as a trusted governmental resource in the healthcare sector. Technically, the website is built on TYPO3 CMS with a modern and accessible design, incorporating Bootstrap for responsive layouts and AblePlayer for media accessibility. It uses Matomo analytics configured for privacy compliance, including IP anonymization and consent-based data collection. The site demonstrates good mobile optimization, SEO practices, and accessibility features, reflecting a mature digital infrastructure suitable for public sector needs. From a security perspective, the site enforces HTTPS and employs a cookie consent mechanism aligned with GDPR requirements. However, it lacks publicly available security policies, incident response contacts, and security headers that could enhance its security posture. No vulnerabilities or suspicious activities were detected, and the WHOIS data aligns reasonably with the organizational identity, supporting legitimacy. Overall, the website scores well on content quality, privacy compliance, and business credibility, with moderate technical and security scores. Strategic improvements in security transparency and policy publication would further strengthen trust and resilience. The site is safe for general audiences, with no adult or inappropriate content detected.

T

The Good Media Network GMN GmbH

dokumentale.de

63

The website www.doxumentale.de represents The Good Media Network GMN GmbH, hosting the International Documentary and Media Festival Berlin. It serves as a platform for documentary film enthusiasts and media professionals, offering festival programming, ticket sales, and editorial content. The site is well-branded and consistent, targeting a niche cultural audience with a focus on documentary films and social themes. Technically, the site is built on TYPO3 CMS with Bootstrap, integrating modern tools such as Matomo for analytics, Facebook Pixel for marketing, and Stripe for secure payment processing. The site is mobile-optimized and SEO-friendly, providing a good user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks some advanced security headers and published security policies. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. No direct contact emails or phone numbers are found on the homepage, but social media presence is active. Overall, the site is professional, trustworthy, and well-maintained, with room for improvement in security transparency and incident response readiness.

P

Polska Organizacja Turystyczna

puola.travel

60

The website www.puola.travel/fi serves as the official Finnish-language tourism portal for Poland, managed by the Polska Organizacja Turystyczna (Polish Tourism Organization). It provides comprehensive travel information, cultural insights, news updates, and contact options aimed at Finnish-speaking tourists interested in visiting Poland. The site is positioned as a government-backed platform promoting Poland's tourism sector in Nordic countries, offering services such as travel tips, event news, and newsletter subscriptions. Technically, the site is built on Joomla CMS and integrates modern analytics and marketing tools including Google Tag Manager, Google Analytics, Matomo, and Google reCAPTCHA for form security. The website demonstrates good mobile optimization, basic accessibility features, and solid SEO practices. However, some security headers are missing, and no explicit security or incident response policies are published. From a security perspective, the site enforces HTTPS and uses CAPTCHA to protect forms, ensuring GDPR compliance with explicit user consent mechanisms. The WHOIS data is unavailable due to malformed responses, which slightly reduces domain trustworthiness, but the official nature of the content and government references mitigate this concern. Overall, the site maintains a good security posture with room for improvement in security headers and transparency. The overall risk assessment is moderate with a recommendation to enhance security headers, publish security policies, and improve WHOIS transparency if possible. The site is safe for general audiences, free from adult or questionable content, and professionally maintained.