Security Directory

E

eLearning Brothers

lectoraonline.com

63

Lectora Online is a web-based eLearning authoring platform operated under the brand eLearning Brothers. The website offers a SaaS solution for creating and collaborating on training content, targeting corporate training teams and eLearning developers. The platform is positioned as a trusted and established tool in the eLearning industry, with a focus on ease of use and team collaboration. Technically, the website is built on Webflow CMS, uses modern JavaScript libraries like jQuery, and integrates Google Analytics and Cookiebot for analytics and privacy compliance. The site is hosted behind Cloudflare, ensuring good performance and security. Security posture is strong with HTTPS enforced and a comprehensive cookie consent mechanism, although explicit security headers and incident response policies are not published. The absence of WHOIS data for the domain www.lectoraonline.com raises concerns about domain registration legitimacy, which should be verified. Overall, the website is professional, privacy-conscious, and technically sound, but would benefit from improved transparency in domain registration and contact information.

E

ELB LEARNING

cenariovr.com

53

CenarioVR is a specialized VR course authoring platform developed by ELB LEARNING, founded in 2017. It targets eLearning professionals and organizations seeking to create immersive VR training content without coding. The platform supports multiple VR devices and integrates xAPI tracking and analytics, positioning itself as an accessible and versatile tool in the VR education technology market. The website reflects a professional and consistent brand image with clear contact information and customer testimonials, indicating a mature business presence. Technically, the website is built on Webflow CMS and leverages modern web technologies including Google Analytics, Google Tag Manager, and Google reCAPTCHA Enterprise for security and marketing. Hosting appears to be on AWS infrastructure. The site is mobile optimized and supports a range of VR platforms, demonstrating good digital maturity. However, some technical improvements such as enabling DNSSEC and adding security headers could enhance security posture. Security-wise, the site uses HTTPS and has implemented reCAPTCHA on forms, but lacks explicit security policies and incident response contacts. No major vulnerabilities were detected, but the absence of privacy and cookie policies and consent mechanisms indicates compliance gaps, especially regarding GDPR. The WHOIS data is consistent with the business claims, showing a legitimate and stable domain registration. Overall, the website is trustworthy and professionally managed but would benefit from enhanced privacy compliance and security best practices to reduce risk and improve user trust.

E

ELB Learning

elblearning.com

75

ELB Learning is a professional eLearning solutions company specializing in corporate training, gamification consulting, and learning management systems. They offer a broad range of services including custom course development, AI-powered training, VR simulations, and staff augmentation. Their market position is that of an established mid-sized B2B provider focused on delivering scalable and engaging learning experiences to businesses primarily in the US. Technically, the website is built on modern platforms such as Webflow and HubSpot, leveraging advanced marketing and analytics tools, and demonstrates excellent design, mobile optimization, and SEO practices. Security-wise, the company shows a strong posture with HTTPS enforcement, SOC 2 Type II compliance, and cookie consent mechanisms, though some security headers could be improved and incident response contact information is not publicly available. Overall, the site is trustworthy and professional, but the lack of WHOIS data for the domain introduces some uncertainty about domain registration transparency.

R

REIKEM IT Systemhaus

reikem.de

59

REIKEM IT Systemhaus GmbH is a German-based IT service provider specializing in IT security, telephony solutions, and web development. The company positions itself as a reliable partner offering comprehensive IT infrastructure management, consulting, and maintenance services tailored to business clients. Their website reflects a professional and modern digital presence with clear navigation, detailed service descriptions, and strong trust signals such as customer testimonials and partner affiliations. Technically, the site is built on Joomla CMS with modern frontend frameworks and includes analytics and marketing tools like Matomo and Google Tag Manager. Security measures include HTTPS enforcement and reCAPTCHA integration, although explicit security policies and incident response contacts are not publicly detailed. Overall, the website demonstrates a mature digital infrastructure and a solid security posture appropriate for a small IT service company.

K

Krieger

kies-krieger.de

57

Krieger is a well-established German company operating since 1891, specializing in raw materials extraction, processing, and logistics services including sand, gravel, concrete, natural stones, and transport solutions by road and inland waterways. The company positions itself as a sustainable and reliable partner along the entire value chain from resource extraction to delivery at construction sites. The website reflects a mature digital presence built on WordPress with modern SEO and cookie consent mechanisms, indicating a good level of digital maturity. Security posture is solid with HTTPS and cookie consent but lacks explicit security policies and incident response information. Overall, the site is professional and trustworthy but could improve compliance transparency and contact accessibility.

H

Heidelberg Materials

heidelbergmaterials.de

71

Heidelberg Materials is a leading global construction materials company with a strong market presence in Germany, particularly as the market leader in cement and ready-mixed concrete. The company offers a broad portfolio including cement, concrete, aggregates (sand, gravel), and precast concrete elements, with a strong focus on sustainability and innovation such as their evoZero® Carbon Captured Net-Zero Cement. The website reflects a mature enterprise with comprehensive product information, customer engagement through events and newsletters, and a consistent brand identity. Technically, the site is built on Drupal 11, leveraging modern web technologies and analytics tools, with good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

M

Make AS

make.as

74

Make AS is a Norwegian technology company specializing in providing user-friendly newsletter and communication services, including email marketing, SMS, and automation tools. The company emphasizes local expertise, personal service, and secure data storage on Norwegian servers, positioning itself as a trusted partner for Norwegian businesses and organizations. Their market position is strengthened by certifications such as 'Made in Norway' and memberships in reputable Norwegian industry associations. Technically, the website is built on WordPress with modern plugins and frameworks, optimized for performance, SEO, and accessibility. Security posture is strong with HTTPS, cookie consent management, and integration of third-party services like Cloudflare and Intercom with privacy considerations. Overall, the website reflects a professional, secure, and privacy-conscious business with clear contact information and trust indicators.

7

711 Online Casino

711.nl

61

711 Online Casino operates as a Dutch online gambling platform offering casino games and sports betting services. The website targets adult users in the Netherlands, promoting player bonuses and emphasizing fairness and high RTP (Return to Player) rates. The business positions itself as a popular and trustworthy online casino within the Dutch market. Technically, the website employs modern web technologies including JavaScript frameworks (likely Vue.js), Google Tag Manager for analytics, and third-party marketing and support tools such as Zendesk and XtremePush. The site is mobile-optimized with good SEO practices but lacks explicit privacy and terms of service pages in the provided content. Security posture is moderate with HTTPS enforced and some security best practices observed, though some security headers are missing or not explicitly detected. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the domain registration data aligns well with the website's business claims, supporting legitimacy. The site is rated NSFW due to its gambling content and adult audience targeting.

Grosvenor Casinos operates a professional online casino platform targeting UK players, offering a variety of gambling services including slots, jackpots, live casino games, and poker. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, analytics, and user engagement tools. However, the absence of WHOIS registration data raises concerns about domain transparency and regulatory compliance, which is critical in the gambling industry. Security measures such as HTTPS and bot protection via Cloudflare Turnstile are in place, but explicit security policies and headers are not evident in the provided content. Privacy compliance is partially addressed through OneTrust cookie consent, though a clear privacy policy was not detected in the HTML snippet. Overall, the site presents a trustworthy and professional front but would benefit from enhanced transparency and security documentation.

8

888slots | 800+ Slots Spiele | Online Spiele Deutschland

888casino.com

68

The website www.888slots.de operates as an online gambling platform focused on slot games, targeting the German market. It positions itself as a leading provider of online slot entertainment with over 800 games, catering exclusively to adult users due to the nature of gambling services. The platform employs modern web technologies and integrates standard marketing and analytics tools such as Google Tag Manager and Adobe Helix RUM. Cookie consent is managed through OneTrust, indicating a baseline level of privacy compliance. However, explicit privacy policies and terms of service documents are not found in the provided content, which is a compliance gap. Security posture is solid with HTTPS enforcement and security headers, but incident response and security policy disclosures are absent. Overall, the domain registration and hosting align with the website's claims, supporting legitimacy. The site is professionally designed with good user experience and mobile optimization, though accessibility could be improved.

BetVictor operates as an online gambling and betting platform, providing services primarily focused on sports betting and casino games. The domain has a long history dating back to 2002, indicating an established presence in the online gambling industry. However, the analyzed page is a geographic restriction block page, preventing access to the main site content for users in prohibited locations. This limits the ability to fully assess the website's content and features. Technically, the site uses Google Analytics and Google Tag Manager for tracking and analytics, but lacks visible security headers or advanced security policies on the blocked page. The page is minimally designed, serving only to inform users of access restrictions, with no privacy or cookie policies presented. The domain registration data is consistent with a legitimate UK-based gambling operator, with a long registration period and transfer protection. From a security perspective, the absence of security headers and privacy policies on this page is a concern, although it may be due to the nature of the block page. The use of HTTPS is assumed but not verifiable from the provided data. The site employs geographic blocking as a compliance measure to restrict access from prohibited jurisdictions. Overall, the security posture on this page is weak, and privacy compliance indicators are missing. Given the content is blocked and minimal, the overall risk assessment is limited. Strategic recommendations include improving transparency by providing accessible privacy and cookie policies, implementing security headers, and ensuring incident response contacts are available. Enhancing the user experience with a more informative block page and ensuring compliance with data protection regulations would also benefit the site.

A

ATG

swedishhorseracing.com

54

The website www.swedishhorseracing.com serves as an information and betting platform focused on Swedish horse racing, primarily associated with ATG. It offers race replays, race schedules, news, tips, and betting options targeting horse racing enthusiasts and partners. The site is well-branded with consistent ATG identity and provides a good user experience with clear navigation and relevant content. Technically, it employs modern web technologies including AngularJS, JWPlayer for media, Google Tag Manager for analytics, and AdRoll for advertising and retargeting. Security is robust with HTTPS enforced and multiple security headers present, alongside the use of Google reCAPTCHA to protect forms. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and branding suggest a legitimate business presence. Privacy compliance is addressed primarily through cookie policies with GDPR considerations, but lacks explicit terms of service and detailed security policies. Contact information is limited to a web form and social media presence on Facebook. Overall, the site is professional and trustworthy but would benefit from enhanced transparency in domain registration and expanded compliance documentation.

P

PokerStars

pokerstars.uk

68

PokerStars is a leading online poker platform offering a wide range of poker games and tournaments, including Spin & Go and Power Path. The platform targets adult users interested in online poker and provides a secure, licensed environment with player protection and responsible gaming tools. The website is professionally designed, mobile-optimized, and features comprehensive privacy and cookie consent mechanisms. Technically, the site uses modern web technologies such as React, Google Tag Manager, and Optimizely, hosted on AWS infrastructure. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities. The WHOIS data confirms domain legitimacy and consistency with the business history. Overall, PokerStars presents a trustworthy and mature online gaming service.

N

Napoleon Games NV

napoleongames.be

61

Napoleon Games NV operates a leading online gambling platform in Belgium, offering a wide range of casino games, live casino, dice games, and sports betting services. The company targets adult users (21+) and positions itself as Belgium's best online casino and bookie, supported by strong branding and sponsorships in Belgian sports. The website is professionally designed with consistent branding and clear navigation, providing comprehensive legal and responsible gaming information to comply with local regulations. Technically, the site uses modern web technologies including Vue.js, Google Tag Manager, and OneTrust for cookie consent, hosted via Fastly CDN, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and no exposed sensitive data, though the absence of explicit security policies and vulnerability disclosure mechanisms suggests room for improvement. Overall, the domain registration and WHOIS data confirm legitimacy and consistency with the business claims. The site is fully accessible without WAF blocking, and privacy compliance is well addressed. Recommendations include enhancing security headers, publishing security policies, and providing direct contact information for security incidents to further strengthen trust and compliance.

H

Hard Rock Hotels

hardrockhotels.com

72

Hard Rock Hotels operates a global hospitality and entertainment brand specializing in hotels, resorts, and casinos. The website presents a professional and consistent brand image targeting travelers and casino visitors. The business model focuses on providing hotel accommodations combined with casino and resort experiences, positioning itself as a major player in the hospitality industry. Technically, the site uses modern JavaScript libraries, multiple tag management systems, and analytics tools, indicating a mature digital infrastructure. However, mobile optimization and accessibility are basic and could be improved. Security posture is generally strong with HTTPS enforced and use of reputable third-party analytics, but lacks visible security headers and formal privacy or cookie policies. The absence of WHOIS data for the subdomain is expected and does not detract from legitimacy, as the subdomain is part of the larger hardrock.com domain. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced privacy compliance and security best practices.

G

GiG Software PLC

gig.com

74

GiG Software PLC is a leading technology company specializing in providing advanced iGaming platform and sportsbook solutions to operators in multiple regulated markets worldwide. Their award-winning platform integrates AI technologies and offers a comprehensive suite of services including omnichannel solutions, managed services, and real-time data analytics. The company holds licenses from the Malta Gaming Authority and the UK Gambling Commission, underscoring its regulatory compliance and market credibility. The website reflects a mature digital presence with professional design, clear navigation, and mobile optimization, targeting B2B clients in the gaming industry. Technically, the website is built on WordPress with modern SEO and analytics tools such as Google Analytics, FullStory, and LinkedIn Insight Tag. Security best practices are observed with HTTPS enforcement, reCAPTCHA integration, and cookie consent mechanisms, although some security headers could be explicitly confirmed. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data is a minor concern but is mitigated by the strong trust signals on the site. Overall, GiG demonstrates a strong security posture and compliance awareness, with room for improvement in publishing explicit security policies and incident response contacts. The company’s digital infrastructure supports its business model effectively, providing a scalable and adaptable platform for regulated iGaming operators. Strategic recommendations include enhancing security header implementation, establishing a vulnerability disclosure program, and improving transparency around incident response.

G

Gamesys

gamesysgroup.com

58

Gamesys is a large international online gaming operator positioned as a subsidiary of Bally’s Corporation. The website presents a professional corporate image with clear branding and links to investor relations, corporate governance, and responsible gambling resources. Technically, the site uses common web technologies including jQuery and Google Analytics, and is built on the Umbraco CMS platform. While the site includes cookie consent and privacy policies indicating GDPR compliance, there is a lack of explicit security headers and no visible contact information on the homepage, which could be improved. The WHOIS data is unavailable, which raises some concerns about domain registration transparency, but the overall site content and external references support legitimacy. The site is accessible with no WAF or blocking detected and contains no adult or explicit content, targeting a general audience interested in online gaming.

F

Fair Play Online Casino

fairplaycasino.nl

52

Fair Play Online Casino is a well-established Dutch online gambling platform founded in 2000, offering a wide range of casino games including slots, live casino, and tournaments. The website targets adult users interested in online casino gaming and provides various bonuses and promotions to attract new players. The platform demonstrates a solid market position within the Dutch online gambling sector, supported by a broad game portfolio and active user engagement features such as live updates of recent winners. Technically, the website is built using modern web technologies including Next.js and React, with content managed via Builder.io. It employs Cookiebot for cookie consent management and integrates analytics tools such as Google Analytics and Ahrefs Analytics for performance and user behavior tracking. The site is mobile-optimized and features good SEO practices, although accessibility features are basic. From a security perspective, the site enforces HTTPS with a good SSL configuration and DNSSEC is enabled, enhancing domain security. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and could be improved. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is well-managed with clear privacy and cookie policies and GDPR compliance indicators. Overall, the website presents a professional and trustworthy online casino platform with a good balance of business credibility, technical implementation, and privacy compliance. Strategic improvements in security headers and incident response disclosures could further enhance its security posture.

O

OneDoc SA

onedoc.ch

73

OneDoc SA operates a leading online medical appointment booking platform in Switzerland, enabling patients to find and book appointments with doctors, dentists, and therapists both for in-person visits and teleconsultations. Founded in 2017 and headquartered in Geneva, OneDoc has established a strong market position with subsidiaries covering different Swiss regions. The platform offers a user-friendly experience with mobile app support, SMS reminders, and a comprehensive help center. Technically, the website employs modern web technologies including Google Tag Manager, Google Maps API, and a consent management platform, ensuring good performance and mobile optimization. Security posture is strong, supported by ISO 27001 and DPCO certifications, encrypted data storage in Switzerland, and GDPR-compliant privacy and cookie policies. No critical vulnerabilities or suspicious activities were detected. Overall, OneDoc demonstrates a mature digital infrastructure and trustworthy business operations in the healthcare technology sector.

E

ELB Learning

elearningbrothers.com

75

ELB Learning is a US-based medium-sized company specializing in corporate eLearning solutions, including custom course development, gamification consulting, AI-powered training, and learning management systems. The company targets businesses seeking to enhance employee training and leadership development through modern, scalable learning technologies. Their market position is solid, supported by a broad portfolio of services and products, including award-winning LMS platforms and immersive VR training solutions. Technically, the website is built on Webflow with integrated HubSpot marketing and analytics tools, demonstrating a mature digital infrastructure with good performance and mobile optimization. Security posture is strong with HTTPS, SOC 2 Type II compliance, and comprehensive privacy and cookie policies, although the absence of WHOIS registration data slightly reduces trust. Overall, ELB Learning presents a professional, trustworthy online presence with robust business and technical foundations.

A

axilaris GmbH

axilaris.de

68

axilaris GmbH is a German IT service provider specializing in premium, tailored IT infrastructure, software development, and IT security services primarily targeting medium-sized enterprises (Mittelstand) in Germany. The company emphasizes secure, scalable, and user-friendly IT solutions, supported by a regional data center in Chemnitz certified under ISO 27001. Their website reflects a professional and consistent brand image, showcasing key services, customer testimonials, and active recruitment, indicating a stable market presence. Technically, the site uses modern web technologies including Contao CMS, Matomo analytics, and Google Tag Manager, with good mobile optimization and SEO practices. Security posture is strong with ISO certification and HTTPS usage, though explicit security headers and vulnerability disclosure mechanisms are absent. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

G

GREEN IT Das Systemhaus GmbH

greenit.systems

72

GREEN IT Das Systemhaus GmbH is a small German IT system house specializing in sustainable IT solutions, based in Dortmund. The company positions itself as a provider that combines ecological and economic aspects to address current and future IT challenges. The website is professionally designed, well-structured, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, the site is built on WordPress with Elementor and integrates advanced cookie consent management, multiple analytics, and marketing tools, indicating a modern and compliant infrastructure. Security posture is strong with HTTPS, Wordfence protection, and consent-based data collection, though some security headers could be improved. WHOIS data is unavailable, but the website's professional appearance and consistent branding support legitimacy. Overall, the site demonstrates a solid business and technical foundation with good privacy and security practices.

kath.de is a well-established independent Catholic news portal based in Germany, operating since 1995. It provides news, commentary, and links related to Catholicism, targeting German-speaking audiences interested in religious and spiritual content. The site is supported by donations and partners with several Catholic organizations, reinforcing its position as a trusted media source within its niche. Technically, the website is built on Ruby on Rails with modern web technologies, including Turbolinks and Google Analytics integration. It demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Security-wise, the site enforces HTTPS, uses CSRF tokens, and includes some security headers, but lacks visible cookie consent mechanisms and explicit security policies. Overall, the domain registration data aligns well with the website's content and business model, indicating high legitimacy and trustworthiness.

S

Schoenstatt

schoenstatt.com

60

Schoenstatt.com is the official website of the International Schoenstatt Movement, a Catholic non-profit organization founded in 1914 and active internationally across five continents. The website serves as a central platform for community engagement, spiritual education, and dissemination of news and resources related to the movement. It targets members and followers of the movement, providing multilingual content and multimedia resources to support its mission. Technically, the website is built on WordPress with Elementor and Yoast SEO Premium, hosted by IONOS SE. It uses modern web technologies including HTTPS, Google Tag Manager, and reCAPTCHA for security and analytics. The site demonstrates good mobile optimization and SEO practices, although performance is moderate and accessibility is basic. From a security perspective, the site enforces HTTPS and uses domain locking to prevent unauthorized changes. However, DNSSEC is not enabled, and some recommended security headers are missing. Privacy compliance is weak due to the absence of explicit privacy and cookie policies and consent mechanisms. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the website is professional, trustworthy, and content-rich, supporting the organization's mission effectively. Strategic improvements in privacy compliance, DNS security, and security headers would enhance its security posture and regulatory adherence.

W

Webite, s.r.o.

webite.cz

47

Webite, s.r.o. is a small web design studio based in Brno, Czech Republic, specializing in comprehensive web services including UX design, SEO optimization, and web and mobile application development. The company positions itself as a professional and client-focused service provider with a portfolio of notable clients and positive testimonials. The website is well-structured, professionally designed, and targets businesses seeking quality web solutions. Technically, the site employs modern web technologies such as Bootstrap, jQuery, and Google services, with good mobile optimization and moderate performance. Security posture is solid with HTTPS enforced and Google reCAPTCHA protecting contact forms, though the absence of certain security headers suggests room for improvement. Privacy compliance is strong, featuring a detailed privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the website reflects a trustworthy and credible business with a good balance of technical and business maturity.

Š

Šetina, Komendová & Partners s.r.o., Law Office

akskp.cz

65

Šetina, Komendová & Partners s.r.o. is a small law office based in Brno, Czech Republic, specializing in IT law, subsidies, and business corporation legal services. The firm emphasizes client-focused, innovative legal solutions and has international experience. Their website reflects a professional and trustworthy presence with clear contact information and a privacy-aware approach. Technically, the site is built on the Webnode CMS platform, uses Amazon Cloudfront CDN, and integrates common analytics and marketing tools such as Google Analytics and Hotjar. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers are missing. WHOIS data is unavailable, likely due to privacy protection, which is common for small professional firms. Overall, the site is well-designed, accessible, and compliant with basic privacy regulations.

S

SYNER, s.r.o.

syner.cz

50

SYNER, s.r.o. is a prominent Czech construction and engineering company with nearly 35 years of market presence, ranking among the top 10 in the Czech Republic. The company specializes in a broad range of construction projects including administrative, residential, industrial, and infrastructure developments, with a strong focus on sustainability and innovative technologies such as BIM. Their business model integrates multiple divisions and resources to deliver tailored, high-quality solutions to investors and clients. Technically, the website employs modern JavaScript libraries and analytics tools, indicating a moderate to advanced digital maturity. Security posture is solid with HTTPS and CSRF protections, though improvements in security headers and incident response disclosures are recommended. Overall, the website is professional, trustworthy, and compliant with GDPR, though cookie consent mechanisms could be enhanced.

B

BikeFair | Marketplace For Bikes | Buy or Sell Your Bike

bikefair.org

62

BikeFair.org operates as an online marketplace specializing in the buying and selling of new and second-hand bicycles. The platform targets local bike enthusiasts and buyers, offering a searchable inventory of over 5,400 bikes with filters based on location and bike attributes. The business appears to be a small-sized entity founded in 2019, focusing on the transportation sector with a niche in cycling commerce. Technically, the website leverages modern web technologies including Nuxt.js, Cloudflare DNS, and CDN hosting via DigitalOcean Spaces, complemented by popular analytics and advertising tools such as Google Analytics, Microsoft Clarity, Facebook Pixel, and Bing Ads. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms, which also impacts user trust and regulatory adherence. Overall, the website is functional and professional but would benefit from improved transparency and security practices.

S

Saba Rock

sabarock.com

56

Saba Rock is a hospitality-focused website likely representing a resort or tourism service provider. The domain is well-established since 1998, indicating a mature business presence. The website employs modern frontend technologies such as Vue.js and Tailwind CSS, with integrated marketing and analytics tools including Google Tag Manager and Facebook Pixel. However, the site lacks visible privacy, cookie, and terms of service policies, which are critical for compliance and user trust. Security posture is moderate with no detected security headers or vulnerability disclosures, and no signs of WAF or content blocking were found. Overall, the site presents a professional but basic digital presence with room for improvement in privacy and security compliance.

T

Tregler Paliva

tregler-paliva.cz

49

Tregler Paliva is a small, established business specializing in the purchase, processing, and sale of quality firewood primarily serving the Czech Republic and Austria. Founded in 1991, the company has a strong regional presence and targets both consumer and business customers seeking firewood products. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern JavaScript frameworks, Laravel Nova for administration, and integrates multiple analytics and tracking tools including Matomo, Google Tag Manager, Facebook Pixel, and Smartlook. The hosting and domain registration are consistent with the business location and claims, enhancing trustworthiness. Security posture is adequate with HTTPS enabled and secure admin routes, but lacks some security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies despite cookie consent mechanisms. Overall, the site is functional and trustworthy but would benefit from improved privacy transparency and security best practices.

C

CardPro - Specializovaný e-shop na Pokémon TCG

cardpro.cz

56

CardPro.cz is a specialized e-commerce platform focused on selling Pokémon Trading Card Game (TCG) products, including booster packs, elite trainer boxes, special sets, gift tins, accessories, and individual cards. The website targets collectors, players, and gift buyers within the Czech Republic, positioning itself as a niche retailer with a professional and modern online presence. Founded in 2023, the business leverages modern web technologies such as Nuxt.js and Vue.js, hosted with Cloudflare and DigitalOcean services, ensuring fast performance and excellent mobile optimization. The site integrates multiple analytics and marketing tools including Google Tag Manager, Microsoft Clarity, and Facebook Pixel, indicating a moderate level of user tracking and marketing sophistication. Security posture is good with HTTPS enforced and Cloudflare protection, but lacks explicit privacy, cookie, and terms of service policies, which are critical for GDPR compliance and user trust. Contact information is not explicitly found in the provided content, which may impact customer confidence. Overall, the website is well-designed and functional but requires improvements in privacy compliance and transparency to enhance trust and legal adherence.

C

CandyKeys

candykeys.com

59

CandyKeys is an established small e-commerce retailer specializing in mechanical keyboards, keycaps, switches, and related components, primarily serving customers in Germany and the EU with worldwide shipping since 2016. The website demonstrates a modern technical infrastructure using Nuxt.js, Tailwind CSS, Font Awesome, and integrates Google Analytics and Tag Manager for marketing and analytics purposes. DNS is managed via Cloudflare, and the domain is registered with IONOS SE, indicating a stable and legitimate online presence. Security posture is generally good with HTTPS enabled and domain transfer protection, but lacks published privacy, cookie, and security policies, which are critical for GDPR compliance and user trust. No contact information or incident response details are found, limiting transparency. Overall, the site is professional and functional but would benefit from enhanced privacy compliance and security disclosures.

M

Moje NEO

mojeneo.cz

48

Moje NEO is a Czech financial group offering a unique license product called the NEO licence, which provides users with a variety of financial benefits including cashback, insurance claim assistance, real estate services, business mentoring, commissions, financial products, and education. The company positions itself as a modern financial partner with 30 years of experience, targeting individuals and entrepreneurs seeking financial freedom and personalized financial solutions. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, hosted on DigitalOcean, and uses standard tracking tools like Google Tag Manager and Facebook Pixel. The site is well-designed, mobile-optimized, and SEO-friendly, but lacks explicit privacy and terms of service pages, which are important for compliance. Security posture is good with HTTPS and security headers implemented, but incident response and security policies are not publicly disclosed. Overall, the website is professional and trustworthy but could improve transparency and compliance documentation.

F

Fidurock

fidurock.com

61

Fidurock is a Czech real estate investment group specializing in residential and commercial property investments. The company positions itself as a trustworthy and transparent investment partner focusing on long-term growth and sustainability. The website reflects a professional and modern digital presence, utilizing contemporary web technologies such as Nuxt.js and Tailwind CSS, and integrates analytics tools like Google Analytics and Google Tag Manager for performance and user behavior tracking. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks explicit security policies, incident response contacts, and advanced security headers. Privacy compliance is partially addressed through a cookie consent mechanism, but no dedicated privacy policy or terms of service pages were found. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

L

Livimi

livimi.com

66

Livimi is a Czech Republic-based real estate rental platform offering modern apartments in prime urban locations with a focus on digitalized rental processes. The company is part of the Fidurock investment group, leveraging over a decade of experience in property management. Their business model emphasizes direct rentals without commission, digital contract signing, and online housing management, targeting individuals seeking convenient and transparent urban living solutions. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, hosted on DigitalOcean infrastructure, and optimized for performance and mobile responsiveness. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Privacy compliance is strong with clear GDPR and cookie policies. Overall, the website presents a professional, trustworthy, and user-friendly experience with moderate tracking for analytics and marketing purposes.

F

Fidurock

nearliving.cz

44

NEAR living is a modern residential real estate development project located in the rapidly evolving Prague district of Palmovka. The project offers a range of apartments from 1+kk to 3+kk, combining urban lifestyle with tranquility and high-quality architectural design. The website is professionally designed using modern technologies such as Nuxt.js and Vue.js, with strong mobile optimization and good SEO practices. The security posture is solid with HTTPS and secure forms, though explicit security headers and a published security policy are missing. Privacy compliance is well addressed with a GDPR-compliant privacy policy and cookie consent mechanism. The WHOIS data shows inconsistencies with a future domain creation date, which slightly impacts trust but does not undermine the overall legitimacy of the business. Strategic recommendations include improving security headers, publishing a security policy, and verifying WHOIS data accuracy.

S

Schmerlenbach

schmerlenbach.de

52

Schmerlenbach is a well-established conference and hospitality center operated under the Bistum Würzburg, offering modern meeting facilities, accommodation, and catering services in a natural setting in Germany. The website reflects a professional and comprehensive digital presence, targeting business travelers, event organizers, families, and groups. It is positioned as a top-tier conference hotel with recognized certifications and awards. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance, mobile optimization, and SEO. Security posture is solid with HTTPS and cookie consent management, though some security headers could be improved. Overall, the site demonstrates strong business credibility and compliance with GDPR. No blocking or WAF interference was detected, allowing full content access and analysis.

Q

Quatro

quatro.sk

64

Quatro is a leading Slovak financial services company specializing in installment payment solutions for consumer goods and services. Operating since 1999 and part of the VÚB Intesa Sanpaolo banking group, it serves nearly a million Slovak customers through a network of over 5000 retail and e-commerce partners. The website reflects a mature digital presence with good content quality, clear navigation, and mobile optimization. Technically, it employs modern JavaScript libraries, Google Analytics, and Google Tag Manager with GDPR-compliant consent mechanisms. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy and professionally maintained, supporting the company's market leader position.

E

ESSOX s.r.o.

essox.cz

70

ESSOX s.r.o. is a leading Czech non-bank financial services provider specializing in consumer financing solutions including vehicle loans, installment purchases, cash loans, and credit cards. The company is part of the Komerční banka and Société Générale financial groups, which enhances its market credibility and financial backing. The website reflects a mature digital presence with comprehensive service offerings and strong branding consistency. Technically, the site employs modern web technologies such as Google Tag Manager and Swiper.js, and it is optimized for mobile devices with good accessibility and SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and incident response transparency. Overall, ESSOX presents a trustworthy and professional online presence aligned with its business stature.

O

Office Pro s.r.o.

mujnavrh.cz

43

Office Pro s.r.o. operates a professional e-commerce platform specializing in office furniture and accessories, primarily serving the Czech market. The website offers a unique 3D office design tool enabling customers to create and customize office layouts online, enhancing user engagement and service differentiation. The company maintains a consistent brand presence with active social media channels and a comprehensive privacy and cookie policy aligned with GDPR requirements. Technically, the site leverages modern JavaScript libraries including Babylon.js for 3D rendering, and integrates multiple analytics and advertising pixels for marketing optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though additional security headers and explicit security policies could enhance trust. The absence of WHOIS data limits domain transparency, but the website's professional content and business indicators suggest legitimate operations. Overall, the site is well-positioned in its niche with moderate technical maturity and good compliance practices.

O

Office Pro s.r.o.

officepro.cz

42

Office Pro s.r.o. is a Czech company specializing in office furniture and accessories, offering recognized brands such as OFFICE PRO and HOBIS. The company targets business customers seeking quality office chairs, desks, and custom furniture solutions. Their website provides detailed product information, a 3D office design tool, and a blog with relevant content. Technically, the website employs modern analytics and marketing technologies including Google Tag Manager, Facebook Pixel, TikTok Pixel, and Microsoft Clarity, with HTTPS enabled ensuring secure connections. However, the absence of WHOIS data and lack of visible privacy and terms of service pages indicate areas for improvement in transparency and compliance. Security posture is generally good but could benefit from enhanced HTTP security headers and clearer incident response contacts. Overall, the site is professional, content-rich, and safe for general audiences, supporting a medium-sized business with a solid market position in the Czech Republic.

O

Office Pro s.r.o.

hobis.cz

44

Office Pro s.r.o. operates a professional website focused on the sale and custom manufacturing of ergonomic office furniture under the HOBIS brand. The company leverages a long tradition associated with the HON manufacturer, emphasizing quality, ergonomics, and functionality to enhance workplace productivity. The website targets businesses and office environments seeking modern, ergonomic furniture solutions. Technically, the website employs modern analytics and marketing technologies including Google Analytics, Facebook Pixel, TikTok Pixel, and Microsoft Clarity, alongside a cookie consent mechanism to comply with privacy regulations. The site is served over HTTPS with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced but lacks explicit security headers and visible security policies. The absence of WHOIS data limits domain registration trust analysis, but the website content and certifications provide strong trust signals. Overall, the site is professional, content-rich, and trustworthy from a business perspective.

B

Betriebs-Berater

betriebs-berater.com

50

Betriebs-Berater is a German professional publication specializing in tax, business law, accounting, and labor law content targeted at tax advisors, accountants, and legal professionals. The website offers newsletters, articles, and event information, operating under a subscription-based model. It is likely owned or affiliated with Rudolf Müller Verlag GmbH, as indicated by multiple links to ruw.de, a known publishing group. The site is well-branded and consistent, with a professional design and good content quality.

W

WBS GRUPPE

wbs-gruppe.de

56

WBS GRUPPE is a leading German education provider specializing in online and offline training and further education services. The company operates under six strong brands, targeting individuals seeking professional development and vocational training. Their market position is strong within Germany and internationally, focusing on digital education solutions. The website is built on TYPO3 CMS and integrates modern consent management tools such as Cookiebot, reflecting a mature digital infrastructure. The site demonstrates good SEO, accessibility, and mobile optimization, supporting a positive user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected. Overall, the website reflects a professional and trustworthy educational institution with strong GDPR compliance and transparent cookie policies.

C

chemmedia AG

knowledgeworker.com

65

chemmedia AG operates the Knowledgeworker platform, a comprehensive E-Learning software suite designed for corporate clients. Their offerings include an AI-integrated authoring tool, a learning management system, a scenario-based digital coach, and a microlearning app. The company emphasizes GDPR compliance, data privacy, and high-quality, modular learning solutions. The website is professionally designed, mobile-optimized, and integrates modern analytics and marketing tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS and consent management, though some security headers could be enhanced. The absence of WHOIS data is notable but does not detract from the overall legitimacy given the professional presentation and client references. Strategic recommendations include enhancing security headers and publishing explicit security policies.

H

HELENA HARFST

helenaharfst.de

58

HELENA HARFST is a small German-based sustainable fashion brand specializing in durable, timeless clothing designed and produced in Germany. The company emphasizes regional craftsmanship, zero-waste production, and offers a curated e-commerce platform with unisex and limited edition collections. The website is professionally designed using WordPress and WooCommerce with modern marketing integrations such as Google Analytics, Facebook Pixel, and Mailchimp. Security posture is strong with HTTPS enforced and standard security headers, though improvements like Content-Security-Policy and incident response information could enhance trust. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the website presents a trustworthy, professional retail platform with a clear brand identity and good user experience.

C

Cookies lišta, s.r.o.

cookieslista.cz

49

Cookies lišta, s.r.o. is a Czech-based small technology company specializing in providing comprehensive cookie consent and GDPR compliance solutions tailored for websites. Their offerings include a cookie consent bar, privacy policy generator, and ongoing legislative and technological updates, positioning them as a niche player in the compliance software market. The company collaborates with legal experts and web design studios to ensure both legal accuracy and technical quality. Their market focus is primarily on Czech businesses needing to comply with evolving cookie legislation effective from 2022 and beyond. Technically, the website is built on WordPress and leverages modern JavaScript libraries and third-party services such as Google Analytics, Google Tag Manager, Facebook Pixel, Hotjar, and Smartsupp live chat. The site demonstrates good SEO practices, mobile optimization, and a user-friendly interface with clear navigation and professional design. Consent management is robust, with scripts loaded conditionally based on user consent, reflecting a mature digital compliance posture. From a security perspective, the site enforces HTTPS and implements consent-based script loading to protect user privacy. However, no explicit security headers were detected, suggesting room for improvement in hardening the site against common web threats. The absence of WHOIS data due to privacy protection is typical for small businesses and does not raise immediate concerns given the professional presentation and clear contact information. Overall, the website presents a low-risk profile with strong compliance focus, good technical implementation, and transparent business operations. Strategic recommendations include enhancing security headers, maintaining up-to-date third-party script audits, and possibly publishing a formal security policy to further build trust.

M

Messe München GmbH

bau-muenchen.com

63

BAU München is a globally recognized trade fair organizer specializing in architecture, building materials, and systems. The website serves as a comprehensive platform for event information, exhibitor registration, and industry insights, targeting architects, planners, investors, and craftsmen. The site is professionally designed, mobile-optimized, and uses modern web technologies including web components and elastic search for enhanced user experience. Privacy compliance is robust, leveraging Usercentrics CMP and providing a comprehensive privacy policy in German. Security posture is strong with HTTPS, security headers, and domain transfer protections, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Overall, the website reflects a mature, trustworthy, and well-managed digital presence aligned with Messe München GmbH's brand and business objectives.

Z

ZENIT - English

zenit.org

60

ZENIT is a well-established religious news agency providing multilingual coverage of Catholic Church affairs and related religious topics. Founded in 1997, it operates as a non-profit media organization funded primarily through reader donations. The website offers news articles, documents, and newsletters targeting a general audience interested in religious news. Technically, the site is built on WordPress with modern plugins and frameworks such as Yoast SEO, Bootstrap, and integrates Google Analytics, Tag Manager, and HubSpot for marketing and analytics. The site is hosted behind Cloudflare, ensuring good performance and security. Security posture is adequate with HTTPS enforced and domain transfer protections, but lacks DNSSEC and explicit security policies or incident response information. Privacy compliance is basic with cookie consent implemented via Iubenda. Overall, the website is professional, trustworthy, and serves its niche effectively, though improvements in security transparency and DNS security are recommended.

A

Agentur Werbezeit

agentur-werbezeit.com

54

Agentur Werbezeit is a small, German-based creative advertising agency specializing in generating ideas to increase brand awareness for companies and products. Founded in 2015, the agency leverages a small but experienced team to deliver marketing and media services. The website is professionally designed using WordPress with modern plugins for SEO and GDPR compliance, reflecting a mature digital presence. The technical infrastructure includes Google Analytics and Tag Manager for marketing insights, and the site is secured with HTTPS. Privacy and cookie policies are comprehensive and GDPR compliant, with a clear consent mechanism. However, no explicit contact emails or phone numbers are published, relying on a contact form for communication. Security posture is good but could be improved by enabling DNSSEC and adding security headers. Overall, the website presents a trustworthy and professional image suitable for its target audience of businesses seeking marketing services.