Security Directory

T

Tagungshäuser des Bistums Würzburg

tagungshaeuser.net

52

The website www.tagungshaeuser.net represents the Tagungshäuser des Bistums Würzburg, a network of conference and seminar houses affiliated with the Diocese of Würzburg in Germany. The organization provides venues for conferences, seminars, youth education, and events, targeting educational institutions, corporate clients, and youth groups. The site is professionally designed, content-rich, and well-structured, reflecting a medium-sized non-profit hospitality business with a strong regional presence. Technically, the site is built on Joomla CMS with Yootheme Pro and UIkit frameworks, incorporating modern JavaScript libraries and accessibility features. It uses Matomo for analytics and Usercentrics for GDPR-compliant cookie consent management. The site is mobile-optimized and performs moderately well. Security posture is good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, explicit security headers like Content-Security-Policy are not detected and could be improved. Privacy compliance is strong with clear privacy and cookie policies. Contact information is transparent and complete. Overall, the site is trustworthy and professional, though the WHOIS data is unavailable or not publicly accessible, which slightly reduces domain trustworthiness. No WAF or blocking mechanisms are detected, allowing full content access and analysis.

D

Dr. Becker eHealth GmbH

hausmed.de

52

HausMed, operated by Dr. Becker eHealth GmbH, is a well-established German online platform offering certified health prevention courses reimbursed by statutory and some private health insurers. The website targets individuals seeking flexible, expert-supported health improvement programs in areas such as nutrition, physical activity, stress management, and habit change. With over 15 years of experience and more than 46,000 participants, HausMed holds a strong market position supported by partnerships with numerous health insurance providers. Technically, the site leverages modern frameworks like Vue.js, integrates Matomo and Facebook Pixel for analytics, and uses Vimeo for video content, ensuring a responsive and user-friendly experience optimized for mobile devices. Security practices include HTTPS enforcement, CSRF tokens, and GDPR-compliant cookie consent mechanisms, though some security headers could be improved. The WHOIS data aligns well with the business claims, indicating a legitimate and consistent domain registration. Overall, HausMed demonstrates a mature digital presence with good privacy and security posture, serving a clear healthcare niche in Germany.

D

Deutsche Arzt Management GmbH

abjetztyoga.de

40

ABJETZT/YOGA is a German online yoga course provider offering a 10-week certified yoga prevention program designed for home practice. The course is led by a certified yoga instructor and is reimbursable by German statutory health insurance companies. The website is professionally designed using WordPress and integrates multiple marketing and tracking technologies such as Google Tag Manager, Facebook Pixel, and Digistore24 for payment and affiliate management. The business targets health-conscious individuals seeking flexible, certified yoga training with insurance reimbursement benefits. The technical infrastructure is modern and mobile-optimized, though some improvements in security headers and privacy compliance could be made. No blocking or WAF mechanisms were detected, and the domain registration appears consistent with the business's German healthcare focus.

A

Domain Default page

abjetztpilates.de

34

The website abjetztpilates.de currently hosts only a default placeholder page generated by Plesk, indicating that the domain is registered but not actively used for business purposes. There is no business-related content, contact information, or policies present on the site. The external links direct users to Plesk resources and related services, confirming the placeholder nature of the site. Technically, the site uses basic HTML and CSS with Plesk platform integration but lacks advanced features, security headers, or SSL information in the provided data. Security posture is minimal with no visible protections or policies, and privacy compliance is absent. Overall, the site presents a low trust profile and minimal business credibility.

The website at zentrale-pruefstelle-praevention.de currently presents no accessible content beyond an empty HTML skeleton. This lack of content prevents any meaningful analysis of the business, its services, or its market positioning. The domain is hosted on standard name servers provided by hostsharing.net, with no visible security or compliance features implemented on the site. Due to the absence of metadata, scripts, or any user-facing elements, the technical maturity of the website is minimal. Security posture cannot be fully assessed but is presumed low given the lack of HTTPS and security headers information. Overall, the site appears inactive or under construction, resulting in a low trust and credibility score.

K

Knappschaft-Bahn-See

kbs.de

63

Knappschaft-Bahn-See is a large German government social insurance and healthcare institution providing integrated services including pension, health, and nursing insurance, as well as medical networks and specialized services like the Minijob-Zentrale and Seemannskasse. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content targeting insured individuals, companies, healthcare providers, and seafaring businesses. Technically, the site uses a government-specific CMS, self-hosted Matomo analytics, and Usercentrics for consent management, indicating a strong commitment to privacy and compliance. Security posture is solid with HTTPS and secure forms, though explicit security policies and incident response contacts are not published. Overall, the domain WHOIS data aligns well with the website content, confirming legitimacy and trustworthiness.

Gesetzlichekrankenkassen.de is an established German online comparison portal operated by Kassensuche GmbH, specializing in statutory health insurance providers. The site offers comprehensive price and service comparisons, membership application assistance, and detailed information on statutory health insurance benefits. It targets German residents seeking to compare and switch statutory health insurance providers, including employees, self-employed, retirees, and students. The platform leverages 25 years of experience and provides detailed, transparent data to help users make informed decisions.

N

NEW.EGO GmbH

newego.de

68

NEW.EGO GmbH is a premium internet agency based in Munich, Germany, specializing in TYPO3 CMS solutions and digital B2B communication services. Founded in 2005, the company serves medium-sized businesses and hidden champions primarily in the DACH region. Their key offerings include TYPO3 consulting, development, hosting, SEO, and comprehensive digital strategy services. The company holds multiple TYPO3 certifications and industry awards, reflecting a strong market position and trusted reputation. Technically, the website is built on TYPO3 CMS with a modern tech stack including JavaScript, CSS, and privacy-focused analytics tools like self-hosted Matomo. The site is well-optimized for performance, mobile responsiveness, and SEO, with a professional design and clear navigation. Security best practices such as HTTPS and cookie consent mechanisms are implemented, though explicit security headers and incident response policies are not publicly detailed. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, featuring comprehensive privacy and cookie policies aligned with GDPR. The company demonstrates strong business credibility through detailed contact information, client testimonials, and certifications. Overall, the website presents a trustworthy and professional digital presence suitable for its B2B audience.

V

vdek - Die Ersatzkassen

hospizlotse.de

58

Hospizlotse is a German-language, independent and free information portal operated by vdek (Die Ersatzkassen) that assists patients, families, and caregivers in finding hospice and palliative care providers across Germany. The website offers detailed search functionality for ambulatory hospice services, hospices, and specialized outpatient palliative care, supported by accessibility features such as easy language and sign language options. It is positioned as a trusted healthcare information resource within the German healthcare ecosystem, leveraging partnerships with official coordinating bodies and related healthcare portals. Technically, the site is built on ASP.NET Web Forms with a modern JavaScript stack including jQuery and Typeahead.js for enhanced user experience. While the site is moderately optimized for performance and mobile devices, it demonstrates good accessibility and SEO practices. The site uses HTTPS and standard anti-forgery tokens in forms, but lacks explicit HTTP security headers and published security policies. From a security perspective, the website shows a solid baseline with no visible vulnerabilities or exposed sensitive data. However, it would benefit from implementing additional security headers, publishing a security policy, and providing incident response contact information. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, aligned with GDPR requirements. Overall, Hospizlotse presents a professional, trustworthy, and user-friendly portal with a strong focus on healthcare information delivery. Strategic improvements in security posture and transparency would further enhance its credibility and resilience against emerging threats.

V

Verband der Ersatzkassen e. V. (vdek)

pflegelotse.de

10

Pflegelotse.de is an independent, award-winning German online portal operated by the Verband der Ersatzkassen e. V. (vdek) that provides comprehensive, free information on care services across Germany. It targets care-dependent individuals, their families, and care advisors, offering detailed data on ambulatory and stationary care, counseling, aids, and intensive outpatient care. The portal supports informed decision-making by providing quality indicators and comparison tools. Technically, the site is built on ASP.NET Web Forms with jQuery and integrates mapping services from 123map.de. The site is moderately optimized for mobile and accessibility, with good SEO practices. Security posture is adequate with HTTPS and form protections but lacks explicit security headers and published policies. No WAF or blocking mechanisms were detected, and no privacy or cookie policies were found on the analyzed page, indicating room for compliance improvement. Overall, the site is trustworthy, professional, and serves a critical social healthcare function in Germany.

V

vdek - Verband der Ersatzkassen e.V.

vdek-arztlotse.de

51

The vdek-Arztlotse website is a healthcare information platform operated by the vdek - Verband der Ersatzkassen e.V., a German health insurance association. It provides comprehensive search and rating services for doctors, dentists, and psychotherapists across Germany, targeting patients and the general public seeking medical professionals. The platform is well-positioned within the German healthcare sector as a trusted source of medical provider information. Technically, the website employs modern web technologies including HTML5, CSS, JavaScript, and uses Adobe Experience Manager as its CMS. It integrates Piwik (Matomo) analytics for user tracking and demonstrates good mobile optimization, accessibility, and SEO practices. The site is served over HTTPS, ensuring secure communications. From a security perspective, the site follows basic best practices such as HTTPS enforcement and secure form handling. However, it lacks explicit security headers and a cookie consent mechanism, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website's public healthcare association identity, indicating legitimacy and consistency. Overall, the website presents a low risk profile with good business credibility and technical maturity. Strategic recommendations include implementing security headers, adding cookie consent for GDPR compliance, publishing a security policy, and providing direct contact information for improved transparency and trust.

V

Verband der Ersatzkassen e.V. (vdek)

vdek-kliniklotse.de

70

The vdek-Kliniklotse website is an official healthcare information portal operated by the Verband der Ersatzkassen e.V. (vdek), providing a comprehensive search platform for hospitals across Germany. It leverages official quality reports to offer patients and their families detailed information about hospital services, specialties, and quality metrics. The site also offers additional resources such as checklists for hospital stays and links to related vdek services like care and doctor locators. The target audience is primarily German-speaking patients seeking reliable healthcare information. Technically, the website employs a modern frontend stack including Bootstrap, jQuery, and FontAwesome, ensuring good mobile responsiveness and accessibility. It uses Matomo analytics with user consent, reflecting a privacy-conscious approach. The site is well-structured with clear navigation and professional design, although no CMS or hosting provider details are explicitly identified. From a security perspective, the site uses HTTPS and implements a detailed cookie consent mechanism with categories for necessary and statistical cookies. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data indicates a consistent and legitimate domain registration aligned with the business entity. Overall, the website presents a trustworthy, professional, and privacy-compliant platform with good content quality and technical implementation. Strategic improvements could include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to further strengthen trust and compliance.

V

Verband der Ersatzkassen e. V. (vdek)

gesunde-lebenswelten.com

43

Gesunde Lebenswelten is a professional health promotion initiative operated by the Verband der Ersatzkassen e. V. (vdek), representing six major German statutory health insurance funds. The website serves as a platform to present and support various health promotion and prevention projects targeting vulnerable groups such as residents and staff of care homes, people with disabilities, migrants, families, and older adults. The organization positions itself as a leading non-profit entity in the healthcare sector in Germany, focusing on sustainable health equity and community-based interventions. Technically, the website is built on WordPress with the Avada theme and uses modern plugins like Yoast SEO and Matomo for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security best practices like explicit security policies and incident response contacts are missing. The WHOIS data is notably absent, which raises some concerns about domain registration transparency. However, the professional content, consistent branding, and affiliation with a reputable organization mitigate these concerns. Overall, the website is trustworthy, well-maintained, and compliant with GDPR requirements. Strategic recommendations include publishing a dedicated security policy, providing incident response contact details, and adding a vulnerability disclosure mechanism to enhance transparency and trust further.

I

Insane Business Ideas

inbui.com

49

Insane Business Ideas is a small-scale content website focused on providing insights and ideas for building resilient business models for the future. The site targets entrepreneurs and business professionals interested in innovation and business strategy. The website is built on the Squarespace platform, leveraging standard web technologies and Google Analytics for visitor tracking. While the site has a consistent branding approach and basic content, it lacks comprehensive business details, contact information, and formal policies such as privacy or cookie policies. The technical infrastructure is moderate in performance and mobile optimization but lacks advanced security headers and configurations. Security posture is basic with no evident vulnerabilities but also no advanced protections. The absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Overall, the site presents as a basic informational platform with room for improvement in transparency, security, and compliance.

Č

Česká Národní AI Platforma (CNAIP)

cnaip.cz

61

CNAIP (Česká Národní AI Platforma) is a key national platform driving the development and collaboration of artificial intelligence in the Czech Republic. It connects academia, industry, government, and non-profit sectors to foster a robust AI ecosystem. The platform organizes major AI events, including the Dny AI festival and AI Awards, positioning the Czech Republic as a European AI leader. Technically, the website is built on modern frameworks like Next.js and React, with good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers are missing. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent. Overall, CNAIP presents a professional and trustworthy digital presence supporting its mission.

B

Bayerischer Musikrat

bayerischer-musikrat.de

45

The Bayerischer Musikrat is a prominent non-profit cultural organization dedicated to promoting music culture in Bavaria. It operates various projects, competitions, and funding programs targeting musicians, music associations, and cultural stakeholders. The website reflects a well-established entity with a clear focus on community engagement and cultural enrichment. Technically, the site employs a modern tech stack including Bootstrap and jQuery, with a cookie consent mechanism via Usercentrics, indicating GDPR compliance awareness. Security posture is moderate with HTTPS implied but lacking explicit security headers and published security policies. Overall, the site is professional, trustworthy, and serves its target audience effectively.

H

Hanseatische Krankenkasse (HEK)

hek.de

65

Hanseatische Krankenkasse (HEK) is a German statutory health insurance provider offering a wide range of health-related services including digital health management, family support, preventive care, and alternative medicine. The company holds a strong market position as a top-rated Krankenkasse with multiple awards and a professional online presence. The website is built on TYPO3 CMS and leverages modern web technologies such as Bootstrap, jQuery, and Matomo analytics, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not publicly available. Overall, the site is trustworthy, well-branded, and compliant with GDPR requirements.

H

hkk Krankenkasse

hkk.de

62

hkk Krankenkasse is a well-established statutory health insurance provider in Germany with over 120 years of history. The company offers affordable health insurance plans with strong additional benefits and digital services, targeting a broad audience including employees, self-employed individuals, families, and retirees. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to its customers. Technically, the site is built on TYPO3 CMS and incorporates modern web technologies and consent management tools, ensuring compliance with privacy regulations. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Overall, the site demonstrates high business credibility and trustworthiness.

K

KKH

kkh.de

66

KKH is a statutory health insurance provider based in Germany offering comprehensive health coverage and related services for individuals and families. The website presents a professional and well-structured digital presence with detailed navigation of services including prevention, family health, dental care, nursing, and rehabilitation. The company targets the general German population seeking statutory health insurance solutions. Technically, the website uses modern web technologies including Bootstrap, SVG graphics, and Adobe Experience Manager CMS, with mobile optimization and accessibility features well implemented. Security posture is solid with HTTPS enforced and secure form handling, though the absence of security headers and explicit privacy and cookie policies indicates room for improvement. Analytics are conducted via eTracker with respect for cookie blocking and Do Not Track signals. Overall, the website is trustworthy and professional, reflecting a large enterprise in the healthcare sector. Strategic recommendations include publishing comprehensive privacy and cookie policies, implementing security headers, and providing vulnerability disclosure information to enhance compliance and security transparency.

V

Verband der Ersatzkassen e. V. (vdek)

vdek.com

62

The Verband der Ersatzkassen e. V. (vdek) is a prominent German non-profit association representing the interests of major statutory health insurance substitute funds such as TK, BARMER, DAK-Gesundheit, KKH, and hkk. The website serves as an information and service portal for healthcare stakeholders, policy makers, and insured persons in Germany, offering news, policy positions, and online tools related to healthcare and insurance. The organization holds a significant position in the German healthcare sector, advocating for reforms and providing data and publications relevant to statutory health insurance.

D

Deutsche Rentenversicherung Knappschaft-Bahn-See

knappschaft.de

65

The website www.knappschaft.de represents the Deutsche Rentenversicherung Knappschaft-Bahn-See, a statutory health insurance provider in Germany. It offers a wide range of health insurance services, including family planning, preventive care, digital health services, and membership management. The site targets the general German population seeking reliable health insurance and related healthcare services. The business is well-established and government-affiliated, reflected in the professional and comprehensive content presented on the site. Technically, the website uses the Government Site Builder CMS, integrates Matomo for analytics, and employs Usercentrics for GDPR-compliant cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security best practices such as HTTPS and consent management are implemented, though explicit security headers could be improved. The security posture is strong with no visible vulnerabilities or exposed sensitive data. The WHOIS data confirms domain legitimacy and consistency with the business claims. No WAF or blocking mechanisms interfere with content accessibility, enabling full analysis. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable digital presence for a government health insurance entity.

B

BKK Dachverband e.V.

bkk.de

54

BKK Dachverband e.V. is a German healthcare interest association representing 68 company health insurance funds and four regional BKK associations, collectively serving 9 million insured individuals. The website serves as a comprehensive platform for political advocacy, healthcare innovation, prevention, and sustainability topics relevant to statutory health insurance. The organization positions itself as a key stakeholder in the German healthcare system with a medium-sized footprint and a focus on member services and policy influence. Technically, the website is built on TYPO3 CMS, employs modern web technologies including jQuery and Matomo analytics hosted on its own servers, and is hosted on environmentally conscious green hosting infrastructure. The site is well-optimized for mobile and accessibility, with clear navigation and professional design. Security posture is solid with HTTPS enforced and cookie consent implemented, though some advanced security headers and explicit security policies are not published. Privacy compliance is strong, with GDPR-aligned cookie management and transparent data practices. Overall, the site is trustworthy, professional, and well-maintained, serving a specialized healthcare audience.

B

Bayerische Landeszahnärztekammer

blzk.de

64

The Bayerische Landeszahnärztekammer (BLZK) website serves as the official online presence of the statutory professional association representing approximately 17,500 dentists in Bavaria, Germany. The site provides comprehensive information and services for dental professionals, dental staff, and patients, including professional representation, patient counseling, quality management, continuing education, job listings, and radiology services. The website is well-structured, professionally designed, and targets a specialized healthcare audience within the Bavarian region. Technically, the website is built on the IBM Domino CMS platform, utilizing legacy but stable technologies such as jQuery 1.8 and Modernizr, supplemented by Font Awesome icons and Cookiebot for cookie consent management. The site is hosted on servers associated with kasserver.com, a known German hosting provider. Performance is moderate, with good mobile optimization and basic accessibility features. Analytics are handled via Matomo, ensuring privacy-conscious visitor tracking. From a security perspective, the site enforces HTTPS and employs a robust cookie consent mechanism via Cookiebot, supporting GDPR compliance. However, no explicit security headers were detected in the provided data, and the use of an outdated jQuery version may pose potential vulnerabilities. No privacy policy or terms of service pages were clearly identified, which could be improved to enhance compliance and user trust. Overall, the website presents a trustworthy and professional digital front for the BLZK, with a solid business credibility score. Strategic recommendations include updating technical components, enhancing security headers, publishing clear privacy and security policies, and implementing a security.txt file for vulnerability disclosures to further strengthen the security posture and compliance framework.

S

Stadt Ingelheim am Rhein, Forschungsstelle Kaiserpfalz Ingelheim

karlsjahr2014-ingelheim.de

44

The website karlsjahr2014-ingelheim.de serves as an informational and promotional platform for the Karlsjahr 2014 cultural event in Ingelheim am Rhein, commemorating 1200 years since the death of Charlemagne. It is managed by local government and cultural institutions, providing detailed schedules, exhibition information, and visitor guidance. The site targets tourists, history enthusiasts, families, and educational groups. The business model focuses on cultural heritage promotion and education, positioning itself as a local government-supported event site.

F

Fellow Digitals

viadesk.com

72

Fellow Digitals is a technology company specializing in hybrid employee experience platforms, offering products such as Fellow Intranet, LMS, and Employee App. The company targets medium to large enterprises aiming to enhance internal communication, employee engagement, and remote work capabilities. Their market position is supported by a client base of over 350 companies, including well-known brands, indicating strong industry trust and adoption. Technically, the website is built using modern frameworks like Astro and utilizes a robust tech stack including DatoCMS for content management, Cloudflare for bot management and security, and analytics tools such as Google Analytics and Microsoft Clarity. The site demonstrates excellent performance, mobile optimization, and accessibility features, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs multiple security headers, and integrates cookie consent mechanisms compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS domain registration data raises concerns about domain legitimacy, warranting further verification. Overall, the website presents a professional, secure, and privacy-conscious platform with strong business credibility, though domain registration inconsistencies slightly reduce trust scores. Strategic recommendations include publishing explicit incident response contacts, establishing a vulnerability disclosure policy, and verifying domain registration details to enhance trust and compliance.

The website www.jugendhaeuser.de represents the youth self-catering houses affiliated with the Diocese of Würzburg, Germany. It serves as an informational and booking platform for youth groups seeking accommodation in the region. The site is well-positioned within the non-profit and government sector, targeting youth organizations and church-affiliated groups. Key services include providing access to multiple youth houses with self-catering facilities, supported by the Kirchliche Jugendarbeit (kja) of the Diocese. The website maintains a consistent brand identity aligned with the Diocese and offers clear contact information and external links to partner organizations.

F

Fundus Jugendarbeit

fundus-jugendarbeit.de

51

Fundus Jugendarbeit is a German non-profit educational platform focused on providing youth workers and educators with a rich collection of games, methods, and practical resources to support youth work and prevention efforts. The website is well-structured, using WordPress and Elementor, and targets youth work professionals in Germany. It offers categorized content such as games, methodological impulses, and event planning tips, supporting its niche market position effectively. Technically, the site employs a modern CMS with a popular page builder, integrates Matomo analytics configured for privacy by disabling cookies, and implements GDPR-compliant cookie consent mechanisms. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site uses HTTPS and privacy-focused analytics but lacks explicit security headers and published security policies. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website's German origin and domain usage, supporting legitimacy. Overall, Fundus Jugendarbeit presents a trustworthy, privacy-conscious, and content-rich platform for its target audience. Strategic improvements in security headers and explicit incident response policies could further enhance its security posture and trustworthiness.

B

BDKJ Würzburg

bdkj-wuerzburg.de

51

BDKJ Würzburg is a regional non-profit umbrella organization representing 11 Catholic youth associations within the Diocese of Würzburg, Germany. The organization focuses on youth engagement in church and society, providing services such as youth political participation, social projects, and world volunteer services. The website reflects a well-structured, professional presence with clear branding and comprehensive content tailored to its target audience of children and youth involved in church activities. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including Bootstrap, jQuery, and FontAwesome. It incorporates privacy-conscious analytics via Matomo and employs Usercentrics for GDPR-compliant cookie consent management. The site is mobile-optimized, accessible, and demonstrates good SEO practices. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or suspicious activities were detected. The domain WHOIS data is consistent and legitimate, supporting the trustworthiness of the site. Overall, the website presents a low-risk profile with strong privacy compliance and good technical implementation. Strategic improvements could focus on enhancing security headers, publishing security policies, and adding vulnerability disclosure mechanisms to further strengthen trust and security posture.

K

Kreatívna Dvojica

kreativnadvojica.sk

45

Kreatívna Dvojica is a Slovak full-service creative advertising agency established in 2018, recognized as one of the top 10 most effective agencies in Slovakia. They offer a broad range of services including branding, communication strategies, campaigns, employer branding, social media management, and website development. Their client base ranges from small ambitious brands to major market players, supported by a professional and consistent brand presence online. Technically, the website is built on WordPress, leveraging modern tools such as Google Analytics, Facebook Pixel, and GDPR-compliant cookie management, hosted by WebSupport with DNSSEC enabled and HTTPS enforced. Security posture is strong with no critical vulnerabilities detected, though additional security headers could enhance protection. Privacy compliance is robust with clear policies and consent mechanisms. Overall, the site demonstrates high professionalism, good technical implementation, and strong business credibility.

L

Klientsky portál

livingbypenta.sk

49

The website livingbypenta.sk/login serves as a client portal login page, primarily targeting existing customers or users of the service. The site is built using Bootstrap 4.6.2 for responsive design and integrates Matomo analytics for user tracking. The domain is registered since 2017 with a stable registration and appropriate nameservers, indicating a legitimate and established presence in Slovakia. However, the site lacks publicly accessible business descriptions, contact information, and legal policies such as privacy or cookie policies, which limits transparency and user trust. From a technical perspective, the website employs standard web technologies and includes cache-control headers to prevent caching of sensitive login pages. The site appears to be mobile-optimized and uses modern frameworks, but SEO and accessibility features are basic. Security headers are minimal, and there is no explicit evidence of HTTPS enforcement or advanced security policies, which could be improved to enhance security posture. Security-wise, no WAF or blocking mechanisms were detected, and no immediate vulnerabilities or exposed sensitive data were found in the provided content. However, the absence of privacy and cookie policies, as well as contact information for incident response, represents compliance gaps, especially under GDPR regulations. The use of Matomo analytics suggests some level of user tracking, but without clear privacy disclosures, this may pose privacy concerns. Overall, the website is functional as a login portal but lacks comprehensive compliance and transparency features. Strategic improvements in privacy policy publication, security header implementation, and contact information disclosure are recommended to enhance trustworthiness and regulatory compliance.

A

AmRest

careeratamrest.com

66

AmRest Career website serves as a professional portal for career opportunities within AmRest, a large hospitality company operating multiple restaurant brands. The site highlights employee stories, career growth paths, and company culture, targeting job seekers and hospitality professionals. Technically, the website is built on SilverStripe CMS, uses modern front-end technologies including Swiper.js and Google Fonts, and is hosted with Azure DNS services. The site is mobile optimized with good SEO practices but lacks some accessibility features and explicit security headers. Security posture is moderate with HTTPS enabled and domain transfer protection, but DNSSEC is not enabled and no security policies are published. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and trustworthy with a strong social media presence but could improve in security and privacy transparency.

S

scio s.r.o.

sciokuchyne.cz

61

ScioKuchyně is a Czech-based food service provider specializing in healthy and balanced meals primarily for school children and adults. The company emphasizes fresh, nutrient-rich ingredients and sustainable practices, positioning itself as a niche provider in the education sector. The website reflects a professional and consistent brand image aligned with its parent company, scio s.r.o., and targets institutions and individuals seeking quality catering services. Technically, the site uses modern JavaScript libraries and Google Tag Manager for analytics, hosted likely by Webglobe with Umbraco CMS. The site is mobile-optimized and SEO-friendly but lacks explicit security headers and detailed security policies. Privacy compliance is addressed with cookie consent and a privacy policy page, indicating GDPR awareness. No direct contact emails or phone numbers are present, which could limit user trust and support accessibility. Overall, the domain registration data supports legitimacy and consistency with the business profile.

S

scio s.r.o.

scioedu.cz

62

ScioEdu is an educational platform focused on comprehensive development of individuals, primarily targeting teachers and pedagogical professionals in the Czech Republic. It offers supplementary pedagogical studies and teacher courses, leveraging experience from the ScioŠkoly network and partnerships with educational associations. The website is professionally designed with clear navigation and content relevant to its audience. Technically, it uses modern JavaScript libraries, Google Tag Manager for analytics, and is hosted by Webglobe, with a CMS likely Umbraco. Security posture is good with HTTPS and cookie consent mechanisms, though security headers and incident response information are absent. Overall, the site is trustworthy and compliant with GDPR, with transparent business information and partner collaborations.

S

scio s.r.o.

scioles.cz

61

ScioLes is an established outdoor educational club for children aged 5 to 15, focusing on physical activities, resilience building, and nature engagement in Prague and Kolín. The business operates under the parent company scio s.r.o., offering structured weekly programs, weekend trips, and summer camps. The website presents a professional and consistent brand image with clear descriptions of services and target audience. Technically, the site uses Umbraco CMS, Google Tag Manager with consent management, and is hosted on Webglobe infrastructure. Mobile optimization and SEO are well addressed, though accessibility is basic. Security posture is moderate with cookie consent implemented but lacks explicit security headers and incident response information. WHOIS data is inconsistent, showing a future domain creation date, which raises some trust concerns but does not detract significantly from the business credibility. Overall, the site is safe, compliant with GDPR, and well suited for its educational purpose.

S

ScioArt

scioart.cz

55

ScioArt is an innovative basic art school based in Prague, Czech Republic, targeting children aged 5 to 18 years. The institution focuses on interdisciplinary art education, fostering creativity, experimentation, and project-based learning. The website reflects a professional and consistent brand image aligned with its educational mission. Technically, the site is built on the Wix platform, utilizing standard Wix scripts and assets, with moderate performance and good mobile optimization. Security posture is basic, with HTTPS enabled but lacking advanced security headers and privacy policies. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency. Overall, the site presents a moderate risk profile with recommendations to improve security headers, privacy compliance, and domain registration verification.

F

403 - Forbidden

findlogovector.com

37

The website at findlogovector.com is currently inaccessible, returning a 403 Forbidden error page that blocks access to any meaningful content. The domain is registered since 2018 with GoDaddy.com, LLC and uses SiteGround nameservers for hosting. Due to the lack of accessible content, no business description, contact information, or policies are available for analysis. The site does not present any metadata, scripts, or analytics, indicating minimal digital maturity and technical implementation. Security posture is weak or unknown due to absence of HTTPS and security headers information. Overall, the site appears inactive or restricted, limiting trust and business credibility.

S

Silicon Hill

siliconhill.cz

41

Silicon Hill is a prominent student club operating within the Strahov dormitories primarily serving CTU students and other university residents. It provides a broad range of services including network infrastructure management, educational courses, event organization, and community facilities such as a gym and workshop spaces. The club has a strong partnership network with major technology companies and the university itself, positioning it as a key player in the student community ecosystem. Technically, the website employs standard web technologies with JavaScript and CSS but lacks advanced frameworks or CMS. The site is moderately optimized for performance and accessibility but could improve mobile responsiveness and SEO. Security posture is moderate; while CSRF tokens are present, there is no evidence of HTTPS enforcement or security headers in the provided data. The absence of WHOIS data is a concern for domain legitimacy verification, though the detailed and consistent website content suggests a legitimate organization. Privacy and cookie policies are missing, indicating compliance gaps. Overall, the site is functional and professional but would benefit from enhanced security and privacy measures.

Williams College is a reputable liberal arts educational institution offering a wide range of academic programs and a supportive community environment. The website reflects a mature digital presence with rich content, clear navigation, and professional design. Technically, the site is built on WordPress with modern web technologies and integrates third-party services such as Google Tag Manager and Vimeo for analytics and media. Security posture is good with HTTPS enforced, but lacks some advanced security headers and publicly available security policies. Privacy compliance is limited due to absence of visible privacy and cookie policies. WHOIS data is unavailable, which is unusual for .edu domains but likely due to registrar or domain privacy policies. Overall, the site is trustworthy and well-maintained but could improve transparency on privacy and security disclosures.

A

Asociace virtuální a rozšířené reality

avrar.cz

54

The website avrar.cz represents the Asociace virtuální a rozšířené reality, a Czech association focused on virtual and augmented reality technologies. It serves as a community hub for professionals, entrepreneurs, institutions, academics, and enthusiasts in the VR/AR sector. The association organizes the Czech VR Fest, the largest industry festival and conference in Central Europe, positioning itself as a leading entity in this niche market. The site provides information about membership, events, and news related to VR/AR innovation in the Czech Republic. Technically, the website uses modern JavaScript frameworks (Vue.js), integrates social media SDKs, and employs Google Analytics and Facebook Pixel for tracking. Hosting is provided by WEDOS, a reputable Czech hosting provider. Security posture is adequate with HTTPS enforced and secure form handling, but lacks visible security headers and public security policies. Privacy compliance is weak due to absence of privacy and cookie policies and no explicit consent mechanisms. Contact information is limited to web forms without direct email or phone contacts. Overall, the site is professional, well-branded, and trustworthy, but could improve transparency and security practices.

G

Gov Lab

govlab.cz

46

Gov Lab is a specialized consultancy focused on improving public sector services through strategic change management, service design, education, and evaluation. Founded in 2018 and based in the Czech Republic, the company targets public sector organizations and non-profits, helping them innovate and better meet citizen needs. The website reflects a professional and consistent brand with clear service offerings and client engagement. Technically, the site is built on WordPress using the Avada theme and includes modern plugins like Yoast SEO and Slider Revolution. Security posture is adequate with HTTPS and reCAPTCHA, though security headers could be enhanced. Privacy compliance is partial due to the absence of a clear privacy policy. Overall, the site is trustworthy and well-positioned in its niche.

B

Bluethumb

bluethumb.com.au

57

Bluethumb is a well-established Australian online art marketplace specializing in original paintings and modern art. Since its founding in 2012, it has positioned itself as a leading platform connecting Australian artists with collectors and art buyers. The website offers free shipping, returns, and insurance, enhancing customer trust and satisfaction. The business model focuses on e-commerce with additional services such as art advisory and trade services. Bluethumb targets art enthusiasts and collectors primarily within Australia.

I

ISO777

wpusersplugin.com

57

ISO777 is an established online gambling platform specializing in slot games and related betting services, operating primarily in Indonesia and broader Asian markets. The platform offers a variety of gaming options including slot games, live casino, sports betting, and tournaments with attractive bonuses and promotions. It is part of the HIU777 Group, indicating a structured business entity with a focus on trusted and fair gaming experiences. The website is professionally designed with good user experience and mobile optimization, supporting multiple languages and currencies. Technically, it uses modern JavaScript frameworks, Cloudflare DNS, and integrates live chat support for customer service. However, the site lacks visible privacy and cookie policies, terms of service, and advanced security headers, which are critical for compliance and user trust in the gambling industry. The domain is well-established since 2010, registered via GoDaddy, and uses Cloudflare DNS, but DNSSEC is not enabled. Overall, the site is functional and credible but requires improvements in privacy compliance and security posture to meet industry best practices.

R

re3data.org

re3data.org

58

re3data.org operates as a globally recognized registry of research data repositories, serving the academic and research community by providing comprehensive metadata and indexing of over 3400 repositories worldwide. The platform supports researchers, institutions, and funders by facilitating discovery and access to research data repositories, positioning itself as a leading non-profit service in the education and technology sectors. The website demonstrates a professional and consistent brand presence, with a clear focus on open science and data sharing. Technically, the website employs a modern technology stack including JavaScript, jQuery, Bootstrap, and Chart.js to deliver a responsive and user-friendly experience. The site is well-structured with good navigation, mobile optimization, and accessibility features. While performance is moderate, the site effectively supports its core functionalities such as search and browsing of repositories. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks visible advanced security headers and explicit security policies or incident response information. No vulnerability disclosure or security.txt files were found, indicating room for improvement in transparency and security maturity. Privacy compliance is strong with a comprehensive privacy policy and terms of use, though no cookie consent mechanism was detected. Overall, re3data.org presents a trustworthy and credible online presence with high content quality and business credibility. The lack of WHOIS data due to privacy protection is justified given the non-profit academic nature of the service. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure policies, and implementing cookie consent mechanisms to further strengthen compliance and trust.

The website 'ADHD Paralysis Treatment Washington' provides educational content and local treatment resources focused on ADHD paralysis, a neurological symptom affecting individuals with ADHD. It targets patients and caregivers in Washington state, offering practical advice, treatment options, and support referrals. The site is built on WordPress using Elementor and related plugins, delivering a professional and user-friendly experience with good mobile optimization and clear navigation. However, the site lacks critical privacy and cookie policies, security headers, and incident response information, which are essential for compliance and trust in healthcare-related websites. The WHOIS data presents inconsistencies, notably a future domain creation date, which raises questions about domain legitimacy despite the professional content. No contact emails, phone numbers, or social media links are provided, limiting direct communication channels. Overall, the site is informative and well-structured but requires improvements in security, privacy compliance, and transparency to enhance credibility and user trust.

J

Jahn GmbH & Co. KG

heiztextil.de

70

Jahn GmbH & Co. KG is a German family-owned company specializing in innovative heating textiles under the brand Ethermity®. Their products utilize patented infrared heating technology operating at low voltage for safe, energy-efficient heating solutions applicable in walls, floors, ceilings, and personal heating items like cushions and blankets. The company is ISO 9001:2015 certified and operates multiple production sites in Germany, positioning itself as a quality-driven innovator in the energy-efficient heating sector. The website is built on WordPress with Elementor, featuring modern design and good mobile optimization. Privacy and cookie compliance are well implemented with clear policies and consent mechanisms. Security posture is solid with HTTPS and secure form handling, though explicit security policies and incident response contacts are absent. Overall, the site reflects a professional and trustworthy business with a strong focus on quality and customer-centric solutions.

Z

Zweckverband Abfallwirtschaft Südwestsachsen

za-sws.de

50

The Zweckverband Abfallwirtschaft Südwestsachsen (ZAS) is a public-law waste management association founded in 1993, serving the Erzgebirgskreis and Zwickau counties in Germany. It operates as a regional waste disposal authority responsible for waste management infrastructure, disposal security, landfill remediation, and waste balance reporting. The website provides comprehensive information and services for residents and businesses in the region, including waste calendars, contact forms, and downloadable official documents. The site is professionally designed with clear navigation and consistent branding, targeting local citizens and commercial entities requiring waste management services. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript with jQuery and fancyBox libraries for UI enhancements. While no CMS or hosting provider details are evident, the site shows moderate performance and basic mobile optimization. SEO and accessibility features are present but could be improved. The site employs HTTPS and a cookie consent mechanism with Google Analytics tracking, indicating a moderate level of digital maturity. From a security perspective, the site lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is good with a clear privacy policy and cookie consent banner. The WHOIS data aligns well with the organization's identity, showing a consistent and legitimate domain registration without privacy protection, appropriate for a public entity. Overall, the website presents a trustworthy and professional digital presence for a regional government waste management authority. Strategic improvements could focus on enhancing security headers, mobile accessibility, and publishing security and incident response policies to strengthen trust and compliance.

I

Internetagentur dd-media.de Inh. Guido Kamm

dd-media.de

48

Internetagentur dd-media.de is a small, owner-operated German internet agency founded in 1995, specializing in web design, custom CMS development, and secure web hosting primarily serving the Heringen (Werra) region. The company positions itself as a regional expert with a strong focus on professional and individualized digital solutions. The website reflects a mature digital presence with a consistent brand and clear service offerings. Technically, the site uses modern web technologies including Bootstrap, PHP, and JavaScript, with a custom CMS and Matomo analytics for privacy-conscious tracking. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and GDPR-compliant cookie consent via Usercentrics, though it lacks explicit security headers and incident response information. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

D

designhouse®

designhouse.de

52

designhouse® is a well-established German branding and communication agency with over 25 years of experience. The company specializes in creating strong brands and communication concepts using words, images, colors, and forms, targeting businesses seeking comprehensive multimedia branding solutions. Their website showcases a rich portfolio of projects, indicating a solid market position in the media and creative services sector. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, Slider Revolution, and WPML, reflecting a mature digital infrastructure. The site is mobile optimized and employs standard tracking tools like Google Analytics and Facebook Pixel. Security posture is adequate with HTTPS enforced and IP anonymization enabled, but lacks some recommended security headers and explicit privacy and terms policies. Contact information is not directly visible, which may affect user trust and compliance. Overall, the website is professional and trustworthy but could improve in privacy transparency and security best practices.

W

Wilhelm Zuleeg GmbH

zuleeg.de

66

Wilhelm Zuleeg GmbH operates a professional e-commerce website specializing in high-quality, sustainable fabrics made in Germany. The website targets sewing enthusiasts and businesses seeking premium textile materials and accessories. The company leverages the Shopify platform, ensuring a modern and performant online shopping experience. The site includes comprehensive privacy and cookie policies, indicating GDPR compliance and a focus on user data protection. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy, although the website content and platform usage support its authenticity. Security measures such as HTTPS, hCaptcha, and cookie consent mechanisms are implemented, but explicit security policies and incident response contacts are not found.

S

SAGS ONLINE Webagentur Bayreuth

sags-online.de

57

SAGS ONLINE Webagentur Bayreuth is a specialized digital agency based in Bayreuth, Germany, with over 20 years of experience in online marketing, SEO, web design, and consulting services. The company positions itself as a primary provider of online services with a strong track record managing significant online marketing budgets. The website is built on WordPress with modern plugins and a premium theme, offering a professional and content-rich user experience. While the site is well-structured and optimized for SEO, it lacks explicit privacy and terms of service pages, which are important for compliance. Security posture is moderate with HTTPS enabled but missing security headers and direct contact details. Overall, the website is trustworthy and professional, serving a business audience primarily in Germany and expanding to Europe and the USA.