Security Directory

R

Rohr-Frei Völker GmbH

rohrfrei-ab.de

56

Rohr-Frei Völker GmbH is a specialized service provider in the Aschaffenburg district, Germany, offering comprehensive pipe and sewer cleaning, renovation, inspection, and drying services. The company emphasizes 24/7 availability, modern technology, and customer-oriented solutions. Their website reflects a local, trusted business with clear service offerings and certifications. Technically, the site is built on Webflow with responsive design and uses Cloudflare Turnstile captcha for form protection, indicating a moderate level of digital maturity. Security posture is adequate but could be improved with standard security headers and explicit privacy policies. Overall, the website is professional and trustworthy but lacks some compliance documentation and email contact details.

P

Plinko

plinko.co.za

63

Plinko.co.za is an online gaming platform specializing in the Plinko casino game, targeting primarily the South African market. The website offers real money gameplay, bonuses, and downloadable apps, with a focus on engaging and strategic gambling experiences. The business is relatively new, founded in 2024, and operates with a professional and consistent brand presence. The technical infrastructure leverages Cloudflare for DNS and CDN services, uses modern JavaScript modules, and integrates Google reCAPTCHA for form security. The site is well optimized for mobile and desktop users, providing a fast and accessible user experience. Security posture is solid with HTTPS and anti-bot measures, though explicit security policies and incident response contacts are absent. WHOIS data indicates a recent domain registration with some geographic mismatch between registrant country (Ukraine) and target market (South Africa), which is common in online gaming but should be monitored. Overall, the platform is trustworthy, compliant with basic privacy and cookie regulations, and provides a safe environment for adult users interested in online gambling.

D

Deutsche Post AG

deutschepost.de

71

Deutsche Post AG operates as the leading postal and logistics service provider in Germany, offering a wide range of services including letter and parcel delivery, express shipping, and online postage solutions. The company targets both private individuals and business customers, maintaining a strong market position supported by its parent company Deutsche Post DHL Group and its subsidiary DHL. The website reflects a mature digital presence with comprehensive service information and customer support features. Technically, the site employs modern JavaScript frameworks, Adobe Launch for tag management, and OneTrust for consent management, ensuring compliance with privacy regulations. Security measures include HTTPS enforcement and multiple security headers, contributing to a robust security posture. However, the absence of a dedicated security policy and incident response contact information suggests areas for improvement. Overall, the website is professional, trustworthy, and compliant with GDPR, supporting Deutsche Post's reputation as a reliable service provider.

The website arztsuchehessen.de is an official regional healthcare service platform operated by the Kassenärztliche Vereinigung Hessen, a public law corporation in Frankfurt/Main, Germany. It provides a comprehensive search tool for residents to find doctors, psychotherapists, and medical on-call services within Hessen. The platform offers detailed filtering options by specialty, location, gender, status, and additional qualifications, supporting users in locating appropriate healthcare providers efficiently. The site is professionally designed with consistent branding and clear navigation, targeting the general public in Hessen seeking medical services. Technically, the website employs modern web technologies including jQuery 3.7.1 and Livewire components, hosted on Anexia infrastructure. The site is mobile-optimized and uses SVG icons for a rich user interface. Performance is moderate with good SEO practices evident through meta tags and structured metadata. However, accessibility features are basic and could be improved to meet higher standards. From a security perspective, the site uses HTTPS and up-to-date JavaScript libraries, reducing risks from known vulnerabilities. However, no explicit security headers were detected, and there is no visible privacy policy, cookie consent mechanism, or incident response information, which are important for GDPR compliance and user trust. No advertising or tracking scripts were found, indicating minimal user tracking. Overall, the website is a trustworthy and professional healthcare directory with strong business credibility but could enhance its privacy compliance and security posture by adding relevant policies, consent mechanisms, and security headers. These improvements would strengthen user trust and regulatory adherence.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend (BMFSFJ)

familienportal.de

62

The Familienportal.de website is an official German federal government portal managed by the Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend (BMFSFJ). It serves as a comprehensive information hub for families, providing detailed guidance on state family benefits, legal regulations, advisory services, and various calculators and application forms. The portal targets families in Germany, including parents, children, and related social groups, positioning itself as the authoritative source for family-related governmental information. The site is professionally designed with consistent branding and excellent content quality, supporting a high level of trustworthiness. Technically, the website employs modern web technologies including JavaScript, SVG icons, and Matomo analytics for user behavior tracking with privacy-conscious consent mechanisms. The site demonstrates good mobile optimization, accessibility, and SEO practices, although no explicit CMS or hosting provider details are evident. Security posture is strong with HTTPS enforced and privacy-respecting analytics, but explicit security headers and incident response contacts are not clearly published. From a security and compliance perspective, the portal implements GDPR-compliant privacy and cookie policies with clear user consent mechanisms and data retention policies. However, it lacks visible vulnerability disclosure or security.txt files, and no direct contact information for security incidents is provided. Overall, the site maintains a solid security posture appropriate for a government information portal. The overall risk assessment is low, with no critical vulnerabilities or suspicious indicators detected. Strategic recommendations include publishing explicit security headers, providing incident response contact details, and establishing a vulnerability disclosure policy to enhance transparency and trust. The portal's technical infrastructure and content quality support its role as a trusted government resource for families in Germany.

S

Stadt Coburg

mein-coburg.de

54

The website www.coburg.de serves as the official municipal portal for the city of Coburg, Germany. It provides residents and visitors with up-to-date news, event information, and public service announcements. The site is well-branded with the city's official logo and maintains consistent content quality aimed at local citizens. The business model is focused on government communication and citizen engagement, positioning it as an essential resource for the community. The target audience includes local residents, businesses, and visitors seeking municipal information. Technically, the website employs a modern CMS platform (Information Enterprise Server by Sitepark GmbH) and integrates Matomo analytics with a GDPR-compliant cookie consent banner. The site uses HTTPS with strong security headers and includes accessibility and mobile optimization features. The technical infrastructure supports a moderate performance level with good SEO practices. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, consent mechanisms, and use of reCAPTCHA for forms. However, it lacks explicit published security policies, incident response contacts, and vulnerability disclosure information. No vulnerabilities or suspicious activities were detected in the content or scripts. The WHOIS data aligns with a legitimate municipal domain, enhancing trust. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include publishing explicit security and incident response policies, enhancing direct contact information, and considering a vulnerability disclosure policy to further strengthen trust and security posture.

A

Arbeitgeberverband Oldenburg e.V.

agv-oldenburg.de

57

Arbeitgeberverband Oldenburg e.V. is the largest employer association in northwest Lower Saxony, Germany, representing over 750 companies and approximately 85,000 employees. The association offers a broad range of services including legal advice, process representation, cost avoidance, interest representation, seminars, and networking opportunities. The website reflects a professional and well-established organization with a history dating back to 1919. The target audience primarily consists of employers across various industries in the region. Technically, the website employs modern web technologies such as Matomo for analytics, StimulusJS for frontend interactivity, and Swiper.js for sliders. The site is mobile-optimized, accessible, and SEO-friendly, though no explicit CMS was detected. Hosting appears to be managed via your-server.de and related nameservers. From a security perspective, the site uses HTTPS with good SSL configuration and respects DoNotTrack settings in analytics. However, it lacks visible security headers and does not provide explicit incident response or vulnerability disclosure information. Privacy compliance is strong with a comprehensive privacy policy and terms of service, but no cookie consent mechanism was found. Overall, the website is trustworthy, professional, and well-maintained, with minor areas for improvement in security headers and privacy consent mechanisms. There is no indication of blocking or WAF interference, and the content is safe for general audiences.

L

Landkreis Kulmbach

landkreis-kulmbach.de

52

Landkreis Kulmbach operates as a regional government authority in Germany, providing a wide range of public services including citizen services, vehicle registration, waste management, health and social services, education, and environmental initiatives. The website serves as a comprehensive portal for residents and stakeholders, offering access to information, forms, and contact points. The organization holds a stable market position as a public sector entity with a focus on community engagement and regional development. Technically, the website is built on TYPO3 CMS, leveraging modern responsive design and web standards to ensure accessibility and usability across devices. The infrastructure appears professionally managed, likely hosted under Deutsche Telekom domains, with secure HTTPS connections and optimized content delivery. However, some areas such as cookie consent and security headers could be improved to enhance compliance and security. From a security perspective, the site enforces HTTPS and provides warnings against phishing attempts, indicating awareness of security risks. No critical vulnerabilities or exposed sensitive data were detected. The absence of explicit security policies and incident response contacts suggests room for maturity in security governance. Overall, the site maintains a good security posture appropriate for a government website. The overall risk assessment is low, with recommendations focusing on enhancing privacy compliance through cookie consent mechanisms, publishing security policies, and implementing additional security headers. These improvements will strengthen trust and regulatory adherence while maintaining the site's role as a reliable public service platform.

S

Stadt Coburg

coburg.de

54

The website www.coburg.de serves as the official online portal for the city of Coburg, Germany, providing a wide range of municipal information and services to residents and visitors. It offers access to online services, event information, local news, and administrative resources, positioning itself as a comprehensive digital gateway for the city's public administration and community engagement. The site targets citizens, tourists, and local businesses, emphasizing accessibility and service convenience. Technically, the website is built on the Sitepark CMS platform, utilizing modern web technologies including responsive design, SVG icons, and Matomo analytics for privacy-conscious user tracking. The site demonstrates good mobile optimization, accessibility features, and SEO practices, contributing to a positive user experience and efficient content delivery. From a security perspective, the site enforces HTTPS and employs a cookie consent mechanism compliant with GDPR standards. While explicit security headers and incident response policies are not clearly published, no critical vulnerabilities or suspicious activities were detected. The use of Matomo analytics reflects a commitment to privacy and data protection. Overall, the website presents a professional, trustworthy, and user-friendly interface for municipal services. Strategic recommendations include enhancing security header implementation, publishing clear security and incident response policies, and considering a vulnerability disclosure program to further strengthen trust and compliance.

L

LUKi e.V.

kirche.social

60

kirche.social is a niche Mastodon social networking instance operated by the non-profit organization LUKi e.V., focusing on Christian, interdenominational, and ecumenical communities. The platform provides a community-driven social experience within the fediverse, emphasizing privacy and open-source technologies. The website is well-structured, with good content quality and clear navigation, primarily targeting German-speaking users interested in church-related social networking. Technically, the site leverages modern frameworks such as React and Mastodon 4.4.8, ensuring a responsive and accessible user experience. Security posture is adequate with HTTPS usage and no visible vulnerabilities, though security headers and incident response information could be improved. Privacy compliance is partially addressed with a privacy policy but lacks cookie consent mechanisms and terms of service. Overall, the domain WHOIS data is privacy protected, which is justified for this non-profit community platform. The site demonstrates a trustworthy and professional presence within its niche.

K

Kindertagesstätte St. Anna Bad Staffelstein

kita-stanna-badstaffelstein.de

59

Kindertagesstätte St. Anna Bad Staffelstein is a small, local childcare and early education provider affiliated with the Catholic Church (Erzbistum Bamberg) serving families in Bad Staffelstein, Germany. The website provides comprehensive information about childcare services including nursery (Krippe), kindergarten, parental fees, daily routines, and contact details. The business model is non-profit and community-focused, targeting parents seeking trusted childcare solutions. The site is well-branded and consistent with the parent organization’s identity. Technically, the website is built on the Alkacon Mercury CMS platform, utilizing modern web technologies such as JavaScript, SVG icons, and Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized and includes strong accessibility features via the eyeAble plugin. Performance is moderate with good SEO and metadata implementation. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. No critical vulnerabilities or exposed sensitive data were detected. However, security headers are not explicitly observed and no incident response or vulnerability disclosure information is provided, which could be improved. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. It effectively serves its target audience with clear contact information and relevant content. Strategic improvements in security policy transparency and technical security headers would enhance its posture further.

B

Bundeskanzleramt (Federal Chancellery of Germany)

bundeskanzler.de

65

The website represents the official online presence of the Federal Chancellor of the Federal Republic of Germany, currently Friedrich Merz. It serves as a government information portal providing details about the Chancellor, his appointments, and the functions of the Federal Chancellery. The site targets the general public, citizens of Germany, and international visitors interested in German government affairs. The business model is purely informational and public service oriented, with a strong emphasis on trust and official representation. Technically, the website is built on the CoreMedia CMS platform and uses modern web technologies including SVG icons and JavaScript. It is optimized for mobile devices and demonstrates good accessibility and SEO practices. The site employs Piwik (Matomo) analytics with privacy-conscious configurations such as disabling cookies and honoring Do Not Track signals. From a security perspective, the site uses HTTPS with good SSL configuration and implements some privacy best practices. However, it lacks explicit security headers, a security.txt file, and clear incident response contact information. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is professional, trustworthy, and secure for its purpose, but could improve privacy compliance and security transparency by publishing privacy and cookie policies, security disclosures, and contact details for incident response.

F

Frankfurt du bist so wunderbar

frankfurtdubistsowunderbar.de

41

Frankfurt du bist so wunderbar is a local online magazine and blog dedicated to urban life in Frankfurt, Germany. It serves as a cultural and culinary guide, providing curated content for residents and enthusiasts of the city. The website leverages Drupal 10 CMS and modern web technologies to deliver a responsive and visually appealing user experience. It maintains an active social media presence across Instagram, Facebook, Pinterest, and TikTok, enhancing community engagement. However, the site lacks explicit privacy policy and terms of service pages, which are important for compliance and user trust. The cookie consent banner indicates GDPR awareness and usage of Google Analytics for anonymized statistics. Security posture is moderate with room for improvement in security headers and incident response transparency. Overall, the website is professionally designed, content-rich, and trustworthy, but could benefit from enhanced privacy and security documentation.

C

CariThek – Bamberger Freiwilligenzentrum

carithek.de

63

CariThek – Bamberger Freiwilligenzentrum is a local non-profit volunteer center based in Bamberg, Germany, affiliated with Caritas Bamberg. The organization focuses on promoting volunteer engagement, providing consulting services, training, and managing various social projects aimed at community support and integration. The website serves as an information hub for volunteers and organizations, offering access to volunteer opportunities, news, events, and educational resources. Technically, the site is built on the alkacon Mercury CMS platform, employs modern web technologies including SVG icons and JavaScript, and integrates Matomo analytics for privacy-conscious user tracking. Accessibility features and cookie consent mechanisms are implemented, reflecting a commitment to inclusivity and compliance with GDPR. Security posture is solid with HTTPS enforced and standard security headers present, though explicit security policies and incident response contacts are not published. Overall, the website is professional, trustworthy, and well-aligned with its non-profit mission.

Ducati Polska operates as the exclusive importer and distributor of Ducati motorcycles and related accessories in Poland. The website serves as a comprehensive platform for showcasing Ducati's motorcycle models, offering configurators, dealer locators, and test ride booking services. The business targets motorcycle enthusiasts and potential buyers within the Polish market, positioning itself as a key player in the transportation sector with a medium-sized operational scale and a founding date consistent with the domain registration in 2011. Technically, the website employs modern web technologies including Google Analytics, Facebook Pixel, and Google Tag Manager, ensuring effective marketing and user tracking. The site is hosted by a reputable Polish hosting provider and demonstrates good mobile optimization and SEO practices. Security-wise, the site uses HTTPS and reCAPTCHA, but lacks advanced security headers and publicly available security policies or incident response information, indicating room for improvement in security posture. Overall, the site is professional, trustworthy, and compliant with GDPR cookie consent requirements, though it could enhance transparency by publishing privacy and security policies.

C

Caritasverband für die Erzdiözese Bamberg e.V.

caritas-bamberg.de

61

The Caritasverband für die Erzdiözese Bamberg e.V. is a large non-profit organization serving as the leading Caritas association in Upper Franconia and parts of Middle Franconia, Germany. It represents over 500 social services and employs approximately 12,000 full-time staff and 12,500 volunteers, focusing on supporting disadvantaged and needy individuals. The website reflects a well-structured and professionally maintained digital presence with comprehensive information about their services, current news, and accessibility features. Technically, the website is built on the Alkacon Mercury CMS platform, leveraging modern web technologies including JavaScript, SVG icons, and Matomo analytics for privacy-conscious user tracking. The site is hosted on infrastructure associated with the Archdiocese of Bamberg, ensuring regional relevance and control. Performance and mobile optimization are good, with strong accessibility support via the Eye-Able plugin. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and a published security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with a clear privacy policy and GDPR adherence. Overall, the website is trustworthy, professional, and well-aligned with the organization's mission. Strategic improvements could include adding security headers, publishing a security policy, and providing incident response contact details to enhance security posture and user trust.

R

Radio ffn

ffn-history.de

54

The website www.ffn-history.de serves as a historical timeline archive commemorating 38 years of radio ffn, a German radio broadcasting station. It targets German-speaking listeners and fans interested in the station's history and moderators. The site is built on TYPO3 CMS and employs modern web technologies including Turbo Frames and SVG icons, providing a good user experience with clear navigation and mobile optimization. The content is professionally presented and consistent with the brand identity of radio ffn. From a technical perspective, the site uses HTTPS with a Content-Security-Policy header to upgrade insecure requests, ensuring a secure browsing environment. However, additional security headers could be implemented to enhance protection. The site includes tracking scripts from script.ioam.de, indicating moderate user tracking without explicit cookie consent mechanisms, which may affect GDPR compliance. The WHOIS data aligns well with the website's business history and domain age, supporting the legitimacy of the site. Contact information is limited to an email address in the footer, with no phone numbers or physical addresses provided. No forms or incident response contacts are found, and no vulnerability disclosure or security policy pages are evident. Overall, the website is safe, professional, and trustworthy, with room for improvement in privacy compliance and security header implementation. Strategic recommendations include adding cookie consent, enhancing security headers, and providing clearer security and incident response information.

R

rentitnow

rentitnow.de

65

rentitNOW is a German-based event equipment rental company specializing in non-food catering supplies such as rental furniture, bars, kitchen technology, glassware, porcelain, and cutlery. The company operates multiple sales channels including Berlin and Hannover, serving event organizers and catering businesses nationwide. The website demonstrates a professional digital presence with clear business descriptions, regional sales options, and a user-friendly interface. Technically, the site uses modern JavaScript frameworks, Google Tag Manager, and a consent management platform to comply with GDPR requirements. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the site is well-structured, mobile-optimized, and trustworthy, supporting a medium-sized business in the hospitality and e-commerce sectors.

E

Ecofleet CZ s.r.o.

ecofleet.cz

11

Ecofleet CZ s.r.o. is a well-established company founded in 2014, specializing in advanced vehicle monitoring and fleet management solutions primarily serving the Czech Republic, Slovakia, and over 25 European countries. The company operates under the parent company Fleet Complete, offering a modular SaaS platform with comprehensive tools including real-time vehicle tracking, automated electronic logbooks, reporting, and mobile applications for iOS and Android. The website reflects a professional and consistent brand image with clear navigation and detailed product information, targeting fleet managers and logistics companies. Technically, the site employs modern JavaScript libraries and tracking tools such as Google Analytics, Microsoft Clarity, and Smartlook, with a cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and secure form handling, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website is trustworthy, well-optimized for mobile, and provides multiple contact channels, supporting a high level of business credibility.

A

a. hartrodt

hartrodt.com

47

a. hartrodt is a large, established international logistics and transport company with over 2,000 employees and a global network spanning more than 100 locations. Their business focuses on providing comprehensive transport and forwarding services including sea freight, airfreight, land transport, project logistics, and warehousing. The company emphasizes reliability and customer service, offering tracking and tracing capabilities to ensure shipment visibility. Technically, the website is well-constructed with modern web technologies including SVG icons and Matomo analytics for privacy-respecting user tracking. The site is mobile-optimized and accessible, with good SEO practices and a professional design. Security posture is solid with HTTPS enforced and secure form handling, though explicit security headers and published security policies are absent. The WHOIS data is unavailable from the queried source, which raises some concerns about domain registration transparency. However, the professional presentation, comprehensive content, and consistent branding strongly indicate a legitimate and trustworthy business. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the website represents a mature digital presence for a global logistics provider with minor areas for improvement in security transparency and WHOIS data availability.

B

Bayerische Landeszentrale für neue Medien (BLM)

blm.de

61

The Bayerische Landeszentrale für neue Medien (BLM) is the official regulatory authority overseeing private radio, television, and online media offerings in Bavaria, Germany. The website serves as a comprehensive portal providing information on licensing, youth and user protection, advertising regulation, media research, and public communication. It targets media professionals, private broadcasters, and the general Bavarian public. The site is well-positioned as a trusted government entity with a clear mission and extensive service offerings. Technically, the website is built on the CONTENS CMS platform, utilizing modern web technologies including JavaScript, CSS, and SVG icons. It features responsive design optimized for mobile devices and includes accessibility considerations. The site employs HTTPS and integrates etracker analytics with a user consent mechanism, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and includes basic security headers, though there is room for enhancement with additional headers like Content-Security-Policy. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies and a consent banner. However, no explicit incident response or vulnerability disclosure policies were found. Overall, the website demonstrates a high level of professionalism, security, and compliance appropriate for a government regulatory body. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding a vulnerability disclosure policy to further strengthen trust and security posture.

M

Media Broadcast

media-broadcast.com

64

Media Broadcast is a leading German full-service provider specializing in broadcast and media solutions for television, radio, and digital platforms. The company offers a comprehensive range of services including signal transmission, network planning, professional services, and innovative 5G campus network solutions. Their market position as a leader in Germany's media infrastructure sector is supported by a professional and content-rich website that clearly targets broadcasters, media companies, and industrial clients. Technically, the website is built on the Squarespace platform, leveraging modern web technologies and optimized for mobile devices. The site demonstrates good SEO practices and moderate performance, with a cookie consent mechanism in place to comply with privacy regulations. However, the absence of a privacy policy and terms of service pages indicates gaps in privacy compliance. From a security perspective, the site enforces HTTPS with HSTS and uses standard security headers, reflecting a good security posture. No vulnerabilities or exposed sensitive data were detected. The lack of a security policy or incident response contact information suggests room for improvement in security transparency and readiness. Overall, the website presents a trustworthy and professional image but would benefit from enhanced privacy and security disclosures. The missing WHOIS data raises questions about domain registration legitimacy, warranting further verification. Strategic recommendations include publishing comprehensive privacy and security policies, adding incident response contacts, and improving accessibility features to strengthen compliance and user trust.

S

Setra Buses

setra.de

61

Setra Buses is a premium bus manufacturer affiliated with Daimler Buses, offering a range of bus models and comprehensive services including leasing, used bus sales, and after-sales support. The website is professionally designed, multilingual, and targets transportation companies and bus operators primarily in German-speaking and European markets. The technical infrastructure includes modern web technologies, a consent management platform, and Matomo analytics, indicating a mature digital presence. Security posture is generally good with HTTPS and privacy compliance, though explicit security headers and incident response information are lacking. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional website content. Overall, the site is trustworthy but would benefit from improved transparency in domain registration and enhanced security headers.

N

National Heritage Institute

vltava2025.cz

45

The website vltava2025.cz is an official cultural project site managed by the Czech National Heritage Institute, commemorating the 150th anniversary of Bedřich Smetana’s symphonic poem Vltava. It serves as a platform to promote exhibitions, events, and educational content related to the Vltava River as a national symbol. The site is well-positioned within the government and cultural heritage sector, supported by reputable partners and media sponsors. The target audience includes the general public interested in Czech culture and heritage. Technically, the website employs modern web technologies including Google Tag Manager, jQuery, Leaflet.js for mapping, and integrates external APIs such as Mapy.cz. The site is hosted by Webglobe, with a clean and professional design optimized for mobile and accessibility. SEO and content quality are excellent, with clear navigation and rich multimedia content. From a security perspective, the site uses HTTPS and cookie consent mechanisms with granular user control. While some security headers are not explicitly detected, no critical vulnerabilities or exposed sensitive data were found. Privacy compliance is strong, with clear privacy and cookie policies linked from the site. No incident response or security policy pages were found. Overall, the website presents a low-risk profile with strong business credibility and compliance. Recommendations include enhancing security headers and publishing a formal security policy. The domain is newly registered but consistent with the project timeline and legitimate in nature.

M

mas.to

mas.to

69

mas.to is an independent Mastodon server providing a federated social networking platform within the fediverse. It offers users a fast, up-to-date, and engaging environment to participate in decentralized social media. The website demonstrates a consistent brand and clear focus on Mastodon-based social networking services, targeting a general audience interested in privacy-respecting social platforms. Technically, the site employs modern web technologies including Mastodon 4.4.8, React, and ES modules, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement, script integrity checks, and nonce usage, although explicit security headers and incident response policies are not published. Privacy compliance is adequate with accessible privacy and terms pages, but lacks a cookie consent mechanism. Overall, the site is trustworthy and professionally maintained, with room for improvement in transparency and security documentation.

N

NRK and Meteorologisk institutt

yr.no

67

Yr is a reputable weather forecasting website operated as a collaboration between NRK, the Norwegian Broadcasting Corporation, and the Norwegian Meteorological Institute. It provides comprehensive weather forecasts including hourly updates, long-term forecasts, precipitation maps, and weather warnings for over 10 million locations worldwide. The site targets a broad audience including the general public and outdoor enthusiasts, positioning itself as a leading weather information provider in Norway with global reach. The business model is public service oriented, offering free access to weather data and related content.

M

Manger Bouger

mangerbouger.fr

55

MangerBouger.fr is an official French public health website dedicated to promoting healthier eating habits and increased physical activity among the general population. It offers a wide range of resources including recipes, activity ideas, personalized content via quizzes, and educational materials for both the public and professionals. The site is clearly positioned as a government-backed platform, supported by Santé publique France, and targets all age groups from children to seniors. Technically, the site is built on the eZ Platform CMS, uses modern JavaScript and SVG icons, and integrates advanced tag management and analytics tools such as TagCommander and Piano Analytics. The website is mobile-optimized with good SEO and accessibility features, although accessibility compliance is noted as non-conformant. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and published security policies. The WHOIS data is not publicly available, which is typical for French government domains, but the domain and website content strongly indicate legitimacy and trustworthiness. Overall, the site scores highly on content quality, technical implementation, privacy compliance, and business credibility, making it a reliable and professional resource for public health information.

S

SCM Hänssler

scm-haenssler.de

67

SCM Hänssler operates as a Christian-focused e-commerce retailer specializing in books, music, and related products. The website serves a German-speaking audience with a broad catalog of Christian literature and media, positioning itself as a trusted provider within this niche. The business model centers on online retail with a strong emphasis on customer service and compliance with European data protection regulations. Technically, the site is built on the Magento platform, leveraging modern web technologies and analytics tools such as Google Analytics and Matomo. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

E

Electric Ireland

electricireland.ie

72

Electric Ireland is a leading energy supplier in Ireland providing electricity and gas services to residential and business customers. Their website offers comprehensive information on price plans, smart meters, solar PV solutions, and customer support, reflecting a mature and customer-focused business model. The company targets Irish energy consumers with a broad portfolio of energy products and services. Technically, the website is built on the Sitefinity CMS platform, uses modern web technologies including Google Tag Manager and OneTrust for cookie consent, and demonstrates good mobile optimization and accessibility. Security-wise, the site enforces HTTPS, implements key security headers, and manages cookie consent effectively, though explicit security policies and incident response information are not prominently published. The absence of WHOIS data limits domain trust verification, but the website's professional presentation and comprehensive content suggest legitimacy. Overall, the site scores well on content quality, technical implementation, security posture, and privacy compliance, with room for improvement in business credibility transparency and security disclosures.

I

Intelligent Transport Systems Ireland

itsireland.ie

56

Intelligent Transport Systems Ireland is a non-profit partnership focused on promoting the development and deployment of ITS technologies for safer and more sustainable transport in Ireland. The organization serves a diverse audience including government bodies, academic institutions, consultancies, and transport operators. Their business model centers on membership engagement and event organization, positioning them as a key national body in the ITS sector. Technically, the website is built on the Squarespace platform, leveraging modern web technologies and providing a good user experience with mobile optimization and basic accessibility. Security posture is solid with HTTPS and HSTS enabled, though the absence of privacy and cookie policies and lack of visible contact information represent compliance and trust gaps. Overall, the website is professional and trustworthy but could improve in privacy compliance and transparency.

N

Nouvelle-Ligne

nlcontest.com

55

NL Contest is a well-established urban sports and arts festival based in Strasbourg, France, organized by Nouvelle-Ligne. The website showcases event information, results, media content, and partner affiliations, targeting urban sports enthusiasts and festival attendees. The business operates primarily as an event organizer and promoter with a strong community and partner network. Technically, the site is built on WordPress with integrations such as Google Maps API, Google Analytics, and Facebook Pixel, indicating a moderate level of digital maturity. The website is mobile-optimized and SEO-friendly with good content quality and navigation. Security posture is solid with HTTPS enforced and cookie consent implemented, though security headers and formal policies are absent. The WHOIS data is missing, raising concerns about domain registration legitimacy, but the professional content and social presence mitigate some risk. Overall, the site is trustworthy but would benefit from improved transparency and security documentation.

6

6. středisko Zlín

zlin6.cz

39

6. středisko Zlín is a local scouting organization in the Czech Republic focused on youth development through outdoor activities, skill-building, and community engagement. The website serves as an informational portal for children, parents, and scout leaders, providing details about groups, events, and support opportunities. Technically, the site is built on WordPress with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and formal privacy or cookie policies, which are areas for improvement. The domain is mature and registration data aligns well with the organization's profile, supporting legitimacy. Overall, the site is trustworthy and professionally presented but could enhance compliance and security practices.

C

Conseil supérieur du notariat

notaires.fr

66

The website www.notaires.fr is the official portal for Notaires de France, managed by the Conseil supérieur du notariat. It serves as a comprehensive resource for legal and notarial information, targeting the general public, businesses, and government entities in France. The site offers extensive content on donations, successions, real estate, family law, and business-related legal services, supported by interactive tools and online services such as apostille processing and mediation. The website is well-branded, professionally designed, and consistent with its official government affiliation. Technically, the site is built on the Drupal CMS platform, utilizing modern JavaScript libraries and SVG icons for a responsive and accessible user experience. Performance is moderate with good mobile optimization and SEO practices. Security posture is strong, with HTTPS enforced and multiple security headers implemented. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust, with clear privacy and cookie policies aligned with GDPR requirements. Overall, the site demonstrates a mature digital infrastructure suitable for a government-affiliated entity, with strong trust indicators and a high level of professionalism. The lack of public WHOIS data is consistent with AFNIC privacy norms for French domains and does not detract from the site's legitimacy. Contact is primarily via secure forms rather than direct emails or phone numbers, aligning with best practices for public service websites.

KRZN – Kommunales Rechenzentrum Niederrhein is a large, well-established municipal IT service provider in Germany, founded in 1971. It serves 46 local government administrations with over 18,000 IT workstations supported by more than 500 employees across two main locations. The organization offers a broad portfolio of IT solutions tailored for public sector needs, including web conferencing systems with official certifications. Technically, the website is built on Drupal CMS, hosted likely by Deutsche Telekom, and uses eTracker for analytics. The site is well-structured, mobile-optimized, and professionally designed, reflecting a mature digital presence. Security posture is solid with HTTPS and no evident vulnerabilities, though explicit security headers and incident response policies are absent. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the domain registration data aligns well with the business profile, indicating high legitimacy and trustworthiness.

LinkedIn is a leading professional networking platform with over a billion members worldwide. It provides services including professional identity management, job search, online learning, and business advertising. The platform is positioned as a market leader in the technology sector, serving professionals, job seekers, and businesses globally. Technically, LinkedIn employs modern web technologies such as React, integrates Google Identity Services for authentication, and uses SVG icons and lazy loading for performance optimization. The website is mobile-optimized, accessible, and SEO-friendly. Security posture is strong with HTTPS enforced, secure forms, and cookie consent mechanisms, although explicit public security policies and incident response contacts are not found. The WHOIS data is unavailable, likely due to privacy protection, which is justified for a large enterprise. Overall, LinkedIn demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

S

Sousedé

sousede.cz

59

Sousedé.cz is a Czech Republic based digital platform specializing in the management and collaboration of residential communities, specifically SVJ (homeowners associations) and apartment buildings. The platform connects committees, property managers, management companies, and unit owners to streamline communication, legal compliance, and administrative tasks. It offers key services such as duty monitoring, online voting, document management, and integration with established property management systems like DOMUS. The website positions itself as a leading portal in its niche with over 2,000 buildings and 45,000 users, emphasizing ease of use and comprehensive features for all stakeholders. Technically, the website is built on modern web technologies including React and Next.js, ensuring fast performance and excellent mobile responsiveness. It integrates analytics and marketing tools such as Google Analytics and HubSpot, and employs security best practices including HTTPS and security headers. The site features a well-structured user interface with clear navigation and professional design, supporting a positive user experience. From a security perspective, the platform demonstrates good practices with encrypted connections and role-based access controls. However, there is no publicly visible incident response or vulnerability disclosure policy, and WHOIS data for the domain is unavailable, which slightly impacts trustworthiness. Privacy and cookie policies are comprehensive and GDPR compliant, with user consent mechanisms in place. Overall, Sousedé.cz presents a mature and professional digital service for residential community management in the Czech market. Strategic recommendations include improving transparency by publishing domain registration details, establishing a formal security incident response policy, and adding a security.txt file to facilitate vulnerability reporting.

V

VAMED Care Holding Deutschland GmbH

vamed-gesundheit.de

52

VAMED Gesundheit Deutschland is a large healthcare provider specializing in rehabilitation, acute clinics, outpatient medical centers, and senior care facilities across Germany. The company operates multiple clinics and centers, offering a broad range of specialized rehabilitation services including neurological, cardiological, oncological, and post-COVID-19 rehabilitation. The website reflects a professional and consistent brand presence with clear navigation and relevant content targeting patients, healthcare professionals, and potential employees. Technically, the website is built on the TYPO3 CMS platform, hosted via Akamai CDN infrastructure, and incorporates modern web technologies including JavaScript and SVG graphics. The site is mobile-optimized, accessible, and SEO-friendly. GDPR compliance is addressed through a cookie consent mechanism powered by Usercentrics, and privacy policies are clearly linked. From a security perspective, the site enforces HTTPS and uses cookie consent tools but lacks explicit security headers and publicly disclosed incident response contacts or vulnerability disclosure policies. No vulnerabilities or sensitive data exposures were detected. WHOIS data aligns well with the business profile, indicating a legitimate and trustworthy domain registration. Overall, the website demonstrates a strong business credibility and technical maturity with room for improvement in security transparency and incident response readiness.

Korbáčikovo Zázrivá is a small hospitality business located in Slovakia, offering accommodation, wellness, dining, golf, and recreational services focused on the Mala Fatra region. The website is professionally designed with excellent content quality, clear navigation, and mobile optimization. It integrates a booking engine and complies with GDPR and cookie regulations, providing transparent contact information and social media presence. Technically, the site uses modern JavaScript frameworks and libraries, with good performance and accessibility. Security posture is solid with HTTPS and cookie consent, though additional security headers and formal security policies could enhance protection. Overall, the website reflects a trustworthy and legitimate business with a strong regional market position.

M

MYJO, s.r.o. - REZEO

rezeo.cz

44

REZEO is a Czech Republic based SaaS company specializing in an online reservation system tailored for small accommodation providers. The platform aims to simplify online booking processes, enhance guest comfort, and improve rental efficiency. The company operates under MYJO, s.r.o., founded in 2021, positioning itself as a niche player in the hospitality sector. The website reflects a professional and consistent brand image with a clear focus on its target audience. Technically, the site employs modern web technologies including Google Tag Manager, Facebook Pixel, and consent management tools, hosted by Active24. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS enforced and cookie consent implemented; however, security headers and formal policies like privacy and terms of service are missing, representing areas for improvement. Overall, the website is trustworthy and functional, with moderate user tracking and marketing integration.

E

ExpiredDomains.com

mariestumpfova.com

71

ExpiredDomains.com operates as a specialized online platform aggregating expired and expiring domain listings from multiple TLDs, providing domain investors, SEOs, and marketers with comprehensive data and filtering tools. The platform does not directly sell domains but facilitates purchases through trusted partners like GoDaddy, positioning itself as a valuable resource in the domain aftermarket space. Technically, the website employs modern web standards with responsive design and integrates SVG icons and JavaScript for enhanced user experience. Hosting and DNS are managed via reputable providers including Cloudflare and GoDaddy, ensuring reliable uptime and performance. Security posture is adequate with HTTPS enforced and CSRF protections in place, though additional security headers and explicit policies could improve resilience. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Business credibility is supported by consistent branding, user testimonials, and active social media engagement. Overall, the site is accessible, professional, and trustworthy with no indications of malicious or adult content.

R

Repronis s.r.o.

repronis.cz

43

Repronis s.r.o. is a Czech Republic based production agency specializing in printing services, large format printing, advertising items, and media campaigns including social media and special events. Established in 2000 and part of the Ovision Group, it serves local business clients primarily in Ostrava and surrounding regions. The website is built on Joomla CMS with modern UIkit framework and Yootheme templates, offering a professional and mobile-optimized user experience. Security posture is adequate with HTTPS and CSRF protections, but lacks advanced security headers and explicit incident response policies. Privacy compliance is partially addressed with GDPR policy documents but lacks cookie consent mechanisms. Overall, the business demonstrates strong credibility with clear contact information, client references, and consistent branding.

I

Infigy

infigy.cz

52

Infigy is a Czech-based company specializing in smart energy management solutions that integrate photovoltaic systems, batteries, heat pumps, boilers, and electric vehicle chargers. Their platform optimizes energy consumption and production to maximize self-consumption and cost savings, targeting residential and commercial customers as well as energy communities. The company is relatively young, founded in 2022, but presents a professional and mature digital presence with strong local partnerships and certifications. Technically, the website is built on modern frameworks like Next.js and React, with good performance and mobile optimization. Security posture is solid with HTTPS and secure form handling, though explicit security policies and incident response contacts are not published. Overall, the website is trustworthy, professional, and well-positioned in the Czech energy market.

O

OVISION CZ a.s.

ovision.cz

46

OVISION CZ a.s. is a Czech-based company specializing in comprehensive document services, including reprography, postal operations, digitalization, and outsourcing of printing environments. Established in 2014, the company has grown through multiple acquisitions and operates several subsidiaries under the OVISION GROUP brand. Their target audience primarily consists of businesses seeking efficient document management and outsourcing solutions. The website reflects a professional and consistent brand image with clear service offerings and contact information. Technically, the site is built on Joomla CMS with UIkit framework and uses modern JavaScript libraries, providing a moderate performance and good mobile optimization. However, there are gaps in privacy compliance and security best practices, such as the absence of privacy and cookie policies and missing security headers. No WAF or blocking mechanisms were detected, and the domain registration aligns well with the company's business claims, indicating legitimacy.

D

DigiLabs Software, s.r.o.

zsdidaktis.cz

55

ZŠ DidaSmart is a private primary school located in Brno, Czech Republic, specializing in education for gifted children with an individualized approach. The school emphasizes talent development and preparation for gymnasium entrance exams, boasting over 10 years of successful teaching experience and ranking in the top 10% of Czech primary schools based on SCIO test results. The website is professionally designed, mobile-optimized, and rich in relevant content targeting parents and prospective students. Technically, the site uses modern web technologies including Google Tag Manager and Facebook Pixel for analytics and marketing, and is built on a Nette-based CMS framework. Security posture is good with HTTPS enforced and secure forms, though some security headers are missing. Privacy and cookie policies are present, indicating GDPR compliance, but explicit cookie consent mechanisms could be improved. Contact information is comprehensive, including email, phone, physical address, and a contact form. WHOIS data is unavailable, which reduces domain trustworthiness despite the professional presentation. Overall, the website demonstrates a strong business presence with good technical and security practices, suitable for its educational mission.

B

Broadcast Jobs

broadcastjobs.com

57

Broadcast Jobs is a UK-focused online platform providing guidance and resources for job seekers in the TV, film, and media industries. It aggregates and directs users to job listings, professional recruiters, freelancing opportunities, and diversity initiatives. The site is positioned as a niche resource within the UK media job market, targeting professionals and freelancers seeking employment opportunities. Technically, the website is built on the Squarespace platform, leveraging its CMS and hosting infrastructure, with a moderate performance profile and good mobile optimization. Security-wise, the site enforces HTTPS with HSTS, indicating a strong SSL configuration, but lacks publicly available privacy, cookie, and security policies, which are areas for improvement. Overall, the website presents a professional and trustworthy front but would benefit from enhanced privacy compliance and explicit security disclosures.

W

willy.tel

willytel.de

55

willy.tel is a regional telecommunications company based in Hamburg, Germany, with a history dating back to 1960. The company operates its own independent fiber optic network serving over 160,000 households and businesses, offering internet, telephone, TV (IPTV), and mobile services. It targets private customers, business clients, and the housing industry, positioning itself as a regional leader with comprehensive service offerings and customer portals. Technically, the website is built on TYPO3 CMS with Bootstrap, providing a responsive and accessible user experience. Security posture is strong with HTTPS and security headers implemented, though there is room for improvement in cookie consent and explicit security policies. Overall, the website is professional, trustworthy, and compliant with GDPR, reflecting a mature digital presence.

J

Jamf

jamfnow.com

74

Jamf Now is a cloud-based mobile device management solution focused on Apple devices, providing easy and affordable device management for businesses without requiring IT support. The website analyzed is the official login portal for Jamf Now, featuring a professional design, modern Angular framework, and secure HTTPS connections. The site includes comprehensive privacy and terms of service documentation, reflecting a mature compliance posture. Security features such as secure password inputs and cookie consent mechanisms are implemented, though explicit security headers were not detected in the provided data. The absence of WHOIS data for the subdomain is typical and does not detract from the legitimacy of the service, as the main domain is well-known and trusted. Overall, the site demonstrates a strong technical and security posture suitable for enterprise SaaS services.

M

Ministerium für Kultus, Jugend und Sport Baden-Württemberg

km-bw.de

67

The website km.baden-wuerttemberg.de is the official portal for the Ministry of Education, Youth and Sports of Baden-Württemberg, Germany. It serves as a comprehensive information hub for education policies, youth programs, sports initiatives, cultural affairs, and public services related to schooling and early childhood education in the region. The site targets citizens, students, parents, and educators within Baden-Württemberg, providing official government content and resources. The business model is public service and information dissemination as part of the regional government infrastructure. Technically, the site is built on TYPO3 CMS, a robust open-source content management system, and employs Matomo analytics with a user consent mechanism, reflecting a privacy-conscious approach. The site uses modern web technologies including responsive design, SVG icons, and asynchronous JavaScript loading. Hosting appears to be managed by Baden-Württemberg state infrastructure, ensuring reliability and compliance with government standards. From a security perspective, the site enforces HTTPS and uses cookie consent for analytics. While some standard security headers are present, there is room for improvement by adding additional headers like Content-Security-Policy and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the official nature of the site, showing consistent domain registration and name servers. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations such as GDPR. It provides a safe and accessible user experience with clear navigation and relevant content. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and adding a vulnerability disclosure mechanism to further strengthen trust and security posture.

R

Recisio

karafun.es

72

KaraFun, operated by Recisio, is a well-established online karaoke platform offering a vast catalog of karaoke songs and interactive music quizzes. The service targets a broad audience with multilingual support and multiple subscription plans, including free, premium, and professional tiers. The company also provides karaoke hardware and business solutions, positioning itself as a comprehensive karaoke entertainment provider in the media sector. The website demonstrates strong branding consistency and professional content quality, supported by a modern technical infrastructure leveraging JavaScript, SVG, and privacy-conscious analytics tools like Umami. Technically, the site is well-optimized for performance and mobile responsiveness, with good SEO and accessibility practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and incident response information are not publicly disclosed. The domain registration aligns well with the business claims, indicating legitimacy and trustworthiness. Social media presence and partner domains further reinforce the company's market position. Overall, the website is professional, secure, and compliant with privacy regulations, offering a trustworthy user experience. However, improvements could be made by publishing a dedicated security policy, incident response contacts, and vulnerability disclosure information to enhance transparency and security readiness.

R

Recisio

karafun.nl

70

KaraFun, operated by Recisio, is a well-established online karaoke platform offering a broad catalog of karaoke songs and music quizzes. The company targets karaoke enthusiasts and businesses with subscription-based services and specialized solutions like karaoke bars and business management tools. The website is professionally designed, mobile-optimized, and provides multilingual support, reflecting a mature digital presence. Technically, the site uses modern web technologies, including SVG icons, Google Fonts, and Umami analytics, hosted likely on a CDN associated with Recisio. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the domain registration aligns well with the business claims, indicating legitimacy and trustworthiness.