Security Directory

S

Stadt Eschweiler

eschweiler.de

59

The website www.eschweiler.de is the official digital presence of the city of Eschweiler, Germany. It serves as a comprehensive portal for residents, businesses, and visitors, offering detailed information on city administration, social services, education, culture, economic development, and public safety. The site is well-structured with deep navigation menus and localized content primarily in German, with some English sections for economic development. The business model is that of a public sector municipal government website, focusing on information dissemination and service facilitation. Technically, the site is built on the ionas4 CMS platform, utilizing modern web technologies such as HTML5, CSS3, JavaScript, and SystemJS for module loading. It employs Matomo analytics, indicating a privacy-conscious approach to user tracking. The hosting appears to be managed by RegioIT Aachen, a regional provider, with secure HTTPS configuration and use of integrity attributes for resources. Mobile optimization and accessibility are good, supporting a wide range of users. From a security perspective, the site enforces HTTPS and includes some security best practices, though additional headers like Content-Security-Policy could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with a comprehensive privacy and cookie policy present, including consent mechanisms. However, no explicit incident response or vulnerability disclosure policies were found. Overall, the website presents a low-risk profile with a high degree of trustworthiness and professionalism. Strategic recommendations include enhancing security headers, publishing incident response contacts, and considering a formal vulnerability disclosure policy to further strengthen security posture and transparency.

U

Universität Erfurt

uni-erfurt.de

66

Universität Erfurt is a medium-sized public university in Germany specializing in humanities and social sciences, offering Bachelor and Master degree programs alongside active research initiatives. The website is built on TYPO3 CMS and integrates Matomo for analytics, reflecting a modern and mature technical infrastructure. The site is well-designed, mobile-optimized, and provides clear navigation for diverse audiences including prospective students, current students, researchers, alumni, and staff. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements can be made by adding explicit security headers and cookie consent mechanisms. Overall, the website demonstrates high professionalism and trustworthiness, supporting the university's academic mission effectively.

W

Württembergische Landesbibliothek

wlb-stuttgart.de

57

The Württembergische Landesbibliothek Stuttgart is a regional state library serving the Stuttgart area and Baden-Württemberg region. It provides extensive cultural, scientific, and educational resources including special collections, exhibitions, and courses. The website is professionally maintained using TYPO3 CMS and offers a clear catalog search functionality and event information. The target audience includes researchers, students, and the general public interested in cultural and scientific knowledge. Technically, the website uses a modern CMS platform (TYPO3) with jQuery libraries and enforces HTTPS. The site shows moderate performance and basic mobile optimization. Accessibility features are present but could be improved. No advanced analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site enforces HTTPS and uses no-cache meta tags but lacks HTTP security headers and a cookie consent mechanism. No vulnerability disclosure or incident response information is provided. The WHOIS data is consistent with a legitimate German public institution. Overall, the security posture is good but could be enhanced with additional headers and policies. The website content is safe for general audiences with no adult or questionable content. Contact information is clearly provided, though no direct emails are visible. The site lacks terms of service and cookie policy banners, which could be improved for compliance. Overall, the site is trustworthy, professional, and well-aligned with its public service mission.

D

Deutsche Sporthochschule Köln

dshs-koeln.de

59

The Deutsche Sporthochschule Köln website represents a specialized German university dedicated exclusively to sports and movement sciences. It serves students, faculty, researchers, and alumni with educational programs, research initiatives, and community engagement. The site is well-branded and professionally maintained, reflecting its unique market position as Germany's sole university focused on sport sciences. Technically, the site is built on TYPO3 CMS, employs modern JavaScript libraries, and integrates a robust consent management platform (Usercentrics) ensuring GDPR compliance. Hosting appears stable with NetCologne nameservers. Security posture is solid with HTTPS and privacy controls, though it lacks some advanced security headers and public incident response information. Overall, the site is trustworthy, content-rich, and compliant with privacy regulations, making it a reliable digital presence for the institution.

S

Stadt Schortens

schortens.de

52

The Stadt Schortens website serves as the official digital portal for the city of Schortens, Germany, providing comprehensive information and services related to local government, politics, citizen services, culture, tourism, and economic development. The site targets residents, local businesses, and visitors, offering online services such as event calendars, online citizen services, and detailed municipal information. The business model is that of a government municipal service provider, focusing on transparency and accessibility for its community. Technically, the website employs a specialized CMS platform (NOLIS CMS) tailored for municipal websites, utilizing standard web technologies including JavaScript, CSS, and HTML5. The site is mobile-optimized and includes accessibility features, ensuring a good user experience across devices. SEO practices are well implemented with proper meta tags and structured data (JSON-LD) for enhanced search engine visibility. From a security perspective, the website enforces HTTPS and implements a cookie consent mechanism, aligning with GDPR requirements. However, it lacks explicit published security policies and incident response contact information. No critical vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data, while minimal, aligns with the domain's governmental use, supporting legitimacy. Overall, the website demonstrates a solid security posture and good privacy compliance, with a professional and trustworthy presentation. Strategic improvements could include publishing a formal security policy, incident response details, and enhancing security headers to further strengthen the security posture.

B

Bischöfliches Generalvikariat Aachen

bistum-aachen.de

57

The Bistum Aachen website represents the official digital presence of the Catholic Diocese of Aachen, a large non-profit religious organization in Germany. The site offers comprehensive information and services related to faith, pastoral care, education, cultural events, and social support. It targets Catholic faithful, church communities, and interested individuals within the diocese's region. The business model is service-oriented and community-focused, emphasizing religious and social engagement. Technically, the website is built on the Alkacon Mercury CMS platform, utilizing modern JavaScript libraries and integrated with Piwik PRO for analytics and Usercentrics for consent management. The site is hosted on NetCologne infrastructure, employs HTTPS, and demonstrates good mobile optimization and accessibility standards. SEO practices are well implemented with proper meta tags and structured data. From a security perspective, the website enforces HTTPS and uses consent mechanisms for tracking, but lacks explicit security policy documentation and vulnerability disclosure channels. Security headers are not explicitly visible in the HTML but may be configured server-side. No vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and compliant with GDPR regulations. It provides a safe and informative user experience with clear contact information and strong branding. Strategic improvements could include publishing a formal security policy and enhancing security header configurations.

The Universität Bonn is a leading German university recognized for its excellence in research and education. The website reflects a strong academic focus, targeting students, researchers, and international partners. It offers comprehensive information about study programs, research profiles, and university events, positioning itself as a major institution in the German higher education landscape. Technically, the site is built on the Plone CMS platform, uses modern web technologies, and integrates Matomo analytics for user tracking, indicating a commitment to privacy and data control. Security posture is generally good with HTTPS enforced, but lacks visible security headers and explicit privacy and cookie policies, which are areas for improvement. Overall, the site is professional, well-branded, and trustworthy, with no signs of malicious or adult content.

L

Landkreis Lüneburg / Hansestadt Lüneburg / Wirtschaftsfördergesellschaft mbH für Stadt und Landkreis Lüneburg

lueneburg.de

52

The website www.lueneburg.de serves as an official information portal for the Lüneburg region in Germany, providing details about the district administration, city services, tourism, and economic development. It targets residents, tourists, and local businesses, positioning itself as a regional government and municipal service provider. The site links to official partner domains representing the district, city, and economic development agency, reinforcing its legitimacy and regional focus. Technically, the site employs standard web technologies including HTML5, CSS3, JavaScript with jQuery, and Matomo analytics for privacy-conscious visitor tracking. The cookie consent mechanism is well implemented, supporting GDPR compliance. Security posture is moderate with no visible critical vulnerabilities but lacks explicit security headers and a published security policy. No contact emails or phone numbers are directly visible in the provided content, which may limit direct user engagement. Overall, the site is professionally designed, mobile-optimized, and trustworthy for general audiences with no adult or questionable content detected.

F

Fast Funnels Ltd

fastbots.ai

65

FastBots.ai is a technology company specializing in providing customizable AI chatbot solutions for businesses and individuals. Their platform enables users to quickly build AI chatbots powered by their own business data, supporting multi-channel deployment across websites and popular social media/messaging platforms such as WhatsApp, Telegram, Facebook Messenger, Instagram, and Slack. The company positions itself as a user-friendly, innovative SaaS provider with a focus on security and reliability, targeting small to medium-sized businesses and organizations worldwide. The website demonstrates a professional design with clear messaging and trusted brand associations, although it lacks explicit privacy and cookie policies which are important for compliance.

S

Smart Agence

smartagence.com

62

Smart Agence is a French digital consulting agency specializing in UX design and digital transformation, founded in 2004. The agency offers a comprehensive range of services including digital strategy, UX research and design, and project animation, targeting businesses and organizations seeking to enhance digital engagement. Technically, the website is built using modern frameworks such as Next.js and React, with a WordPress backend for blog content, delivering fast performance and excellent mobile optimization. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are absent. Overall, the website presents a professional and trustworthy digital presence, though the lack of WHOIS data reduces domain trustworthiness. Strategic recommendations include publishing security and incident response policies and enhancing transparency around vulnerability disclosures.

B

Bielefeld University

uni-bielefeld.de

63

Bielefeld University is a well-established, internationally recognized research-intensive university in Germany, offering a broad range of academic programs and research initiatives. The institution emphasizes interdisciplinarity, diversity, and innovative teaching, targeting prospective and current students, researchers, and academic staff. The website reflects a professional and comprehensive digital presence with clear navigation and rich content tailored to its academic audience. Technically, the site employs modern web standards and responsive design, hosted likely by a reputable German research network provider. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and headers could be enhanced. Overall, the site demonstrates strong compliance with privacy regulations and maintains a trustworthy and professional image.

O

Open Research Office Berlin

open-access-berlin.de

51

The Open Research Office Berlin operates as a coordination and support entity for open science initiatives in Berlin, hosted by the Universitätsbibliothek der Freien Universität Berlin and supported by the Senatsverwaltung für Wissenschaft, Gesundheit und Pflege. It focuses on promoting open access, providing information, advice, and networking opportunities to scientific and cultural heritage institutions in Berlin. The website reflects a well-structured public service organization with a clear mission and target audience in the academic and governmental sectors. Technically, the website is built on a modern CMS platform (Infopark CMS Fiona) with Ruby on Rails integration, employing standard web technologies such as HTML5, CSS3, JavaScript, and jQuery. The site is mobile-optimized, SEO-friendly, and performs moderately well. Hosting appears to be managed by institutional providers linked to the Freie Universität Berlin and DFN, ensuring reliability. From a security perspective, the site uses HTTPS with proper CSRF protections but lacks explicit security headers and a cookie consent mechanism, which are recommended for enhanced security and compliance. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is supported by a privacy policy, though cookie consent is missing. Contact information is primarily via a contact form, with no direct emails or phone numbers displayed. Overall, the website is trustworthy, professional, and serves its public mission effectively. Strategic improvements in security headers, cookie consent, and incident response disclosures would further strengthen its posture.

The Staatliches Institut für Musikforschung Preußischer Kulturbesitz is Germany's largest non-university research institution dedicated to musicology, encompassing various sub-disciplines such as historical musicology, instrumentology, and acoustic research. It operates a museum, library, and offers educational programs, publications, and events targeting researchers, students, and the general public interested in music and cultural heritage. The website reflects a well-established government cultural institution with consistent branding and a clear mission. Technically, the website is built on TYPO3 CMS, employs Matomo for analytics, and is hosted likely by German cultural institutions, ensuring a stable and secure infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Security posture is strong with HTTPS and no visible vulnerabilities, but lacks some advanced security headers and explicit incident response information. Privacy compliance is partially met with a comprehensive privacy policy in German, but the absence of a cookie consent mechanism is a notable gap given the use of tracking technologies. Contact information is available primarily via forms and dedicated pages, with no direct emails or phone numbers prominently displayed. Social media presence is official and supports outreach. Overall, the website is trustworthy, professional, and serves its audience well, but could improve in privacy compliance and security transparency to enhance user trust and regulatory adherence.

Stiftung Preußischer Kulturbesitz (SPK) is a prominent German cultural foundation managing multiple research institutes, archives, libraries, and museums primarily in Berlin. It holds a significant position as one of the world's leading cultural institutions, serving a broad audience including researchers, cultural enthusiasts, and the general public. The foundation operates as a non-profit entity with government funding and a strong emphasis on cultural heritage preservation and research. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and Matomo for analytics, reflecting a mature digital infrastructure with good performance and accessibility. Security-wise, the site enforces HTTPS and avoids exposing sensitive data, but lacks some advanced security headers and formal security policy disclosures. Privacy compliance is well addressed with a comprehensive privacy policy, though cookie consent mechanisms could be improved. Overall, the website is professional, trustworthy, and well-aligned with its institutional mission.

S

Studierendenwerk Frankfurt am Main

studentenwerkfrankfurt.de

47

Studierendenwerk Frankfurt am Main is a regional non-profit organization dedicated to supporting students in the Rhein-Main area by providing essential services such as student housing, dining facilities, financial aid consulting (BAföG), and psychosocial counseling. The organization holds a strong market position as a key provider of student welfare services in Frankfurt and surrounding regions. Their business model focuses on enhancing student life through comprehensive support and infrastructure. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including Bootstrap for responsive design and Matomo for privacy-conscious analytics. The site demonstrates good digital maturity with mobile optimization, accessibility features, and a clear navigation structure. Hosting appears to be managed via rzone.de, a reputable provider. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism with opt-in for tracking, reflecting GDPR compliance. However, explicit security policies and incident response contacts are not published, representing an area for improvement. No critical vulnerabilities or suspicious patterns were detected. Overall, the website is professional, trustworthy, and well-aligned with its mission. Strategic recommendations include publishing formal security and incident response policies, enhancing security headers, and providing clearer direct contact information to improve transparency and user trust.

C

CAMPUSERVICE GmbH Servicegesellschaft der Goethe-Universität Frankfurt am Main

stellenportal-uni-frankfurt.de

41

The Stellenportal der Uni Frankfurt is a professionally managed job portal operated by CAMPUSERVICE GmbH, affiliated with Goethe University Frankfurt. It serves as a regional employment platform targeting students and graduates in the Rhein-Main area, offering job listings, talent pool registration, company profiles, events, and news. The portal demonstrates a solid market position as a niche educational service with strong university backing and trusted partnerships. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, Font Awesome icons, and Lottie animations, hosted on rzone.de infrastructure. The site is mobile-optimized with good SEO and accessibility basics. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though it lacks advanced security headers and published security policies. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact information and social media presence. No critical vulnerabilities or suspicious patterns were detected.

V

Ville et Eurométropole de Strasbourg

strasapp.eu

67

StrasApp is an official mobile application developed for the residents and visitors of the City and Eurométropole of Strasbourg, France. It provides real-time access to municipal services, notifications, event agendas, and personalized dashboards to enhance daily life in the metropolitan area. The website serves as a promotional and informational portal linking to the app stores and official city resources. The business model is a public service offering free access to digital municipal services, positioning StrasApp as a key digital tool for local governance and citizen engagement. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates Matomo analytics with a strong emphasis on privacy and consent management via Tarteaucitron.js. The site is mobile-optimized and accessible, with features such as contrast toggling to support users with disabilities. Hosting and analytics are managed through trusted providers, and the site maintains good SEO and performance standards. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms that comply with GDPR. However, explicit security headers and a published security policy or incident response contacts are absent, representing areas for improvement. No vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the official nature of the site, registered through a reputable registrar, and the site links to official social media and city domains, reinforcing trustworthiness. Overall, StrasApp's website demonstrates a high level of professionalism, privacy compliance, and user-centric design. Strategic recommendations include enhancing security headers, publishing a security policy, and providing incident response contact information to further strengthen trust and security posture.

ThingLink is a well-established company founded in 2010, specializing in immersive and spatial learning solutions powered by AI and no-code tools. Their platform supports a wide range of industries including education, business, healthcare, and museums, offering scalable and interactive training experiences across devices including XR headsets. The website demonstrates a high level of professionalism, rich multimedia content, and clear navigation, reflecting a mature digital presence. Technically, the site uses modern frameworks such as React and Next.js, ensuring good performance and mobile optimization. Security posture is strong, evidenced by ISO 27001 certification and a dedicated Trust Center, although WHOIS data is missing, which slightly impacts trust but does not undermine the overall credibility. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, ThingLink presents as a credible and trustworthy business with a robust technical and security foundation.

M

MTV Oy

mtv.fi

69

MTV.fi is the official website of MTV Oy, a leading Finnish media company offering a broad range of entertainment, news, and sports content. The site prominently features streaming services including subscription-based premium content branded as MTV Katsomo+. The platform targets the Finnish general public with a focus on popular TV shows, live sports, and news programming. The website is professionally designed with excellent content quality and clear navigation, optimized for mobile devices and accessibility. Technically, it leverages modern web technologies such as React and Next.js, with robust performance and security configurations including HTTPS and security headers. However, explicit privacy policy and terms of service pages were not detected in the provided content, indicating an area for improvement in privacy compliance. No direct contact information or incident response contacts were found, which could be enhanced to improve transparency and trust. Overall, the site demonstrates a strong security posture and business credibility, supported by consistent WHOIS data and legitimate domain registration.

E

Echo360

echo360.org.uk

58

Echo360 is an educational technology company providing a video-based learning platform primarily targeting students and educators through LMS and VLE integrations. The website analyzed is a login portal subdomain designed for user authentication via email, supporting access to video lecture content. The platform positions itself as a medium-sized player in the education sector with a focus on SaaS delivery of lecture capture and learning management services. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and integrates the Userpilot SDK for user experience enhancements. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. Security posture is moderate with secure form submission and cookie checks but lacks visible security headers and explicit privacy or cookie policies on this page. No WHOIS data is available for the subdomain, which is consistent with it being a subdomain of echo360.org.uk, a legitimate domain. Overall, the site is safe, professional, and trustworthy but could improve transparency and security practices.

W

Wuppertal Institut

ressourcen-rechner.de

9

The website 'ressourcen-rechner.de' is an informational platform provided by the Wuppertal Institut, offering a calculator to measure the ecological footprint or 'ecological backpack' of an individual's lifestyle. It targets environmentally conscious users interested in understanding and reducing their resource consumption. The site is positioned as a niche educational tool within the sustainability sector, leveraging research data to inform users. Technically, the website uses a straightforward stack including HTML5, CSS, JavaScript, and jQuery, hosted likely on servers associated with the nameservers your-server.de and second-ns.de. The site is moderately optimized for performance and mobile use but lacks advanced frameworks or CMS integration. SEO and accessibility are basic but adequate for the content provided. From a security perspective, the site does not exhibit advanced security headers or explicit policies but does not expose sensitive data or use vulnerable libraries visibly. The absence of HTTPS information limits full security assessment. Privacy compliance is partially addressed with a privacy policy page but lacks cookie consent mechanisms. Contact information is minimal but present. Overall, the website presents a low-risk profile with good business credibility and content quality. Strategic improvements in security posture, privacy compliance, and technical modernization would enhance trust and user experience.

C

Centrum pro rodinu a sociální péči Hodonín

cprhodonin.cz

53

Centrum pro rodinu a sociální péči Hodonín is a small non-profit organization based in the Czech Republic, providing social services, child care groups, mediation, therapy, and counseling primarily to the local community of Hodonín. The website is built on WordPress using the Divi theme, indicating a moderate level of digital maturity with standard web technologies and integration of Facebook Pixel for marketing and analytics. The site implements a cookie consent mechanism, demonstrating some awareness of privacy compliance, although no explicit privacy policy or terms of service are published, representing a compliance gap. Security posture is moderate with HTTPS usage implied but lacking visible security headers and incident response information. Overall, the website is professional and functional but would benefit from enhanced privacy and security documentation to improve trust and compliance.

B

Bates Saddles

batessaddles.eu

56

Bates Saddles is a specialized e-commerce retailer focused on high-performance equestrian saddles and accessories, targeting primarily the German market with localized domains for other regions. The company emphasizes innovation and comfort for horse and rider, supported by official partnerships with major equestrian organizations and ambassador endorsements. Their business model centers on direct online sales via the Shopify platform, complemented by rich content such as blogs and testimonials to engage their audience. Technically, the website leverages a modern Shopify infrastructure with integrations for payment solutions (ZipMoney/QuadPay), marketing (Klaviyo), and geolocation services. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. However, explicit privacy and cookie policies are not detected, which is a gap in compliance. From a security perspective, the site uses HTTPS and employs CAPTCHA on forms, but lacks visible security headers and formal vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data shows partial consistency with the business claims, though the use of Australian name servers for a German domain is notable but not necessarily suspicious. Overall, Bates Saddles presents a professional and trustworthy online presence with room for improvement in privacy compliance and security best practices to enhance user trust and regulatory adherence.

B

Bates Saddles

batessaddles.co.uk

56

Bates Saddles operates a professional e-commerce website focused on selling high-quality equestrian saddles and accessories, targeting primarily the German market with regional stores globally. The company holds official partnerships with major equestrian organizations, enhancing its market credibility and trustworthiness. The website is built on the Shopify platform, leveraging modern web technologies and integrations such as Klaviyo for marketing and Zip.co for payment options. The site demonstrates good design quality, user experience, and mobile optimization, with clear navigation and relevant content for its target audience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit privacy policies are lacking. Overall, the business presents a credible and trustworthy online presence with room for improvement in privacy compliance and security transparency.

B

Bates Saddles

batessaddles.us

56

Bates Saddles operates a professional e-commerce platform specializing in high-performance equestrian saddles and accessories, targeting primarily the German market with regional support for other countries. The company maintains a strong market position supported by official partnerships with major equestrian organizations and endorsements from ambassadors. The website is built on the Shopify platform, leveraging modern web technologies and payment integrations such as Zip Co and Quadpay. While the site demonstrates good design quality, mobile optimization, and user experience, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is solid with HTTPS and CAPTCHA protections, but could be enhanced with additional security headers and published incident response information. Overall, Bates Saddles presents a trustworthy and professional online presence with room for improvement in privacy compliance and security transparency.

B

Bates Saddles

batessaddles.com.au

56

Bates Saddles operates a professional e-commerce platform specializing in high-performance equestrian saddles and accessories, targeting primarily the German market with regional support for other global markets. The company holds official partnerships with major equestrian organizations, enhancing its market credibility and positioning it as a trusted brand in the equestrian sports industry. The website content is well-structured, professionally designed, and optimized for mobile devices, providing a good user experience and clear navigation. The business model focuses on direct online retail supported by strong social media engagement and customer testimonials. Technically, the website is built on the Shopify platform, leveraging modern JavaScript libraries and integrations such as Flickity for carousels, Klaviyo for email marketing, and Zip.co for payment options. The site benefits from Shopify's CDN hosting, ensuring fast load times and good performance. Accessibility and SEO optimizations are adequately implemented, contributing to a positive digital maturity profile. From a security perspective, the site enforces HTTPS and uses hCaptcha to protect forms, demonstrating good baseline security practices. However, it lacks explicit security headers and visible privacy or cookie policies, which are important for GDPR compliance and user trust. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data shows some minor inconsistencies in DNS hosting and address information, likely due to multi-region operations, but no suspicious patterns that would undermine legitimacy. Overall, Bates Saddles presents a secure, professional, and credible online presence with room for improvement in privacy compliance and explicit security policy disclosures. Strategic enhancements in these areas would further strengthen trust and regulatory adherence.

S

Septeo Notaires

mondossiernotairepro.fr

55

Mondossiernotairepro.fr is a professional web portal operated by Septeo Notaires, designed to allow notaries and related professionals to track the progress of their dossiers. The platform offers services such as dossier tracking, document management, notifications, and appointment scheduling integration. The business targets professional users in the French real estate and notary sector, positioning itself as a niche SaaS provider with a medium-sized operation founded in 2017. The website is well-branded and consistent with the parent company Septeo, reflecting a focused business model serving the legal and real estate industry. Technically, the site uses modern web technologies including ASP.NET MVC, JavaScript, and CSS, hosted likely via DNSimple with a moderate performance profile. Mobile optimization and user experience are good, though accessibility features are basic. Security posture is adequate with HTTPS and anti-CSRF tokens implemented, but lacks some security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data is consistent and legitimate, supporting the trustworthiness of the site.

B

Bartoň Studio s.r.o.

bartonstudio.cz

65

Bartoň Studio s.r.o. is a Czech-based company specializing in custom and pre-built e-commerce solutions tailored for B2B and B2C online businesses. Positioned as an expert e-commerce development studio in Plzeň, the company offers services focused on creating performant, user-friendly online shops with a strong emphasis on design and technical quality. The website reflects a professional digital presence using WordPress CMS with the Divi theme, integrating common marketing and analytics tools such as Google Analytics, Hotjar, and Google Tag Manager. Security measures include HTTPS enforcement, security headers, and reCAPTCHA for form protection, alongside a cookie consent mechanism indicating some privacy compliance awareness. However, the absence of a dedicated privacy policy and terms of service pages represents a compliance gap that should be addressed.

H

Hello Design | Tisková grafika, webdesign

hellodesign.cz

40

Hello Design is a small Czech Republic based graphic and web design service provider specializing in print graphics, web design, UX, and UI. The website presents a professional and visually appealing design with good mobile optimization and SEO practices. The technical infrastructure includes modern web technologies such as HTML5, CSS3, JavaScript, and integration with Facebook Customer Chat for user engagement. However, the security posture is weak due to lack of visible security headers and unknown SSL/TLS configuration. Privacy compliance is minimal with no visible privacy or cookie policies. The absence of WHOIS data raises concerns about domain registration legitimacy, which impacts overall trust. Strategic improvements in security and compliance are recommended to enhance credibility and user trust.

B

Breman Machinery B.V.

breman-machinery.com

58

Breman Machinery B.V. is a specialized manufacturing company based in the Netherlands, offering innovative metal solutions characterized by extreme weight, large dimensions, and precise engineering. Their services include machining, welding, rolling, bending, and finishing, catering to diverse sectors such as offshore, nuclear energy, defense, astronautics, amusement parks, maritime, machine construction, and medical technology. The company positions itself as a contractor and supplier of critical steel components and finished products with a global client base. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, with integration of Google Tag Manager for analytics. The site is well-structured, mobile-optimized, and features multimedia content such as videos and image carousels. SEO practices are good, with appropriate meta tags and Open Graph data. However, some accessibility features could be improved. From a security perspective, the site uses HTTPS with excellent SSL configuration but lacks several security headers that could enhance protection. No visible vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial; while a privacy policy and terms of service are present, there is no cookie consent mechanism. WHOIS data is missing, which raises concerns about domain registration legitimacy. Overall, the website is professional, trustworthy, and well-maintained, but the absence of WHOIS data and some security best practices suggest areas for improvement. Strategic recommendations include implementing security headers, adding cookie consent, publishing an incident response policy, and verifying domain registration details to enhance trust and compliance.

G

Goethe University Frankfurt

uni-frankfurt.de

58

Goethe University Frankfurt is a large, well-established public university in Germany offering a broad spectrum of academic faculties and research opportunities. The website serves students, researchers, and international scholars with detailed information about study programs, research projects, campus locations, and support services. The university maintains a strong digital presence with active social media channels and comprehensive contact information. Technically, the site is built on the Fiona 7 CMS by Infopark AG, uses modern JavaScript libraries, and implements a cookie consent mechanism via Klaro. Analytics are handled through Matomo, indicating a focus on privacy-conscious tracking. Security posture is adequate with HTTPS usage and cookie consent, though explicit security headers and incident response policies are not publicly documented. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

S

Stiftung Zentral- und Landesbibliothek Berlin

zlb.de

67

The Zentral- und Landesbibliothek Berlin (ZLB) is a major public and state library institution in Berlin, Germany, offering extensive media collections, educational programs, and cultural events. The website clearly targets a broad audience including students, researchers, families, and the general public, providing access to physical and digital resources. The institution holds a strong market position as a leading library with specialized collections and services such as provenance research and digital archives. Technically, the website is built on the TYPO3 CMS platform, employing modern web technologies including responsive design, deferred JavaScript loading, and privacy-conscious analytics via Matomo. The site demonstrates good performance and accessibility standards, with comprehensive SEO and structured data implementations enhancing discoverability. From a security perspective, the site enforces HTTPS and employs some security best practices, though it lacks explicit security headers like Content-Security-Policy and does not publish a dedicated security policy or incident response contacts. No vulnerabilities or suspicious activities were detected. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place, aligning with GDPR requirements. Overall, the ZLB website presents a professional, trustworthy, and user-friendly digital presence for a public cultural institution. Strategic improvements in security headers and transparency around security policies could further enhance trust and resilience.

P

Pražská paroplavební společnost a.s.

praguesteamboats.com

59

The Prague Steamboat Company, operating under the domain www.praguesteamboats.com, is a historic transportation service provider specializing in river cruises on the Vltava River in Prague. Founded in 1865, the company offers sightseeing cruises, restaurant cruises, private event hosting, and boat rentals using culturally significant paddle steamers. The website presents a professional and consistent brand image targeting tourists and locals interested in unique river experiences. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript, and Google Analytics for tracking, with good mobile optimization and SEO practices. However, the absence of explicit privacy and terms of service pages and missing WHOIS registration data for the domain introduce some concerns. Security posture is moderate with cookie consent implemented but lacking visible security headers. Overall, the site is functional, trustworthy, and content-rich but would benefit from enhanced compliance and security measures.

E

ExpiredDomains.com

expireddomains.com

68

ExpiredDomains.com is a mature and reputable online platform specializing in providing comprehensive data and tools for expired domain acquisition. Established since 1999, it serves a global audience of SEO professionals, domain investors, and marketers by offering free access to a large database of expired domains enriched with exclusive SEO metrics, backlink profiles, and auction capabilities. The platform integrates with registrar partners to facilitate domain bidding and purchasing seamlessly. Technically, the website employs modern web standards, responsive design, and is hosted with reputable providers including GoDaddy and Cloudflare DNS, ensuring good performance and accessibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and formal security policies are absent. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the site demonstrates high professionalism, trustworthiness, and a strong market position in the domain investment niche.

O

open-access.network

open-access.network

65

open-access.network is a well-established non-profit educational platform focused on providing comprehensive information, training, and networking opportunities related to Open Access publishing primarily for the German-speaking scientific community. The website is supported by reputable academic institutions and public funding agencies, which reinforces its credibility and market position as a central resource for Open Access knowledge and community engagement. The platform offers a variety of services including workshops, helpdesk support, news updates, and event calendars, targeting researchers, librarians, publishers, and science administrators. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and delivering a responsive, accessible, and well-structured user experience. The presence of cookie consent mechanisms and use of Matomo analytics indicate a commitment to privacy compliance. However, some security headers are missing, and there is no visible security.txt or incident response information, suggesting areas for improvement in security transparency. The security posture is strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The WHOIS data is limited due to privacy protection and unsupported TLD, but the website's professional presentation and affiliations mitigate concerns. Overall, the site demonstrates a mature digital presence with good privacy and security practices, suitable for its educational and community-oriented mission. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and maintaining transparency to further build trust and compliance.

P

Prodigi Group Ltd

prodigi.com

61

Prodigi Group Ltd operates a leading global print on demand dropshipping platform, offering businesses and individuals access to a vast catalogue of customizable products through an easy-to-use online platform and API. The company integrates with major ecommerce platforms such as Shopify, Etsy, Wix, WooCommerce, and BigCommerce, enabling seamless order automation and fulfillment. Their business model focuses on local printing with global dropshipping, emphasizing eco-friendly practices and sustainability. The website reflects a mature digital presence with comprehensive product offerings, strong branding, and customer testimonials, positioning Prodigi as a trusted player in the print on demand industry. Technically, the website employs modern JavaScript frameworks like Alpine.js, integrates multiple analytics and marketing tools including Google Analytics, Facebook Pixel, Mixpanel, and Segment, and uses responsive design with Tailwind CSS for excellent mobile optimization. The platform dashboard is hosted on a subdomain, indicating a structured service architecture. Performance is moderate with good SEO and accessibility features, supporting a positive user experience. Security posture is solid with HTTPS enforced and no visible sensitive data exposure. However, the absence of explicit security headers and a public security policy or incident response contact suggests room for improvement. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is supported by verified contact emails, professional content, and trust signals such as Fine Art Trade Guild approval and reputable client logos. Overall, Prodigi presents a professional, secure, and privacy-conscious platform suitable for its target audience. The main risk area is the lack of publicly available WHOIS data, which may be due to privacy protection but warrants monitoring. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and providing incident response contacts to further strengthen trust and compliance.

L

La Fabrica Bistro

lafabricabistro.cz

55

La Fabrica Bistro is a small hospitality business located in the Czech Republic, offering a refined bistro experience with a focus on breakfast, brunch, and lunch menus featuring local farm and forest ingredients. The website presents a professional and visually appealing design with clear navigation and contact information, primarily targeting local customers and visitors interested in quality dining. The technical infrastructure relies on Webnode CMS and AWS Cloudfront CDN, with Google Tag Manager implemented for analytics. Security posture is moderate with HTTPS enabled but lacks important security headers and privacy compliance documentation. The absence of WHOIS data reduces domain trustworthiness, though the website content appears legitimate and business-focused. Overall, the site is functional and professional but would benefit from enhanced security and compliance measures.

A

Rekonstrukce koupelen a kuchyní |AVE PROFIS| Plzeň a okolí

avprofis.cz

55

The website www.avprofis.cz is a small-scale business site built on the Wix platform. The site content is minimal and primarily technical, with no visible business descriptions, contact information, or policies. The lack of WHOIS data and domain registration details raises concerns about the domain's legitimacy and transparency. Technically, the site uses standard Wix scripts and polyfills but lacks advanced security headers and privacy compliance features. The security posture is basic with no evident vulnerabilities but also no strong security practices. Overall, the site appears to be either under development or a placeholder with limited business presence and low trust indicators.

T

Techmania Science Center

techmania.cz

63

Techmania Science Center is a well-established interactive science and educational center located in the Czech Republic, founded in 2006. The website presents a professional and comprehensive digital presence showcasing their interactive exhibits, 3D planetarium, science shows, and educational workshops. The business targets families, schools, and science enthusiasts, positioning itself as a regional leader in science education and entertainment. Technically, the website employs modern web technologies including JavaScript, Bootstrap, Google reCAPTCHA, and Cookiebot for consent management, ensuring a good user experience and compliance with privacy regulations. Security posture is solid with HTTPS and session management cookies, though some security headers could be improved. Privacy compliance is strong with a clear GDPR-compliant privacy and cookie policy and active consent mechanisms. Overall, the website is trustworthy, well-maintained, and suitable for its audience.

V

VV&J s.r.o.

vvaj.cz

43

VV&J s.r.o. is a Czech-based medium-sized company with over 30 years of experience specializing in photovoltaics, telecommunications, electrical installations, and construction services. The company operates primarily in the energy and telecommunications sectors, serving business clients across multiple European countries. Their business model focuses on supplier-engineering and assembly services for investment construction projects, supported by a strong track record and ISO 9001 certification. Technically, the website employs a modern frontend stack including Bootstrap 4.3.1, jQuery, and Popper.js, delivering a responsive and well-structured user experience. The site is moderately optimized for performance and SEO, with clear navigation and multi-language support. However, no CMS or advanced analytics tools are detected, indicating a straightforward technical infrastructure. From a security perspective, the website uses HTTPS and avoids exposing sensitive data, but lacks visible security headers and published security policies such as privacy or cookie policies. There is no incident response or vulnerability disclosure information available, which suggests room for improvement in security transparency and compliance. Overall, the website presents a professional and trustworthy business presence with solid credibility but would benefit from enhanced privacy compliance and security best practices to reduce risk and improve user trust.

L

LepsiPrace.cz

lepsiprace.cz

44

LepsiPrace.cz is an online job portal primarily targeting job seekers and employers in the Czech Republic. The platform offers job listings and candidate services, leveraging WordPress CMS with specialized job board plugins. The website demonstrates a good level of content quality and user experience, with a professional design and clear navigation. However, the absence of publicly available WHOIS data limits the ability to verify domain legitimacy and registrant details, which impacts overall trust. Technically, the site uses modern web technologies and performance optimization plugins but lacks visible security headers and comprehensive privacy or terms of service documentation. The cookie consent mechanism is present, indicating some level of privacy compliance. Security posture is moderate but could be improved by implementing standard security headers and incident response information. Overall, the site is functional and relevant for its target audience but would benefit from enhanced transparency and security practices.

V

Volteq s.r.o.

volteq.cz

44

Volteq s.r.o. is a small Czech company specializing in electrical installation and construction services, including strong and weak current electrical systems, reconstruction of residential units, and installation of HVAC systems as an official Gree partner. The company primarily serves the Plzeň region but can operate across the Czech Republic. Their website is professionally designed with clear navigation and good content quality, targeting local residential and commercial customers. Technically, the site uses modern HTML5, CSS3, and JavaScript with the Foundation framework, and is mobile optimized with moderate performance. Security posture is adequate with HTTPS enabled, but lacks visible security headers and formal privacy or cookie policies, indicating room for improvement in compliance and security best practices. Overall, the domain registration is recent but consistent with a legitimate small business website launch. The site contains no adult or questionable content and maintains a professional and trustworthy online presence.

D

Decathlon

decathlon.cz

62

Decathlon.cz is the Czech Republic localized e-commerce and retail website of Decathlon, a major international sporting goods retailer. The site offers a wide range of sports equipment, apparel, and accessories for over 70 sports, targeting general consumers interested in sports and fitness. The business model includes direct sales, marketplace partner sales, product rental, buy-back programs, and a loyalty program, positioning Decathlon as a large player in the retail sports sector in the Czech market. Technically, the website is built on a custom platform with modern JavaScript frameworks and integrates multiple third-party services for privacy management, analytics, and payment processing. The site is well optimized for desktop and mobile, with good SEO and accessibility features. The use of HTTPS and security headers indicates a strong security posture, although explicit security policies and incident response information are not publicly detailed. Security-wise, the site demonstrates good practices including secure payment options and cookie consent mechanisms. No vulnerabilities or exposed sensitive data were detected in the analysis. However, the absence of WHOIS data limits domain registration transparency, though this is likely due to registry privacy policies rather than malicious intent. Overall, Decathlon.cz presents a professional, secure, and user-friendly online presence consistent with a large retail brand. Strategic recommendations include publishing explicit security and incident response policies, adding vulnerability disclosure information, and enhancing visible contact channels for security matters to further strengthen trust and compliance.

P

Poper

poper.ai

70

Poper is a technology company specializing in AI-powered onsite engagement tools such as smart popups, widgets, notifications, and gamification features designed to enhance user interaction and increase conversion rates for websites and e-commerce platforms. The company positions itself as a modern SaaS provider serving over 2000 brands, focusing on delivering personalized and dynamic engagement solutions. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency, targeting website owners and marketers seeking to boost engagement and sales. Technically, the website leverages modern web technologies including React and Next.js, ensuring fast performance, mobile optimization, and good SEO practices. The presence of structured data and social media integration further enhances its digital maturity. Security-wise, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data, reflecting a solid security posture. However, explicit security policies and incident response contacts are not publicly available, which could be improved. Overall, the website and business demonstrate a high level of professionalism and trustworthiness, with privacy policies and cookie consent mechanisms in place indicating compliance with GDPR. The WHOIS data is privacy protected but shows no suspicious patterns, consistent with a legitimate tech startup. The risk profile is low, with recommendations to enhance transparency around security and incident response. Strategic recommendations include publishing a dedicated security policy, establishing a vulnerability disclosure program, and providing direct security contact information to strengthen trust and compliance further.

Price-check.sk is a professional online price monitoring and comparison tool operated by E-solutions, s.r.o., targeting e-shops and product distributors primarily in Slovakia and surrounding European markets. The platform offers real-time data monitoring, price alerts, reporting, and analytics to support efficient pricing strategies in B2C and B2B environments. The website demonstrates a solid market position with references from reputable brands and a consistent, professional digital presence. Technically, the site uses modern web technologies including Vue.js, Google Tag Manager, and is hosted on Websupport with DNSSEC and HTTPS properly configured, ensuring a secure and performant user experience. However, the site lacks explicit privacy and terms of service pages and does not provide direct contact information, which slightly impacts privacy compliance and user trust. Security posture is strong with no visible vulnerabilities, but could be improved by adding security headers and incident response contacts. Overall, the website is trustworthy, well-designed, and serves its business purpose effectively.

K

ČKA - online výsledky

kuzelky.com

45

The website kuzelky.com serves as an online portal for bowling (kuzelky) results and league information primarily targeting the Czech bowling community. It provides schedules, live results, club contacts, and administrative login capabilities. The site is niche-focused, catering to players, clubs, and fans within the Czech Republic, and is supported by a domain registered since 2007, indicating a stable presence in its market segment. The business model revolves around providing timely sports results and league management information rather than commercial transactions or e-commerce. Technically, the site employs traditional web technologies including XHTML 1.0 Transitional, JavaScript with jQuery, and SweetAlert2 for UI dialogs. It uses XMLHttpRequest for dynamic content loading and is hosted via the registrar Gransy, s.r.o. The site shows moderate performance and basic mobile optimization but lacks modern CMS or frameworks. SEO and accessibility features are minimal, and the design is functional but basic. From a security perspective, the site uses HTTPS but lacks DNSSEC and important security headers such as Content Security Policy or HSTS. The login form does not show advanced protections like CAPTCHA or anti-CSRF tokens. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. The WHOIS data is consistent with the website’s Czech focus and shows no suspicious patterns. Overall, the site is moderately trustworthy and functional for its purpose but requires improvements in privacy compliance, security hardening, and modernization of technical infrastructure to enhance user trust and regulatory adherence.

The website www.ruik.cz is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks direct content access. No business-related content, contact information, or policies are available for analysis. The domain WHOIS data is unavailable, indicating either privacy protection or lack of registration, which limits trust and legitimacy assessment. The technical infrastructure relies on Cloudflare for security and performance, but no further technology or CMS details are discernible. Security posture is limited to the presence of Cloudflare's WAF, but no additional security headers or configurations are visible. Overall, the site lacks transparency and content, resulting in a low trust and credibility score.

Česká Asociace Univerzitního Sportu (ČAUS) is a Czech non-profit organization dedicated to promoting university sports and organizing academic sports competitions within the Czech Republic. The website serves as the official platform for disseminating information about competitions, events, and representation of Czech students in sports at various levels. The organization has a well-established presence since 2006 and maintains partnerships with national and international sports bodies. The site targets students, university sports participants, and organizers within the academic sports community.

Č

Česká bowlingová asociace

czechbowling.cz

54

Česká bowlingová asociace (ČBA) is the national amateur bowling association in the Czech Republic, representing bowling players of all skill levels and ages. It serves as the official representative of the Czech Republic in European and international bowling federations and organizes national competitions, leagues, and player registrations. The website provides comprehensive information about bowling events, rankings, news, and media content targeted at the Czech bowling community. Technically, the website uses modern web technologies including HTML5, CSS3, JavaScript, jQuery, and integrates analytics tools such as Matomo and Google Tag Manager. The site is mobile-optimized with good navigation and content quality. Security posture is solid with HTTPS enforced, but lacks some security headers and cookie consent mechanisms. WHOIS data is unavailable, which slightly impacts trust but the professional content and official partnerships support legitimacy. Overall, the site is a well-maintained digital presence for the Czech bowling community with room for improvement in privacy compliance and security headers.

S

Seychellesvillas.org

seychellesvillas.org

69

Seychellesvillas.org operates as a specialized online platform offering luxury beachfront villa rentals primarily located in Beau Vallon Beach, Seychelles. The website targets tourists seeking premium holiday accommodations, providing a streamlined booking experience with a 10% discount incentive and best price guarantee. The business model centers on direct villa rental bookings, supported by customer service contact points and social media engagement. Technically, the website employs a modern JavaScript stack including Google Analytics, Facebook Pixel, Hotjar, and lazy loading techniques to optimize user experience and performance. The site is mobile-optimized and includes accessibility considerations, though some improvements could be made in security headers and explicit policy disclosures. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks advanced security policies or vulnerability disclosure mechanisms. WHOIS data is unavailable due to query failure or privacy protection, but the domain appears legitimate based on website content and technical setup. Overall, the site presents a professional, trustworthy front for a small hospitality business with room for enhanced security and compliance documentation.