Security Directory

N

Bin kurz beim Amt.

nordfriesland.digital

54

The website nordfriesland.buergerportal.sh is a government-operated citizen portal for the Nordfriesland district in Germany, providing digital access to administrative services. It is built on the TYPO3 CMS platform and incorporates accessibility features to support users with various disabilities. The site uses Matomo analytics with privacy-conscious settings and includes a cookie consent mechanism via Klaro. However, no explicit privacy policy or terms of service documents were found, which is a gap in compliance and transparency. WHOIS data is unavailable or protected, which is typical for privacy reasons but limits domain trust verification. Overall, the site demonstrates a moderate to good level of technical maturity and accessibility but could improve in privacy and security documentation.

E

European Southern Observatory

eso.org

65

The European Southern Observatory (ESO) is a leading intergovernmental organization dedicated to astronomical research and the operation of world-class ground-based observatories in the Southern Hemisphere. The website serves as a comprehensive portal for scientific discoveries, public outreach, educational resources, and detailed information about ESO's telescopes and instruments. It targets a broad audience including researchers, educators, students, and astronomy enthusiasts worldwide. The business model is non-profit and government-oriented, focusing on advancing astronomy and related technologies. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, jQuery, and integrates Matomo analytics for privacy-conscious visitor tracking. It is hosted on CDN77, ensuring fast content delivery and good performance. The site is mobile-optimized, accessible, and SEO-friendly, with clear navigation and multilingual support. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and implements cookie consent mechanisms aligned with GDPR. While explicit security headers like Content-Security-Policy are not confirmed, best practices are largely followed. No vulnerabilities or exposed sensitive data were detected. However, the absence of a public security policy or vulnerability disclosure program is noted. Overall, the website presents a low-risk profile with strong trust indicators and professional content. The lack of WHOIS data limits domain registration insights but does not detract from the site's legitimacy. Strategic recommendations include enhancing security header implementation, publishing a security policy, and establishing a vulnerability disclosure channel to further strengthen trust and compliance.

B

Baugesellschaft München-Land GmbH

bml-online.de

55

Baugesellschaft München-Land GmbH is a regional real estate company focused on providing housing solutions in the Landkreis München area. The company supports local municipalities by modernizing, renovating, and constructing residential properties, as well as managing residential and third-party rental properties. Their website is professionally designed using Drupal 10, featuring modern JavaScript libraries and Matomo analytics for performance and user insights. The site is well-optimized for mobile and accessibility, with clear navigation and relevant content for their target audience. Privacy compliance is well addressed with GDPR-aligned cookie consent and a comprehensive privacy policy. Security posture is moderate with HTTPS enforced and cookie management, but could be improved by adding security headers and formal security policies. Overall, the domain and hosting appear legitimate and consistent with the business profile, with no signs of suspicious activity or content blocking.

E

easybell GmbH

easybell.de

72

easybell GmbH is a German telecommunications provider specializing in internet and telephony services for private and business customers. The company offers a range of products including SIP Trunks, Cloud Telefonanlage, Microsoft Teams integration, and Home Office Connect solutions. With over 50,000 business customers and a parent company Dstny, easybell holds a solid market position in the telecommunications sector in Germany. The website reflects a professional and customer-focused business model emphasizing flexible contracts without minimum terms. Technically, the website is built on TYPO3 CMS and leverages modern web technologies such as jQuery and Bootstrap. It integrates multiple analytics and marketing tools including Matomo, Google Analytics, Microsoft Clarity, and Trustami for reputation management. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers are not detected, and there is no published security.txt or clear incident response contact, which are areas for improvement. The WHOIS data is limited due to DENIC privacy policies but consistent with the domain's German origin and business claims. Overall, easybell.de is a trustworthy and professionally managed website with strong business credibility and compliance posture. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure information, and improving transparency on incident response contacts to further strengthen security and trust.

H

Hochschule Wismar

hs-wismar.de

11

Hochschule Wismar is a German University of Applied Sciences specializing in technology, business, and design disciplines. It serves a diverse audience including prospective and current students, researchers, and industry partners. The institution emphasizes interdisciplinary education, practical learning, and strong regional and international collaborations. The website reflects a well-established academic entity with comprehensive services, research initiatives, and student support mechanisms. The presence of subsidiaries such as WINGS and Forschungs-GmbH further supports its academic and commercial activities. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries like jQuery and Modernizr, and includes responsive design and accessibility features. The site uses Matomo for privacy-conscious analytics and implements a cookie consent mechanism compliant with GDPR. Performance is moderate with good mobile optimization and SEO practices. From a security perspective, the site enforces HTTPS and anonymizes analytics data, but lacks explicit security headers and publicly available security policies or incident response contacts. No vulnerabilities or suspicious content were detected. The domain registration data aligns well with the institution's identity, hosted on academic name servers, indicating legitimacy. Overall, the website is professional, secure, and trustworthy, serving its educational mission effectively. Strategic improvements could include enhancing security headers, publishing a security policy, and providing incident response contacts to further strengthen trust and compliance.

I

ID Interactive

id-interactive.fr

56

ID Interactive is a well-established digital agency based in Arradon near Vannes, France, specializing in web design, development, SEO, paid media, and graphic design services. Founded in 2006, the agency serves a diverse clientele including SMEs, startups, institutions, and brands primarily in Brittany and across France. Their business model focuses on delivering tailored digital solutions that enhance client acquisition and brand visibility through innovative web experiences and AI-enhanced SEO strategies. Technically, the website leverages modern frameworks such as React and Next.js, integrates professional CMS (Payload CMS), and employs advanced analytics and marketing tools including Google Tag Manager, Facebook Pixel, and Matomo. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and secure cookie consent mechanisms, though explicit security headers and policies could be improved. The absence of WHOIS data is a minor concern but does not detract significantly from the overall trustworthiness given the professional presentation and comprehensive contact information. Strategic recommendations include enhancing security header implementation, publishing a formal security policy, and establishing a vulnerability disclosure process to further strengthen trust and compliance.

A

A–Gain Guide

a-gain.guide

53

A–Gain Guide is a digital platform focused on promoting sustainable fashion practices in Berlin and Hamburg by providing users with resources such as maps of repair shops, secondhand stores, and upcycling designers, as well as guides on clothing reuse and CO2 savings. The platform targets environmentally conscious consumers seeking to extend the life of their clothing. Technically, the website is built on Kirby CMS, uses modern JavaScript libraries like Glide.js for UI components, and integrates Matomo for privacy-respecting analytics. The site is well-structured, mobile-optimized, and includes cookie consent mechanisms aligned with GDPR requirements. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. WHOIS data is limited due to TLD restrictions but the domain appears legitimate and consistent with the business profile. Overall, the platform demonstrates a professional and trustworthy presence in the niche sustainable fashion market.

K

KAARISMA Recruitment GmbH

kaarisma-blue.de

61

KAARISMA BLUE Recruitment is a specialized recruitment agency based in Germany focusing on placing Servicetechniker and industrial technical professionals. The company positions itself as a modern headhunting service with a strong emphasis on matching candidates and employers harmoniously, particularly in sales and technical roles. Their business model revolves around active process support until successful hiring, targeting companies seeking qualified service technicians. The website content is professional, well-branded, and clearly communicates their value proposition. Technically, the site uses Kirby CMS and Matomo analytics, indicating a moderate level of digital maturity with some privacy-conscious tracking. Security posture is adequate with HTTPS enabled but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. Overall, the site is accessible, trustworthy, and serves its business purpose effectively.

S

Stadt Karlsruhe

karlsruhe.de

69

The website www.karlsruhe.de serves as the official digital portal for the city of Karlsruhe, Germany, providing residents and visitors with access to a wide range of municipal services, information on city administration, social programs, environmental initiatives, cultural events, and mobility options. The site is well-positioned as a comprehensive government resource, targeting local citizens, businesses, and stakeholders. Technically, the site is built on the TYPO3 CMS platform, leveraging modern web technologies including SVG graphics and Matomo analytics configured with privacy in mind. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security-wise, the website enforces HTTPS and employs a cookie consent mechanism aligned with GDPR requirements, though it lacks explicit security policy and incident response disclosures. Overall, the site is trustworthy, professionally maintained, and compliant with relevant privacy regulations, with no detected blocking or WAF interference.

S

Sport Schreiner Tischtennis

sport-schreiner-tt.de

54

Sport Schreiner Tischtennis operates a specialized German-language e-commerce platform focused on table tennis equipment including blades, rubbers, tables, clothing, and accessories. The website is built on the Shopware 6 platform, leveraging modern web technologies and integrating analytics tools such as Matomo and Google Tag Manager. The site demonstrates good design quality, mobile responsiveness, and clear navigation, targeting table tennis players and enthusiasts primarily in Germany. Security posture is solid with HTTPS enforced and privacy-conscious analytics configurations, although explicit privacy and terms policies are not detected in the provided content. The domain WHOIS data is limited, with an unusual domain status and non-matching nameservers, which slightly reduces trust but does not indicate malicious intent. Overall, the site is professional, trustworthy, and well-positioned within its niche market.

+

+Pluswerk AG

pluswerk.ag

62

Pluswerk AG is a leading full-service digital agency specializing in open-source technologies such as TYPO3, Pimcore, and Shopware. With a strong presence in Germany and other European countries, the company serves a broad B2B audience including enterprises, public sector, and educational institutions. Their service portfolio covers consulting, UX/UI design, corporate websites, e-commerce solutions, online marketing, and cloud hosting, positioning them as a comprehensive digital transformation partner. The website reflects a mature, professional brand with consistent messaging and multiple industry certifications and awards. Technically, the website is built on TYPO3 CMS with integrations of Pimcore and Shopware technologies. It employs modern web standards, is mobile-optimized, and uses privacy-respecting analytics tools like Matomo and Visitor Analytics. The site includes a GDPR-compliant cookie consent mechanism and multilingual support, enhancing user experience and compliance. Performance and SEO optimizations are well implemented, contributing to a fast and accessible user interface. From a security perspective, the site enforces HTTPS and demonstrates good security hygiene with no exposed sensitive data or vulnerable libraries detected. However, explicit security headers like X-Frame-Options and a published security policy or incident response contacts are absent, representing areas for improvement. The WHOIS data is unavailable due to privacy protection, which is common and justified for this business type, and does not detract from the site's legitimacy. Overall, Pluswerk AG's website presents a trustworthy, professional digital presence with strong business credibility and a solid security posture. Strategic enhancements in security transparency and incident response readiness would further strengthen their risk management and trustworthiness.

U

Uplift Founders

upliftfounders.com

59

Uplift Founders is a specialized coaching service focused on empowering startup founders to scale their businesses faster by addressing both the inner psychological aspects and the outer strategic business challenges. Founded in 2023 and based in Germany, the company targets seed-stage founders approaching Series A funding as well as bootstrapped founders with significant traction. Their offerings include a proprietary Founder Audit, shift sessions, a Clarity Program for bi-weekly coaching, and an intensive Series A Co-Pilot mode for hands-on support. The website is professionally designed, mobile-optimized, and rich in content, including detailed FAQs and client testimonials, which enhance trust and credibility. Technically, the website employs modern web technologies such as HTML5, CSS3, JavaScript, and Swiper.js for UI components, alongside Matomo for privacy-conscious analytics. The domain is registered with a reputable registrar and secured with HTTPS, although DNSSEC is not enabled. No major security vulnerabilities or exposed sensitive data were detected. However, the site lacks some security headers and a cookie consent mechanism, which are recommended for enhanced compliance and security. Overall, the security posture is solid but could be improved by implementing additional HTTP security headers, enabling DNSSEC, and publishing formal security and incident response policies. The business credibility is high due to transparent contact information, professional content, and consistent branding. No adult or questionable content is present, making the site safe for general audiences.

K

Karlsruher Kind

karlsruher-kind.de

64

Karlsruher Kind is a regional magazine targeting parents and children in the Karlsruhe area, providing editorial content, event calendars, and community engagement features. The website is built on WordPress with a modern plugin ecosystem supporting event management and user interaction. The technical infrastructure includes HTTPS, security headers, and structured data for SEO, reflecting a mature digital presence. Security posture is strong with no evident vulnerabilities or exposed sensitive data, though privacy compliance could be improved by publishing explicit privacy and terms policies. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

R

rabbitAI

rabbitai.de

59

rabbitAI is a specialized technology company providing high-precision training data and ground truth solutions for computer vision engineers and AI developers. Their offerings focus on device-specific ground truth data capture and augmentation to accelerate AI algorithm development, particularly in 3D perception, XR, and in-cabin sensing applications. The company positions itself as a reliable partner for enhancing AI reliability and safety through superior training data. Technically, the website is hosted on AWS infrastructure, uses modern web technologies including HTML5, CSS3, JavaScript, and employs Matomo analytics with privacy-conscious configurations. The site is well-designed, mobile-optimized, and SEO-friendly, providing a professional user experience. However, some technical improvements such as adding security headers and explicit cookie consent mechanisms could enhance security and compliance. From a security perspective, the site enforces HTTPS and avoids cookie tracking, indicating a good baseline security posture. No critical vulnerabilities or exposed sensitive data were detected. The absence of a security policy, incident response contacts, or vulnerability disclosure mechanisms suggests room for maturity in security governance. Overall, rabbitAI presents a trustworthy and professional online presence with a strong focus on AI training data solutions. Strategic improvements in privacy compliance and security best practices would further strengthen their digital maturity and trustworthiness.

K

Kinder Praxis & Klinik

kinder-und-klinik.de

52

Kinder Praxis & Klinik is a specialized pediatric dental practice and clinic located in Böblingen, Germany, focusing on dental care for children and teenagers. The practice emphasizes creating a child-friendly, anxiety-free environment with a comprehensive range of dental services including prophylaxis, caries treatment, milk tooth crowns, and oral surgery. The website presents a professional and well-structured digital presence with detailed service descriptions and a strong focus on patient comfort and education. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript, and Matomo analytics, hosted on a reputable DNS provider. Security posture is good with HTTPS enforced and no visible vulnerabilities, though cookie consent and explicit security policies are lacking. Overall, the site is trustworthy and professionally maintained, serving a local healthcare niche effectively.

K

KAARISMA Recruitment GmbH

kaarisma.de

63

KAARISMA Recruitment GmbH is a specialized recruitment agency based in Berlin, focusing on headhunting and recruiting sales professionals for permanent positions. The company emphasizes harmony between candidates and their work environment, targeting both Fach- und Führungskräfte and companies seeking sales talent. Their market position is that of a niche, specialized recruitment service with a modern and professional online presence. Technically, the website is built on Kirby CMS, hosted on Hetzner infrastructure, and uses Matomo for analytics, indicating a moderate to advanced digital maturity. Security posture is good with HTTPS enabled and no visible vulnerabilities, though security headers and explicit incident response policies are not evident. Overall, the website is professional, trustworthy, and compliant with GDPR, with clear privacy and cookie policies. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and expanding contact information visibility.

C

Circular City – Zirkuläre Stadt e.V.

circular.berlin

57

Circular Berlin is a small non-profit organization dedicated to accelerating Berlin's transition towards a circular city. Their core activities include knowledge building, community development, education, and practical programs focused on the circular economy. The organization positions itself as a key local actor fostering sustainable urban metabolism through research and community engagement. The website reflects a professional and consistent brand image with clear navigation and relevant content targeting circular economy practitioners and the broader community in Berlin. Technically, the website is built on WordPress with a modern tech stack including Bootstrap and jQuery, enhanced by plugins such as Yoast SEO and Matomo for analytics. Hosting and domain registration are transparent and consistent with the organization's profile. The site is moderately performant and well-optimized for mobile devices, with good SEO and accessibility basics in place. From a security perspective, the site enforces HTTPS and uses clientTransferProhibited domain status to prevent unauthorized transfers. However, DNSSEC is not enabled, and some recommended security headers are missing. The cookie consent mechanism is GDPR compliant, using CookieYes for user consent management. No explicit security or incident response policies are published, and no vulnerability disclosure or security.txt file is found. Overall, the website presents a trustworthy and professional digital presence for a non-profit organization. Strategic recommendations include enabling DNSSEC, implementing additional security headers, publishing a security policy, and enhancing incident response readiness to further strengthen security posture and trust.

M

Mon magasin Vert

monmagasinvert.fr

69

Mon magasin Vert is a regional retail and e-commerce company specializing in gardening, pet supplies, and outdoor equipment, primarily serving the Brittany and Pays de la Loire regions in France. The website is built on a modern Magento platform with the Hyvä frontend theme, indicating a mature digital infrastructure. The company is part of the Eureden group, a known entity in the agricultural and retail sector. The site demonstrates good privacy compliance with clear cookie consent mechanisms and privacy policies in French, aligning with GDPR requirements. Security posture is strong with HTTPS enforced and security headers present, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website is professional, trustworthy, and well-optimized for its target audience.

J

Jean Nicolas

jeannicolas1930.fr

54

Jean Nicolas is a cooperative brand specializing in the production and sale of preserved Breton vegetables, with a heritage dating back to 1930. The website targets consumers interested in quality regional food products and recipes, emphasizing local agricultural know-how and community engagement. The brand maintains a consistent and professional online presence with rich content including product showcases, recipes, and community news. Technically, the site is built on WordPress using WPBakery Page Builder and integrates multiple analytics and tracking tools such as Google Analytics, Matomo, and Microsoft Clarity, alongside cookie consent mechanisms to comply with privacy regulations. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, though some security headers could be improved. The absence of WHOIS data suggests privacy protection, which is typical for commercial sites, but domain age cannot be verified. Overall, the site is well-structured, user-friendly, and trustworthy, with no signs of malicious activity or content blocking.

R

Registry Services, LLC

uipm.tv

42

UIPM TV is a specialized media streaming platform dedicated to broadcasting live and recorded events related to Modern Pentathlon and associated sports disciplines such as Biathle, Triathle, Laser Run, and Obstacle events. The platform targets sports enthusiasts and fans of these niche sports, providing official content likely authorized by the governing body UIPM. The website is built on WordPress using the Divi theme, integrating Dailymotion's API for video streaming and Matomo for analytics, reflecting a moderate level of digital maturity and technical infrastructure. Security measures include HTTPS, reCAPTCHA for form protection, and GDPR cookie consent mechanisms, although some security best practices like DNSSEC and security headers are missing. The domain registration is consistent and legitimate, registered with OVH sas and publicly associated with Registry Services, LLC. However, the site lacks explicit privacy policies, terms of service, and direct contact information, which impacts privacy compliance and business credibility scores. Overall, the site is functional, professionally designed, and serves its niche audience effectively but would benefit from enhanced security and compliance documentation.

T

TBI Technologie-Beratungs-Institut GmbH

tbi-mv.de

52

The TBI Technologie-Beratungs-Institut GmbH is a regional government-affiliated institution focused on supporting research, development, and innovation in Mecklenburg-Vorpommern, Germany. It provides funding program management, digitalization support for SMEs, and knowledge transfer platforms. The website is built on TYPO3 CMS with modern frontend technologies and includes a cookie consent mechanism respecting user privacy. Contact information is clearly provided, and the site displays trust signals such as EU funding logos and government ministry affiliations. Security posture is solid with HTTPS and privacy-conscious analytics, though some security headers and policies could be improved. Overall, the site is professional, trustworthy, and well-suited for its target audience of regional businesses and research entities.

I

Invest in Mecklenburg-Vorpommern GmbH

invest-in-mv.de

55

Invest in Mecklenburg-Vorpommern GmbH operates as a regional investment promotion agency focused on attracting and supporting investments in the German state of Mecklenburg-Vorpommern. The website provides comprehensive information and services including location analysis, funding advice, and business establishment support, targeting investors and companies interested in the region. The site is professionally designed, well-structured, and uses modern technologies such as TYPO3 CMS, Bootstrap, and UIkit, ensuring good user experience and mobile optimization. Security posture is strong with HTTPS, security headers, and secure forms, though explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website presents a trustworthy and professional front for the investment promotion entity.

W

WERK3 Werbeagentur GmbH & Co. KG

werk3.de

54

WERK3 Werbeagentur GmbH & Co. KG is a small, full-service advertising agency based in Rostock, Germany. The company specializes in marketing strategies, corporate design, campaign conception, and website development, positioning itself as a creative and award-winning agency within the regional media sector. The website reflects a professional and consistent brand image, targeting businesses and organizations seeking comprehensive marketing solutions. Technically, the website is built on TYPO3 CMS and leverages a modern technology stack including jQuery, Bootstrap, and various JavaScript libraries for enhanced user experience and interactivity. Analytics and marketing tools such as Matomo, Google Tag Manager, and Facebook Pixel are integrated, with a clear cookie consent mechanism ensuring GDPR compliance. The site demonstrates good mobile optimization and SEO practices, though accessibility could be improved. From a security perspective, the website enforces HTTPS and employs cookie consent but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The domain registration data is consistent with the website's claims, indicating a legitimate and trustworthy online presence. Overall, the website scores well in content quality, technical implementation, privacy compliance, and business credibility, with recommendations to enhance security headers, publish formal security policies, and improve accessibility to further strengthen its security posture and user trust.

D

Datenwerkbank

datenwerkbank.de

54

Datenwerkbank is a small, specialized web service provider based in Stuttgart, Germany, founded in 2024 by Manuel Deutsch, a freelance web developer with over 10 years of experience. The company focuses on website maintenance, support, and optimization services primarily for WordPress and Kirby CMS platforms, targeting agencies and medium-sized businesses. Their offerings include regular updates, backups, SEO optimization, hosting with green energy, and personalized support, delivered through clear service packages with transparent pricing. The website reflects a professional and trustworthy brand with strong customer references and a clean, responsive design. Technically, the website employs modern web standards including responsive images, SVG graphics, and privacy-conscious analytics via Matomo with cookies disabled. Hosting is provided by netcup, a reputable German provider, and the site uses HTTPS with canonical URLs for SEO. While the site lacks explicit security headers and a cookie consent mechanism, it demonstrates good privacy practices and GDPR compliance through its privacy policy and minimal tracking. From a security perspective, the site shows good practices such as regular backups and CMS updates included in service packages, but could improve by implementing security headers and publishing a security policy or incident response contact. No vulnerabilities or suspicious WHOIS patterns were detected, and the domain registration aligns with the business founding date, supporting legitimacy. Overall, Datenwerkbank presents a secure, professional, and privacy-aware web presence suitable for its target market. Strategic improvements in security headers and cookie consent would enhance compliance and trust further.

Obec Klíčany operates as the official municipal government website for the village of Klíčany in the Czech Republic. The site provides residents and visitors with essential information about local governance, community news, public notices, and administrative contacts. It serves a small population of approximately 610 inhabitants and focuses on transparency and accessibility of municipal services. The website is well-structured, professionally designed, and targets local citizens and stakeholders. Technically, the website employs a custom CMS platform (IPO Redakční systém) and uses established JavaScript libraries such as jQuery and jQuery UI, alongside Google reCAPTCHA for form security and Matomo for privacy-conscious analytics. The site is mobile responsive and includes cookie consent mechanisms aligned with GDPR requirements. However, some libraries are outdated, and security headers are not visibly implemented, which could be improved. From a security perspective, the site benefits from HTTPS encryption and user consent for cookies, but lacks explicit security policies and incident response information. The absence of WHOIS data reduces domain trust slightly, though the website content and domain usage appear legitimate for a local government entity. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low-risk profile with good privacy compliance and a solid foundation for municipal communication. Strategic improvements in security headers, updated libraries, and enhanced transparency on security policies would further strengthen its posture.

P

Poule et Toque

poule-et-toque.fr

64

Poule et Toque is a French company specializing in supplying poultry products to the professional foodservice and catering sectors. Their website presents a well-structured, professionally designed platform targeting restaurateurs and catering professionals with segmented product lines such as 'Prêt à Cuire', 'Prêt à réchauffer', and 'Prêt à Servir'. The company positions itself as an expert in French poultry, offering solutions tailored to various foodservice needs. The site includes rich content, social media integration, and a dedicated subdomain for a poultry competition, indicating active engagement in their industry. Technically, the website is built on WordPress with modern plugins like Yoast SEO and uses Matomo for analytics, showing a moderate level of digital maturity. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. WHOIS data is unavailable, which slightly impacts trust but the overall professional presentation and compliance with GDPR suggest legitimacy. The site is accessible with no blocking or WAF challenges detected.

D

D'aucy

daucy.fr

51

D'aucy is a well-established French cooperative brand specializing in vegetable products including canned, frozen, and prepared foods. The website reflects a mature digital presence with a focus on sustainability, cooperative values, and consumer engagement through recipes and educational content. Technically, the site uses WordPress with modern JavaScript libraries and analytics tools such as Matomo and Microsoft Clarity, ensuring a good user experience and data-driven insights. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data for the domain is a notable anomaly but does not detract significantly from the overall legitimacy given the professional presentation and parent company association. Overall, the site is trustworthy, user-friendly, and compliant with privacy regulations.

U

Union Internationale de Pentathlon Moderne (UIPM)

uipmworld.org

49

The Union Internationale de Pentathlon Moderne (UIPM) website serves as the official digital presence of the international governing body for Modern Pentathlon and related multisport disciplines. It provides comprehensive information on events, athlete rankings, education programs, and governance. The site targets athletes, national federations, and fans globally, positioning itself as a key authority in the sport. Technically, the website is built on Drupal 7 with a mature tech stack including jQuery, Google Analytics, and Matomo for analytics, and is well-optimized for mobile and SEO. Security posture is solid with HTTPS enforcement and privacy compliance, though some security headers could be improved. The WHOIS data is incomplete, which slightly impacts domain trustworthiness, but the website content and structure indicate a legitimate and professional organization. Overall, the site demonstrates a high level of digital maturity and business credibility.

O

OpenPandora GmbH

dragonbox.de

62

DragonBox Shop, operated by OpenPandora GmbH, is a specialized e-commerce retailer based in Germany focusing on retro gaming products, accessories, and mini-PCs. The company targets retro gaming enthusiasts and technology hobbyists, offering a curated selection of products including game controllers, adapters, and repair services. The website demonstrates a consistent brand presence with clear business information and trust signals such as Trusted Shops certification and GDPR-compliant privacy and cookie policies. Technically, the site is built on the PrestaShop 1.7 platform, leveraging modern web technologies including jQuery, Matomo Analytics, and layered sliders for enhanced user experience. The site is mobile-optimized and provides good SEO and accessibility features, although some accessibility aspects could be improved. Performance is moderate, with a well-structured navigation system supporting a positive user experience. From a security perspective, the website enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security policy documentation and incident response contact details. Security headers are not fully evident, suggesting room for improvement in hardening the site against common web threats. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, DragonBox Shop presents a trustworthy and professional online presence with a solid privacy compliance posture and a niche market focus. Strategic enhancements in security policies and technical security headers would further strengthen its security posture and customer trust.

A

ArenaJech

arenajech.cz

41

ArenaJech.cz is a specialized Czech e-commerce and physical retail business focused on competitive swimming gear, offering products from major brands such as Arena, Speedo, and TYR. The website targets competitive swimmers and swimming enthusiasts primarily in the Czech Republic and Slovakia, providing a broad range of swimwear, goggles, training aids, and accessories. The business model combines online sales with a physical store presence, enhancing customer reach and service. The site is professionally designed with clear navigation and product categorization, supporting a positive user experience.

L

Landesstelle für Museen Baden-Württemberg

landesstelle.de

51

The Landesstelle für Museen Baden-Württemberg is a government advisory body dedicated to supporting museums within the Baden-Württemberg region. Their primary focus is on fostering well-structured, audience-oriented, and sustainable museum landscapes through consulting, funding, and educational programs. The website reflects a professional and regionally focused institution with clear contact information and relevant content tailored to museums and cultural stakeholders. Technically, the website is built on TYPO3 CMS with Bootstrap components for responsive design and uses Matomo analytics configured to disable cookies, indicating a privacy-conscious approach. The site is accessible, mobile-optimized, and well-structured, though it lacks some advanced security headers and explicit cookie consent mechanisms. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it could improve by implementing security headers, publishing security policies, and establishing a vulnerability disclosure process. The WHOIS data shows no privacy protection but uses agency name servers, which is typical for professional hosting. Overall, the domain and website appear legitimate and consistent with a government advisory entity. The overall risk is low, with recommendations focusing on enhancing security posture and privacy compliance to further strengthen trust and resilience.

E

Elevate Festival

elevate.at

49

Elevate Festival is an established interdisciplinary cultural event held annually in Graz, Austria, focusing on music, art, and political discourse. The festival offers a diverse program including concerts, performances, workshops, and discussions, targeting culturally and politically engaged audiences. The website is built on TYPO3 CMS with Bootstrap framework, providing a responsive and well-structured user experience. It includes essential privacy and cookie policies, indicating GDPR compliance, and integrates Matomo analytics for user tracking. Security posture is solid with HTTPS enforcement and standard security headers, though formal security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and well-positioned within its niche.

S

servus.at

servus.at

49

servus.at is a small non-profit cultural and technological initiative based in Linz, Austria, focused on demystifying technology through artistic and cultural projects. It supports research projects, organizes the biennial 'Art Meets Radical Openness' festival, and operates an independent open source data center for its members, which include artists, educational institutions, and NGOs. The website is built on Drupal 7 with a moderate technical infrastructure including jQuery, Bootstrap, and Matomo analytics. It is mobile optimized and provides clear navigation and relevant content for its target audience. Security posture is good with HTTPS and privacy-aware analytics, but lacks explicit privacy and cookie policies and security headers. The domain uses privacy protection in WHOIS, which is justified for this type of organization. Overall, the site is trustworthy and professional but could improve compliance and security best practices.

B

Blumenfabrik Coworking & Eventspace GmbH

blumenfabrik.at

11

Blumenfabrik Coworking & Eventspace GmbH operates a sustainable coworking and event space located in Vienna, Austria. The company targets individuals and organizations interested in sustainability, climate protection, and community engagement. Their business model focuses on providing flexible workspaces and event venues with a strong emphasis on environmental friendliness and social inclusivity. The website reflects a niche market position with a clear community and sustainability focus, supported by professional content and branding.

Nuki Home Solutions GmbH is an Austrian technology company specializing in innovative smart lock solutions designed for easy retrofitting. The company has established a strong market position in Europe by offering a range of smart locks and accessories that integrate seamlessly with major smart home platforms. Their business model focuses on direct consumer sales and business reseller partnerships, supported by a comprehensive digital presence including mobile apps and web management tools. Technically, the website is built on modern frameworks such as Next.js and React, with robust analytics and marketing integrations, ensuring a fast, mobile-optimized, and accessible user experience. Security-wise, the site enforces HTTPS, employs standard security headers, and maintains good privacy compliance with clear policies and consent mechanisms. However, there is room for improvement in publishing explicit security policies and incident response information. Overall, the domain registration and website content are consistent and trustworthy, reflecting a mature and professional business entity.

2

2Racing autodíly nejen pro rally, tuning, motorsport

2racing.cz

41

2Racing.cz is a Czech Republic-based e-commerce website specializing in the sale of automotive parts focused on racing, rally, and tuning enthusiasts. The site offers a wide range of products including racing seats, suspension components, filters, and accessories from reputable brands such as Strongflex, Koni, Sparco, and others. The business targets motorsport hobbyists and professionals seeking specialized car parts. The website is professionally designed with clear navigation and product categorization by car brand and year, supporting a good user experience.

L

Látky Wiedrman levná podšívka tyl a šusťák

latky-wiedrman.cz

44

The website www.latky-wiedrman.cz appears to be a retail business specializing in selling fabrics and related materials such as linings, tulle, organza, and elastic satin primarily targeting customers in the Czech Republic. However, the site content is fully restricted behind a password form, limiting public access and visibility into the full scope of their offerings and business details. The lack of publicly accessible content and absence of WHOIS registration data reduces transparency and trustworthiness. Technically, the site uses Matomo analytics and Google Fonts but lacks visible security headers and privacy compliance mechanisms. The overall security posture is minimal with no clear evidence of GDPR compliance or incident response readiness. The restricted access may be justified for business confidentiality but significantly impacts the ability to assess the website's quality and security comprehensively.

O

OeAD - Austria's Agency for Education and Internationalisation

grants.at

53

The website grants.at serves as Austria's largest database for scholarships and research grants, operated by the OeAD, a government agency under the Austrian Federal Ministry of Women, Science and Research. It targets students, graduates, and researchers by providing over 1,200 entries to support educational and research funding opportunities. The platform is well-positioned as a trusted resource within the Austrian education sector, leveraging official government backing and comprehensive content offerings. Technically, the site is built on TYPO3 CMS, utilizing modern web technologies including jQuery, Matomo analytics for privacy-conscious tracking, and Usercentrics for cookie consent management. The website demonstrates good performance, mobile optimization, and accessibility standards, reflecting a mature digital infrastructure suitable for its audience. From a security perspective, the site enforces HTTPS, employs multiple security headers, and integrates a consent mechanism for privacy compliance. No critical vulnerabilities or exposed sensitive data were detected. However, incident response contact details and vulnerability disclosure mechanisms could be enhanced to improve security posture further. Overall, the website presents a low-risk profile with strong business credibility and compliance adherence. Strategic recommendations include publishing explicit incident response contacts, adding a vulnerability disclosure policy, and potentially listing certifications to bolster trust and transparency.

M

mistecko.cz

mistecko.cz

46

mistecko.cz is a Czech online magazine providing cultural, artistic, and lifestyle content targeted at creators, artists, and culture enthusiasts. The website offers news, tips, and tutorials related to various creative passions. The business operates in the media sector with a small scale and a niche market position. Technically, the site uses standard web technologies including Matomo for analytics and Google Adsense for advertising. The site is mobile optimized with good navigation and content relevance. Security posture is moderate with HTTPS enabled but lacks security headers and cookie consent mechanisms. WHOIS data shows inconsistencies with a future domain creation date, which raises questions about domain legitimacy. Overall, the website is functional and content-rich but requires improvements in privacy compliance and security practices.

Mikroregion Horymír is a small, non-profit regional association of municipalities in the Czech Republic, focused on promoting local culture, tourism, and community events. The website serves as an information hub for residents and visitors, providing news, event updates, and regional information. The technical infrastructure is based on a custom CMS (IPO) with standard web technologies including jQuery, Owl Carousel, and Google reCAPTCHA, supported by Matomo analytics for user tracking. The site is mobile responsive and well-structured, though it lacks some modern security headers and formal privacy documentation. Security posture is generally good with HTTPS enforced and cookie consent implemented, but the absence of WHOIS data for the domain raises concerns about domain registration legitimacy. Overall, the website is functional and trustworthy for its intended audience but would benefit from improved compliance and transparency measures.

Obec Karlík is a small municipal government entity located in the Prague-West district of the Czech Republic. The website serves as an official portal providing residents and visitors with information about local administration, public notices, cultural heritage, and community services. The site emphasizes historical landmarks and natural surroundings, targeting local citizens and tourists interested in the municipality. Technically, the website employs a traditional web stack with jQuery, jQuery UI, Google reCAPTCHA, and Matomo analytics, managed via the IPO CMS platform. The site is mobile responsive and includes accessibility features such as font resizing and clear navigation. Security-wise, the site uses HTTPS and includes a cookie consent mechanism, but lacks advanced security headers and a published privacy policy, which are areas for improvement. The absence of WHOIS data reduces domain trustworthiness, although the website content and contact details align with a legitimate government entity. Overall, the website is functional, professional, and trustworthy but would benefit from enhanced privacy and security disclosures.

N

Národní ústav duševního zdraví

nudz.cz

52

Národní ústav duševního zdraví (NUDZ) is a Czech national institute focused on mental health research, clinical care, and education. The website serves as a comprehensive portal for their research programs, clinical services, educational offerings, and public mental health initiatives. It targets a general audience including patients, researchers, clinicians, and the public. The organization appears to be a government-affiliated or public institution with a medium-sized operational scale. Technically, the website is built on TYPO3 CMS, uses Alpine.js for interactivity, and integrates Matomo for analytics, reflecting a modern and mature digital infrastructure. Security posture is strong with HTTPS and security headers properly implemented, though some improvements in privacy compliance such as cookie consent are recommended. The absence of WHOIS data reduces domain registration trust but the website content and branding strongly support legitimacy. Overall, the site is professional, accessible, and trustworthy with room for enhanced privacy and contact transparency.

P

PAQ Research, z. ú.

paqresearch.cz

44

PAQ Research is a Czech non-profit research organization focused on providing data-driven insights into social issues, education, and policy reforms in the Czech Republic. The organization offers a variety of services including research studies, policy briefs, data visualization tools, and newsletters aimed at improving public services and social mobility. Their market position is that of a specialized, trusted entity within the Czech social research sector. Technically, the website is built on the Ghost CMS platform and employs modern JavaScript modules and Matomo analytics for privacy-conscious user tracking. The site is well-optimized for mobile devices and provides a professional user experience with clear navigation and rich content. However, some security best practices such as explicit security headers and cookie consent mechanisms are missing. From a security perspective, the site uses HTTPS and does not expose sensitive data. The use of Matomo analytics indicates a focus on privacy. The absence of WHOIS data for the domain reduces the overall trust score, but the website content and business information appear legitimate and professional. No critical vulnerabilities or compliance gaps were detected, though improvements in security policy transparency and incident response information are recommended. Overall, PAQ Research presents a trustworthy and professional online presence with a strong focus on social research and education in the Czech Republic. Strategic recommendations include enhancing security headers, implementing cookie consent, publishing security and incident response policies, and clarifying data protection officer contact details.

E

EDUin

eduin.cz

10

EDUin is a Czech non-profit organization dedicated to informing the public about education through news articles, analyses, podcasts, and event listings. The website serves educators, policymakers, media professionals, and the general public interested in education topics. It holds a reputable position in the Czech educational media landscape, offering comprehensive and up-to-date content. Technically, the site is built on WordPress with modern optimizations including WP Rocket and uses Matomo and Google Analytics for tracking, balancing performance and privacy. The security posture is strong with HTTPS enforced and cookie consent implemented, though some security headers could be improved. The absence of WHOIS data and explicit privacy policy pages slightly reduce trust but do not undermine the overall legitimacy. The site is well-designed, mobile-optimized, and accessible, providing a professional user experience.

Ladův kraj is a regional community and tourism promotion website focused on the area between Prague and the Sázava river, named after the famous painter and writer Josef Lada. The site serves as a hub for local municipalities, cultural events, and tourism services including equipment rental and event calendars. It targets tourists and local residents interested in cultural and outdoor activities. The website is positioned as a small regional government or community association platform with a clear focus on promoting local heritage and tourism. Technically, the site uses a custom CMS (IPO) with legacy JavaScript libraries such as jQuery 3.0 and jQuery UI 1.8.20, integrates Matomo analytics for privacy-conscious tracking, and employs Google reCAPTCHA for form security. The site is mobile responsive and has a good level of SEO and accessibility, though accessibility features could be improved. Security posture is moderate with HTTPS enforced and cookie consent implemented, but lacks visible security headers and uses outdated libraries. WHOIS data is unavailable, which raises concerns about domain registration transparency, but the website content and external partner links suggest legitimacy. Overall, the site is functional and professional but would benefit from improved security practices and updated technical components.

S

Stadt Ahlen

ahlen.de

10

The website www.ahlen.de serves as the official digital portal for the city of Ahlen, Germany, providing comprehensive information and services related to municipal administration, social services, economic development, tourism, and community events. It targets residents, visitors, and local businesses, positioning itself as a trusted government resource with a broad range of citizen-centric offerings. The site is built on TYPO3 CMS, leveraging modern web technologies such as Font Awesome and Leaflet.js, and employs Matomo for privacy-conscious analytics. The presence of a detailed cookie consent mechanism and a comprehensive privacy policy demonstrates adherence to GDPR requirements. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although some security headers could be improved. Contact information is clearly presented, enhancing business credibility. Overall, the site reflects a mature digital infrastructure suitable for a municipal government entity.

K

Kiel Institute for the World Economy

kielinstitut.de

58

The Kiel Institute for the World Economy is a prominent German research institute specializing in globalization and global economic affairs. It serves as a leading academic and policy-impact institution in Europe, offering extensive research, datasets, expert analysis, and public events. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content targeting researchers, policymakers, and the public interested in economic globalization. Technically, the site is built on TYPO3 CMS with Bootstrap framework and uses Matomo for analytics, indicating a privacy-conscious approach. Security posture is adequate with HTTPS and consent mechanisms but lacks explicit security policies and headers. Overall, the site is trustworthy and authoritative in its domain.

G

German Real Estate Index (GREIX)

greix.de

45

GREIX is a German publicly funded research project providing comprehensive real estate price indices based on notarized sales data from local Gutachterausschüsse. It offers free access to scientifically processed data and visualizations for German cities and districts, targeting researchers, policymakers, and real estate professionals. The project is backed by reputable institutions such as the Kiel Institute for the World Economy and the ECONtribute cluster, with funding from the European Research Council. Technically, the website is modern, built with React, hosted on AWS, and uses privacy-conscious Matomo analytics. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the website is professional, trustworthy, and well-optimized for performance and accessibility.

H

Helmholtz Zentrum München - Deutsches Forschungszentrum für Gesundheit und Umwelt (GmbH)

allergieinformationsdienst.de

54

The Allergieinformationsdienst website is a scientifically oriented information portal operated by Helmholtz Zentrum München, a reputable German research institution focused on health and environmental research. The site provides comprehensive, up-to-date, and scientifically validated information on allergies, including diagnosis, therapy, prevention, and research news. It targets the general public, patients, and healthcare professionals seeking reliable allergy-related knowledge. The business model is non-profit, emphasizing education and research dissemination, supported by government funding and institutional partnerships. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies and structured data (JSON-LD) for SEO and accessibility. The site demonstrates good performance, mobile optimization, and accessibility features. It uses Matomo for analytics, ensuring privacy-conscious user tracking. The design is professional, with clear navigation and consistent branding aligned with Helmholtz Munich's identity. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a cookie consent mechanism and a publicly available security or incident response policy are areas for improvement. The WHOIS data and DNS configuration confirm the domain's legitimacy and institutional affiliation. Overall, the website presents a low-risk profile with strong credibility and professionalism. Strategic recommendations include implementing GDPR-compliant cookie consent, publishing security policies, and considering a vulnerability disclosure framework to enhance transparency and trust.

I

Internationale Bodensee-Konferenz

bodenseekonferenz.org

62

The Internationale Bodensee-Konferenz (IBK) is a regional political cooperation organization focused on cross-border collaboration in the Bodensee region. The website serves as an information and communication platform for stakeholders, partners, and the public, providing news, events, project information, and resources related to regional cooperation. The organization operates as a non-profit entity with strong ties to governmental bodies and European Union programs, positioning itself as a key facilitator of regional development and cooperation. Technically, the website employs a mix of legacy and modern web technologies including AngularJS, jQuery, and Matomo analytics, hosted on a secure HTTPS platform. The site demonstrates good mobile optimization, accessibility features, and privacy-conscious tracking practices. However, some JavaScript libraries are outdated, which could pose security risks if not regularly updated. From a security perspective, the website enforces HTTPS and includes cookie consent mechanisms aligned with GDPR requirements. While no explicit security policies or incident response contacts are published, the site avoids exposing sensitive data and disables cookies in analytics tracking to enhance privacy. The absence of WHOIS data limits domain registration transparency but does not detract from the apparent legitimacy of the organization based on content and external references. Overall, the IBK website presents a professional, trustworthy, and well-maintained digital presence suitable for its governmental and non-profit audience. Strategic improvements in security headers, updated libraries, and enhanced transparency around security policies would further strengthen its posture.