Security Directory

S

Soul Jazzband

soul-jazzband.com

44

Soul Jazzband is a small live music service provider specializing in jazz and soul performances for events such as corporate parties, weddings, and private celebrations. The website presents a professional and consistent brand image with detailed descriptions of services, testimonials, and multimedia content to engage potential clients. The business targets event organizers and private individuals seeking stylish and high-quality live jazz entertainment. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and Google Analytics, with good mobile optimization and SEO practices. However, there is no detected CMS or hosting provider information. Security posture is moderate with no visible security headers and no cookie consent mechanism, which impacts GDPR compliance. The WHOIS data is missing, raising concerns about domain legitimacy and registration status. Overall, the website is functional and professional but would benefit from improved security and compliance measures.

W

WWF Schweiz

wwf.ch

68

WWF Schweiz operates as the largest environmental protection organization in Switzerland, focusing on conservation, sustainability, and community engagement. The website reflects a mature digital presence with multilingual support, clear calls to action for memberships, donations, and events, and strong trust indicators such as the ZEWO certification. Technically, the site is built on Drupal 10 with modern integrations including Usercentrics for consent management and Google Analytics for tracking, ensuring compliance and user experience optimization. Security posture is solid with HTTPS enforcement and privacy-conscious cookie management, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the domain registration data aligns well with the organization's identity, reinforcing legitimacy and trust.

S

Stiftung Kunst und Natur

kunst-und-natur.de

63

Stiftung Kunst und Natur is a German non-profit foundation focused on fostering interdisciplinary engagement with art, culture, nature, and landscape. It operates at two main locations: Nantesbuch in Bavaria and the Museum Sinclair-Haus in Bad Homburg. The foundation offers cultural events, workshops, and environmental conservation activities, targeting art and nature enthusiasts as well as the regional community. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site uses modern JavaScript libraries, integrates Google Analytics for visitor insights, and employs Cookiebot for GDPR-compliant cookie consent management. Security posture is solid with HTTPS and error tracking, though additional security headers could enhance protection. Privacy compliance is well addressed with accessible policies and consent mechanisms. However, no explicit contact information or terms of service were found, which could be improved to enhance business credibility.

K

KirchnerHaus Aschaffenburg

kirchnerhaus.com

63

KirchnerHaus Aschaffenburg is a specialized cultural institution and museum dedicated to the life and works of Ernst Ludwig Kirchner and modern artists. The website provides detailed information about exhibitions, events, guided tours, and a retail shop offering art catalogs, posters, and postcards. The target audience includes art enthusiasts, families, and scholars interested in expressionism and modern art. The business model is primarily non-profit with revenue from ticket sales and merchandise. Technically, the website is built on WordPress using the Avada theme and WooCommerce for e-commerce functionality. It employs modern web technologies including jQuery and Google Analytics for tracking. The site is mobile-optimized and offers good user experience with clear navigation and professional design. From a security perspective, the site uses HTTPS and has cookie consent mechanisms in place, indicating compliance with GDPR. However, some security headers like Content-Security-Policy and X-Frame-Options are missing, which could be improved to enhance security posture. No vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, content-rich, and trustworthy from a user perspective. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy and ownership transparency. This discrepancy should be investigated further to ensure full trustworthiness.

B

basis Frankfurt e.V.

basis-frankfurt.de

48

basis Frankfurt e.V. is a non-profit cultural organization based in Frankfurt, Germany, providing artist studios, residencies, exhibitions, and educational programs. The organization targets artists, cultural institutions, and the local community, positioning itself as an established platform for contemporary art production and presentation. The website reflects this mission with detailed program information, event previews, and public engagement offerings. Technically, the site is built on Drupal 7, hosted by manitu.net, and employs standard web technologies including jQuery and Google Analytics for visitor tracking. While the site is accessible and well-structured with good mobile optimization, it lacks some modern security headers and cookie consent mechanisms, which are important for GDPR compliance and security best practices. The security posture is generally good with HTTPS enforced and no visible vulnerabilities, but the absence of published security policies and incident response contacts limits transparency. Overall, the website is professional and trustworthy, though improvements in privacy compliance and security documentation are recommended.

A

Alaio Cloud Limited

bitrix24.pl

68

Bitrix24 is a comprehensive SaaS platform offering a free online workspace for businesses, including CRM, task management, online appointments, and collaboration tools. The company, Alaio Cloud Limited, positions itself as an enterprise-grade solution with a broad suite of services targeting teams and sales organizations. The website is professionally designed, well-structured, and optimized for multiple platforms including Windows, MacOS, Android, iOS, and Linux. It integrates modern technologies and uses AWS for hosting, ensuring scalability and reliability. Security-wise, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security headers and published security policies, indicating room for improvement in transparency and incident response readiness. Overall, the site is trustworthy, business-focused, and compliant with basic GDPR requirements, though explicit privacy and terms documents were not found in the provided content. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and providing clear incident response contacts to strengthen trust and compliance.

H

HeyLink.me

hey.link

64

HeyLink.me is a well-established SaaS platform specializing in link-in-bio management tools designed for businesses and influencers globally. Founded in 2020, it offers a comprehensive suite of services including link aggregation, social media integration, analytics, and customizable templates. The platform supports multiple languages and targets a broad international audience, demonstrating strong market positioning with over 10 million customers worldwide. Technically, the website employs modern JavaScript frameworks, integrates multiple analytics and marketing pixels, and uses Cloudflare for DNS and CDN services, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforced, cookie consent managed via OneTrust, and no visible vulnerabilities or exposed sensitive data. However, DNSSEC is not enabled, and no explicit security policy or vulnerability disclosure page is present. Overall, the website is professional, trustworthy, and compliant with GDPR and privacy standards, making it a reliable service in its domain.

G

GFBio - Gesellschaft für Biologische Daten e.V.

gfbio.org

54

GFBio is a German non-profit federation focused on providing a national data infrastructure for biological and environmental research data management. Established in 2013 and funded by the DFG, it offers services including data submission, search, visualization, and training to researchers in biodiversity and ecology. The website reflects a mature organization with a clear mission and strong partnerships, notably with the NFDI4Biodiversity consortium and other research projects. Technically, the website employs modern web technologies such as Bootstrap 5, Matomo and Google Analytics for tracking, and uses secure HTTPS connections. The infrastructure appears stable and moderately performant with good mobile optimization. However, some security enhancements like DNSSEC and security headers are missing, and there is no visible cookie consent mechanism, which may impact GDPR compliance. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and domain transfer protection. The WHOIS data is transparent and consistent with the organization's profile, enhancing trustworthiness. No critical vulnerabilities or suspicious content were detected. Nonetheless, improvements in security headers, privacy compliance, and incident response disclosures are recommended. Overall, GFBio presents a trustworthy and professional online presence suitable for its research audience, with moderate risk and room for security and privacy enhancements.

N

Nova IN

novain.cz

40

Nova IN is a Czech language online magazine launched in 2023, providing news and articles across lifestyle, finance, health, and related categories. The website is built on WordPress using the Elementor page builder, hosted by REG-WEDOS. It features a modern design with good mobile optimization and clear navigation, targeting a general audience interested in varied topics. The site integrates Google Analytics and Google Tag Manager for visitor tracking but lacks visible privacy and cookie policies, which impacts its GDPR compliance stance. Security posture is moderate with HTTPS enabled but missing advanced security headers and incident response contacts. Overall, the site presents as a small but professionally designed media outlet with room for improvement in privacy and security transparency.

@

@pressmedia.net

svetdnes.sk

41

Svět Dnes is an online magazine primarily serving Czech and Slovak audiences with lifestyle, news, and advice content. The website operates on a WordPress platform, leveraging modern web technologies such as Google Analytics and Tag Manager for user tracking and performance monitoring. The business model centers on content publishing and advertising, targeting a general adult audience interested in lifestyle and current affairs. The domain registration is consistent with the website's regional focus and business profile, with DNSSEC enabled to enhance domain security. Cookie consent mechanisms and GDPR compliance are implemented, reflecting attention to privacy regulations. However, explicit security policies and incident response information are not publicly available, indicating areas for improvement in transparency and security posture.

L

Landwirtschaftsverlag GmbH

lv.de

46

Landwirtschaftsverlag GmbH operates as a major German media company specializing in agriculture, food, and rural lifestyle content. With over 900 employees and significant revenue, it holds a strong market position among Germany's top 100 media companies. The website reflects a professional digital presence with a focus on publishing and digital media services targeted at agricultural professionals and rural communities. Technically, the site uses modern frameworks like Bootstrap and integrates Google Analytics and Usercentrics for tracking and consent management, indicating a mature digital infrastructure. Security posture is solid with HTTPS and anonymized analytics, though explicit security headers and incident response information are absent. Overall, the site is compliant with GDPR and provides clear business information, though lacks direct contact emails or phone numbers on the main pages. The domain registration data is minimal but consistent with the business claims, and no blocking or WAF interference was detected.

N

Natural Environment Research Council (NERC)

nerc.ac.uk

72

The Natural Environment Research Council (NERC) is a key UK government research council focused on funding and supporting environmental science research. It operates under UK Research and Innovation (UKRI) and provides grants, fellowships, and strategic programmes to advance environmental science. The website presents a professional and comprehensive digital presence, targeting UK research organizations, scientists, and public stakeholders interested in environmental research funding and outcomes. The site is well-branded, consistent, and offers clear navigation and relevant content including news, funding opportunities, and contact information. Technically, the website is built on WordPress and leverages modern analytics and consent management tools such as Google Analytics, Siteimprove, Hotjar, and Civic Cookie Control. It uses the GOV.UK design system for accessibility and user experience. The site is mobile-optimized and performs moderately well, with good SEO and accessibility features. From a security perspective, the site enforces HTTPS, employs standard security headers, and implements cookie consent mechanisms aligned with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks a dedicated security policy page, incident response contacts, and a vulnerability disclosure policy, which are recommended for enhanced transparency and security posture. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. The lack of WHOIS data is likely due to privacy protection, which is justified for a government entity. The site effectively supports its mission to promote environmental science research in the UK.

BOSCORF (British Ocean Sediment Core Research Facility) is a well-established UK-based scientific repository and research facility specializing in the long-term storage and analysis of deep-sea sediment cores. As part of the National Oceanography Centre, BOSCORF serves a broad audience including academic researchers, commercial clients, and early career scientists by providing core curation, analytical services, training, and consultancy. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding consistent with its scientific mission. Technically, the site is built on Drupal 10 with modern CSS frameworks and integrates Google Analytics for user insights. The site is mobile-optimized and accessible, with a moderate performance profile. Security posture is solid with HTTPS enforced and domain protections in place, though improvements could be made by enabling DNSSEC and publishing explicit security policies. Privacy compliance is well addressed through a cookie consent mechanism and clear links to privacy policies. Overall, BOSCORF demonstrates a high level of business credibility and trustworthiness, supported by consistent WHOIS data and a long domain history. No critical security or content safety issues were detected. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding terms of service to further strengthen compliance and user trust.

B

British Oceanographic Data Centre

bodc.ac.uk

72

The British Oceanographic Data Centre (BODC) operates as the UK's national facility for preserving and distributing oceanographic and marine data. Affiliated with the National Oceanography Centre and the Natural Environment Research Council (NERC), BODC serves a specialized audience of marine scientists, researchers, and governmental agencies. The website offers extensive resources including data inventories, submission guidelines, and hosted data systems, positioning BODC as a key player in marine data management within the UK and internationally. Technically, the website employs a modern yet straightforward technology stack including jQuery, Modernizr, Google Analytics, and Matomo for analytics, alongside social sharing tools like AddThis. The site is mobile-optimized with good accessibility and SEO practices, though some legacy scripts like Google+ API remain. Performance is moderate, with room for optimization. Security is robust with HTTPS enforced, but lacks explicit security headers and incident response information. From a security and compliance perspective, the site demonstrates good practices with no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies are present and GDPR compliance is indicated, though no active cookie consent mechanism is detected. WHOIS data is unavailable, likely due to privacy protection, but the site's affiliation and certifications such as CoreTrustSeal support its legitimacy. Overall, the site is professional, trustworthy, and well-suited for its scientific and governmental audience.

J

Joseph-Stiftung

joseph-stiftung.de

55

Joseph-Stiftung is a well-established, church-affiliated real estate organization operating primarily in Bavaria and Saxony, Germany. With over 75 years of experience, it focuses on providing affordable and socially responsible housing solutions, including rental apartments, student housing, and property management services. The organization emphasizes sustainability and integrates economic, ecological, and social dimensions into its operations. Technically, the website is built on WordPress with modern frameworks and libraries, offering good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR, serving a broad audience including families, students, and property owners.

K

Kreisbauernverbände Tübingen e.V. und Zollernalb e.V.

landwirtschaft-tuebingen-zollernalb.de

49

The website www.landwirtschaft-tuebingen-zollernalb.de represents the Kreisbauernverbände Tübingen e.V. und Zollernalb e.V., regional agricultural associations in Baden-Württemberg, Germany. It serves as an information and service portal for local farmers and agricultural stakeholders, providing news, events, membership information, and various services. The site positions itself as a trusted regional representative body with a clear focus on supporting agricultural interests and community engagement. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including Bootstrap and JavaScript. It is hosted on Hetzner servers, indicating professional infrastructure. The site is mobile-optimized and includes SEO best practices such as meta tags and Open Graph data. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly configured, and no dedicated security or incident response policies are published. No vulnerabilities or suspicious content were detected. Overall, the security posture is solid but could be improved with additional headers and transparency. The overall risk assessment is low, with the site demonstrating professionalism, legitimacy, and compliance. Strategic recommendations include enhancing security headers, publishing incident response information, and improving accessibility features to further strengthen trust and compliance.

T

Tapehouse

tapehouse-productions.de

58

Tapehouse is a small media agency based in Cologne and Bonn, Germany, specializing in social media marketing, image films, and audio recordings. The company targets small and medium-sized enterprises in the local region, offering full-service media solutions. The website is built on the Wix platform, leveraging Wix Thunderbolt framework and integrates Google Analytics and Google Tag Manager for visitor tracking. The technical infrastructure is modern and mobile-optimized, though SEO and accessibility features are basic. Security posture is adequate with HTTPS enabled and some script-based security hardening, but lacks explicit security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional and trustworthy but could improve transparency and compliance.

I

Institut Duhovka

duhovkainstitut.cz

59

Institut Duhovka operates the Duhovka Montessori Teacher Training Institute, providing internationally recognized AMS Montessori diploma programs and online courses focused on Early Childhood and Elementary education. The institute is positioned as a reputable educational provider with accreditations from AMS and MACTE, targeting educators, directors, and parents seeking Montessori certification. The website demonstrates a professional and consistent brand presence with comprehensive content and clear navigation. Technically, the site uses modern tracking and analytics tools such as Google Tag Manager and Facebook Pixel, with cookie consent mechanisms ensuring GDPR compliance. Security posture is generally strong with HTTPS enforced, though the absence of explicit security headers suggests room for improvement. The lack of WHOIS registrant data is a notable concern for domain legitimacy verification, but the overall trust signals from accreditations, testimonials, and contact transparency mitigate this risk. Strategic recommendations include enhancing security headers, publishing explicit security policies, and verifying domain registration details to strengthen trust and compliance.

D

Duhovka Group, a.s.

duhovka-prace.cz

52

Duhovka Group, a.s. operates a bilingual Czech-English Montessori educational system in Prague, offering services from preschool through gymnasium and teacher training. The website focuses on career opportunities within the group and presents a professional, well-structured digital presence. The organization is medium-sized with over 500 children enrolled and multiple subsidiary institutions. Technically, the site uses modern web technologies including jQuery, Google Tag Manager, and a comprehensive cookie consent mechanism, indicating a mature digital infrastructure. Security posture is moderate with good privacy compliance but lacks explicit security policies or incident response contacts. WHOIS data is unavailable, which slightly reduces domain trustworthiness, but the website content and business information are consistent and professional. Overall, the site is safe, well-optimized, and trustworthy for its target audience.

M

Mateřská škola Duhovka s.r.o.

duhovkaskolka.cz

52

Mateřská škola Duhovka s.r.o. operates a private Czech-English Montessori preschool and nursery in Prague, serving children aged 2 to 6 years. The institution emphasizes Montessori pedagogy with accredited teachers and bilingual education, positioning itself as a reputable provider in the early childhood education sector in Prague. The website reflects a professional and consistent brand image with comprehensive information about programs, staff, and educational philosophy. Technically, the site employs modern web technologies including jQuery, Google Tag Manager, and Facebook Pixel, with a cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response contacts could be improved. The absence of WHOIS data reduces domain trustworthiness but the overall business credibility remains high due to transparent contact details and positive user testimonials. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and adding terms of service for completeness.

D

DUHOVKA GROUP, a.s.

duhovkagroup.cz

52

Duhovka Group is a well-established Czech private educational organization founded in 2008, offering a comprehensive bilingual Montessori education system in Prague. Their services span from nurseries and kindergartens to elementary schools, an eight-year gymnasium, and a Montessori institute for teacher training. The website reflects a professional and consistent brand image with clear communication of their educational philosophy and offerings. Technically, the site employs modern web technologies including jQuery, Google Tag Manager, and cookie consent mechanisms, ensuring a good user experience and compliance with GDPR regulations. Security posture is moderate with HTTPS usage and cookie consent but lacks explicit security headers and detailed security policies. The absence of WHOIS data reduces domain transparency and trustworthiness, though the business presence and content quality mitigate this concern. Overall, the site is well-positioned in the education sector with strong digital maturity but could improve security and domain registration transparency.

S

Space X-Chimp

mycyberuniverse.com

69

My Cyber Universe is a specialized technology blog founded in 2013 by Arthur Gareginyan, focusing on web development, cybersecurity, and software engineering topics. The site serves a niche audience of developers and tech enthusiasts, providing educational content, tutorials, and insights. It is supported by the Space X-Chimp team, which also manages related digital properties and an online store. The website demonstrates a consistent brand identity and maintains active content updates, reflecting a stable presence in its niche. Technically, the website employs standard web technologies including HTML5, CSS3, JavaScript, and integrates third-party services such as Google Analytics, Google Adsense, and Disqus for comments. The site is well-structured with responsive design elements, good SEO practices, and moderate performance. However, it lacks some advanced security headers and a cookie consent mechanism, which are important for compliance and user trust. From a security perspective, the site uses HTTPS with a strong SSL configuration, and no obvious vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data for the domain is a notable anomaly that reduces overall trustworthiness, although the website content and business information appear legitimate. Privacy policies and terms of use are present and comprehensive, but cookie policy and incident response information are missing. Overall, the website presents a low-risk profile with good content quality and technical implementation but would benefit from improved privacy compliance and enhanced security headers. The lack of WHOIS transparency is a concern that should be addressed to improve trust and legitimacy perception.

D

DENÍKY 24

deniky24.cz

41

DENÍKY 24 is a Czech online news and magazine platform launched in 2023, offering content in categories such as lifestyle, finance, housing, and advice. The site targets a general Czech-speaking audience interested in diverse topics. The business operates as a small media entity with a focus on content publishing. Technically, the website is built on WordPress using the Soledad theme and Elementor page builder, hosted by REG-WEDOS, a Czech registrar and hosting provider. The site employs modern web technologies including jQuery, Google Fonts, and Google Analytics for tracking. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure, but lacks advanced security headers and formal privacy or cookie policies. No contact information or incident response details are provided, which limits trust and compliance indicators. Overall, the site is functional and professionally designed but requires improvements in privacy compliance and security best practices.

P

PONATURE s.r.o.

shopkilpi.cz

58

Kilpi.cz is the official e-commerce website of the Kilpi brand, specializing in outdoor and sports apparel. The company operates both online and through physical stores in the Czech Republic, offering a wide range of products including jackets, pants, footwear, and accessories. The website targets outdoor enthusiasts and general consumers seeking quality sportswear. The business model is direct-to-consumer retail with a focus on customer loyalty and fast delivery. The brand is well-established with consistent branding and trust signals such as customer testimonials and physical store presence. Technically, the website employs a modern tech stack including JavaScript frameworks, Google Tag Manager, Microsoft Clarity, and other marketing and analytics tools. It uses AWS Cloudfront CDN for hosting and demonstrates good mobile optimization and SEO practices. The site is moderately performant with basic accessibility features. From a security perspective, the site enforces HTTPS and uses several third-party scripts for analytics and marketing. While some security headers are not explicitly detected, no critical vulnerabilities or exposed sensitive data were found. Privacy and cookie policies are present with consent mechanisms, indicating basic GDPR compliance. However, no explicit security or incident response policies were found. Overall, the website presents a low-risk profile with a legitimate business presence. The lack of WHOIS data is likely due to privacy protection, which is justified for this business type. Recommendations include enhancing security headers and publishing explicit security policies to improve trust and compliance.

D

DIGITALBROTHERS_

digitalbrothers.cz

43

DIGITALBROTHERS_ is a creative digital studio based in Prague, Czech Republic, specializing in brand identity, design, and web development services. Established in 2014, the company offers comprehensive solutions including logotype creation, corporate identity, UX design, and web design aimed at enhancing brand visibility and sales effectiveness. Their portfolio showcases diverse projects, reflecting a strong market presence in the creative digital agency sector. Technically, the website is built on modern web technologies including Webflow CMS, JavaScript, and integrates analytics tools such as Google Analytics and Smartlook, indicating a mature digital infrastructure. The site is mobile optimized and demonstrates good SEO practices, although accessibility features are basic. Security posture is moderate with HTTPS usage but lacks visible security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced compliance and security measures.

B

British Chamber of Commerce Czech Republic

britishchamber.cz

46

The British Chamber of Commerce Czech Republic is a well-established non-profit organization dedicated to fostering business growth and trade between British, Czech, and international companies. It offers membership services, networking events, and specialized business programmes to support its members. The website reflects a professional and consistent brand image, targeting business professionals and companies interested in bilateral trade and networking opportunities. Technically, the site is built on WordPress with a modern tech stack including Google Analytics and reCAPTCHA, ensuring a secure and user-friendly experience. Security posture is solid with HTTPS and consent mechanisms, though there is room for improvement in security headers and published policies. The absence of WHOIS data slightly reduces trust but does not detract significantly from the overall legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining plugin security to further strengthen the site's security and compliance stance.

A

Abillio

abill.io

61

Abillio is a Latvian-based technology company founded in 2020, offering a SaaS platform tailored for freelancers to manage invoicing, accounting, payments, and compliance reporting such as DAC7. The platform integrates API capabilities and targets online platforms and freelancers seeking streamlined financial operations. The website demonstrates a good level of digital maturity, leveraging WordPress CMS with modern marketing and analytics tools including Google Analytics, Hotjar, Intercom, and Facebook Pixel. The presence of a cookie consent mechanism indicates awareness of privacy regulations, although no explicit privacy policy or terms of service were detected in the provided content. Security posture is solid with HTTPS enforcement and domain transfer protection, but could be enhanced by enabling DNSSEC and publishing explicit security policies. Overall, the site is professional and trustworthy, with consistent branding and clear business focus.

A

AIESEC Česká republika

aiesec.cz

55

AIESEC Česká republika is a well-established non-profit youth organization focused on leadership development through international internships and volunteer programs. The website reflects a mature digital presence with a WordPress CMS, modern tracking and marketing tools, and a clear focus on youth engagement. The organization maintains strong partnerships with reputable companies and has a consistent brand identity. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data is due to privacy protection and does not detract from the organization's legitimacy. Overall, the site is professional, trustworthy, and serves its target audience effectively.

A

Ackermann-Gemeinde

ackermann-gemeinde.cz

10

The Ackermann-Gemeinde website serves as a digital platform for a non-profit organization focused on fostering cultural and social ties between Germans and Czechs. It provides information on events, youth activities, and educational projects, targeting young people and culturally interested audiences. The site is built on the Webnode CMS platform, leveraging modern web technologies and CDN services to deliver content efficiently. The presence of cookie consent and privacy policies indicates a baseline compliance with privacy regulations. Security posture is adequate with HTTPS enforced, though improvements in security headers and incident response transparency are recommended. Overall, the website is professional, trustworthy, and well-aligned with its mission, though the absence of public contact details may limit direct engagement.

B

Brandbonsai

emailmarketer.sk

52

Email Marketér is a Slovak-based automated email marketing system tailored for WordPress and WooCommerce users, developed and operated by Brandbonsai. The platform emphasizes cost efficiency by not charging based on the number of contacts or emails sent, targeting content creators and online shops. The website demonstrates a professional digital presence with modern WordPress technologies, SEO optimization, and integration with popular plugins. However, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance and user trust. Security posture is solid with HTTPS and DNSSEC enabled, but could be improved by adding security headers and formal incident response policies.

S

Social Impact Award

socialimpactaward.net

58

Social Impact Award (SIA) is a well-established non-profit organization founded in 2009 and headquartered in Vienna, Austria. It focuses on empowering youth across Europe, Central Asia, and Africa to create social ventures and innovative solutions addressing pressing global issues. The organization operates through a licensing model that enables local hosts in 29 countries to run the program, engaging over 30,000 social innovators since inception. The website reflects a mature international presence with strong partnerships including the European Union, SAP, and Erste Stiftung. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, and Mailchimp for marketing. It uses SEO best practices via Rank Math and integrates multiple analytics and tracking tools such as Google Analytics and Facebook Pixel. The site is mobile-optimized, accessible, and performs moderately well. Hosting and DNS are managed through EPAG Domainservices GmbH and Cloudflare respectively. From a security perspective, the site enforces HTTPS and employs clientTransferProhibited status on the domain to prevent unauthorized transfers. However, DNSSEC is not enabled, and some security headers like Content-Security-Policy are missing, which could be improved. Privacy compliance is strong with a clear privacy policy, cookie consent mechanism, and GDPR adherence. No incident response or vulnerability disclosure policies are publicly available. Overall, the website is professional, trustworthy, and aligns well with the organization's mission and business model. It presents a low risk profile but could benefit from enhanced security headers and formalized security policies to further strengthen its posture.

P

PressMedia.net

pressmedia.net

55

PressMedia.net is a small media business specializing in article writing and publication services targeted at the Czech and Slovak markets. The company offers various packages for SEO optimized lifestyle articles and publication in a network of partner magazines and websites. The website is professionally designed with good navigation and mobile optimization, supporting e-commerce transactions through a custom platform. Technically, the site uses modern tools such as Google Analytics, Google Tag Manager, and reCAPTCHA for security on login forms. However, the absence of WHOIS registration data raises concerns about domain legitimacy. Security posture is moderate with HTTPS enforced but lacks security headers and explicit cookie consent mechanisms. Overall, the business appears operational and credible but would benefit from improved transparency and privacy compliance.

D

Departamentul pentru Situații de Urgență (DSU) Romania

fiipregatit.ro

51

The website fiipregatit.ro serves as the official Romanian government platform for emergency preparedness and public safety information. It provides comprehensive guides, campaigns, and interactive tools to educate and assist citizens in understanding and responding to various emergency situations. The site is well-positioned as a trusted government resource, targeting the general Romanian population with clear, relevant content. Technically, the website employs modern web technologies such as React.js and integrates Google Analytics for user tracking. It demonstrates good mobile optimization and accessibility features, contributing to a positive user experience. Security-wise, the site uses HTTPS and has a consistent domain registration aligned with government standards, though it lacks DNSSEC and explicit security headers, which are areas for improvement. Privacy compliance is limited due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the site is legitimate, professional, and trustworthy but would benefit from enhanced privacy disclosures and security hardening.

P

Polskie Towarzystwo Turystyczno-Krajoznawcze

pttk.pl

42

PTTK.pl is the official website of Polskie Towarzystwo Turystyczno-Krajoznawcze, a Polish non-profit organization dedicated to promoting tourism, hiking, and cultural activities in Poland. The website serves as a platform to engage tourists and cultural enthusiasts with information about events and membership services. Technically, the site is built on WordPress using popular plugins and themes, including Event Tickets and Brizy page builder, with jQuery and Google Analytics integrated for functionality and tracking. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility features. Security-wise, the website uses HTTPS but lacks important security headers and explicit security policies, which could be improved to enhance protection and compliance. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Overall, the website is functional and professional but would benefit from improvements in privacy, security headers, and compliance documentation to strengthen trust and regulatory adherence.

The website scramblerducati.pl serves as the official Polish brand portal for Ducati Scrambler motorcycles, offering detailed product information, media content, and interactive tools such as a configurator and dealer locator. It targets motorcycle enthusiasts and potential buyers in Poland, positioning itself as a key regional presence for the Ducati brand. The site is professionally designed with consistent branding and provides essential services including test ride bookings and access to accessories. Technically, the site employs modern analytics and tracking technologies like Google Analytics, Facebook Pixel, and Google reCAPTCHA v3, ensuring user interaction data is collected responsibly. The site is mobile-optimized and performs moderately well, though some SEO and accessibility enhancements could be made. Security-wise, the site uses HTTPS and bot protection but lacks some advanced security headers and explicit incident response information. Privacy compliance is basic, with privacy and cookie policies present but no active cookie consent mechanism. Overall, the domain registration aligns well with the Ducati brand, confirming legitimacy and trustworthiness.

I

Intellect

intellect.pl

45

Intellect is a well-established Polish software house founded in 2006, specializing in custom software development, IT consulting, and digital transformation services. The company targets business clients seeking tailored IT solutions and maintains a professional market position supported by a well-designed and content-rich website. The technical infrastructure leverages modern web technologies including React and Gatsby, with integration of multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, Hotjar, and Microsoft Clarity, indicating a mature digital presence. Security posture is strong with HTTPS enforcement, appropriate security headers, and no visible vulnerabilities, although the absence of a published security policy or incident response contacts suggests room for improvement. Overall, the website and domain registration data reflect a credible and trustworthy business with good compliance to privacy regulations including GDPR. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and enhancing accessibility features to further strengthen trust and compliance.

F

Fenster Koch Gmbh & Co.KG

fenster-koch.de

43

Fenster Koch Gmbh & Co.KG is a well-established German company specializing in manufacturing and servicing windows, doors, sliding doors, and related glass constructions. With over 70 years of experience, the company positions itself as a traditional yet innovative provider offering comprehensive project handling from consultation to implementation. Their market focus includes private homeowners and commercial clients seeking high-quality, secure, and design-oriented building products. The website reflects a professional and consistent brand image with detailed project references and certifications such as the ift logo, enhancing trustworthiness. Technically, the website employs modern JavaScript libraries including jQuery, Lottie animations, and ScrollMagic for enhanced user experience. It integrates Google Analytics and Tag Manager for visitor tracking and marketing insights. Hosting is managed via kasserver.com, and the site is mobile-optimized with good SEO practices. However, explicit CMS or framework usage is not detected. Performance is moderate with room for improvement in accessibility features. From a security perspective, the site uses HTTPS and includes secure contact forms with privacy consent checkboxes. No explicit security headers or incident response policies are published, which could be improved. No vulnerabilities or exposed sensitive data were detected in the HTML content. Cookie consent is implemented, supporting GDPR compliance. WHOIS data aligns well with the website's claims, indicating a trustworthy domain registration. Overall, Fenster Koch's website demonstrates a solid digital presence with good business credibility and privacy compliance. Strategic enhancements in security headers, incident response transparency, and accessibility would further strengthen their posture. The site is safe for general audiences and free from adult or questionable content.

H

Holidu GmbH

tomas-travel.online

67

Holidu GmbH operates the Holidu Smart Destination platform, providing innovative and comprehensive destination management solutions tailored for tourism destinations and hosts. The company leverages advanced technology combined with personal service to optimize marketing and booking processes for vacation rentals and related services. Their market position is strong, supported by multiple subsidiary brands and a medium-sized operation based in Germany. Technically, the website employs modern frameworks such as React and Tailwind CSS, hosted on AWS infrastructure, with good performance and mobile optimization. Security posture is solid with HTTPS, security headers, and cookie consent mechanisms, though explicit security policy documentation and incident response contacts are absent. Overall, the site is professional, trustworthy, and compliant with GDPR, with extensive analytics and marketing integrations. The domain registration data aligns well with the business claims, indicating legitimacy and consistency.

S

Stadt Speyer

speyer.de

62

The website www.speyer.de is the official digital presence of the city of Speyer, Germany, serving as a comprehensive portal for tourism, culture, city services, and public information. It positions itself as a trusted source for residents and visitors, highlighting Speyer's UNESCO World Heritage status and providing rich content on local attractions, events, and services. The site targets tourists, local citizens, and cultural enthusiasts, offering multilingual support and accessible design. Technically, the site employs modern web technologies including the ionas4 CMS, SystemJS module loader, AngularJS directives, and integrates analytics tools such as Google Analytics and Matomo. It features responsive design and accessibility enhancements, including the eye-able accessibility tool and cookie consent management compliant with GDPR. Performance is moderate, with good mobile optimization and SEO practices. From a security perspective, the site enforces HTTPS and implements privacy and cookie policies with user consent mechanisms. However, it lacks explicit security headers and published incident response or vulnerability disclosure policies. No critical vulnerabilities or suspicious content were detected. The WHOIS data is minimal but consistent with a legitimate municipal domain. Overall, the website demonstrates a strong business credibility and technical maturity suitable for a government entity, with room for improvement in security policy transparency and technical security headers. The risk profile is low, with no indications of malicious activity or compliance failures.

T

Technology Fund

technologyfund.ch

44

The Technology Fund is a Swiss-based financial entity focused on supporting innovative climate technology companies through loan guarantees. Their website clearly communicates their mission to reduce greenhouse gas emissions by enabling Swiss companies to access non-dilutive funding. The site features testimonials from industry leaders and partners, enhancing credibility and trust. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates Google Analytics and Tag Manager for tracking. Security measures include HTTPS and Google reCAPTCHA for form protection, though some security headers and explicit policies are missing. Privacy compliance is partially addressed with a privacy policy but lacks a cookie consent mechanism. Overall, the website is professional, well-branded, and targets Swiss climate-tech startups and stakeholders.

M

MorgueFile

morguefile.com

59

MorgueFile is a well-established online platform founded in 2001 that provides a large collection of over 410,000 free stock photos for commercial and creative use. The website targets creative professionals such as illustrators, designers, educators, and the general public seeking free image resources. Its business model primarily revolves around offering free content while monetizing through affiliate marketing partnerships, notably with Shutterstock. The site maintains a consistent brand presence and offers a user-friendly experience with good navigation and mobile optimization. Technically, MorgueFile employs modern web technologies including Vue.js for its frontend, integrates multiple analytics and tracking services such as Google Analytics, Google Tag Manager, and Hotjar, and uses Cloudflare for DNS and likely CDN services. The website performance is moderate with good SEO and accessibility basics, though there is room for improvement in security headers and DNS security. From a security perspective, the site uses HTTPS and has domain transfer protections in place, but lacks DNSSEC and security headers which are recommended best practices. Privacy compliance is basic; while a privacy policy and terms of service exist, there is no cookie consent mechanism or advanced GDPR compliance indicators. No direct contact information or incident response contacts are provided, which could be improved for transparency and trust. Overall, MorgueFile presents a trustworthy and professional platform with a strong market position in free stock photography. Strategic improvements in security practices and privacy compliance would enhance its risk posture and user trust.

N

Nxtbook Media

nxtbookmedia.com

62

Nxtbook Media is a digital content experience platform provider specializing in responsive and replica digital publishing solutions. Their platforms, PageRaft and nxtbook, enable publishers and marketers to create engaging digital publications such as magazines, brochures, catalogs, and more. The company serves a diverse audience including enterprises, educational institutions, associations, and content creators, positioning itself as a trusted partner with a strong client portfolio featuring major brands like Disney and Marriott. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Analytics, and multiple marketing and tracking tools, demonstrating a mature digital infrastructure with good mobile optimization and SEO practices. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers and policies could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The WHOIS data is unavailable, which limits domain trust verification, but the overall business credibility and website professionalism indicate a legitimate and established company.

Fine Sax is a small German-based live music service specializing in saxophone performances for corporate events, weddings, and private parties. The website presents a professional and consistent brand image with good quality content including testimonials, videos, and references to partner bands. The technical infrastructure uses common web technologies such as Bootstrap, jQuery, and Google Analytics, providing a moderate performance and good mobile optimization. Security posture is moderate with no visible security headers and no explicit cookie consent mechanism, indicating partial GDPR compliance. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts trustworthiness. Overall, the website is functional and professional but would benefit from improved security and privacy practices.

S

Sax & the DJ

sax-and-dj.com

41

Sax & the DJ is a small German-based event entertainment service specializing in live DJ and saxophone performances for private and corporate events. The website presents a professional and engaging user experience with clear descriptions of services, testimonials, and multimedia content to attract event organizers and private clients. Technically, the site uses modern front-end frameworks like Bootstrap and integrates Google Analytics and Tag Manager for tracking, indicating a moderate level of digital maturity. However, the absence of privacy and cookie policies and lack of visible security headers highlight compliance and security gaps. The WHOIS data is missing, which raises concerns about domain legitimacy and trustworthiness. Overall, while the business appears credible and professionally presented, the technical and security posture requires improvements to enhance trust and compliance.

E

Event-Band-buchen.de

event-band-buchen.de

41

Event-Band-buchen.de is a German-language website specializing in direct booking of live music bands and DJs for events across Germany and Austria. The platform offers a curated selection of bands in five main categories including jazz, party, mobile, DJ plus live musicians, and gala bands. The business model focuses on eliminating agency fees by enabling direct contact between clients and bands, targeting event organizers and private customers seeking professional live entertainment. The website features rich content including detailed band descriptions, embedded videos, and an interactive quiz to assist users in selecting the right band for their event. Technically, the website is built with standard HTML5, CSS3, and JavaScript, incorporating Google Analytics for visitor tracking and an embedded third-party quiz tool. The site is mobile-optimized with good navigation and SEO practices, though no CMS or advanced frameworks are detected. Hosting details are limited, with generic name servers noted. Performance is moderate, and accessibility is basic. From a security perspective, the site uses HTTPS as implied by canonical URLs but lacks visible security headers and explicit privacy or cookie policies. No incident response or vulnerability disclosure mechanisms are present. WHOIS data is minimal and generic, which slightly reduces trustworthiness, but the website content and business presentation are professional and consistent with a small, legitimate event music booking service. Overall, the website presents a trustworthy and functional platform for live band bookings with room for improvement in privacy compliance, security hardening, and transparency regarding data protection.

C

City Gemeinschaft Hannover e.V.

citygemeinschaft-hannover.de

56

City Gemeinschaft Hannover e.V. is a small non-profit community organization based in Hannover, Germany, focused on supporting local community activities and businesses. The website serves as an information and engagement platform for local residents and stakeholders. The organization maintains a professional online presence with clear privacy and cookie policies, reflecting compliance with GDPR requirements. The site integrates multiple third-party services such as Google Analytics, social media embeds, and Google reCAPTCHA to enhance functionality and user experience. Technically, the website is built on WordPress using Elementor and several plugins including Real Cookie Banner Pro and GiveWP for donations. The infrastructure is modern and well-maintained, with HTTPS enabled and cookie consent mechanisms properly implemented. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site uses HTTPS and Google reCAPTCHA to protect forms from spam. However, security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and should be implemented to strengthen security posture. No vulnerabilities or exposed sensitive data were found. Incident response and security policies are not publicly documented, which is a potential area for improvement. Overall, the website is trustworthy and suitable for its community-oriented purpose. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining regular updates to plugins and WordPress core to mitigate risks.

S

Svět Dam - magazín pre ženy

svetdam.sk

37

Svět Dam is an online women's magazine based in Slovakia, providing content focused on women, family, health, and advice. The website operates on a WordPress platform using the Newspaper theme and several plugins for newsletter and content management. It targets a regional audience with a niche focus on female readers. The site is relatively new, established in 2021, and hosts advertising content to support its business model. Technically, the site uses modern web technologies including HTTPS, DNSSEC, and Google Analytics for tracking. However, it lacks visible privacy and cookie policies, which are critical for GDPR compliance. Security posture is moderate with HTTPS and DNSSEC enabled but missing security headers and vulnerability disclosure mechanisms. Overall, the site is functional and professionally designed but would benefit from enhanced privacy compliance and security best practices.

M

Moravská vysoká škola Olomouc

edulam.cz

52

The website edulam.cz serves as an educational platform affiliated with Moravská vysoká škola Olomouc, focusing on providing academic resources and content across various disciplines such as management, economics, social sciences, mathematics, ICT, marketing, finance, and English language studies. The platform targets students and academic learners interested in labor market education and related fields. The business model revolves around content provision and academic support, positioning itself as a niche educational resource within the Czech Republic. Technically, the site is built on WordPress CMS using the Astra theme and Elementor page builder, with SEO optimization via Yoast and analytics through Google Analytics with IP anonymization enabled. The site demonstrates moderate performance and good mobile optimization but lacks advanced accessibility features. Security posture is adequate with HTTPS enabled but lacks important security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. Contact information is limited to a physical address with no explicit emails or phone numbers provided. Overall, the site is professional and trustworthy but requires improvements in privacy compliance and security best practices.

S

SL One s.r.o.

sl-one.cz

63

SL One s.r.o. operates as an investment special purpose vehicle (SPV) founded by colleagues from the legal firm SEDLAKOVA LEGAL. The company provides a unique employee benefit allowing its staff to invest alongside each other in promising startups, sharing both risks and profits. The business model focuses on supporting startups with capital and legal backing, targeting employees of the parent legal firm and innovative startups seeking investment. The website is professionally designed, well-structured, and optimized for mobile devices, reflecting a small but focused enterprise in the Czech Republic. Technically, the website leverages modern JavaScript frameworks, Google Tag Manager, Google Analytics, and Facebook Pixel for marketing and analytics purposes. It is built on the Solidpixels CMS platform and employs HTTPS with good SSL configuration. However, explicit security headers such as CSP and HSTS are not detected, indicating room for improvement in security hardening. Privacy and cookie policies are present and GDPR compliant, with a functional cookie consent mechanism. From a security perspective, the site demonstrates a moderate security posture with secure forms and no visible vulnerabilities. The absence of WHOIS data limits domain legitimacy verification, which slightly impacts trust scores. No direct contact emails or phone numbers are published, with communication facilitated solely through a contact form. No social media presence is linked from the site. Overall, SL One presents a credible and professional investment vehicle with a niche market focus. Enhancing domain transparency and security headers would strengthen trust and security posture. The site is safe for general audiences with no adult or questionable content detected.