Security Directory

U

Universitätsstadt Garching b. München

karriere-garching.de

57

The website karriere-garching.de serves as the official career portal for the city of Garching b. München, Germany. It provides comprehensive information about job opportunities, benefits, training, and working conditions within the municipal government. The portal targets job seekers interested in public sector employment and offers a secure and stable work environment with various employee benefits. The site is well-branded with official city logos and links to the main city homepage, reinforcing its legitimacy and trustworthiness. From a technical perspective, the website employs modern web technologies including JavaScript, CSS, and Google Fonts, and is hosted on infrastructure linked to resellerinterface.de. It uses HTTPS with an excellent SSL configuration and implements a cookie consent mechanism compliant with GDPR. The site is mobile-optimized and features good SEO practices, although some security headers could be improved. Security posture is solid with no visible vulnerabilities or exposed sensitive data. The site uses Matomo analytics for user tracking with moderate tracking levels and respects user privacy through consent banners. However, explicit security policies and incident response contacts are not published, which could be enhanced to improve transparency and trust. Overall, the website presents a professional and trustworthy digital presence for the city’s employment services. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and providing clearer contact information for security and privacy concerns.

M

Marburger Bund

marburger-bund.de

62

Marburger Bund is a prominent German professional association representing physicians, focusing on advocacy and support for medical professionals. The website serves as the federal association's online presence, targeting German-speaking physicians and healthcare stakeholders. The site is built on Drupal 11, reflecting a modern and maintainable technical infrastructure. It incorporates a consent management platform (Usercentrics), demonstrating compliance efforts with GDPR regulations. However, explicit privacy policies and terms of service were not detected in the provided content, indicating areas for improvement in transparency and compliance documentation. Security posture is moderate, with HTTPS likely enabled and consent management in place, but lacking visible security headers and vulnerability disclosure mechanisms. Overall, the website is professional, trustworthy, and well-targeted to its audience, with room to enhance privacy and security documentation.

D

Deutschlandfunk Kultur

deutschlandfunkkultur.de

60

Deutschlandfunk Kultur is a prominent German cultural media platform providing high-quality journalism, cultural debates, and podcasts. It operates under the Deutschlandradio umbrella, serving a broad audience interested in culture, politics, music, and literature. The website demonstrates a professional and consistent brand presence with rich content and multimedia offerings. Technically, the site uses modern web technologies and is hosted on reputable infrastructure, ensuring reliable performance and accessibility. Security posture is strong with HTTPS enforcement and meta verification tags, although explicit security headers and privacy policies are lacking. The absence of visible privacy and cookie policies, as well as contact information, represents a compliance gap. Overall, the site is trustworthy and well-positioned in the media sector but should enhance privacy transparency and security disclosures.

E

:: ERLEBE DEINEN MARKT ::

erlebedeinenmarkt.org

44

The website erlebedeinenmarkt.org serves as a promotional platform for the "Erlebe Deinen Markt" campaign, which supports and celebrates local weekly markets primarily in Germany and Europe. The campaign emphasizes fresh produce, community engagement, and cultural experiences, involving around 400 markets and international participation. The site content is informative and targeted at consumers interested in local market culture and events. Technically, the website is built with basic HTML, CSS, and JavaScript without modern frameworks or CMS, resulting in moderate performance and poor mobile optimization. Security posture is weak due to lack of DNSSEC, security headers, and no visible HTTPS enforcement details. Privacy compliance is minimal as no privacy or cookie policies are present. Business credibility is moderate, supported by the campaign's longevity and partnerships, but contact information is not explicitly provided. Overall, the site is functional but requires improvements in security, privacy compliance, and technical modernization.

H

Hrvatska energetska regulatorna agencija (HERA)

hera.hr

10

HERA (Hrvatska energetska regulatorna agencija) is the Croatian Energy Regulatory Agency responsible for overseeing and regulating the energy sector in Croatia, including electricity, gas, and heat markets. The agency provides regulatory decisions, licensing, public consultations, and consumer information, positioning itself as a key national authority in the energy domain. The website serves as an official portal for regulatory documents, announcements, and tools for consumers and market participants. Technically, the website is built with standard HTML, CSS, and JavaScript, incorporating Google Tag Manager for analytics. It is hosted under a Croatian academic network registrar (CARNET) and uses HTTPS, ensuring secure communications. The site has basic mobile optimization and accessibility features but lacks advanced security headers and cookie consent mechanisms. Security posture is solid with no visible vulnerabilities or exposed sensitive data, but could be improved with enhanced security policies and incident response information. Overall, the site is trustworthy, professional, and compliant with GDPR, though it could benefit from improved privacy and security transparency.

H

HAKOM

hakom.hr

10

HAKOM is the Croatian national regulatory agency responsible for overseeing electronic communications, postal services, and railway transport sectors. Established in 2009, it operates as a government entity providing regulatory oversight, licensing, market analysis, and consumer protection services. The website serves as an information portal and digital service platform for users and operators within these sectors, offering multiple e-services applications to facilitate electronic submissions and data management. The agency maintains a strong national presence with consistent branding and official social media channels, reinforcing its credibility and trustworthiness. Technically, the website employs standard web technologies including HTML5, CSS, JavaScript, and SVG icons, with a responsive design optimized for mobile devices. The site uses HTTPS and includes cookie consent mechanisms, demonstrating compliance with privacy regulations. While no advanced frameworks or CMS are explicitly detected, the site performs moderately well with good accessibility and SEO practices. From a security perspective, the site benefits from HTTPS and cookie consent but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data confirms domain legitimacy with consistent registration details matching the agency's official profile. Overall, HAKOM's website is a professional, secure, and compliant platform that effectively supports its regulatory mission. Strategic improvements could include publishing detailed security policies and incident response information to enhance transparency and trust further.

E

EYTYS

eytys.com

68

EYTYS is a Swedish contemporary fashion brand specializing in unisex footwear and ready-to-wear apparel, operating primarily through an e-commerce platform hosted on Shopify. The brand emphasizes craftsmanship and bold design, targeting a general audience interested in modern fashion. The website is professionally designed with consistent branding and good content quality, supporting a medium-sized business established since 2012. Technically, the site leverages Shopify's robust infrastructure, modern JavaScript, and CSS technologies, ensuring fast performance, mobile optimization, and good SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though additional security headers and explicit security policies could enhance protection. Privacy compliance is well addressed with clear policies and consent banners. Overall, the site presents a trustworthy and professional online retail presence with moderate user tracking for analytics and marketing purposes.

S

SeenThis AB

joinapart.co

59

Sitestream, operated by SeenThis AB, is a technology company specializing in optimizing website image delivery to reduce data transfer and improve user experience while contributing to sustainability by lowering internet carbon emissions. The company targets website owners and developers seeking efficient image streaming solutions, offering a SaaS model with easy integration options including a WordPress plugin and script implementation. The website is professionally designed with consistent branding and clear navigation, reflecting a small but focused technology provider based in Sweden. Technically, the website leverages modern frameworks such as Svelte and employs a fast, mobile-optimized infrastructure with CDN usage for content delivery. While the site uses HTTPS and some security headers, there is room for improvement in security policies and headers such as Content-Security-Policy. No analytics or advertising scripts were detected, indicating a privacy-conscious approach. The site provides basic privacy and cookie policies but lacks a cookie consent mechanism. From a security perspective, the site demonstrates good practices with HTTPS and no visible vulnerabilities or exposed sensitive data. However, the absence of explicit incident response information and vulnerability disclosure policies suggests areas for enhancement. The WHOIS data aligns well with the website's claims, supporting legitimacy and trustworthiness. Overall, Sitestream presents a credible and professional online presence with a strong focus on sustainability and web performance. Strategic improvements in security policy transparency, cookie consent, and accessibility would further strengthen its security posture and compliance standing.

Apple's App Store website serves as a global platform for app discovery and distribution, supporting millions of users and developers worldwide. As a flagship service of Apple Inc., it holds a dominant market position in the technology and digital retail sectors. The site emphasizes privacy, security, and content quality, reflecting Apple's brand values and commitment to user trust. The website infrastructure is robust, leveraging modern web technologies and optimized for performance and accessibility across devices. Security measures are strong, including HTTPS enforcement and comprehensive security headers, ensuring safe user interactions. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates a mature digital presence with high professionalism and trustworthiness.

O

OEM Dealer Parts

oem-dealer-parts.ca

10

OEM Dealer Parts operates a Canadian-based e-commerce platform specializing in the sale of OEM automotive parts, primarily for Volkswagen, Audi, RV, and body shop vehicles. The business leverages dealership overstock inventory to offer customers significant discounts, positioning itself as a niche retailer in the automotive parts market. The website is built on the Shopify platform, utilizing modern web technologies and secure payment processing, which supports a reliable and user-friendly shopping experience. However, the absence of publicly available privacy and cookie policies, as well as contact information, limits transparency and may affect customer trust and regulatory compliance. The domain is well-established since 2012, registered with a reputable registrar, and protected against unauthorized transfers, indicating a legitimate business presence.

P

Pneu Drnec

pneudrnec.cz

7

Pneu Drnec is a local automotive service provider specializing in tire and auto repair services in Plzeň, Czech Republic. The business focuses on servicing personal vehicle tires, motorcycle tires, off-road tires, and light truck tires, with a specialization in high-speed large-dimension tires. The website presents a professional and consistent brand image targeting vehicle owners in the local area. However, the absence of WHOIS data and lack of privacy and cookie policies indicate gaps in transparency and compliance. Technically, the site uses modern JavaScript and CSS technologies, integrates Facebook SDK and Google Tag Manager, but lacks proper analytics setup and security headers. The security posture is moderate but could be improved with better SSL configuration and security best practices. Overall, the site is functional and informative but requires enhancements in privacy compliance and security to improve trustworthiness.

S

Ströer SSP GmbH

adscale.de

10

Ströer SSP GmbH operates a sophisticated supply-side platform (SSP) that enables publishers to optimize their digital advertising inventory across display, video, and mobile channels. The platform supports private deals, private auctions, and real-time advertising, providing advertisers access to premium inventory with strong brand safety and anti-fraud measures. The company is positioned as a leading player in the German digital advertising market, supported by its parent company Ströer Digital Group. The website reflects a professional and business-focused approach, targeting publishers and advertisers seeking programmatic advertising solutions. Technically, the website is built on TYPO3 CMS and integrates privacy-conscious tools such as Cookiebot for consent management and Matomo for analytics with DoNotTrack enabled. Hosting and DNS services are provided via Cloudflare, enhancing performance and security. The site demonstrates good mobile optimization and SEO practices, though accessibility could be improved. Security headers are partially implemented, and HTTPS is enforced, indicating a solid security posture. From a security perspective, the site employs best practices including cookie consent with blocking mode, privacy-focused analytics, and brand safety commitments. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security headers like Content-Security-Policy and X-Frame-Options could be added to strengthen defenses. Incident response and security policy information are not publicly disclosed on the analyzed page. Overall, the website presents a trustworthy and professional digital advertising platform with good privacy compliance and security awareness. Strategic recommendations include enhancing security headers, improving accessibility, and publishing incident response contacts to further build trust and compliance.

The Major Cities Public Finance Project website serves as an academic and governmental platform focused on the comparative study of financing major cities internationally. It is affiliated with reputable institutions such as Fundació Carles Pi i Sunyer, the Barcelona City Council, and Universitat Pompeu Fabra, indicating a non-profit research orientation. The site provides informational content and an interactive map (using deprecated Flash technology) to support its mission of fostering information exchange among participating cities. Technically, the website is basic and outdated, relying on legacy Flash content and lacking modern web development practices such as mobile responsiveness and accessibility features. There is no evidence of HTTPS enforcement or security headers, and no privacy or cookie policies are present, indicating low digital maturity and compliance with current web standards. From a security perspective, the site shows weaknesses including the use of deprecated technologies and absence of visible security best practices. The malformed WHOIS data limits the ability to verify domain legitimacy fully, although the external links to credible institutions lend some trust. No contact information or incident response channels are provided, which reduces transparency and user trust. Overall, the website is functional for informational purposes but requires significant modernization and security improvements to meet current standards and enhance trustworthiness.

I

ilogs

parkinghq.com

55

ParkingHQ is an established online platform founded in 2006 that provides users with access to over 13,000 parking units worldwide. The service enables searching, viewing detailed information, and prebooking parking spaces, targeting drivers and vehicle owners seeking convenient parking solutions. The platform leverages Google Maps API for geolocation and mapping services and integrates prebooking links for select parking units. Technically, the website is built likely on Ruby on Rails, uses modern JavaScript libraries, and is hosted on Conova infrastructure. The site is moderately optimized for performance and accessibility, with basic mobile responsiveness and SEO features. Security-wise, the site uses HTTPS and includes CSRF protection in forms but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of privacy and cookie policies, which poses a compliance risk. Overall, the domain is legitimate and long-standing, with no signs of malicious activity or content safety concerns.

e-kurier.net operates as a European courier and freight exchange platform, facilitating partnerships among direct couriers to optimize cargo space and reduce empty runs. The platform offers services such as a partner shop with cooperative agreements and online support, targeting logistics professionals across Europe. The website content is primarily in German and presents a business-focused, professional image with a moderate user base and partner ecosystem. Technically, the site uses traditional web technologies including JavaScript and CSS, but also relies on deprecated Flash content for its news ticker, indicating some legacy infrastructure. Mobile optimization and accessibility are basic, with room for modernization. Security posture is moderate; while the site uses POST for login forms and implements cookie consent mechanisms indicating GDPR awareness, there is no visible HTTPS enforcement or security headers, and the use of Flash poses security risks. WHOIS data is missing or inaccessible, raising concerns about domain registration legitimacy, although the website content and partner links suggest a legitimate business. Overall, the site scores moderately on content quality, technical implementation, security, privacy compliance, and business credibility, with recommendations to improve security practices, update technology, and clarify domain registration details.

E

DEK

echokardiographie-leipzig.de

41

The website echokardiographie-leipzig.de serves as an informational portal for the DEK conference, a specialized event focused on echocardiography within the cardiology community in Germany. It provides details about the conference program, call for abstracts, sponsors, registration, hotels, and venue information. The target audience is primarily medical professionals and researchers interested in cardiovascular ultrasound. The site is built using Adobe Muse with an older JavaScript stack, indicating moderate digital maturity. Mobile optimization is basic, and the site lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS implied but no visible security headers or modern protections. The absence of privacy and cookie policies represents a compliance gap. Overall, the site is functional and professional but would benefit from technical and security improvements to enhance trust and compliance.

ALFA ELECTRONIC s.r.o is a small Czech company specializing in the distribution and wholesale of Nikon golf rangefinders, Nikon Sport Optics products, and Aquapac waterproof cases for the Czech and Slovak markets. The company holds exclusive distribution rights, positioning itself as a key player in this niche retail sector. The website is built on WordPress, reflecting a moderate level of digital maturity with a clean and functional design, though lacking advanced SEO and accessibility features. Security posture is basic, with no explicit HTTPS enforcement or security headers detected, and no privacy or cookie policies implemented, indicating room for improvement in compliance and protection. Overall, the business credibility is strong given the domain age, consistent WHOIS data, and clear contact information. Strategic recommendations include enhancing security configurations, implementing GDPR-compliant privacy and cookie policies, and adding incident response information to improve trust and compliance.

R

React Norway

reactnorway.com

56

React Norway is a specialized event organizer focusing on the React developer community by hosting an annual conference and festival that combines technology talks with live music performances. The event is held in Oslo, Norway, at the Rockefeller venue, and targets frontend developers, React enthusiasts, and tech professionals. The business model revolves around ticket sales, sponsorships, and community engagement through both in-person and online formats. The company has established a consistent brand presence since its founding in 2018 and maintains partnerships with reputable technology companies and sponsors.

S

Schweizer Casino Verband

switzerlandcasinos.ch

48

The Schweizer Casino Verband website serves as the official information portal for the Swiss casino industry, providing details about physical and online casinos, industry reports, player protection initiatives, and job opportunities. The site targets Swiss residents and stakeholders interested in regulated gambling and casino operations. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, and jQuery, with a moderate level of mobile optimization and basic accessibility. However, visible PHP warnings indicate backend code issues that could affect user experience and security. Security posture is moderate but lacks visible security headers and privacy compliance documentation. No privacy or cookie policies are present, which is a compliance gap. The site links to official Swiss online casinos and a dedicated player protection partner site, reinforcing its legitimacy and focus on responsible gambling. Overall, the site is professional and informative but requires improvements in security and privacy compliance to enhance trust and regulatory adherence.

F

fintechcowboys.cz

fintechcowboys.cz

48

fintechcowboys.cz is an online Czech-language magazine focused on fintech innovations and financial technology trends. It provides news, analysis, and articles targeting fintech enthusiasts and professionals in the Czech Republic. The website operates on a content publishing and advertising business model, primarily monetized through Google Adsense. The site is hosted on VAS Hosting infrastructure and uses modern web technologies including Matomo analytics and Google Fonts. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though some security headers could be improved. WHOIS data shows an unusual future domain creation date, which slightly impacts trust but does not detract from the professional presentation of the site. Overall, fintechcowboys.cz is a credible niche fintech media outlet with moderate technical maturity and good privacy compliance.

N

Nikita Karamov

kytta.dev

54

The website kytta.dev is a personal portfolio and blog of Nikita Karamov, a full-stack web developer and open-source enthusiast. The site showcases personal projects such as Share₂Fedi and Shareon, targeting developers and technology enthusiasts. It positions itself as an individual developer's platform rather than a commercial business. Technically, the site is built using the Zola static site generator with minimal JavaScript and SVG graphics, delivering fast performance and good mobile optimization. The site uses HTTPS and a privacy-friendly analytics service (GoatCounter), but lacks formal privacy and cookie policies, security headers, and incident response information. Security posture is generally good with no visible vulnerabilities, but could be improved with additional headers and policies. Overall, the site is trustworthy, professional, and safe for general audiences.

D

Zámecké rezidence Škvorec | Rodinné domy na Prodej

domytrio.cz

57

The website 'Zámecké Rezidence Skvorec' appears to be a small-scale hospitality or real estate service provider based in the Czech Republic, offering residence accommodations. The site is built on the Wix platform, leveraging Wix's hosting and content management infrastructure. The technical setup is standard for Wix sites, with modern JavaScript and CSS but lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled but missing important security headers and no visible incident response or security policies. Privacy compliance is minimal, with no privacy or cookie policies detected. Business credibility is limited by the absence of contact details and trust indicators. Overall, the site is functional but basic, suitable for a small local business.

O

Obecní úřad Velké Popovice

velkepopovice.cz

47

Velké Popovice's official municipal website serves as a comprehensive portal for local residents and visitors, providing essential information such as public notices, contact details, event calendars, and citizen services. The site is positioned as a trusted local government resource with a clear focus on community engagement and transparency. Technically, the website employs a modern CMS (vismo), uses HTTPS, integrates Google Analytics with consent management, and includes accessibility and mobile optimization features. Security measures include the use of Google reCAPTCHA on forms and cookie consent banners, though explicit security policies and headers could be improved. The absence of WHOIS data limits domain trust assessment, but the website's content and contact information strongly indicate legitimacy. Overall, the site is well-maintained, user-friendly, and compliant with privacy regulations, making it a reliable digital presence for the municipality.

The website 'Hainichen Suche' serves as an informational guide focused on the online gambling sector in Germany, providing detailed casino reviews, bonus information, and security considerations tailored for German players. It positions itself as a niche resource within the regulated German online gambling market, targeting adult players interested in legal and safe online casino experiences. Technically, the site is built on WordPress, leveraging standard web technologies and Cloudflare for DNS and likely CDN services, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies, and no explicit contact or incident response information is provided, which impacts trust and compliance. Overall, the site is functional and relevant but would benefit from enhanced privacy, security, and contact transparency to improve user trust and regulatory compliance.

Cafe DECADA is a small local hospitality business operating a cafe in Prague, Czech Republic. The website presents basic business information including contact details, social media links, and location. The business targets local customers and offers cafe services with reservation options. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies such as JavaScript, CSS, and HTML5. The site is moderately optimized for mobile devices and has a good design quality with clear navigation. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and privacy compliance features such as privacy and cookie policies. WHOIS data is unavailable, likely due to privacy protection, which is common for small businesses. Overall, the website is trustworthy and professional but could improve in privacy compliance and security best practices.

A

Alf & Bet, spol. s r.o.

prague.coffee

60

The website www.prague.coffee represents Alf & Bet, spol. s r.o., a small hospitality business specializing in specialty coffee and artisan bread in Prague. The business operates multiple locations offering coffee, bread, bakery, and roastery services. The site is professionally designed with consistent branding and good content quality, targeting general consumers interested in quality coffee and bakery products in Prague. Technically, the site uses Solidpixels CMS, integrates Google Analytics and Google Maps, and employs modern web fonts and JavaScript. The site is mobile optimized and performs moderately well, though SEO is limited due to a noindex directive. Security posture is adequate with HTTPS enabled but lacks security headers and formal privacy or cookie policies, which reduces compliance and trust. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. Overall, the domain appears legitimate with privacy-protected WHOIS data, which is common for small businesses. The site content is safe for general audiences with no adult or explicit material.

The website www.vhs.cloud presents minimal accessible content, primarily consisting of an iframe loading a session-specific page. The domain is registered since 2016 with a reputable registrar and shows no signs of privacy protection or suspicious activity. However, the lack of visible business information, contact details, privacy policies, and terms of service limits the ability to fully assess the business or compliance posture. Technically, the site uses basic web technologies including jQuery and custom JavaScript, but lacks modern frameworks or CMS indications. Security posture is weak due to absence of security headers and DNSSEC, and no clear HTTPS enforcement information is available. Overall, the site appears to be a small-scale or internal service with limited public-facing content.

L

Lüneburger Heide GmbH

heidschnuckenweg.de

47

The website www.heidschnuckenweg.de serves as a comprehensive tourism portal dedicated to the Heidschnuckenweg hiking trail in the Lüneburger Heide region of Germany. It provides detailed information about the trail's 13 stages, accommodation options, seasonal hiking tips, and related services. The site is professionally designed with consistent branding and targets hikers, nature enthusiasts, and tourists seeking outdoor experiences in northern Germany. The business behind the site is Lüneburger Heide GmbH, a regional tourism organization, positioning itself as a key promoter of this popular hiking destination. Technically, the website is built using modern web technologies including React and Next.js, hosted on Hetzner servers. It demonstrates good mobile optimization, SEO practices, and moderate performance. The site employs HTTPS with strong SSL configuration but lacks explicit security headers, which could be improved. Privacy and cookie policies are present and GDPR compliant, with a cookie consent mechanism implemented. Contact information is available via a dedicated contact page, though no direct emails or phone numbers are embedded in the main HTML. From a security perspective, the site shows a solid posture with no visible vulnerabilities or exposed sensitive data. However, it lacks dedicated security or incident response policies and does not provide a vulnerability disclosure or security.txt file. The domain registration is consistent with the hosting provider and business purpose, indicating legitimacy. No WAF or blocking mechanisms interfere with content access. Overall, the website is a trustworthy, well-maintained tourism information platform with good content quality and technical implementation. Strategic recommendations include enhancing security headers, publishing explicit security policies, and improving accessibility features to further strengthen the site's security and compliance posture.

P

Palmovka TEĎ

palmovkated.cz

58

Palmovka TEĎ is a community-focused web platform initiated by the Prague 8 municipal district to connect stakeholders and inform residents and visitors about local development, leisure activities, work opportunities, and quality living in the Palmovka area of Prague. The site features extensive listings of local businesses, services, and events, supported by social media channels and Google Analytics for user tracking. The domain is registered with a Czech registrar consistent with the website's local focus and language. Technically, the site uses modern web technologies including JavaScript, SVG graphics, and Google Tag Manager, with good mobile optimization and SEO practices. However, it lacks explicit privacy and cookie policies, and security headers are not detected, representing compliance and security gaps. Overall, the site is a legitimate, well-structured local community resource with moderate security posture and room for improvement in privacy compliance and security best practices.

R

ricochet GmbH

ricochet.de

41

ricochet GmbH is a small, established advertising agency based in Nürnberg, Germany, specializing in classical and digital communication services since 1996. The company positions itself as a strategic and creative partner for businesses seeking effective advertising solutions in print, trade fairs, and digital media. The website reflects a professional and consistent brand image, targeting local businesses and organizations. Technically, the site is built on TYPO3 CMS, leveraging SVG animations and custom JavaScript, hosted on agenturserver domains. While the site is accessible and well-structured, it lacks explicit privacy, cookie, and security policies, which are critical for compliance and trust. Security posture is moderate with no evident blocking or vulnerabilities but missing security headers and incident response information. Overall, the website is functional and credible but would benefit from enhanced privacy and security transparency.

D

Digitaliseringsstyrelsen

borger.dk

70

Borger.dk is the official Danish government portal providing digital access to public services, including digital post, personal overviews, and guides for citizens on various life situations. It serves as a centralized platform for Danish residents to interact with government services efficiently. The website demonstrates a high level of content quality, professional design, and clear navigation tailored to its target audience of Danish citizens. Technically, the site uses modern web technologies with good mobile optimization and accessibility features, although some security headers and explicit security policies are not evident in the provided data. The security posture is solid with HTTPS enforced and cookie consent mechanisms in place, but could be improved by publishing incident response and vulnerability disclosure information. Overall, the site is trustworthy and well-maintained, reflecting its role as a key government digital service portal.

The domain planebasin.com currently serves as a placeholder or service domain used by Admiral, a company providing copyright access control and privacy consent management services for digital publishers. The website content is limited to a 404 Not Found error page with informational text describing the domain's purpose and security/privacy practices. There is no active business website or user-facing content available. The technical infrastructure is hosted on Google Cloud Platform in Europe, with standard encryption and certificate rotation practices. However, DNSSEC is not enabled, and no advanced security headers are detected. The domain is relatively new, created in March 2023, consistent with a new service deployment. Security posture is moderate but limited by the lack of visible security headers and absence of a vulnerability disclosure policy. Privacy compliance is basic, with no cookie consent mechanism but clear statements about GDPR compliance and no third-party cookies. Overall, the website lacks business credibility signals such as contact information, terms of service, or marketing content, resulting in a low AI score and limited trustworthiness.

M

Městská sportovní zařízení Benešov, s.r.o.

mszbenesov.cz

54

Městská sportovní zařízení Benešov, s.r.o. operates a municipal sports and recreational facility network in Benešov, Czech Republic. The company offers a variety of services including a winter stadium, swimming pools and wellness centers, football and nohejbal courts, workout and skatepark areas, a climbing wall, a swimming school, a hotel, and summer day camps. The website is professionally designed, targeting local residents, families, schools, and sports enthusiasts. It serves as an information and booking platform for their facilities and services. Technically, the website is built on WordPress and uses modern JavaScript libraries such as Splide.js for sliders and Leaflet.js for maps. The site is mobile-optimized and performs moderately well, with good SEO practices and basic accessibility features. The hosting provider is not explicitly identified, but HTTPS is enforced, ensuring secure communication. From a security perspective, the site uses HTTPS and obfuscates email addresses to reduce spam. However, it lacks visible security headers and does not display privacy or cookie policies, which are important for GDPR compliance. No forms or analytics scripts were detected on the homepage, indicating minimal data collection. The WHOIS data is unavailable or privacy protected, which is common for such entities and does not raise immediate concerns given the professional presentation and contact transparency. Overall, the website presents a trustworthy and professional image with room for improvement in privacy compliance and security header implementation. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and publishing incident response contacts to enhance trust and compliance.

Sport Černošice operates as a local community sports facility portal providing information and reservation services for sports venues in Černošice, Czech Republic. The website is managed by WEBHOUSE, s.r.o., a Czech company specializing in web design and CMS solutions. The site targets local residents and sports enthusiasts, offering news, contact details, and links to reservation systems. The business model focuses on information dissemination and facility management support rather than direct commercial transactions. Technically, the website uses the vismo CMS platform with standard web technologies including HTML5, CSS, and JavaScript, supplemented by Google Translate for multilingual support. The site demonstrates moderate performance and basic mobile optimization but lacks advanced accessibility features. Security posture is moderate with HTTPS usage implied but no visible security headers or explicit security policies published. Privacy compliance is basic with presence of privacy and cookie policies but no active consent mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional and trustworthy for its intended local audience but could benefit from improved security and privacy practices.

V

Vectron Systems AG

bonvito.net

67

bonVito is a German-based multichannel marketing platform operated by Vectron Systems AG, specializing in customer loyalty, e-payment, online table reservations, and live reporting solutions primarily for retail and hospitality sectors. The platform integrates with Vectron's POS systems, offering a comprehensive suite of marketing tools such as coupons, digital stamp cards, and direct discounts. The website is professionally designed, mobile-optimized, and provides a clear navigation structure, reflecting a mature digital presence. Technically, the site is built on TYPO3 CMS and leverages modern marketing and analytics technologies including Google Tag Manager, Facebook Pixel, and Cookiebot for GDPR-compliant cookie consent management. Security posture is generally good with HTTPS enforced and no exposed sensitive data, though the absence of explicit security headers and vulnerability disclosure mechanisms suggests room for improvement. The WHOIS data is notably absent, raising concerns about domain registration transparency, but the overall business credibility is supported by the professional website and parent company association. Strategic recommendations include enhancing security headers, publishing a security.txt file, and providing clearer contact and legal information to strengthen trust and compliance.

E

Erhvervsstyrelsen

regelforum.dk

48

Regelforum.dk is the official website of a Danish government advisory forum established in 2019 under the Danish Business Authority (Erhvervsstyrelsen). The forum consists of 21 members representing a broad cross-section of Denmark and focuses on recommending simpler regulatory frameworks for businesses, both at national and EU levels. The website provides comprehensive information about the forum's activities, recommendations, and news updates, targeting Danish businesses and government stakeholders. The site is professionally designed, mobile-optimized, and uses Drupal CMS with clear navigation and consistent branding. From a technical perspective, the website employs modern web technologies including Drupal, JavaScript, and CSS, with SVG logos and responsive design. It includes a cookie consent mechanism and uses Piwik Pro for analytics, indicating a moderate level of digital maturity. However, some security best practices such as DNSSEC and security headers are not enabled or visible, suggesting room for improvement in security hardening. Security posture is adequate with no visible vulnerabilities or exposed sensitive data, but lacks explicit security policies or incident response contacts. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Overall, the website is trustworthy and professional, reflecting its government affiliation and purpose. Strategically, the site should enhance security by enabling DNSSEC, implementing security headers, and publishing a vulnerability disclosure or security policy. These steps will improve trust and resilience against cyber threats while maintaining compliance and user confidence.

Mixmag.shop is an official e-commerce platform selling branded merchandise related to Mixmag, a recognized brand in global dance music culture. The website is professionally designed using the Shopify platform, featuring modern technologies and a good user experience optimized for mobile and desktop users. The store targets a global audience with a focus on UK and European customers, as indicated by currency and localization settings. The business model centers on retailing limited-edition apparel and accessories, leveraging Mixmag's brand recognition in the music and media industry. Technically, the site employs Shopify's Dawn theme, integrates Google Fonts, and uses tracking pixels for marketing and analytics. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers are missing and DNSSEC is not enabled. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, the domain WHOIS data raises concerns due to a future creation date and geographic mismatch between registrant country and website target audience, which impacts business credibility. No direct contact information or terms of service pages were found, limiting transparency. Overall, the site is functional, secure, and professional but would benefit from improved domain legitimacy and enhanced transparency.

K

KAISER GmbH & Co. KG

kaiser-elektro.de

65

KAISER GmbH & Co. KG operates a professional website focused on electrical installation products and systems, targeting business customers primarily in Germany and internationally. The company offers a broad portfolio including boxes, housings, cable glands, and specialized installation solutions emphasizing energy efficiency and fire protection. The website reflects a mature B2B business model with a consistent brand presence and a well-structured product catalog. Technically, the website is built on the Shopware e-commerce platform, utilizing modern web technologies such as JavaScript, CSS, and HTML5. It integrates third-party services like Signalize for marketing and eTracker for analytics, alongside Google reCAPTCHA for bot protection. The site is mobile-optimized with good SEO and basic accessibility features, hosted on servers associated with internet1.de. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. Security headers are likely present, and no critical vulnerabilities or exposed sensitive data were detected in the analyzed content. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are absent, representing areas for improvement. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. Strategic enhancements in security transparency and contact availability would further strengthen trust and operational resilience.

Ř

ŘÍHA

naholou.cz

47

The website 'Na holou' represents a small cultural theatre group based in the Czech Republic, active since at least 2005. It offers information about theatrical performances, photo and video galleries, and contact details primarily via email and Facebook. The business model appears to be focused on local cultural entertainment with a niche audience. Technically, the site is built using RapidWeaver CMS with common JavaScript libraries and Google Fonts, but lacks modern security and privacy features. The site uses HTTP URLs without HTTPS enforcement, lacks privacy and cookie policies, and does not implement security headers or secure forms. Overall, the security posture is weak, and privacy compliance is minimal. The domain age and WHOIS data support the legitimacy of the site as a long-standing small cultural entity. Strategic improvements in security, privacy compliance, and HTTPS adoption are recommended to enhance trust and protect visitors.

A

Alkom Security, a.s.

alkom.cz

56

Alkom Security, a.s. is a Czech Republic-based company specializing in security and low-voltage systems, operating since 1991. The company positions itself as a market leader offering comprehensive security solutions including installation, remote monitoring, and servicing for residential, commercial, and high-risk clients. Their services also extend to data cabling and mechanical security consulting. The website reflects a mature business with consistent branding and detailed service descriptions, targeting both individual homeowners and institutional clients. Technically, the site is built on WordPress hosted on WordPress.com, utilizing Jetpack for security and analytics. The site is mobile-optimized with good SEO practices but lacks some advanced security headers and explicit cookie consent mechanisms. Security posture is solid with HTTPS and no visible vulnerabilities, though incident response and security policies are not explicitly published. Overall, the site is professional, trustworthy, and compliant with GDPR basics, though improvements in privacy and security transparency are recommended.

A

AdgravityGroup S.L

neural.one

65

Neural.ONE is a small technology company based in Spain, operated by AdgravityGroup S.L, specializing in AI-powered marketing attribution solutions. Their website presents a professional and consistent brand image focused on delivering real-time marketing insights to optimize campaign ROI. The company targets marketing professionals and businesses seeking advanced attribution analytics. Technically, the website is built on the Squarespace platform, leveraging modern web technologies including Google reCAPTCHA for bot protection and Google Fonts for typography. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Security posture is strong with HTTPS and HSTS enabled, though DNSSEC is not configured. Privacy compliance is basic, with a cookie policy and consent mechanism present but lacking a published privacy policy or terms of service. No direct contact information or incident response details are publicly available, which limits transparency. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

M

Městský úřad Spálené Poříčí

spaleneporici.cz

50

The website spaleneporici.cz serves as the official digital presence of the municipal office of Spálené Poříčí, a town in the Czech Republic. It provides residents and visitors with comprehensive information about the town, including local news, official documents, event calendars, and tourism-related content. The site targets local citizens, tourists, and stakeholders interested in municipal services and community activities. The business model is government/public service oriented, focusing on transparency and community engagement. The domain is well-established since 2001, reinforcing its credibility and trustworthiness. Technically, the website employs a modern tech stack including HTML5, CSS, JavaScript, and integrates Google services such as Analytics, Tag Manager, reCAPTCHA, and Translate. It uses the vismo CMS platform, which is common for Czech municipal websites. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Hosting and domain registration are consistent with Czech providers, supporting local presence. From a security perspective, the site enforces HTTPS, uses Google reCAPTCHA to protect forms, and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit published security policies, incident response contacts, and vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. The security posture is solid but could be enhanced by adding security headers and formal policies. Overall, the website is a trustworthy, well-maintained municipal portal with good content quality and user experience. It demonstrates compliance with privacy regulations and employs standard security practices. Strategic improvements in transparency around security policies and incident handling would further strengthen its posture.

W

Wolf-Technik GmbH

wolf-technik.com

42

Wolf-Technik GmbH is a medium-sized German company specializing in the planning, production, installation, and service of heating and cooling technology solutions, including Wärmepumpen and Kälteanlagen. The company has a strong regional presence in northern Germany with over 900 installed heat pump systems and a global distribution network for refrigeration units. Their website reflects a professional business model focused on B2B clients in the energy and industrial sectors. Technically, the website is built on the Weblication CMS platform using standard web technologies like jQuery and JavaScript. While the site has good content quality and navigation, it lacks modern security implementations such as HTTPS and DNSSEC, which impacts its security posture. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional but requires security and privacy improvements to meet modern standards.

H

Heinz Tesch GmbH & Co. KG

tesch-sylt.de

49

Heinz Tesch GmbH & Co. KG is a well-established installer company based on Sylt, Germany, specializing in heating, sanitary, ventilation, and electrical building technology. Founded in 1969, the company serves both private and commercial customers with a strong emphasis on quality, customer service, and modern technology solutions. The website reflects a mature digital presence with comprehensive service descriptions, customer engagement features, and a clear local market focus. Technically, the site is built on TYPO3 CMS, employs modern web technologies, and integrates Google Analytics and YouTube for marketing and engagement. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in incident response and security policy disclosures. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, supporting the company's reputable market position.

W

Watt 2.0

wattzweipunktnull.de

57

Watt 2.0 is a German industry association focused on renewable energy, aiming to connect companies, academia, and policymakers to strengthen the renewable energy sector and promote sustainable solutions. The website presents a professional and consistent brand image with content primarily in German, targeting stakeholders in the energy sector. The business model is that of a trade association, providing networking and advocacy services within the renewable energy industry. Technically, the website uses modern web technologies with responsive design and good SEO practices, hosted on UI-DNS infrastructure. Security posture is moderate; while HTTPS is assumed, no explicit security headers or advanced policies are detected. Cookie consent mechanisms are implemented, but privacy and terms of service policies are missing, indicating room for compliance improvement. Overall, the site is accessible, safe, and professional but would benefit from enhanced transparency and security practices.

Q

Qred Bank AB

qred.se

64

Qred Bank AB is a specialized financial institution founded in 2015, focusing on providing financing solutions tailored for small and medium-sized enterprises across several European countries including Sweden, Finland, Denmark, Norway, Netherlands, Belgium, and Germany. Their core offerings include business loans, corporate credit cards with cashback benefits, and high-interest savings accounts. The company positions itself as a niche bank dedicated to supporting small business growth with fast and accessible financial products. The website reflects a mature digital presence with multi-language support and strong branding consistency. Technically, the website is built on the Webflow platform, integrated with HubSpot for marketing and customer engagement, and uses Google Tag Manager and Intellimize for analytics and optimization. The site is well-optimized for performance, mobile responsiveness, and SEO, with modern security headers and HTTPS enforced. Privacy compliance is robust, featuring cookie consent mechanisms and GDPR-aligned policies. From a security perspective, the site demonstrates good practices including secure transport, content security policies, and no visible vulnerabilities or exposed sensitive data. However, it lacks publicly available security policies or incident response contacts, which could be improved to enhance trust and transparency. The absence of WHOIS data for the exact subdomain www.qred.se suggests it may be a subdomain or alias, but the main domain qred.se is presumably registered and used. Overall, Qred Bank's website presents a professional, trustworthy, and user-friendly platform for SME financing. Strategic recommendations include publishing detailed security and incident response policies, implementing a vulnerability disclosure program, and continuing to monitor third-party scripts for security risks to maintain a strong security posture.

E

Evangelisch Luther

luth-kirche.li

58

The website www.luth-kirche.li represents a small, local religious organization affiliated with the Evangelisch Luther church in Liechtenstein. The site is built using the Wix platform and serves primarily as an informational portal for community members and visitors interested in the church's activities. The content is basic and primarily in German, with no advanced business or e-commerce features detected. Technically, the site uses standard Wix scripts and styles, with moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled but lacks important security headers and privacy policies. No contact information or incident response details are provided, limiting transparency and user trust. Overall, the site is legitimate and consistent with its stated purpose but would benefit from enhanced privacy compliance and security best practices.

L

Liechtensteinische Landesverwaltung

gesetze.li

54

The website gesetze.li is an official government legal database operated by the Liechtensteinische Landesverwaltung, providing up-to-date consolidated legal texts and state treaties for the Principality of Liechtenstein. It serves legal professionals, government officials, and the general public interested in Liechtenstein law. The site offers comprehensive search capabilities including full text, titles, abbreviations, and legal reference numbers, with a focus on accuracy and official information dissemination. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, and jQuery, with Matomo analytics integrated for user behavior tracking. The site is served over HTTPS with good SSL configuration, ensuring secure data transmission. The design is professional and consistent with government branding, optimized for mobile devices with basic accessibility features. From a security perspective, the site enforces HTTPS and secure form submissions but lacks advanced security headers and published security policies. There is no cookie consent mechanism despite the use of analytics, which may present minor privacy compliance gaps. No vulnerabilities or suspicious content were detected, and the domain registration aligns well with the official government entity, indicating high legitimacy. Overall, the website is a trustworthy and authoritative source for Liechtenstein legal information, with recommendations to enhance privacy compliance and security transparency to further strengthen user trust and regulatory adherence.

M

Město Sedlčany

mesto-sedlcany.cz

59

Město Sedlčany operates as the official municipal government website for the city of Sedlčany in the Czech Republic, providing residents and visitors with news, event information, public notices, and contact resources. The site targets local citizens and tourists, offering multilingual support and a range of municipal services. The business model is centered on public service and community engagement, positioning itself as a trusted local government authority. Technically, the website is built on the Public4u CMS platform, utilizing common web technologies such as jQuery and JavaScript. The site is moderately optimized for performance and mobile use, with basic accessibility features and good SEO practices. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, but lacks visible advanced security headers and explicit security policies. The absence of WHOIS data introduces some uncertainty regarding domain registration legitimacy, though the official nature of the content and domain suggests authenticity. Overall, the website is professional, trustworthy, and serves its intended audience effectively, with room for security and technical enhancements.

Études is a small architectural firm based in the Czech Republic, founded in 2018, focusing on innovative and sustainable architectural solutions. The company offers a range of services including renovation, restoration, consulting, project management, and digital engagement through an app and newsletter. The website is built on WordPress and hosted by a Czech hosting provider, reflecting a moderate level of technical maturity with good mobile optimization and accessibility. However, the site lacks critical privacy and security policies, contact information, and security headers, which impacts its overall security posture. No evidence of analytics or advertising tools was found, indicating minimal user tracking. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements in privacy compliance, security best practices, and contact transparency are recommended to enhance trust and compliance.