Security Directory

O

Objavte

objavte.com

69

Objavte.com is a Slovak-focused platform dedicated to discovering local experiences, hidden places, and cultural insights within Slovakia. The website targets general audiences interested in travel and authentic local experiences. The business appears to be a small startup founded in 2023, leveraging modern web technologies and multilingual support to reach a broader audience. Technically, the site is built on the Bubble.io platform, integrating third-party services such as Cookiebot for cookie consent management, Weglot for translations, and Google Tag Manager for analytics. The site demonstrates good design quality and user experience with responsive and accessible features, although some SEO and accessibility improvements are possible. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and DNSSEC. Privacy compliance is strong with a comprehensive cookie policy and GDPR-aligned consent mechanisms. However, the site lacks visible contact information, terms of service, and security policies, which impacts business credibility. Overall, the site is professional and trustworthy but could improve transparency and security documentation.

#

#praveslovenske

praveslovenske.sk

48

The website www.praveslovenske.sk serves as a cultural and promotional platform dedicated to showcasing authentic Slovak products, folklore, history, and tourism. It targets Slovak residents and tourists interested in exploring and supporting local Slovak producers and cultural heritage. The platform operates primarily as a content publisher with integrated marketing and advertising services, leveraging multiple subdomains to segment content into thematic blogs such as food, travel, traditions, crafts, and leisure. Technically, the site is built on WordPress using the jNews theme and WPBakery Page Builder, supplemented by plugins like Ajax Search Pro and AdRotate for search and advertising management. The site is mobile-optimized with good SEO practices and uses HTTPS with a valid SSL certificate, ensuring secure data transmission. However, there is room for improvement in accessibility and security headers implementation. From a security perspective, the site enforces HTTPS and uses a GDPR cookie compliance plugin, indicating awareness of privacy regulations. However, it lacks explicit privacy policy and terms of service pages, as well as direct contact information and incident response contacts, which are critical for compliance and trust. No vulnerabilities or WAF protections were detected, and no sensitive data exposure was found. Overall, the website presents a moderate risk profile with good business credibility and technical implementation but requires enhancements in privacy compliance and security best practices to strengthen trust and regulatory adherence.

K

KULT MINOR - Fond na podporu kultúry národnostných menšín

kultminor.sk

39

KULT MINOR is a Slovak public fund dedicated to supporting the culture of national minorities through grants, scholarships, and cultural programs. The organization operates a website primarily in Slovak, providing information about its programs, calls for proposals, and cultural activities. The website is well-structured, uses Joomla CMS, and integrates common web technologies including jQuery, Bootstrap, and Facebook SDK for social media presence. The domain is registered since 2017 with DNSSEC enabled, indicating a legitimate and stable online presence. However, the site lacks explicit privacy and terms of service policies, which are important for compliance and user trust. Cookie consent is implemented properly, reflecting awareness of privacy regulations. Security posture is generally good with HTTPS and DNSSEC, but could be improved by adding security headers and vulnerability disclosure information.

T

Terra Nostra Pizzeria-Ristorante

terranostra.pl

50

Terra Nostra Pizzeria-Ristorante is a small hospitality business based in Poland, specializing in authentic Italian cuisine including gluten-free options. Established in 2018, the restaurant emphasizes quality ingredients and traditional recipes, with a strong local presence and an online ordering platform. The website is built on Joomla CMS and incorporates modern web technologies such as jQuery and slick sliders, providing a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and incident response information are missing. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though WHOIS data is unavailable likely due to privacy protection, which is common for this business type.

Polska Federacja Producentów Żywności Związek Pracodawców (PFPŻ ZP) is a well-established Polish federation representing food producers and employers. The organization focuses on providing legal information, educational programs, and industry news related to food safety, legislation, and nutrition. The website serves as a resource hub for industry professionals and the general public interested in food-related regulatory matters. The federation has a strong market position in Poland with over 20 years of history and recognized certifications such as 'Teraz Polska'. Technically, the website uses a custom or legacy CMS with JavaScript libraries including jQuery, Prototype.js, and Google Analytics for tracking. The site is hosted by home.pl S.A., a known Polish hosting provider. While the site is functional and content-rich, it shows some outdated technologies and lacks advanced security headers and DNSSEC, which could be improved. Mobile optimization and accessibility are basic but present. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security policies or incident response information. No critical vulnerabilities or malicious content were detected. WHOIS data confirms a consistent and legitimate domain registration with no privacy protection, appropriate for the organization's transparency. Overall, the site is trustworthy but could benefit from modern security enhancements and improved technical infrastructure.

W

Wyższa Szkoła Informatyki i Zarządzania

wsiz.pl

48

Wyższa Szkoła Informatyki i Zarządzania (WSIiZ) is a Polish higher education institution specializing in computer science and management, operating since 2001. The website serves as an informational portal for prospective and current students, offering details about academic programs and institutional information. Technically, the site is built on WordPress with common plugins such as Yoast SEO and MegaMenu Pro, and uses Google Tag Manager for analytics. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility features. Security posture is basic with HTTPS enabled but missing important security headers and DNSSEC. Privacy compliance is weak due to absence of explicit privacy and cookie policies. Business credibility is strong given the domain age and consistent WHOIS data. Overall, the site is functional and professional but would benefit from enhanced security and privacy practices.

S

Scala Z Media GmbH

ratzfatz-durch-die-mauer.de

53

Ratzfatz durch die Mauer is an educational platform operated by Scala Z Media GmbH, focused on providing interactive learning experiences about German history, specifically the Berlin Wall and its fall. The website offers a game app and digital teaching materials aimed at children, educators, and parents. The business operates in the education and media sectors within Germany, targeting a niche market with specialized content. Technically, the website is built on WordPress with Elementor and uses modern plugins for SEO, forms, and analytics. Hosting is provided by Alfahosting, as inferred from the nameservers. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers are missing and no explicit security policy or vulnerability disclosure is found. Privacy compliance is good, with clear privacy and cookie policies in German and consent banners. Contact information is comprehensive, including phone, email, physical address, and contact forms. No adult or questionable content is present, making the site safe for general audiences. Overall, the website is professional, trustworthy, and well-positioned within its educational niche.

I

Ingka Centres Holding B.V.

avion.cz

64

Avion Shopping Park is a large retail shopping center located in Ostrava, Czech Republic, operated under the parent company Ingka Centres Holding B.V. The website presents a professional and well-structured digital presence showcasing a variety of retail shops, restaurants, services, and events aimed at the general public and local community. The business model focuses on providing retail space and customer services, supported by a strong brand association with IKEA. Technically, the website leverages modern web technologies including React and Gatsby, ensuring good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in security headers and incident response transparency. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms aligned with GDPR. Overall, the website reflects a trustworthy and professional retail business with moderate to good technical maturity and security awareness.

The website stavbamsk.cz serves as the official platform for the Stavba MSK competition, which promotes and showcases quality construction projects in the Moravian-Silesian Region of the Czech Republic. The site targets both professionals in the construction and architecture sectors and the general public interested in regional development. It provides information about the competition, event results, galleries, and news updates. The business model appears to be a regional promotional and award platform supported by various partners and sponsors. The domain age and WHOIS data confirm a long-standing presence since 2006, reinforcing credibility. Technically, the website is built on WordPress CMS and employs modern web technologies including Bootstrap, jQuery, GSAP, Swiper, and Google reCAPTCHA v3 for form security. The site is mobile-optimized and integrates Google Analytics and Tag Manager for user tracking and marketing insights. Performance is moderate with good design and navigation clarity, though accessibility features are basic. From a security perspective, HTTPS is properly implemented, and forms are protected with reCAPTCHA. However, the absence of security headers and lack of explicit privacy and cookie policies indicate room for improvement in compliance and security posture. No vulnerabilities or exposed sensitive data were detected. The site does not provide incident response or vulnerability disclosure information. Overall, stavbamsk.cz is a credible and professionally maintained regional website with a clear business purpose. To enhance trust and compliance, it should implement privacy and cookie policies, security headers, and consider publishing a security policy or vulnerability disclosure statement.

Vila48.cz is a professionally designed website representing a residential rental business located in Ostrava, Czech Republic. The company offers six modern, fully equipped apartments combining hotel comfort with private rental flexibility, targeting firms, managers, tourists, students, and individuals seeking transitional housing. The business has a credible market position supported by an award-winning renovation and a clear focus on premium residential services. Technically, the website is built on WordPress with Elementor, leveraging modern JavaScript libraries and Google services for analytics and marketing. The site is mobile-optimized and SEO-friendly with structured data implementation. Security posture is adequate with HTTPS and no visible vulnerabilities, but lacks security headers and formal privacy or cookie policies, indicating compliance gaps. Overall, the site is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices.

W

wirtschaftswissen Financial Publishing Group

wirtschaftswissen.de

62

wirtschaftswissen.de is a German-language business knowledge and compliance information platform operated by wirtschaftswissen Financial Publishing Group. The website provides legally sound answers to business questions, current court rulings, expert guides, newsletters, webinars, and a shop for business-related products. It targets business professionals, HR managers, employers, and entrepreneurs seeking practical and legal business advice. The platform is positioned as a reputable source of business knowledge in the German market with a medium-sized operation. Technically, the website is hosted on Amazon AWS infrastructure, uses WordPress CMS, and employs modern web technologies including JavaScript, CSS, and FriendlyCaptcha for bot protection on forms. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. Performance is moderate with no major issues detected. From a security perspective, the site enforces HTTPS and uses CAPTCHA to protect form submissions. However, it lacks visible security headers and does not publish privacy, cookie, or incident response policies in the analyzed content. No contact information for data protection officers or incident response teams is found. There are no detected vulnerabilities or exposed sensitive data, but privacy compliance is weak due to missing policies. Overall, wirtschaftswissen.de presents a professional and trustworthy business information platform with good content quality and technical implementation. The main risks relate to privacy compliance and security policy transparency. Strategic improvements in these areas would enhance trust and regulatory adherence.

R

RadioOffice GmbH

radio-pr.de

38

The website www.radio-pr.de is a professional German-language blog operated by RadioOffice GmbH, specializing in Radio-PR and audio content marketing. It serves communications professionals and companies interested in leveraging radio and audio channels for PR purposes. The site provides educational content, expert insights, and practical advice on radio PR formats such as infomercials, O-Ton services, and podcasts. The business operates in the media sector with a niche focus and small company size. Technically, the site is built on WordPress using the Twenty Eleven theme and Yoast SEO plugin, hosted via DomainControl.com. The site is moderately optimized for performance and mobile devices, with good SEO practices but basic accessibility features. Security posture is adequate with HTTPS enabled but lacks security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is limited to a search form and social media links, with no direct emails or phone numbers disclosed. The domain WHOIS data is minimal but consistent with the website's business profile, indicating legitimacy. Overall, the website is trustworthy, content-rich, and professionally maintained but would benefit from enhanced privacy compliance and security hardening.

B

Bischöfliche Aktion Adveniat e.V.

adveniat.de

54

Adveniat is a German non-profit organization dedicated to supporting people in Latin America and the Caribbean through aid projects, fundraising, and awareness campaigns. The website serves as an information hub for their projects, donation options, events, and news updates. It targets a general audience interested in solidarity and development aid in Latin America. The organization maintains a consistent brand presence and leverages social media channels to extend its reach. Technically, the website is built on WordPress using the Avada theme and several plugins including WooCommerce for e-commerce functionality, Yoast SEO for search optimization, and Borlabs Cookie for cookie consent management. The site is served over HTTPS and includes modern web technologies such as jQuery and Google Fonts. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site uses HTTPS and cookie consent mechanisms but lacks explicit security headers and detailed security or privacy policies. No vulnerabilities or exposed sensitive data were detected. Tracking technologies include Google Tag Manager, Facebook Pixel, and Google Ads, indicating moderate user tracking. Overall, the website is professional, trustworthy, and safe for general audiences. However, improvements could be made in privacy compliance documentation, security header implementation, and incident response readiness to enhance the security posture and regulatory compliance.

A

Auswärtiges Amt

auswaertiges-amt.de

60

The Auswärtiges Amt website serves as the official digital presence of the German Federal Foreign Office, providing authoritative information on German foreign policy, consular services, travel safety advisories, and career opportunities within the foreign service. It targets a broad audience including travelers, diplomats, and the general public interested in Germany's international relations. The site maintains a strong market position as a trusted government source with consistent branding and comprehensive content.

N

Nadace ČEZ

pomahejpohybem.cz

54

Pomáhej Pohybem is a charitable initiative supported by Nadace ČEZ and Skupina ČEZ, focused on encouraging physical activity through a mobile application that converts user activity into points for charitable projects. The platform targets a broad audience interested in fitness and social good, leveraging a modern React-based web infrastructure and mobile app presence on iOS and Android. The website demonstrates good digital maturity with a comprehensive cookie consent mechanism and integration of analytics tools. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, reflecting a mature non-profit operation backed by a major energy group.

J

JYSK

jysk.cz

58

JYSK.cz is the Czech Republic branch of the well-established JYSK retail group, specializing in furniture and home goods. The website offers a comprehensive online shopping experience complemented by physical stores, targeting general consumers in the Czech market. The site is professionally designed with consistent branding and clear navigation, supporting a positive user experience. Technically, the site is built on Drupal 10, leveraging modern analytics and marketing tools such as Google Tag Manager, Dynamic Yield, and Salesforce Chat, hosted on a robust CDN infrastructure via Akamai. Security posture is strong with HTTPS enforced, security headers present, and GDPR-compliant cookie consent mechanisms. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. Overall, the site demonstrates a mature digital presence with good privacy compliance and business credibility.

G

Grunt od nowa

gruntodnowa.pl

56

Grunt od nowa is a Polish website built on WordPress, primarily targeting a Polish-speaking audience. The site appears to be a small-scale business or project launched around 2022, with basic content and SEO optimization via Yoast SEO. The presence of Cookiebot indicates an awareness of cookie consent and privacy compliance, although no explicit privacy policy or terms of service pages were found in the analyzed content. The website uses Google Analytics and Google Tag Manager for traffic analysis and marketing purposes. Technically, the site employs standard web technologies including jQuery and asynchronous script loading for performance. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks visible security headers and detailed security policies.

P

Polska Akademia Nauk

pan.pl

47

Polska Akademia Nauk is a prestigious Polish national scientific institution established in 1952, dedicated to advancing scientific research and education across multiple disciplines. The website serves as an information portal for the academy's activities, news, events, and institutional information, targeting researchers, academics, and the general public interested in science. The site is built on a modern WordPress platform with standard plugins and integrates Google Analytics for visitor tracking. The technical infrastructure is solid with good mobile optimization and accessibility features, hosted likely by home.pl S.A., a reputable Polish registrar and hosting provider. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure, though improvements can be made by enabling DNSSEC and adding security headers. Privacy compliance is weak due to the absence of explicit privacy and cookie policies on the homepage. Overall, the domain registration data aligns well with the website content, confirming legitimacy and trustworthiness. Strategic recommendations include enhancing privacy compliance, implementing security headers, and publishing incident response information to strengthen trust and security posture.

S

SCIO

scio.cz

40

SCIO is a well-established Czech education services provider specializing in entrance exams, preparatory courses, and educational testing products for students and schools. With over 30 years of experience, SCIO holds a strong market position in the Czech education sector, offering a broad portfolio of services including national comparative exams for universities and secondary schools, as well as professional tools for educators. The website reflects a professional and user-friendly digital presence with clear navigation and comprehensive content tailored to its target audience of students, parents, and educational institutions. Technically, the site employs modern web technologies, including JavaScript, Google Tag Manager, and CookieHub for privacy compliance, and is optimized for mobile devices with good accessibility and SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and incident response information. The absence of WHOIS data limits domain trust analysis, but the overall digital footprint and professional presentation support legitimacy. Strategic recommendations include enhancing security transparency and incident response readiness to further strengthen trust and compliance.

Č

Český paralympijský výbor

paralympic.cz

48

The Czech Paralympic Committee operates a professional and comprehensive website serving the Czech parasport community. The site provides news, event information, athlete profiles, and resources related to paralympic sports. It targets athletes, sports fans, media, and partners within the Czech Republic. The organization is well-established, with a domain age dating back to 2000, reflecting a mature presence in the non-profit sports sector. Technically, the website is built on WordPress 6.8.3, utilizing a variety of plugins for social media integration, event management, and user engagement such as Mailchimp for newsletters. The site is hosted by a Czech registrar and uses modern web technologies including Google Fonts and JavaScript libraries. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, security headers are minimal, and no explicit security or incident response policies are published. No vulnerabilities or exposed sensitive data were detected. The site uses tracking and analytics tools such as Google Analytics, Microsoft Clarity, and Facebook Pixel, with moderate user tracking levels but good privacy compliance. Overall, the website is trustworthy, professionally maintained, and aligned with its business purpose. Strategic recommendations include enhancing security headers, publishing explicit security policies, and improving accessibility. These steps would further strengthen the site's security posture and user trust.

W

Woox

woox.cz

9

WOOX.cz is a Czech-based e-commerce retailer specializing in functional clothing designed for various weather conditions and outdoor activities. The company targets outdoor enthusiasts and general consumers seeking durable and versatile apparel. Their business model includes direct online sales and a membership club (WOOX Klub) offering significant discounts. The website is professionally designed with clear navigation and supports social login options for user convenience. Technically, the site leverages the Shoptet e-commerce platform and integrates multiple modern analytics and marketing tools such as Google Tag Manager, Microsoft Clarity, Facebook SDK, and Segmentify. The site is mobile-optimized and uses HTTPS to secure user data. However, some security headers are not explicitly detected, and no dedicated security or incident response policies are published. From a security perspective, the website demonstrates good practices like secure login forms and cookie consent mechanisms but lacks transparency in security policies and vulnerability disclosures. The absence of WHOIS data limits the ability to fully verify domain legitimacy, although the site content and technical setup suggest a legitimate business. Overall, WOOX.cz presents a moderate risk profile with room for improvement in privacy compliance and security transparency. Strategic recommendations include publishing a privacy policy, enhancing security headers, and providing incident response contacts to increase trust and compliance.

B

BRNO OPEN 2023

brnoopen.eu

37

The website brnoopen.eu serves as the official platform for the BRNO OPEN 2023 dance sport event, specifically hosting the WDSF World Championships in Latin and Showdance Standard categories. The site targets dance sport enthusiasts, competitors, and attendees primarily in the Czech Republic. The business model revolves around event organization and promotion within the niche of competitive dance sport. Technically, the site is built on WordPress using the Divi theme, leveraging modern web fonts and structured data for SEO. Performance and mobile optimization are adequate, though accessibility features are basic. Security posture is limited, with no evident security headers or policies, and privacy compliance is minimal due to the absence of privacy and cookie policies. The domain registration is consistent with the business location and nature, registered through a reputable Czech registrar, ZONER a.s. Overall, the site is professional and relevant but would benefit from enhanced security and compliance measures.

BM Real Property s.r.o. is a small family-owned real estate development company operating primarily in the Moravskoslezský region of the Czech Republic. The company focuses on delivering comprehensive construction and real estate services, managing projects from inception to completion. Their market position is that of a local developer emphasizing quality and client satisfaction, with a portfolio including residential and hospitality projects such as Vila 48 and Penzion Závada. The website is professionally built on WordPress using Elementor and related plugins, hosted on a Czech hosting provider, and supports Czech and English languages. Technically, the site is moderately performant and mobile-optimized but lacks some security headers and privacy compliance elements. Security posture is good with HTTPS enabled and no visible vulnerabilities, though improvements in security headers and privacy policies are recommended. Overall, the website is trustworthy and professional, with clear contact information and business legitimacy confirmed by WHOIS data.

pixeldiversity GmbH operates a technology-focused website offering cloud hosting, Plesk administration, R & RStudio environments, newsletter distribution, and mail discussion services. The website serves primarily as a portal linking to various internal and related service domains. The business appears to target technology professionals and organizations requiring specialized hosting and software environments. However, the website content is minimal and lacks comprehensive business or contact information, which limits its professional presentation. From a technical perspective, the site uses basic HTML and CSS without detectable modern frameworks or CMS platforms. There is no evidence of HTTPS enforcement or security headers, which indicates a low maturity level in security implementation. The absence of privacy, cookie, and terms of service policies further highlights compliance gaps. The site is accessible without WAF or security challenges but lacks SEO optimization and mobile responsiveness. Security posture is weak due to missing HTTPS, lack of security headers, and no visible incident response or vulnerability disclosure mechanisms. The WHOIS data is missing or inaccessible, which raises concerns about domain legitimacy and transparency. No contact emails, phone numbers, or social media links are provided, reducing trust and business credibility. Overall, the website presents a low-risk content profile but suffers from significant security, compliance, and transparency deficiencies. Strategic improvements in security infrastructure, privacy compliance, and business information disclosure are recommended to enhance trustworthiness and operational resilience.

The website smartbydleni.cz is currently a domain parking and sales landing page with no active business content or services. The domain was registered recently in 2022 and uses parking name servers, indicating it is not currently used for operational business purposes. The site contains minimal content, primarily advertising and a link to contact the domain owner. Technically, the site uses basic JavaScript and is hosted behind a CDN (Cloudfront). There is no evidence of a CMS or advanced frameworks. Security posture is weak due to lack of HTTPS information, absence of security headers, and no privacy or cookie policies. No contact or business information is provided, which limits trust and credibility. Overall, the site is low risk but also low value from a business or security perspective.

A

ABSTRACT s.r.o.

stylove.cz

9

STYLOVE.CZ is a Czech media website operated by ABSTRACT s.r.o., focusing on stylish living, architecture, interior design, wellness, and home improvement. The site offers rich editorial content including articles, series, contests, and partnerships with manufacturers and service providers. It targets consumers interested in enhancing their living spaces with style and modern design. The website is part of a network of related sites including BYDLENI.CZ and INTERIER.CZ, indicating a strong presence in the Czech home and lifestyle media market. Technically, the website uses a modern tech stack including Bootstrap, jQuery, and various slider and carousel plugins. It integrates Google Analytics and Google Tag Manager for user tracking and marketing insights. The site is mobile optimized with good navigation and content structure, though accessibility features are basic. Performance is moderate with room for improvement in security headers and privacy compliance. Security posture is moderate; HTTPS is implied but no explicit security headers were detected in the provided data. No privacy or cookie policies were found, which is a compliance gap. The WHOIS data for the domain is missing, which raises concerns about domain registration transparency and legitimacy, though the website content and business information appear professional and trustworthy. Overall, the website is a credible media outlet with good content quality and business credibility but needs to improve privacy compliance and security practices. The lack of WHOIS data is a notable risk factor that should be addressed to enhance trustworthiness.

B

Bundesverband Katholische Kirche an Hochschulen

kircheanhochschulen.de

52

The Bundesverband Katholische Kirche an Hochschulen is a German non-profit organization dedicated to representing and supporting Catholic university communities across Germany. The website serves as a central hub for news, events, and resources related to the Catholic Church's engagement with students and academic institutions. It maintains a professional and consistent brand presence, targeting students, church members, and affiliated organizations. The organization offers key services such as event organization, advocacy, and community support, positioning itself as a national umbrella body within the non-profit sector. Technically, the website is built on WordPress using modern themes and plugins like GeneratePress and Smart Slider 3. It is hosted likely by NetCologne, indicated by the nameservers. The site demonstrates good mobile optimization, moderate performance, and basic accessibility features. SEO practices are well implemented with proper meta tags and structured data. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks explicit security headers and a public incident response policy. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is mostly met with a comprehensive privacy policy and terms of service, but the absence of a cookie consent mechanism is a minor gap. Analytics usage is moderate with wp-slimstat, and no advertising or tracking networks were found, aligning with the non-profit nature. Overall, the website is trustworthy, professionally maintained, and serves its community effectively. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing incident response and vulnerability disclosure information to further strengthen security posture and compliance.

E

Evangelische Studierendengemeinde Bamberg (ESG Bamberg)

esg-bamberg.de

45

The website www.esg-bamberg.de represents the Evangelische Studierendengemeinde Bamberg, a small non-profit student religious community organization in Germany. It provides spiritual, cultural, and social programs for students, collaborating ecumenically with the Catholic Hochschulgemeinde. The site is built on Drupal 10 and features event listings, articles, and community news. The technical infrastructure is modern with mobile optimization and accessibility considered. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks explicit security headers and published security policies. Contact is primarily via email and a contact form. WHOIS data is consistent and indicates a legitimate domain registration. Overall, the site is professional, trustworthy, and serves its target audience effectively.

B

Bischöfliche Studienförderung Cusanuswerk

cusanuswerk.de

46

The Cusanuswerk is a well-established non-profit scholarship organization affiliated with the Catholic Church in Germany, providing financial and ideational support to approximately 2,400 talented Catholic apprentices, students, and doctoral candidates. It operates with funding from state, church, and private sources and holds recognized certifications for excellence, positioning it as a reputable institution in the educational non-profit sector. The website is professionally designed using TYPO3 CMS, featuring comprehensive content, clear navigation, and mobile optimization. It integrates modern frontend technologies such as Owl Carousel and FontAwesome, hosted on a stable infrastructure with domain control by a reputable registrar. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although improvements could be made by adding security headers and explicit incident response contacts. Privacy compliance is generally good with a comprehensive privacy policy, but lacks a visible cookie consent mechanism. Contact information is available primarily via phone and contact forms, with social media presence on LinkedIn. Overall, the site reflects a trustworthy and professional organization with a strong focus on educational support and community engagement.

K

Katholischer Akademischer Ausländer-Dienst

kaad.de

49

The Katholischer Akademischer Ausländer-Dienst (KAAD) is a well-established non-profit organization affiliated with the Catholic Church in Germany, focused on providing scholarships and educational support to postgraduate students and young professionals from developing countries across Africa, Asia, Latin America, Eastern Europe, and the Middle East. With a history spanning over 65 years, KAAD supports leadership development through academic programs, networking, and spiritual guidance. The website reflects a professional and consistent brand image, targeting academics and emerging leaders in global development contexts. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies such as Bootstrap, FontAwesome, and jQuery. It is hosted on Goneo servers, uses HTTPS with good SSL configuration, and demonstrates moderate performance and good mobile optimization. SEO and accessibility are adequately addressed, though some accessibility features could be enhanced. From a security perspective, the website enforces HTTPS and uses secure form submissions but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is generally good with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a minor gap. Overall, the KAAD website presents a trustworthy, professional, and secure platform suitable for its educational and non-profit mission. Strategic improvements in security headers, cookie consent, and vulnerability disclosure would further strengthen its security posture and compliance.

O

Ottfried. Die Bamberger Studierendenzeitschrift

ottfried.de

51

Ottfried e.V. operates a student magazine website serving the Bamberg academic community, providing news, articles, and multimedia content relevant to students. The website is built on WordPress and leverages popular plugins such as Yoast SEO and Real Cookie Banner Pro to ensure good SEO and privacy compliance. The site integrates multiple third-party media services including YouTube, Instagram, TikTok, and Spotify, enhancing content richness. Hosting is provided by webgo.de, consistent with the domain's WHOIS data. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or suspicious patterns were detected. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

A

Amnesty International Hochschulgruppe Bamberg

amnesty-bamberg-hochschulgruppe.de

46

The website represents the Amnesty International Hochschulgruppe Bamberg, a local non-profit student group focused on human rights advocacy and education. It provides information about events, campaigns, and ways to get involved, targeting students and human rights supporters in Bamberg, Germany. The site is built on WordPress and uses common plugins and libraries to deliver content and event information. While the site is functional and provides relevant content, it lacks some advanced privacy and security features such as cookie consent mechanisms and explicit security headers. Contact information is primarily via a contact form, with no direct emails or phone numbers visible. Social media presence is established on Facebook and Instagram, enhancing outreach. Overall, the site is consistent with a small non-profit local group and maintains a moderate level of professionalism and trustworthiness.

C

C O R E 1

core1.agency

54

C O R E 1 is a Czech digital agency specializing in AI and advanced web technologies, operating since 2007. They position themselves as leaders in their field, offering services including AI integration, web design, UI/UX, and digital marketing. Their website reflects a professional and modern digital presence with strong branding and client testimonials, targeting businesses seeking innovative web solutions. Technically, the site uses modern web technologies, including Video.js for media, Google Tag Manager, and various marketing and retargeting tools, with a custom CMS named core1/BasicCMS. The site is well-optimized for performance, mobile responsiveness, and SEO. Security-wise, HTTPS is enforced and cookie consent mechanisms are implemented, but there is a lack of published security policies or incident response information. WHOIS data is unavailable, likely due to privacy protection, which is common and justified for this business type. Overall, the site demonstrates a mature digital infrastructure and credible business presence.

J

JCMM, z. s. p. o.

sockari.cz

49

The website sockari.cz serves as a regional educational support platform dedicated to high school students in the South Moravian Region of the Czech Republic who are engaged in the SOČ competition, a national expert work contest. Operated by JCMM, a non-profit organization, the site provides financial grants, mentoring, and informational resources to students, supervisors, and coordinators. The platform is well integrated with partner sites and offers a range of educational projects and career development tools. Technically, the site employs modern frontend technologies including Google Fonts, jQuery, and Slick Carousel, hosted on Forpsi servers with HTTPS enabled and Google Analytics for user tracking. Security posture is adequate but could be improved with additional security headers and explicit incident response policies. Privacy compliance is supported by a GDPR cookie consent banner and linked privacy policy. Overall, the site is professional, trustworthy, and well-targeted to its audience.

T

Page Not Found

theater-bautzen.de

37

The website theater-bautzen.de currently serves a 404 error page indicating that the site configuration is missing or the site is not accessible. The page is powered by TYPO3 CMS, but no actual business content, contact information, or policies are present. The lack of accessible content and absence of privacy, cookie, or terms of service policies severely limit the ability to assess the business or security posture. The domain uses name servers from rzone.de, suggesting hosting with a German provider, but no registrant details or domain age information are available to confirm legitimacy or business history. Overall, the site is non-functional from a user perspective and lacks essential compliance and security features.

F

Figurentheater-Kolleg

ft-k.de

42

Figurentheater-Kolleg is a specialized educational institution based in Germany offering comprehensive training, courses, and workshops in the field of figurentheater, puppetry, and related performing arts. The website presents a professional and well-structured digital presence that effectively targets professionals and learners interested in these niche arts. Their offerings include foundational training, advanced courses, and various projects and events, positioning them as a niche leader in their sector. Technically, the website is built on a modern stack including Foundation 6, jQuery, GSAP animations, and the RapidWeaver CMS platform. It is hosted on German-based servers, ensuring regional consistency and likely good performance for its target audience. The site is mobile-optimized, accessible, and SEO-friendly, providing a positive user experience. From a security perspective, the site uses HTTPS with good SSL configuration and includes privacy policy compliance with GDPR. However, it lacks some security headers and a cookie consent mechanism, which are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected, and the contact form includes anti-spam measures. Overall, the website is trustworthy, professional, and safe for general audiences. The domain registration data aligns with the website's geographic and business profile, supporting legitimacy. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing explicit security and incident response policies to further strengthen trust and compliance.

N

no strings attached

no-strings-attached.de

60

The website www.no-strings-attached.de represents a small cultural festival organizer based in Germany, specializing in puppet theater, object theater, and Nouveau Cirque performances. The festival is supported by regional cultural foundations and targets a general audience interested in performing arts. The site is built on WordPress with a modern tech stack including jQuery, Yoast SEO, and Borlabs Cookie for privacy compliance. The technical infrastructure is solid with HTTPS enforced and good SEO practices. Security posture is good but could be improved by adding security headers and explicit incident response policies. Privacy compliance is strong with a comprehensive privacy and cookie policy and a consent mechanism in place. No critical vulnerabilities or suspicious content were detected, and the site is fully accessible without WAF or blocking mechanisms.

N

Niedersächsischer Landtag

landtag-niedersachsen.de

57

The Niedersächsischer Landtag website serves as the official online presence of the Lower Saxony state parliament in Germany. It provides comprehensive information about parliamentary functions, committees, events, and public participation opportunities. The site targets citizens, youth, and visitors interested in democratic processes and government transparency. The business model is that of a government institution focused on public service and information dissemination. Technically, the website is built on TYPO3 CMS, employs Matomo analytics configured with privacy considerations, and uses modern frontend libraries like Slick Carousel. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses privacy-respecting analytics. However, it lacks visible security headers, a cookie consent mechanism, and published security or incident response policies. No vulnerabilities or suspicious content were detected, indicating a solid security posture but with opportunities for improvement in compliance and transparency. Overall, the website is professional, trustworthy, and well-maintained, with minor gaps in privacy compliance and security best practices. Strategic recommendations include implementing cookie consent, adding security headers, and publishing security policies to enhance user trust and regulatory compliance.

D

DAISEC

daisec.de

62

DAISEC is a European Digital Innovation Hub focused on AI and cybersecurity, supporting SMEs and public sector entities primarily in Niedersachsen, Germany. It offers free services funded by the EU, including training, networking, and technical assessments to facilitate digital technology adoption. The website is built on WordPress with modern plugins and includes security features like HTTPS and Google reCAPTCHA. However, it lacks visible privacy and cookie policies, incident response information, and explicit security headers, which are areas for improvement. Overall, the site is professional, well-branded, and targets a regional audience with a clear mission to foster digital innovation.

Winter-Gala 2024 by David Siedek is a cultural event featuring music, dance, magic, and gourmet dining, held in Gommern, Germany. The website provides detailed information about the event, artists, location, and contact details, targeting a regional audience interested in entertainment and gala shows. The site is professionally designed using Joomla CMS and common web technologies, hosted on a reputable provider. Security posture is adequate with HTTPS enabled but lacks advanced security headers and comprehensive privacy compliance. Contact information is clearly presented, enhancing business credibility.

W

Werbeagentur Schulz-Design e.K.

circus-land.de

50

CHARLES KNIE’S Circus-Land is a family-oriented entertainment park located in Einbeck-Volksen, Germany, offering attractions, animal exhibits, and live shows. It positions itself as the most popular family fun destination in Southern Lower Saxony, targeting families and tourists with ticketed access and annual passes. The website is professionally designed using Joomla CMS and hosted on webgo.de servers, featuring modern web technologies such as jQuery and Bootstrap. It includes a cookie consent mechanism and privacy policy, reflecting basic GDPR compliance. Facebook Pixel is used for user tracking, indicating moderate data collection practices. Security posture is good with HTTPS enforced, but lacks advanced security headers and explicit incident response information. Overall, the site is accessible, trustworthy, and provides clear business contact information.

D

DIAKOVERE

kommunikationswerkstatt-hannover.de

39

Kommunikationswerkstatt Hannover is a communication agency service offered by DIAKOVERE, the largest non-profit social and healthcare organization in Niedersachsen, Germany. The website presents professional agency services targeted at social and healthcare sectors, emphasizing communication expertise within a non-profit framework. The business model focuses on providing specialized communication support to organizations in the social and healthcare domain, leveraging the reputation and scale of DIAKOVERE. Technically, the website is built on Joomla CMS, utilizing modern frontend technologies such as jQuery, Bootstrap, GSAP TweenMax, and LayerSlider. Hosting is managed via kasserver.com, with secure HTTPS connections and cookie consent mechanisms implemented to comply with privacy expectations. The site demonstrates moderate performance and good mobile optimization, although accessibility features are basic. From a security perspective, the site enforces HTTPS and employs cookie consent blocking scripts to limit unauthorized data storage. However, it lacks important security headers and does not provide a security policy or incident response contact, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website is professional and trustworthy, with a solid business credibility score. The absence of privacy and terms of service policies, as well as security headers, slightly lowers the privacy compliance and security posture scores. Strategic enhancements in these areas would improve the site's overall security and compliance standing.

B

B&B. Markenagentur GmbH

bundb.de

65

B&B. Markenagentur GmbH is a medium-sized branding agency based in Hannover, Germany, specializing in strategic, creative, and communicative brand development. The company integrates human creativity with AI technologies to deliver innovative marketing and branding solutions, targeting businesses and public sector clients. Their service portfolio includes brand management, employer branding, change communication, and AI marketing, positioning them as a forward-thinking agency in the branding industry. Technically, the website demonstrates a modern and performant infrastructure with responsive design, multimedia integration (YouTube, Vimeo videos), and advanced cookie consent mechanisms. The use of Google Tag Manager with a custom domain, A/B testing tools, and lazy loading images reflects a mature digital presence. Hosting is likely provided by kasserver.com, consistent with the domain's nameservers. From a security perspective, the site enforces HTTPS, employs cookie consent compliant with GDPR, and uses CSRF tokens for form protection. However, explicit security headers are not detected, and no public security or incident response policies are found. No vulnerabilities or exposed sensitive data are evident in the content, indicating a solid security posture. Overall, the website is professional, trustworthy, and compliant with privacy regulations, with a high-quality user experience and clear business information. Strategic recommendations include enhancing security headers, publishing security policies, and implementing vulnerability disclosure mechanisms to further strengthen trust and compliance.

U

Unternehmerverbände Niedersachsen e.V.

uvn-online.de

58

Unternehmerverbände Niedersachsen e.V. (UVN) is a prominent regional business association representing over 100 employer and economic associations in Niedersachsen, Germany, encompassing more than 200,000 companies and approximately 2.6 million employees. The organization acts as a key voice for the regional economy, engaging in policy advocacy, networking, and providing information services to its members. The website reflects a professional and well-maintained digital presence, leveraging WordPress CMS with modern plugins for SEO, event management, and privacy compliance. It is optimized for mobile devices and provides clear navigation and relevant content for its target audience of businesses and economic stakeholders in Niedersachsen.

D

Dienstleistungsgesellschaft der Norddeutschen Wirtschaft mbH (DNW)

dnw-online.de

50

Dienstleistungsgesellschaft der Norddeutschen Wirtschaft mbH (DNW) is a small regional service company affiliated with Unternehmerverbände Niedersachsen e.V. and Institut der Norddeutschen Wirtschaft e.V. The company focuses on consulting and services related to telecommunications, energy, data protection, and organizing purchasing cooperations for medium-sized businesses in Northern Germany. The website is built on Joomla CMS with a modern responsive design and includes essential business information and partner affiliations. Technically, the site uses standard web technologies and is hosted by Alfahosting. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks advanced security headers and explicit incident response policies. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

M

Mathäser Filmpalast

mathaeser.de

64

Mathäser Filmpalast is a prominent cinema located in Munich, Germany, offering a wide range of film screenings, events, and online ticketing services. The website reflects a mature digital presence with comprehensive content about current and upcoming films, events, and cinema facilities. It targets cinema-goers in Munich and surrounding areas, positioning itself as a leading entertainment venue with premium technologies such as Dolby Cinema and advanced sound and projection systems. The site integrates multiple third-party services for marketing and ticket sales, demonstrating a well-established business model within the hospitality and entertainment sectors. Technically, the site uses modern JavaScript libraries, responsive design, and structured data to enhance user experience and SEO.

R

RadioOffice GmbH

radio-office.de

42

RadioOffice GmbH is a specialized media agency based in Germany focusing on radio PR and audio content marketing. The company offers professional services including production and placement of infomercials, O-Ton services, interview mediation, and podcast PR. Their market position is niche, targeting businesses and organizations seeking effective radio and audio marketing solutions. The website is well-branded, consistent, and provides clear information about their services and contact details. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, Slider Revolution, and Complianz GDPR for cookie consent. The site is mobile-optimized and performs moderately well. Hosting is managed via domaincontrol.com DNS, indicating GoDaddy as the registrar. SEO and structured data implementations are good, enhancing discoverability. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent mechanisms. However, explicit security headers and detailed security policies are missing. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is minimal but consistent with the business claims, and no suspicious patterns were found. Overall, the website presents a professional and trustworthy front with good compliance to GDPR and privacy standards. Strategic improvements in security headers and incident response disclosures would enhance their security posture and trustworthiness further.

T

Troester GmbH & Co. KG

x-compound.ch

57

Troester GmbH & Co. KG is a medium-sized German manufacturing company specializing in the design, development, and production of Continuous Kneaders and compounding technology for rubber and plastics processing. Established since 1997 in this niche, the company holds a worldwide leading market position with a strong focus on quality and innovation. Their website reflects a professional B2B orientation targeting industrial manufacturers requiring advanced compounding solutions. The company offers a broad range of services including spare parts supply, process engineering, electrical equipment, and refurbishment services. The digital presence is supported by structured data and social media integration, enhancing discoverability and trust. Technically, the website is built on WordPress with a custom theme by B&B Markenagentur, employing modern web standards including responsive design and privacy-conscious analytics via Matomo. Hosting is managed through Deutsche Telekom's DNS infrastructure, indicating a stable and reliable environment. Performance and SEO are well addressed, though some improvements in security headers and cookie consent mechanisms could be made. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for maturity in security governance. Privacy compliance is generally good, supported by a comprehensive privacy policy, but lacks a visible cookie consent banner which is important for GDPR adherence. Overall, the website and company demonstrate a high level of professionalism and trustworthiness suitable for their industrial market segment. Strategic enhancements in security transparency and privacy mechanisms would further strengthen their digital risk management and compliance posture.

T

TROESTER GmbH & Co. KG

troester-parts.de

56

TROESTER GmbH & Co. KG operates the TEESIS online platform, a specialized electronic spare parts catalog designed for industrial customers and partners. The website facilitates fast and intuitive identification of spare parts, supporting B2B transactions in the manufacturing sector. The platform includes user login and registration capabilities, enhancing secure access to detailed product information. The business positions itself as a niche supplier with a focus on quality and service in the manufacturing industry, primarily targeting German and European markets. Technically, the website is built on the CATALOGcreator® platform, leveraging modern web technologies such as HTML5, CSS3, and JavaScript. The site demonstrates moderate performance and basic mobile optimization, with a clean and professional design. SEO and accessibility features are present but could be improved. The hosting environment supports HTTPS, ensuring encrypted communications. From a security perspective, the site enforces HTTPS and employs secure login forms. However, it lacks advanced security headers and does not publish explicit security policies or incident response procedures. Privacy compliance is strong, with a comprehensive GDPR-compliant privacy policy accessible via an external link. No cookie consent mechanism or terms of service page was found. No tracking or advertising scripts were detected, indicating a privacy-conscious approach. Overall, the website is trustworthy, professional, and safe for its intended industrial audience. The domain registration data aligns well with the business identity, supporting legitimacy. Strategic improvements in security headers, cookie consent, and mobile optimization would enhance the platform's security posture and user experience.

E

everso | Live music experience

eversomusic.de

53

everso is a German-based live music experience provider offering an exclusive artist team of over 80 performers for successful events. The website targets event organizers seeking professional live music entertainment, positioning itself as a specialized service provider in the media sector. The business model revolves around artist booking and event services, with a focus on quality and exclusivity. Technically, the website is built on WordPress using the Divi theme, enhanced with multiple plugins for multilingual support, SEO, and interactive content. The site features modern multimedia elements such as video backgrounds and animations, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and no exposed sensitive data, but lacks advanced security headers and explicit privacy or incident response policies. The absence of WHOIS registration data raises legitimacy concerns, though the professional presentation and active content mitigate some risk. Overall, the site is functional and professional but would benefit from improved transparency and security practices.