High-risk security reports

The website rosalint.de currently serves as a placeholder domain reserved page hosted by STRATO, a German hosting provider. The site contains no business content, contact information, or policies, indicating it is newly registered and inactive. The technical infrastructure is minimal, consisting of basic HTML and SVG graphics with no advanced frameworks or CMS detected. Security posture is weak due to lack of HTTPS confirmation, absence of security headers, and no privacy or cookie policies. No vulnerabilities or tracking technologies are present, but the site lacks essential compliance and trust indicators. Overall, the domain appears legitimate but inactive, with a low risk profile due to minimal exposure. Strategic recommendations include enabling HTTPS, adding privacy and cookie policies, and publishing business and contact information to improve credibility and compliance.

E

Erlebniswelt Lüneburger Heide GmbH

erlebniswelt-lueneburger-heide.de

46

Erlebniswelt Lüneburger Heide GmbH operates a regional tourism and leisure website focused on promoting attractions such as amusement parks, designer outlets, and climbing gardens in the Lüneburger Heide region of Germany. The website targets tourists and visitors seeking leisure activities and provides multilingual support via Google Translate. The business model centers on information dissemination and regional promotion, positioning itself as a key regional tourism service provider. Technically, the site uses a combination of Bootstrap, jQuery, and custom CMS components hosted on infrastructure managed by UI-DNS services. Accessibility is a strong focus, with an advanced digiaccess tool integrated to support users with various disabilities. Security posture is moderate with cookie consent and privacy policies in place, but lacks explicit security headers and incident response information. Overall, the site is professional, well-structured, and compliant with GDPR requirements, though improvements in security policy transparency and contact information visibility are recommended.

L

leanact GmbH

leanact.de

38

leanact GmbH is a German-based company specializing in software solutions for digital citizen participation and e-participation targeted at municipalities and public institutions. Founded in 2017, the company positions itself as a niche provider supporting efficient IT process implementation in local governments. The website reflects a professional and consistent brand image with clear contact information and a focus on privacy compliance. Technically, the site is built on WordPress with Elementor and uses Matomo for analytics, indicating a modern and privacy-conscious infrastructure. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, leanact GmbH demonstrates a trustworthy and compliant online presence suitable for its government sector clientele.

C

Communauté de communes du Pays de Barr

paysdebarr.fr

45

The website www.paysdebarr.fr serves as the official portal for the Communauté de communes du Pays de Barr, a regional community organization in Alsace, France. It provides comprehensive information on local tourism, economic development, cultural heritage, and community services across 20 communes. The site targets residents, tourists, and local businesses, promoting the region's viticulture, heritage sites, and local economy. The business model is that of a public community portal aimed at information dissemination and regional promotion. Technically, the website is built on Drupal 10, leveraging modern web technologies including Google Maps API for interactive maps, Piwik PRO and Google Analytics for visitor tracking, and Facebook SDK for social media integration. It employs a cookie consent management system (Tarteaucitron) to comply with privacy regulations. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers could be improved. From a security perspective, the site enforces HTTPS and manages cookie consent effectively, with no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response information are not present, which could be enhanced to improve transparency and trust. The WHOIS data is not publicly available, indicating privacy protection, which is typical for such public-facing community websites. Overall, the website presents a professional, trustworthy, and well-maintained digital presence for the Pays de Barr community, with strong content quality and compliance with privacy standards. Strategic improvements could focus on enhancing security headers and publishing detailed security and incident response policies.

T

Télécom Physique Strasbourg

telecom-physique.fr

47

Télécom Physique Strasbourg is a reputable engineering school affiliated with the University of Strasbourg and Institut Mines-Télécom, offering specialized engineering education and research in fields such as computer science, physics, and health technologies. The institution holds recognized certifications and maintains active partnerships with industry and academic entities. The website is built on TYPO3 CMS with modern web technologies, providing a good user experience and mobile optimization. Security posture is moderate with HTTPS usage and no exposed sensitive data, but lacks some security headers and explicit cookie consent mechanisms. WHOIS data is unavailable, which slightly reduces domain trustworthiness. Overall, the site is professional, content-rich, and trustworthy for its educational purpose.

T

Transtech

transtech.pt

33

Transtech is a Portuguese technology-focused company specializing in qualification, digitalization, innovation, and technological development projects. The website presents a professional and consistent brand image targeting businesses interested in technological innovation and digital transformation. The technical infrastructure uses modern front-end technologies such as Google Fonts, FontAwesome, and popular JavaScript libraries for UI components, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled but lacks advanced security headers and incident response information, which are recommended for improvement. Privacy compliance is minimal, with no visible privacy or cookie policies, which could expose the company to regulatory risks. Overall, the website is functional and professional but would benefit from enhanced security and privacy practices to improve trust and compliance.

S

ServiceValue

servicevalue.de

47

ServiceValue is a Cologne-based analysis and consulting company specializing in service quality and relationship management, founded in 2009. The company positions itself as Germany's number one ranking agency for quality marketing, offering services such as rankings, ratings, studies, and awarding quality seals. Their target audience includes businesses seeking to improve customer, employee, and partner relationships through data-driven insights. Technically, the website is built on WordPress with modern tools including Yoast SEO, Matomo analytics, and Borlabs Cookie for GDPR-compliant cookie management. The site is well-optimized for mobile and SEO, with a professional design and clear navigation. Security-wise, the site uses HTTPS and privacy-respecting analytics but lacks publicly visible security policies or incident response contacts. Overall, the website is trustworthy, professional, and compliant with privacy regulations, with room for improvement in explicit security disclosures.

S

Urlaub in Sachsen-Anhalt zwischen Harz und Elbe: Sachsen Anhalt Tourismus

sachsen-anhalt-tourismus.de

40

The website sachsen-anhalt-tourismus.de serves as a regional tourism portal promoting the German state of Sachsen-Anhalt. It highlights cultural, natural, and historical attractions, targeting tourists interested in exploring the region. The site uses TYPO3 CMS and integrates modern frontend technologies including FontAwesome icons and a carousel library. Usercentrics is employed for cookie consent management, indicating attention to privacy compliance. However, no explicit privacy policy or terms of service pages were found in the provided content, and no direct contact information is visible, which may impact user trust and compliance completeness. The technical infrastructure appears solid with good mobile optimization and SEO practices, but security headers and detailed security policies are not evident. The WHOIS data is minimal but does not raise immediate concerns, though registrant details are sparse. Overall, the site is professional and content-rich, suitable for its tourism promotion purpose, but could improve transparency and security posture.

The website ivurz.de is currently inaccessible, returning a 403 Forbidden error page which blocks access to any meaningful content. Due to this, no business information, metadata, or technical details about the site’s offerings or infrastructure can be extracted. The domain is registered with German DNS providers, but no registrant details or domain age information is available to assess legitimacy fully. The lack of accessible content severely limits the ability to evaluate the company’s market position, services, or compliance posture. From a security perspective, the absence of HTTPS confirmation, security headers, or policies indicates a weak security posture or incomplete deployment. Overall, the site appears inactive or restricted, resulting in a low trust and quality score.

H

Heidekreis e-mobil

heidekreis-e-mobil.de

48

Heidekreis e-mobil is a regional electric mobility service provider in Germany, jointly operated by Stadtwerke Soltau and Stadtwerke Böhmetal. The company focuses on providing electric vehicle charging infrastructure, including wallbox sales and installation, a charging card with access to a broad European network, and services related to the THG-Quote for electric vehicle owners. The website is well-structured, professionally designed, and targets electric vehicle users in the Heidekreis region and beyond. Technically, the site uses Joomla CMS with modern front-end libraries and is hosted on AWS infrastructure, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and CSRF protections but lacks explicit security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional with room for improvement in security and privacy transparency.

B

Bistum Münster

stellenmarkt-bistum-muenster.de

43

The website 'Kirchentalente' serves as the official job market platform for the Diocese of Münster, Germany. It provides a specialized employment portal focusing on church-related and social sector jobs within the Münster region. The platform offers job listings, search and filtering capabilities, and employer information, targeting job seekers interested in meaningful roles within the Catholic Church and affiliated organizations. The business model is non-profit and community-focused, supporting recruitment efforts for the Diocese and its partners. Technically, the site is built on the TYPO3 CMS platform, leveraging modern web technologies including JavaScript, CSS, and FontAwesome icons. It integrates Matomo analytics for visitor tracking and CCM19 for cookie consent management, demonstrating a commitment to privacy compliance. The site is hosted on servers indicated by the nameservers, likely associated with Your-Server.de and related providers. Performance and mobile optimization are good, with a clear navigation structure and professional design. From a security perspective, the website enforces HTTPS and includes a cookie consent mechanism aligned with GDPR requirements. While no explicit security headers were detected in the HTML, the site shows no signs of exposed sensitive data or vulnerable libraries. However, there is room for improvement by implementing additional security headers and publishing a security policy or incident response contact. No vulnerability disclosure or security.txt file was found. Overall, the website is trustworthy, professional, and well-aligned with its mission. It maintains good privacy practices and provides clear contact information. The domain registration is consistent with the Diocese of Münster, enhancing legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility features to further strengthen the site's security posture and compliance.

D

Dialog Medien Publicity GmbH

kirche-und-leben.de

43

Kirche-und-Leben.de is a German-language Catholic online magazine operated by Dialog Medien Publicity GmbH, based in Münster, Germany. The site provides news, cultural insights, and religious content focused on the Catholic Church in Germany, the Vatican, and worldwide. It targets German-speaking Catholics and interested readers, offering subscription services, newsletters, and e-paper access. The website maintains a professional and consistent brand image with good content quality and clear navigation.

B

Bistum Münster

kirchentalente.de

43

The website 'Kirchentalente' serves as the official job market portal for the Diocese of Münster, Germany. It provides a platform for job seekers to find employment opportunities primarily within church-related and social service sectors in the Münster region. The site is professionally designed and maintained, leveraging TYPO3 CMS and modern web technologies. It offers categorized job listings, search by location, and additional career-related content, targeting individuals interested in meaningful employment within the Catholic Church community. The platform is positioned as a regional niche service with strong ties to its parent organization, the Diocese of Münster. Technically, the website employs a mature infrastructure with TYPO3 CMS, JavaScript, CSS, and FontAwesome for UI elements. It integrates Matomo Analytics for visitor tracking and CCM19 for cookie consent management, reflecting compliance with GDPR requirements. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features could be enhanced. Hosting appears stable with dedicated nameservers. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms. While explicit security headers like Content-Security-Policy are not evident, no critical vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response contact is noted but not uncommon for this type of non-profit organizational site. Overall, the security posture is solid but could benefit from additional hardening. The overall risk assessment is low, with the site demonstrating high trustworthiness, GDPR compliance, and professional content quality. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility. The site is suitable for its intended audience and business purpose, with no indications of malicious or inappropriate content.

SWING e.V. is a well-established non-profit student association at TU Ilmenau, Germany, focused on fostering academic and professional development of students through career fairs, workshops, and networking events. The website reflects a clear mission to support students' transition into the workforce and maintain strong ties with university and industry partners. Technically, the site is built on GravCMS with the Gantry5 framework and uses jQuery, providing a moderate performance and good mobile optimization. However, the site lacks advanced security headers and explicit incident response policies, which could be improved to enhance security posture. Privacy compliance is partially addressed with a privacy policy present, but cookie consent mechanisms are missing. Overall, the site is professional and trustworthy but could benefit from enhanced security and privacy features.

S

SWING e.V.

karriereforum-mitteldeutschland.de

44

inovailmenau is a well-established, student-organized career forum affiliated with TU Ilmenau and operated by the non-profit SWING e.V. The website effectively communicates its mission to connect students with potential employers through career fairs, workshops, and presentations. Technically, the site is built on WordPress with a modern tech stack including jQuery, Ecwid for e-commerce, and AWS Cloudfront CDN, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and no obvious vulnerabilities, though improvements in security headers and incident response transparency are recommended. Privacy compliance is basic with a privacy policy present but lacking a cookie consent mechanism. Overall, the site is trustworthy, professional, and serves its educational and networking purpose well.

The website metallbau-buethe.de currently displays only a maintenance placeholder message in German, indicating the site is under construction or being updated. There is no substantive content, metadata, or business information available on the site. The domain WHOIS data shows standard name servers but lacks registrant details, limiting full trust verification. The technical infrastructure cannot be fully assessed due to minimal content and lack of visible technologies or security configurations. Security posture is weak with no HTTPS or security headers detected, and no privacy or cookie policies are present, indicating non-compliance with GDPR requirements. Overall, the website is low in digital maturity and business credibility, with significant room for improvement in content, security, and compliance.

B

Brandes Innovation

brandes-innovation.com

42

Brandes Innovation is a small, specialized innovation consultancy focused on engineering and product development in sectors such as medical technology, e-mobility, and sensor technology. The company emphasizes bringing ideas to market maturity and supporting sustainable and healthcare-related innovations. The website is professionally designed using WordPress and Bootstrap, with a moderate technical maturity level and good mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms but lacks advanced security headers and vulnerability disclosure mechanisms. The absence of WHOIS registration data is a notable concern that impacts trustworthiness. Overall, the site presents a credible business front but would benefit from enhanced security and transparency measures.

Z

Zukunftsregion JadeBay

zukunftsregion-jadebay.de

48

Zukunftsregion JadeBay is a regional government-backed initiative focused on fostering sustainable development, innovation, and digital transformation within the JadeBay region in Niedersachsen, Germany. The website serves as an informational platform highlighting funding opportunities, projects, news, and partnerships with local counties. The technical infrastructure leverages modern frontend technologies such as Alpine.js, GSAP, Swiper.js, and Font Awesome, hosted via Schlund Technologies. The site is mobile-optimized and presents a professional design with clear navigation. Security posture is adequate with HTTPS and a Content-Security-Policy header, though additional security headers and policies could enhance protection. Privacy compliance is limited, with no visible privacy or cookie policies, which is a notable gap. Overall, the site is trustworthy and serves its public sector mission effectively.

L

LINET Services GmbH

linet-services.de

48

LINET Services GmbH is a regional IT system house based in Braunschweig, Germany, with over 20 years of experience providing IT solutions primarily to small and medium-sized enterprises, educational institutions, and compliance-focused organizations. Their services include IT infrastructure support, digital education solutions, and GDPR compliance consulting. The website is built on WordPress using modern plugins and themes, hosted by hosting.de, and demonstrates good digital maturity with mobile optimization and a cookie consent mechanism in place. Security posture is solid with HTTPS enforced and standard security headers present, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

A

audriga GmbH

audriga.com

36

audriga GmbH operates as a specialized provider of data migration services, focusing on email, groupware, and online storage migrations. Their offerings cater to a broad audience including individual mailbox users, hosters, and telecommunications companies, supporting both self-service and large-scale platform migrations. The company positions itself as a global expert in this niche, with a business model that combines B2B and B2C services. Their market presence is reinforced by participation in industry events and active social media engagement. Technically, the website is built on the MediaWiki CMS platform, enhanced with Bootstrap for responsive design and several JavaScript libraries for UI improvements. The site demonstrates moderate performance and good mobile optimization, though accessibility and SEO features are basic. No advanced analytics or tracking technologies are detected, indicating a privacy-conscious approach. From a security standpoint, the site uses HTTPS but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data are evident in the content. The absence of a cookie consent mechanism and detailed privacy compliance documentation suggests room for improvement in regulatory adherence. The WHOIS data is unavailable, which raises some concerns about domain registration transparency, though the website's professional content and external presence mitigate trust issues. Overall, audriga.com presents a professional and trustworthy front for its specialized services but would benefit from enhanced security practices, clearer privacy compliance, and verified domain registration information to strengthen its credibility and risk posture.

The website opt.se currently serves as a minimal placeholder indicating that the site has moved to a new address (www.aspebodaspelmanslag.webb.se). There is no substantive business content, contact information, or policies available on the site. The domain is registered with One.com since 2004, indicating a long-standing presence, but the lack of content and security features suggests low digital maturity. The technical infrastructure is basic, with no detected CMS, frameworks, or analytics tools. Security posture is weak due to missing HTTPS confirmation, absence of security headers, and no privacy or cookie policies. Overall, the site presents a low trust profile and minimal business credibility.

The website quimadeinitaly.it currently serves only a default Apache HTTP server test page indicating that the server is operational but no actual business content or services are provided. The domain registration has expired recently, which further suggests the site is inactive or neglected. There is no evidence of privacy policies, cookie consent mechanisms, terms of service, or contact information, which are critical for user trust and regulatory compliance. Technically, the site uses Apache on CentOS with Bootstrap CSS for styling but lacks modern security configurations such as HTTPS and security headers. Overall, the site has a very low security posture and minimal digital maturity.

P

Prometeus

iwstack.com

44

iwStack is a cloud infrastructure platform operated by Prometeus, offering flexible and scalable virtual infrastructure services primarily targeting businesses and developers in Italy and Europe. The platform leverages KVM virtualization technology and CloudStack software to provide features such as high availability, live migrations, virtual routers with firewall and VPN capabilities, and hourly billing. The website presents transparent pricing and a professional design, positioning iwStack as a niche cloud service provider with a stable market presence since 2013. Technically, the site uses legacy JavaScript libraries and Piwik analytics, with moderate performance and basic mobile optimization. Security posture is moderate but could be improved by enabling DNSSEC, upgrading libraries, and implementing security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the domain registration data supports legitimacy and trustworthiness.

A

AmBilet

ambilet.ro

48

AmBilet is an online ticketing platform primarily serving the Romanian market, offering tickets for concerts, festivals, theater, stand-up comedy, and children's events. The website is built on WordPress with e-commerce and event management plugins, providing a visually appealing and user-friendly experience optimized for mobile devices. The platform integrates marketing and analytics tools such as Facebook and TikTok pixels to track user engagement and retarget visitors. Security posture is adequate with HTTPS enforced, but lacks some advanced security headers and visible security policies. Privacy compliance is partial, with a cookie consent mechanism present but no clear privacy or terms of service pages. Overall, the site appears legitimate and professionally maintained, targeting event attendees in Romania.

S

Svět interiérů

svetinterieru.cz

45

Svět interiérů is a small Czech Republic based company specializing in interior design, apartment renovation, and custom furniture manufacturing. Their website presents a professional image with clear descriptions of services, customer testimonials, and a contact form protected by Google reCAPTCHA. The technical infrastructure includes modern JavaScript libraries and Google Tag Manager for analytics and advertising. Security posture is good with HTTPS and spam protection, but lacks some HTTP security headers and formal privacy and terms of service pages. The absence of WHOIS data reduces domain trust verification, but the website content and contact details suggest a legitimate business. Overall, the site is well-structured, mobile-optimized, and user-friendly, targeting residential and commercial clients seeking quality interior solutions.

S

Smart Livin automation s.r.o.

otevribyt.cz

42

The website www.otevribyt.cz represents a locksmith and security services provider operating primarily in Prague, Czech Republic. The company, Smart Livin automation s.r.o., offers emergency locksmith services including non-damaging door openings and security system installations. The business targets local residents and property owners requiring urgent locksmith assistance. The website is professionally designed using WordPress with modern SEO and tracking tools, indicating a moderate level of digital maturity. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and business registration details. Security posture is generally good with HTTPS enabled and no obvious vulnerabilities, but the site lacks comprehensive security headers and explicit security or privacy policies. Overall, the site is functional and trustworthy for its business purpose but would benefit from enhanced compliance and transparency measures.

HAGS Praha, s.r.o. is a Czech company with over 33 years of experience in designing and delivering high-quality children's playgrounds, including products from the German Berliner Seilfabrik. The company targets investors, architects, public institutions, and parents, offering customized playground solutions emphasizing safety, design, and sustainability. The website reflects a medium-sized manufacturing business with a strong local market presence and multiple certifications that reinforce trust and quality. Technically, the website uses modern JavaScript libraries such as jQuery, Swiper, and Font Awesome, hosted likely on Czech infrastructure. The site is mobile-optimized with good design and navigation, though accessibility and SEO could be improved. The cookie consent mechanism is implemented, supporting GDPR compliance to some extent, but lacks a dedicated privacy policy and terms of service pages. From a security perspective, the site uses HTTPS but lacks visible security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. The domain registration is recent, which contrasts with the company's stated long history, suggesting a new domain acquisition or rebranding. Overall, the website is professional and trustworthy but would benefit from enhanced privacy documentation, security headers, and clearer compliance disclosures to improve its security posture and regulatory adherence.

P

PortusPark

portuspark.org

47

PortusPark is a well-established network of science and technology parks and incubators serving the northern region of Portugal. Founded in 2007, it operates as a regional leader providing capital participation and advanced services to its member parks and associated companies. The website reflects a professional and consistent brand presence, targeting technology parks, incubators, and related stakeholders in the region. Technically, the site is built on WordPress with common plugins for multilingual support and rich media content, delivering a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, and no privacy or cookie policies are published, indicating room for compliance improvements. Overall, the domain registration data aligns well with the business claims, supporting a high legitimacy score. Strategic recommendations include enhancing security headers, enabling DNSSEC, and publishing comprehensive privacy and cookie policies to improve compliance and trust.

C

Câmara Municipal de São João da Madeira

cm-sjm.pt

38

The Câmara Municipal de São João da Madeira website serves as the official digital presence of the municipal government of São João da Madeira, Portugal. It provides citizens, investors, and visitors with news, municipal services, event agendas, and transparency information. The site targets local residents and stakeholders interested in municipal affairs and investment opportunities. The business model is that of a government entity focused on public service delivery and community engagement. Technically, the website employs a moderate technology stack including jQuery, slick carousels, and AddThis for social sharing. The site is mobile responsive and offers a good user experience with clear navigation. However, it lacks modern security headers and explicit privacy and cookie policies, which are important for compliance and user trust. From a security perspective, the site uses HTTPS with a valid SSL certificate, but no advanced security headers were detected. There is no visible vulnerability disclosure or incident response information. The absence of privacy and cookie policies indicates a gap in GDPR compliance. No contact emails or phone numbers were explicitly found, limiting direct communication channels. Overall, the website is professional and trustworthy as a government portal but would benefit from enhanced privacy compliance, improved security headers, and clearer contact information to strengthen its security posture and user trust.

C

Catrapum

catrapum.com

48

Catrapum is a Portuguese e-commerce business specializing in the sale of used auto parts for major automotive brands such as Volkswagen, Audi, Toyota, and Mazda. The website offers a catalog of used parts, enabling vehicle owners and drivers to find reliable components for their vehicles. The business appears to be small-sized and focused on the transportation sector, with a market position as a specialized supplier of used auto parts. The website is professionally designed with good content quality and consistent branding, targeting Portuguese-speaking customers primarily, with an English language option available. Technically, the website uses standard web technologies including jQuery and implements HTTPS for secure communication. It employs Google Tag Manager for analytics and tracking, indicating a moderate level of digital maturity. The site is mobile-optimized and has good SEO practices, although accessibility features are basic. However, there is a lack of advanced security headers and no visible privacy or terms of service policies, which are areas for improvement. From a security perspective, the site enforces HTTPS but lacks important security headers and detailed privacy compliance documentation. No critical vulnerabilities were detected in the visible content, but the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. The cookie consent mechanism is present, supporting GDPR compliance to some extent. Overall, while the business and website present a professional front with relevant services, the missing WHOIS data and limited privacy/security policies suggest a moderate risk profile. Strategic improvements in security headers, privacy documentation, and domain registration transparency are recommended to enhance trust and compliance.

S

SIG Strasbourg

sigstrasbourg.fr

46

SIG Strasbourg is a professional basketball club based in Strasbourg, France, operating an official website to engage fans and provide services such as ticket sales and merchandise. The website is built on Drupal 10 and integrates modern web technologies including Google Analytics and Bootstrap 5, reflecting a moderate level of digital maturity. The site is well-branded, mobile-optimized, and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks published privacy policies, security headers, and explicit contact information for security or general inquiries. Overall, the domain registration is consistent and legitimate, supporting the trustworthiness of the site.

F

Festival Musica

festivalmusica.org

48

Festival Musica is an established international contemporary music festival based in Strasbourg, France, founded in 2019. It offers a rich program of events including concerts, podcasts, articles, and community engagement activities. The festival targets a general audience interested in contemporary music and cultural experiences. The website reflects a professional and consistent brand image supported by official cultural partners and regional sponsors. Technically, the site uses modern web technologies such as Alpine.js, Livewire, and Tailwind CSS, hosted by OVH, ensuring fast performance and excellent mobile optimization. Security practices include HTTPS enforcement and CSRF protection, though explicit cookie consent and privacy policy details could be improved. Overall, the site is trustworthy and well-maintained, with a strong social media presence and clear business legitimacy.

H

Haute école des arts du Rhin

hear.fr

45

Haute école des arts du Rhin (HEAR) is a French higher education institution specializing in artistic disciplines including Art, Design, Communication, and Music, with campuses in Mulhouse and Strasbourg. The website serves as an informational and promotional platform targeting prospective and current students, educators, and researchers. It provides detailed program information, admissions guidance, and showcases events and exhibitions, positioning HEAR as a regional leader in arts education. The institution appears to be established since 2016, with a medium-sized operational scale and a focus on quality artistic education and research.

A

ARTUS Théâtre Universitaire de Strasbourg

artusasso.fr

47

ARTUS Théâtre Universitaire de Strasbourg is a small, non-profit university theatre association based in Strasbourg, France. It offers theatrical productions, workshops, auditions, and cultural events primarily targeting university students and theatre enthusiasts. The website is multilingual and professionally translated, reflecting a commitment to accessibility for international audiences. The business model focuses on community engagement and cultural enrichment rather than commercial profit. Technically, the website is built on WordPress with common plugins such as Yoast SEO and Contact Form 7, hosted by OVH. The site demonstrates moderate performance and good mobile optimization, with basic accessibility features. SEO is well implemented with proper meta tags and structured data. From a security perspective, the site uses HTTPS and a cookie consent mechanism but lacks advanced security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a privacy policy present but no detailed GDPR compliance or incident response information. Overall, the website is trustworthy and professional, with a solid business presence and technical foundation. Strategic improvements in security policies and privacy transparency would enhance its posture and compliance.

A

Alliance française Strasbourg Europe

afstrasbourg.eu

45

Alliance française Strasbourg Europe is a small educational and cultural organization dedicated to promoting the French language and culture in Europe. The website is built on WordPress and uses common web technologies such as Google Analytics and Google Tag Manager for tracking. The content is minimal and mostly placeholder, indicating a basic web presence without extensive information or engagement features. Security posture is limited with no detected security headers and unknown SSL configuration. Privacy and cookie policies are absent, which is a compliance gap. No contact information or incident response details are provided, limiting user trust and support options. Overall, the website serves as a basic informational portal for the organization but requires improvements in security, privacy compliance, and content richness to enhance credibility and user experience.

C

Coze - L'Agenda Culturel Alsacien

coze.fr

40

Coze.fr is a well-established regional cultural magazine and event listing platform focused on the Alsace region in France. It offers a comprehensive agenda of cultural events including concerts, exhibitions, festivals, and artist features, targeting residents and visitors interested in local culture. The website is professionally designed with consistent branding and regularly updated content, positioning it as a trusted media source in its niche. Technically, the site is built on WordPress with common plugins such as Yoast SEO and uses modern JavaScript libraries like Flickity for carousels. It integrates Google Analytics and Facebook Pixel for tracking and marketing purposes. The site is mobile-optimized and SEO-friendly, though some accessibility features could be improved. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks security headers and explicit cookie consent mechanisms, which are recommended for enhanced protection and GDPR compliance. The absence of WHOIS data reduces trust slightly but the professional nature of the site and its social media presence support its legitimacy. Overall, Coze.fr presents a low-risk profile with good business credibility and technical implementation. Strategic improvements in security headers, privacy compliance, and incident response documentation would further strengthen its posture.

F

FastPixel

fastpixel.io

49

FastPixel is a cloud-based WordPress plugin focused on website speed optimization through caching, image optimization, minification, and CDN integration. Backed by the reputable ShortPixel team, it targets WordPress site owners seeking an easy-to-use, all-in-one performance solution. The website demonstrates a modern technical infrastructure leveraging WordPress, Cloudflare DNS, and Google marketing tools. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies are not explicitly published. Overall, the site is professional, trustworthy, and well-positioned in the WordPress optimization market.

G

GIO Notaires

gio-notaires.fr

45

GIO Notaires is a professional alliance of nine certified or ISO-certification-pursuing notarial offices in France, offering a wide range of legal and notarial services including family law, business law, wealth management, and real estate. The group emphasizes proximity, adaptability, and performance, serving clients primarily in Ile-de-France and other regions with a team of 24 notaries and 180 collaborators. The website is built on WordPress with Elementor and integrates modern technologies such as Google Maps and cookie consent mechanisms, reflecting a moderate to good level of digital maturity. Security posture is solid with HTTPS and cookie consent in place, though security headers are not detected and could be improved. The absence of WHOIS data is likely due to privacy protection, which is justified for this type of professional service. Overall, the website presents a trustworthy and professional image with comprehensive contact information and compliance with GDPR.

P

Poissonnerie des Halles

poissonneriedeshalles.fr

46

Poissonnerie des Halles is a small local business based in Reims, France, specializing in seafood retail and restaurant services. The website promotes their fish, shellfish, and crustacean sales alongside dining options and event catering. The business also highlights partnerships with related entities such as L'Etal, Le Bocal restaurant, Le Triporteur mobile restaurant, and La Maison d'Oléron vacation rental, indicating a diversified local ecosystem. The website content is well structured, professionally designed, and targets local customers and visitors interested in seafood and dining experiences. Technically, the website uses a modern but basic technology stack including Bootstrap, jQuery, FontAwesome Pro, and Google Fonts. The site is mobile optimized and SEO friendly with proper meta tags and Open Graph data. However, no CMS or hosting provider information is evident. Performance is moderate with no major technical issues detected. Accessibility is basic but functional. From a security perspective, the site lacks visible security headers and privacy or cookie policies, which reduces compliance with GDPR and best practices. No forms or user data collection mechanisms are present, minimizing attack surface but also limiting engagement. The WHOIS data is missing, which raises concerns about domain legitimacy and registration status. No WAF or blocking mechanisms are detected, and the site is fully accessible. Overall, the website is a good representation of a small local seafood business with moderate technical maturity but with room for improvement in security, privacy compliance, and domain legitimacy verification. Strategic recommendations include adding privacy and cookie policies, implementing security headers, verifying domain registration, and enhancing trust signals.

N

Nutricia

nutricia.sk

44

Nutricia is a specialized healthcare nutrition company operating in Slovakia, providing tailored nutritional products and services for patients with special dietary needs, including infants, seniors, oncology patients, and those with metabolic disorders. The company is part of the Danone Group, a globally recognized entity in the food and nutrition sector. The website reflects a professional and consistent brand presence with a focus on clinical nutrition and patient care. Technically, the site is built on WordPress using Elementor, with integration of Google Analytics and Tag Manager for tracking. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although there is room for improvement in security headers and incident response transparency. Overall, the website is trustworthy, compliant with GDPR, and serves its target audience effectively.

V

VHS Benešov a.s.

vhsbenesov.cz

44

VHS Benešov a.s. is a regional water utility company based in the Czech Republic, providing essential water supply and sewage services to over 100 municipalities and more than 70,000 inhabitants. The company operates under the umbrella of the global SUEZ group, indicating a strong market position and access to international expertise. Their service portfolio includes water treatment, distribution, sewage management, infrastructure construction, and customer billing. The website is professionally designed using Joomla CMS and incorporates modern web technologies such as jQuery and Bootstrap, ensuring a good user experience and mobile responsiveness. Security-wise, the site enforces HTTPS and includes CSRF tokens but lacks some security headers and explicit privacy compliance mechanisms, which could be improved. Overall, the domain registration data aligns well with the company's profile, supporting legitimacy and trustworthiness.

Pivovar Ferdinand, s.r.o. is a Czech brewery specializing in traditional and gluten-free beers, serving both retail and hospitality sectors primarily in the Czech Republic. The website presents a professional and content-rich platform showcasing their product range, brewing philosophy, and services including direct delivery. Technically, the site uses a custom CMS with common JavaScript libraries and integrates Google Analytics, Google Tag Manager, and Facebook SDK for marketing and analytics. The site is mobile optimized with good navigation and content relevance. Security posture is moderate with cookie consent implemented but lacks visible security headers and privacy policy pages. WHOIS data is unavailable, limiting domain trust verification. Overall, the site is mature content-wise due to alcohol products and includes age consent mechanisms.

V

Vcestovani.cz

bezpecnystredoceskykraj.cz

45

Vcestovani.cz is a Czech travel portal providing comprehensive travel guides, destination recommendations, and travel insurance offers primarily targeting Czech-speaking travelers. The website is built on WordPress with SEO optimization via Yoast and integrates Google Analytics and Adsense for tracking and monetization. The technical infrastructure is modern and mobile-optimized, though minor backend PHP warnings indicate some code maintenance is needed. Security posture is adequate with HTTPS enabled but lacks advanced security headers. Privacy and cookie policies are present, supporting GDPR compliance. However, the absence of WHOIS data reduces transparency and trustworthiness from a domain registration perspective. Overall, the site is professional and functional, serving its niche effectively.

M

Město Benešov

ssob.info

47

The website ssob.info serves as the official social services portal for the Benešov district in the Czech Republic. It provides comprehensive information on social service catalogs, community planning, family policies, crisis lines, and institutional contacts. The site targets local residents and social service users, operating as a government public service platform. The presence of ISO 9001 certification and official city links reinforces its credibility and trustworthiness. Technically, the site is built on the vismo CMS platform, employs standard web technologies including HTML5, CSS, and JavaScript, and integrates Google Translate for multilingual support. The website demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate.

The website zijememontessori.cz is currently inaccessible beyond a security verification page that employs Google reCAPTCHA v3 to prevent automated access. This indicates the presence of a Web Application Firewall (WAF) or similar bot protection mechanism, which blocks direct content access and prevents a full analysis of the site's business or content. The domain is registered since 2014 with a Czech registrar, consistent with the domain's country code and presumed business location. However, no business content, contact information, or policies are accessible on the site at this time. From a technical perspective, the site uses Bootstrap 5.3.3 for styling and Google reCAPTCHA for security verification. No CMS or other frameworks are detected. The lack of visible security headers and absence of privacy or cookie policies indicate a minimal security and compliance posture. The site does not expose any contact or incident response information, which limits trust and transparency. Security-wise, the use of reCAPTCHA is a positive measure against bots, but the absence of other security headers and policies is a concern. The domain registration data is consistent and legitimate, with no privacy protection or suspicious patterns. Overall, the site’s current state limits its usability and trustworthiness due to the blocking mechanism. Given these factors, the overall risk assessment is moderate due to the blocking mechanism preventing full evaluation. Strategic recommendations include improving transparency by publishing privacy and cookie policies, adding contact information, implementing comprehensive security headers, and ensuring the site content is accessible to legitimate users without excessive friction.

S

SZUŠ Natanael

szusnatanael.cz

40

SZUŠ Natanael is a private basic art school based in the Czech Republic, specializing in music education for children and youth. The school offers both collective and individual lessons, with a focus on instruments such as the double bass. The website serves as an information portal for prospective students, parents, and the community, providing schedules, teacher information, branch locations, and event announcements. Supported by local municipalities and the Ministry of Education, the school maintains a trusted local presence. Technically, the website is built on WordPress using the Understrap theme and Elementor page builder, incorporating modern web technologies such as jQuery, Font Awesome, and Google Fonts. The site is mobile responsive and performs moderately well, though there is room for improvement in accessibility and SEO. No advanced analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers and formal privacy or cookie policies, which are compliance gaps. The absence of WHOIS data due to privacy protection is typical for small private entities and does not raise immediate concerns. Overall, the website is safe, professional, and suitable for its educational audience. Strategically, SZUŠ Natanael should focus on enhancing privacy compliance by adding clear privacy and cookie policies, implementing security headers, and considering a vulnerability disclosure policy to strengthen trust and security posture. These improvements will support the school's credibility and protect its users better.

Y

YMCA Setkání

setkani.org

41

YMCA Setkání is a Czech non-profit organization dedicated to strengthening family life and community through various programs targeting couples, parents, youth, and families. The organization operates multiple programs including marriage meetings, family expeditions, and community events, supported by grants and private donations. The website reflects a well-structured community-focused entity with clear contact information and active social media presence. Technically, the website uses a custom CMS (Ezer CMS) with common web technologies such as jQuery, Google Analytics, and Facebook SDK. The site is moderately optimized for mobile and performance, though accessibility and SEO could be improved. Security practices are basic with HTTPS implied but lacking explicit security headers and privacy policies. From a security perspective, the site shows no signs of blocking or WAF interference and contains no exposed sensitive data. However, the absence of privacy and cookie policies and missing WHOIS transparency reduce compliance and trust scores. Overall, the site is safe, professional, and trustworthy but would benefit from enhanced security and privacy measures.

P

Parafia Matki Bożej Częstochowskiej w Knurowie

mariahilf.eu

42

Maria Hilf is a religious pilgrimage site dedicated to the Virgin Mary, located in the Czech Republic. The website serves as an informational portal for pilgrims and visitors, providing details about the pilgrimage site, its history, religious services, and contact information. The organization behind the site is identified as Parafia Matki Bożej Częstochowskiej w Knurowie, indicating a religious parish managing the site. The site targets pilgrims and religious visitors interested in spiritual and cultural heritage. Technically, the website is built on WordPress using Elementor and Bootstrap frameworks, with integrations for Google Analytics and Facebook social media. The site is served over HTTPS with good SSL configuration but lacks some security headers and privacy compliance documents such as privacy and cookie policies. No forms are present on the homepage, indicating minimal data collection. The security posture is moderate with room for improvement in headers and compliance. Overall, the site is trustworthy and professionally presented, suitable for its non-profit religious purpose.

G

GARNEA a.s.

garnea-as.cz

45

GARNEA a.s. is a Czech Republic based company specializing in the import and distribution of agricultural and construction machinery, notably as the exclusive importer of DEUTZ-FAHR machines. The company positions itself as an official dealer with a 30-year tradition, offering a full range of equipment, spare parts, and after-sales services. The website reflects a professional business presence targeting agricultural and construction sectors within the Czech market. Technically, the website employs modern frameworks such as Nette and Bootstrap, integrates multiple tracking and advertising technologies, and provides a cookie consent mechanism, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks visible security headers and formal privacy or terms policies, which are areas for improvement. The absence of WHOIS data reduces domain trustworthiness, though the website content and branding appear consistent and professional. Overall, the site presents a moderate risk profile with recommendations to enhance compliance and security transparency.

P

Profi Press s.r.o.

agro-obchod.cz

44

AgroOBCHOD is an online agricultural classified ads portal operated by Profi Press s.r.o., targeting farmers and agricultural businesses primarily in the Czech Republic. The platform offers listings for agricultural machinery, land, livestock, and crops, facilitating trade within the agricultural sector. The website is built on WordPress and integrates common web technologies including jQuery, Isotope.js, and tracking tools such as Google Analytics and Matomo Tag Manager. It provides multilingual support via Google Translate and includes a newsletter subscription feature. Despite the professional presentation and relevant content, the absence of WHOIS registration data and lack of explicit privacy and terms of service policies represent gaps in transparency and compliance. Security posture is moderate with HTTPS enabled but missing key security headers. Overall, the site is functional and serves its niche market well but would benefit from enhanced compliance and security measures.