Other security reports

The website kensalgreencemetery.com is currently inaccessible beyond a bot verification challenge page employing Google reCAPTCHA invisible technology. This indicates the presence of a Web Application Firewall (WAF) or security mechanism designed to prevent automated access. Due to this blocking, no substantive business content, contact information, or policies are accessible for analysis. The domain is registered with IONOS SE since 2005, indicating a mature and likely legitimate domain, but the lack of accessible content limits the ability to assess the business or its digital maturity. Technically, the site uses Google reCAPTCHA for bot mitigation but lacks DNSSEC and security headers based on the provided data, suggesting opportunities for improving domain and web security. The absence of privacy, cookie, or terms of service policies and contact details further reduces compliance and trustworthiness from a user perspective. Security posture is moderate given the use of HTTPS (implied by domain and reCAPTCHA usage) but is weakened by missing security headers and DNSSEC. The blocking mechanism itself is a security strength but also a barrier to user access and content evaluation. Overall, the site scores low on content quality, privacy compliance, and business credibility due to the blocking and lack of visible information. Recommendations include enabling DNSSEC, implementing security headers, publishing privacy and cookie policies, and providing clear contact and incident response information to improve transparency and compliance. Additionally, reviewing the WAF configuration to balance security and user accessibility would enhance user experience and trust.

A

Association for Gravestone Studies

gravestonestudies.org

54

The Association for Gravestone Studies is a well-established non-profit organization dedicated to the study and preservation of gravestones internationally. Founded in 1977, it offers educational resources, conferences, publications, and fellowship programs to a niche audience of historians, genealogists, and preservationists. The website reflects a consistent brand and provides clear contact and organizational information. Technically, the site is built on Joomla CMS with Bootstrap and jQuery, hosted on SiteGround, and demonstrates moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy policies are present but basic, hosted externally. Overall, the site is professional, trustworthy, and serves its community effectively.

T

The Compatriot Johann Puch - Janez Puh Juršinci Society

janez-puh.si

36

The Compatriot Johann Puch - Janez Puh Juršinci Society operates as a small non-profit organization focused on preserving the legacy of Johann Puch through museum management and cultural promotion in Slovenia. The website serves as an informational portal for the museum, society activities, and related heritage content, targeting general audiences interested in historical and technical heritage. The society has established partnerships with local government and corporate sponsors, enhancing its community presence. Technically, the website employs basic web technologies including HTML5, CSS, JavaScript with jQuery and Modernizr, but lacks modern CMS or advanced frameworks. Performance and mobile optimization are moderate, with room for improvement in accessibility and SEO. The site is accessible without WAF or blocking mechanisms, but lacks advanced security headers and visible SSL configuration details. Security posture is moderate with cookie consent implemented but missing critical elements such as privacy policy, security headers, and incident response contacts. No analytics or tracking scripts were detected, indicating minimal user tracking and privacy risk. The domain WHOIS data aligns well with the website content and business history, supporting legitimacy. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, security hardening, and technical modernization to improve user trust and regulatory adherence.

The website www.mojaobcina.si is currently inaccessible, returning a 500 Internal Server Error with no accessible content. The domain is registered since 2009 with Webtasy, d.o.o., a Slovenian registrar, indicating a legitimate and established domain. Due to the lack of accessible content, no business description, contact information, or policies can be analyzed. The technical infrastructure cannot be assessed beyond the registrar and domain age. Security posture is weak as the site is down, and no security headers or policies are detectable. Overall, the site presents a high risk due to unavailability and lack of visible security or compliance information.

O

Območna obrtno-podjetniška zbornica Celje

ooz-celje.si

33

Območna obrtno-podjetniška zbornica Celje is a regional craft and entrepreneurial chamber serving the Celje area in Slovenia. The organization provides a variety of services including business registrations, consulting, issuing permits, event organization, and member benefits. The website reflects a well-structured portal aimed at local businesses and entrepreneurs, with a focus on supporting regional economic development and EU-funded projects. Technically, the site is built on WordPress with common plugins for event management and SEO, and it uses Google Analytics for visitor tracking. The site is mobile-optimized and presents content clearly, although some accessibility features could be improved. Security-wise, HTTPS is enforced and cookie consent is implemented, but security headers are lacking and no explicit privacy or security policies are published. Overall, the site is professional and trustworthy but could enhance its security posture and privacy compliance.

W

WAKATOTO

zaposlitve.org

45

WAKATOTO operates as an online gambling platform specializing in slot games branded as MAXWIN with high RTP and easy jackpot wins. The site targets Indonesian adult users interested in online slot gambling, offering fast deposit and withdrawal services and 24/7 customer support. Technically, the website leverages AMP technology to ensure fast mobile performance and good SEO optimization, but lacks advanced security headers and visible compliance documentation. The WHOIS data is unavailable, indicating privacy protection which is common in gambling sites but reduces transparency. Affiliate links redirect users to a suspicious external domain, which raises trust concerns. Overall, the site has a basic professional design but lacks critical security and privacy features.

A

Alumni Association

alumni-association.de

57

The website represents an Alumni Association based in Germany, likely serving a small community of alumni members. The business appears to be a non-commercial or community-focused entity with limited public-facing services. The website is powered by TYPO3 CMS and integrates Cookiebot for cookie consent management, indicating a basic level of digital maturity and compliance with cookie regulations. However, the absence of explicit privacy and terms of service pages limits its compliance posture. Technically, the site uses modern web technologies but lacks visible security headers and SEO optimization, which could impact discoverability and security. The security posture is moderate with HTTPS implied but no advanced security practices evident. Overall, the site is functional but would benefit from enhanced compliance documentation and security hardening.

P

Profil d.o.o.

profil.si

58

Profil d.o.o. is a well-established Slovenian consulting company specializing in executive search, selection, and HR advisory services across Slovenia and Southeast Europe. With over 30 years of experience, the company positions itself as a trusted partner for businesses seeking leadership and professional talent. Their services include career counseling, outplacement, and tailored HR consulting, targeting both companies and candidates. The website reflects a professional and consistent brand image, emphasizing quality, trust, and tradition. Technically, the site uses a mix of legacy and modern web technologies, including jQuery 1.7.1 and Bootstrap, hosted on a custom CMS platform. While the site is mobile-optimized and well-structured, some outdated libraries pose potential security risks. Security posture is moderate, with cookie consent implemented but lacking visible security headers and explicit privacy policies. The domain is long-standing and registered to a company linked to the website's design and operation, supporting legitimacy. Overall, the website is professional and trustworthy but would benefit from technical and compliance improvements.

M

MojaTiskarna.si

mojatiskarna.si

48

MojaTiskarna.si is an established Slovenian online printing service founded in 2011, offering a range of printing solutions including digital, offset, and XXL printing. The website targets businesses, agencies, freelancers, and individual customers seeking professional printing services such as business cards, flyers, banners, and promotional materials. The platform supports B2B and B2C models with features like delivery tracking and customer support via phone. Technically, the site uses older but functional JavaScript libraries like jQuery and Modernizr, with a custom or proprietary CMS. The site is moderately optimized for mobile and SEO, with a responsive design and cookie consent mechanisms in place. Security posture is adequate with HTTPS enforced and no visible sensitive data exposure, though improvements are recommended in security headers and updating legacy libraries. Privacy compliance is basic but present, with clear privacy and cookie policies. Overall, the website is professional, trustworthy, and well-positioned in its local market niche.

P

Home - philippka

philippka.de

63

The website philippka.de appears to be a professionally designed WordPress site using WooCommerce for e-commerce capabilities and Rank Math PRO for SEO optimization. The site employs performance enhancements such as WP Rocket and EWWW Image Optimizer, indicating a focus on speed and user experience. However, the site lacks explicit privacy and cookie policies, which are critical for GDPR compliance and user trust. Contact information is not clearly provided, limiting direct communication channels. The domain WHOIS data shows a 'connect' status with nameservers pointing to DomainControl.com, suggesting the domain is registered but with limited public WHOIS information. Overall, the site is accessible and safe for general audiences but would benefit from improved transparency and compliance documentation.

V

Villa Olea

villaolea.eu

37

Villa Olea's website is a password-protected portal likely representing a hospitality or real estate business. The site uses WordPress CMS with standard login forms and basic jQuery libraries. The content is minimal and restricted, with no public business descriptions, contact information, or policies visible. Technically, the site uses HTTPS with valid SSL but lacks important security headers and privacy compliance features. No analytics or advertising scripts are present, indicating minimal tracking or marketing activities. The overall security posture is moderate but could be improved with standard security headers and visible compliance documentation. The domain registration appears legitimate with no suspicious WHOIS patterns, but registrant details are limited. The site’s content is safe with no adult or questionable material detected.

The website www.t-systems.com is currently inaccessible, returning a 403 Forbidden error page with minimal HTML content. This indicates that access to the site is blocked or restricted, preventing any meaningful content or metadata extraction. The lack of WHOIS data further complicates verification of the domain's registration status and legitimacy. Due to these access restrictions, no business, contact, or security policy information could be obtained. The technical infrastructure appears to lack proper configuration for public access, and no security headers or HTTPS enforcement were detected. Overall, the site’s security posture is weak, and the domain’s legitimacy is questionable based on available data.

N

Najstarejša trta

najstarejsatrta.si

40

The website 'Najstarejša trta' appears to be a small Slovenian site focused on the theme of the oldest vine, likely related to wine or viticulture. The domain is recently registered in 2023 with a Slovenian registrar, consistent with the website's Slovenian language content. The site is built on WordPress, using standard web technologies such as PHP, JavaScript, and CSS, and includes common libraries like Google Fonts and Font Awesome. The technical infrastructure is basic but functional, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and good SSL configuration; however, the absence of security headers and privacy policies indicates room for improvement. No contact or incident response information is provided, which limits transparency and trust. Overall, the site is safe for general audiences and does not contain adult or explicit content.

W

Webtasy, d.o.o.

stajerska.si

56

Štajerska.si is a professionally designed regional tourism website promoting the Štajerska region in Slovenia. It offers comprehensive information on cultural, natural, and wellness experiences, targeting tourists and visitors interested in urban and natural attractions. The website leverages modern technologies such as Nuxt.js, Vue.js, and DatoCMS, ensuring a fast, mobile-optimized, and accessible user experience. Social media integration and event promotion enhance its outreach. Security posture is strong with HTTPS and security headers, though the absence of a cookie consent banner and explicit security policies indicates room for compliance improvement. Overall, the site is trustworthy and well-positioned as a regional tourism marketing platform.

M

MBajk

mbajk.si

54

The website www.mbajk.si represents a business entity with an established domain since 2013, indicating a stable presence. The site is built using modern web technologies including Angular 18.2.10, Bootstrap, and integrates Matomo for analytics and Google Maps API for location services. A cookie consent mechanism is implemented via Didomi, reflecting some level of privacy compliance. However, the site lacks visible privacy policy, terms of service, and contact information, which limits transparency and user trust. The technical infrastructure appears moderately optimized with good mobile responsiveness but basic SEO and accessibility features. Security posture is moderate with HTTPS implied but no explicit security headers detected in the HTML content. No forms or direct data collection points are visible, reducing immediate risk but also limiting user engagement. Overall, the site is functional but would benefit from enhanced compliance documentation and security hardening.

M

Marketinška agencija Kainoto

kainoto.com

58

Marketinška agencija Kainoto is a Slovenian marketing agency established in 2002, offering innovative and ethical marketing services including consulting, digital marketing, event organization, and marketing material design. The website reflects a small business with a focus on professional and sustainable marketing solutions. Technically, the site uses an ASP.NET WebForms platform with common libraries such as jQuery and Font Awesome, but lacks advanced modern frameworks. Security posture is moderate with HTTPS likely enabled but missing DNSSEC and security headers, and no visible cookie consent mechanism despite a stated cookie policy. Contact information is limited to a web form, with no direct email or phone numbers displayed. Overall, the site is accessible and functional but could improve in security and privacy compliance to enhance trust and user experience.

J

Jobware Online-Service GmbH & Co. KG

bewerbung2go.de

60

bewerbung2go.de is a German online platform operated by Jobware Online-Service GmbH & Co. KG that provides a comprehensive suite of tools and templates for job seekers to create professional application documents such as cover letters, resumes, and cover pages. The platform targets German-speaking job seekers and offers over 500 templates tailored to various professions. The website is well-designed, mobile-optimized, and uses modern web technologies including Drupal CMS and JavaScript libraries for enhanced user experience. Analytics are implemented via Piwik PRO, indicating a moderate level of user tracking. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and policies could be improved. Privacy compliance is weak due to the absence of visible privacy and cookie policies. Overall, the domain registration data aligns with the business, supporting legitimacy and trustworthiness.

The website max-lingner-stiftung.de is currently inaccessible due to a 500 Internal Server Error, indicating server misconfiguration or application failure. The site lacks any accessible content, metadata, or structured data, limiting the ability to analyze business operations or services. The only contact information available is a webmaster email address embedded in the error page. Technically, the site uses HTTPS on port 443 but lacks visible security headers or advanced configurations. No privacy, cookie, or terms of service policies are present, indicating low compliance with data protection standards. The WHOIS data shows a standard domain status with multiple name servers but lacks detailed registrant information or domain age data. Overall, the website's digital maturity and security posture are poor, with critical issues preventing normal operation and user engagement.

V

VEMA Versicherungsmakler Genossenschaft eG

vematage.de

66

VEMA Versicherungsmakler Genossenschaft eG operates the VEMAtage website, which promotes annual insurance brokerage events and livestreams primarily targeted at insurance professionals in Germany. The company positions itself as a cooperative in the insurance brokerage sector, offering event organization and educational services. The website is professionally designed with clear navigation and consistent branding, supporting a medium-sized business presence. Technically, the site uses modern JavaScript libraries such as jQuery, bxSlider, and Slick Carousel, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced and cookie consent implemented, though formal security policies and incident response details are absent. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

The website av-tarife.de is currently inaccessible, returning a 403 Forbidden error page that denies access to all users. This prevents any direct analysis of the site's content, metadata, or business information. The domain is hosted on Schlund Technologies' nameservers, a German hosting provider, which aligns with the domain's German country code top-level domain (ccTLD). Due to the lack of accessible content, no privacy, cookie, or terms of service policies are available, and no contact or business details can be extracted. The site does not display any scripts, analytics, or advertising technologies, indicating minimal or no public-facing content at this time. From a technical perspective, the site appears to be blocked or restricted, possibly due to server configuration or access control policies. No specific web application firewall (WAF) vendor challenge was detected, but the generic 403 error suggests intentional access denial. Security headers and SSL configuration details are not available from the provided data, limiting the security posture assessment. The WHOIS data shows consistent domain registration with no privacy protection, hosted by a reputable German provider, supporting legitimacy but not providing further business insights. Overall, the security posture cannot be fully assessed due to the lack of accessible content. The site currently scores very low on content quality, technical implementation, security, privacy compliance, and business credibility. There are no indications of adult or questionable content, and the site is rated safe in terms of content safety. Strategic recommendations include resolving access issues to enable content availability, implementing security best practices, publishing privacy and cookie policies, and providing clear contact information to improve trust and compliance.

M

Ameise

maklerinfo.biz

56

The website www.maklerinfo.biz/maklerportal/dashboard appears to be a minimal content dashboard or portal page with no publicly accessible business information or user-facing content. The page title is 'Ameise' and the site uses the Aurelia JavaScript framework with multiple deferred script bundles, indicating a modern single-page application architecture. However, the lack of visible content, metadata, or structured data limits the ability to assess the business or its services. The WHOIS data is completely unavailable, which reduces trust and transparency. No privacy policies, contact information, or security policies are present on the page, indicating low compliance with common web standards. Security posture is weak due to missing HTTPS and security headers information. Overall, the site appears to be an internal or restricted access portal rather than a public business website.

The website bildungsportal-niedersachsen.de is currently inaccessible due to a Cloudflare security challenge page employing Turnstile captcha, which blocks direct access to the site's content. This prevents extraction of meaningful business, contact, or policy information. The domain appears legitimate and consistent with a regional educational portal in Germany, but no detailed business or security policies are visible. The technical infrastructure includes Cloudflare's security services, indicating a focus on protection against automated threats. However, the lack of accessible content limits the ability to assess the site's compliance, security posture, or business credibility comprehensively.

A

Association of Significant Cemeteries of Europe

significantcemeteries.org

67

The Association of Significant Cemeteries of Europe (ASCE) operates as a non-profit organization dedicated to promoting European cemeteries as vital cultural heritage sites. The website provides detailed descriptions of significant cemeteries, organizes events such as conferences and symposiums, and fosters research and networking among heritage professionals and communities. The target audience includes cultural heritage professionals, researchers, local communities, and cultural tourists interested in cemetery heritage. Technically, the website is hosted on the Blogger platform, utilizing common web technologies including jQuery, Google APIs, and third-party services like Zoho Campaigns for newsletter signups. The site demonstrates moderate performance and basic mobile optimization, with a consistent and professional design that supports good user experience and navigation. From a security perspective, the site uses HTTPS but lacks visible security headers and comprehensive privacy policies, which are areas for improvement. No critical vulnerabilities or malicious content were detected. The WHOIS data is unavailable, limiting domain trust assessment, but the website content and external authoritative links support its legitimacy. Overall, the site is a credible resource for cultural heritage related to cemeteries, with recommendations to enhance privacy compliance, security headers, and mobile accessibility to strengthen its security posture and user trust.

The SYMBOLS project website serves as an educational platform focused on exploring cultural symbols, particularly those found in cemeteries across Europe. It is a collaborative initiative involving six European partners including municipal councils, educational institutions, and cultural organizations. The site offers a symbols database, interpretative content, and special tours, targeting audiences interested in cultural heritage and funerary arts. The business model is primarily educational and cultural, with a niche market position supported by reputable European partners. Technically, the website is built on ASP.NET Web Forms with legacy JavaScript libraries such as jQuery 1.8.2 and jQuery UI 1.9.1. It integrates Google Analytics and Google Maps API for tracking and mapping functionalities. The site demonstrates moderate performance and basic mobile optimization, with room for improvement in accessibility and SEO practices. From a security perspective, the site uses HTTPS ensuring encrypted communication but lacks visible security headers like Content Security Policy and uses outdated JavaScript libraries that may expose vulnerabilities. No privacy or cookie policies are present, indicating gaps in GDPR compliance. No contact emails or phone numbers are provided, limiting direct communication channels. Overall, the website is a credible cultural heritage resource with moderate technical maturity and security posture. Strategic improvements in security headers, library updates, and privacy compliance would enhance trust and resilience.

E

European Cemeteries Route

cemeteriesroute.eu

52

The European Cemeteries Route website serves as a cultural heritage platform promoting significant cemeteries across Europe. It targets a general audience interested in cultural tourism, history, and heritage preservation. The site offers membership services, event information, a mobile guide, and newsletters to engage its community. The business model appears to be non-profit or cultural promotion focused, supported by partnerships with recognized cultural organizations and awards such as the UNWTO Ulysses Award. Technically, the site is built on ASP.NET WebForms with legacy JavaScript libraries like jQuery 1.8.2, indicating moderate digital maturity. The design is consistent and user-friendly but lacks advanced mobile optimization and accessibility features. Security posture is moderate with no visible HTTPS enforcement details or security headers and usage of outdated libraries posing potential risks. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is trustworthy for its niche but requires improvements in security and privacy to enhance user trust and compliance.

The website baufi-cockpit.de currently serves an error page indicating that no root page is found for the requested language or domain. There is no substantive business content, no privacy or cookie policies, and no visible contact forms or interactive elements. The site is powered by Contao Open Source CMS but is misconfigured or incomplete, resulting in poor user experience and lack of business information. The only contact information found is an email address for the webmaster. Technically, the site lacks security headers and HTTPS information, which raises concerns about secure communication and best practices. The domain uses Digitalkraft nameservers, suggesting professional hosting, but WHOIS data is minimal with an unusual domain status 'connect', which may indicate an inactive or transitional domain state. Security posture is weak due to missing HTTPS and security headers, and the site does not demonstrate compliance with privacy regulations such as GDPR. Overall, the site is non-functional and presents a high risk of poor trust and credibility. Strategic recommendations include fixing the root page configuration, implementing HTTPS, adding security headers, and publishing privacy and cookie policies to improve compliance and user trust.

B

BHE Bundesverband Sicherheitstechnik e.V.

sicheres-zuhause.info

66

The website www.sicheres-zuhause.info is a professionally maintained portal operated by the BHE Bundesverband Sicherheitstechnik e.V., a German security association. It provides comprehensive information and resources related to home security, including burglary protection, fire safety, alarm systems, and emergency call systems, targeting private customers in Germany. The site also offers a specialist company search feature to connect users with qualified security service providers. Technically, the site is built on the Neos CMS platform using PHP and the Flow framework, with modern front-end libraries such as Select2 and Slick Carousel. It employs Matomo analytics configured to disable cookies, reflecting a privacy-conscious approach. Security-wise, the site uses HTTPS with good SSL configuration but lacks explicit security headers and cookie consent mechanisms. WHOIS data is privacy-protected, which is common for association domains, but limits transparency. Overall, the site is trustworthy, well-branded, and serves as a valuable resource for home security information in Germany.

B

BHE Bundesverband Sicherheitstechnik e.V.

bhe-qm.de

63

The website www.bhe-qm.de serves as a specialized portal for quality management certification and support tailored to security providers in Germany. Operated by the BHE Bundesverband Sicherheitstechnik e.V., it offers a range of services including QM system certification assistance, norm and guideline management, webinars, calibration services, and dedicated QM software. The site targets security companies seeking to establish or maintain certified quality management systems, positioning itself as a long-standing and trusted resource with over a decade of experience. Technically, the site is built on the Neos CMS platform leveraging the Flow PHP framework, hosted by punkt.de GmbH. It employs Matomo analytics configured to disable cookies, reflecting a privacy-conscious approach. The site is mobile-optimized with good SEO practices and moderate performance. However, some security best practices such as security headers and cookie consent mechanisms are not fully implemented. From a security perspective, the site enforces HTTPS and uses privacy-friendly analytics, but lacks visible security headers and formal incident response or vulnerability disclosure policies. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the hosting provider and business claims, indicating legitimacy and consistency. Overall, the website presents a professional, trustworthy, and business-focused presence with room for improvement in security headers and privacy compliance mechanisms. The risk profile is low with no indications of malicious activity or content safety concerns.

P

Pogrebno podjetje Maribor d.d.

pp-mb.si

53

Pogrebno podjetje Maribor d.d. is a well-established funeral service provider based in Maribor, Slovenia, founded in 2006. The company offers comprehensive funeral organization, cemetery management, grave site rental, and stonemasonry services. It is part of the JHMB Group, a recognized entity in the region, and maintains a strong local presence with a focus on cultural heritage preservation. The website reflects a professional and consistent brand image, targeting local residents seeking respectful and organized funeral services. Technically, the website is built on an ASP.NET WebForms platform with jQuery and Font Awesome, providing moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy compliance mechanisms such as cookie consent and privacy policies. Contact information is clearly presented, enhancing business credibility. Overall, the site is safe, professional, and trustworthy but would benefit from improved privacy and security practices.

The website trainex25.de is currently inaccessible beyond a Cloudflare security challenge page that verifies visitors are human via a Turnstile captcha. No actual business content, branding, or contact information is available for analysis. The domain uses Cloudflare DNS and security services, indicating some level of protection but also blocking direct content access. Due to this, the technical infrastructure assessment is limited to the presence of Cloudflare services and basic HTML/CSS. Security posture cannot be fully evaluated, but the use of Cloudflare suggests baseline protection. No privacy or cookie policies are present, and no contact or business details are visible, limiting trust and compliance evaluation. Overall, the site appears to be either under protection or in a transitional state, preventing a full security and business analysis.

The website wbdsports.com is currently inaccessible, returning a 403 Forbidden error page with no visible content. This prevents any meaningful analysis of the site's business offerings, technical infrastructure, or security posture. The domain is registered since 2019 with a reputable registrar, Nom-iq Ltd. dba COM LAUDE, and is hosted on AWS infrastructure as indicated by the DNS servers. However, no metadata, scripts, forms, or contact information are available for review. Due to the blocked content, the website's privacy, cookie, and security policies cannot be evaluated, and no business intelligence or trust indicators are present. The lack of accessible content and security headers suggests a minimal security posture and poor user experience.

M

Multiaragon Servicios SL

joachim-deckarm.de

51

Autonomosegur.com is a Spanish insurance brokerage specializing in providing insurance products tailored for self-employed individuals (autónomos). The company, identified as Multiaragon Servicios SL, offers a wide range of personal and patrimonial insurance services including life, health, civil liability, business, and accident insurance. The website positions itself as a market leader with partnerships across more than 20 insurance providers, emphasizing competitive pricing and professional advisory services. The target audience is primarily self-employed workers in Spain seeking specialized insurance coverage. From a technical perspective, the website leverages modern web technologies such as Bootstrap 5, AOS for animations, Swiper for carousels, and FontAwesome for icons, ensuring a responsive and user-friendly experience across devices. SEO practices are well implemented with comprehensive metadata, Open Graph tags, and structured JSON-LD data enhancing search engine visibility. However, accessibility features are basic and could be improved. Security posture is moderate; the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. Nonetheless, the absence of explicit security headers like CSP and HSTS, and lack of visible incident response or vulnerability disclosure policies, indicate areas for improvement. The WHOIS data is unavailable or unregistered, which raises concerns about domain legitimacy despite the professional presentation of the website. Overall, autonomosegur.com presents a credible and professional front for its insurance brokerage services but should address security best practices and domain registration transparency to enhance trustworthiness and compliance.

P

Philippka-Sportverlag GmbH & Co. KG

dhb-schiedsrichterportal.de

43

The DHB Schiedsrichterportal is a specialized digital platform operated by the Deutscher Handballbund and Philippka-Sportverlag GmbH & Co. KG, focused on enhancing the quality of handball referee education in Germany. It offers an online magazine, rulebook, and e-learning modules, targeting handball referees and officials. The platform is well-branded, consistent, and serves as an authoritative resource within its niche. Technically, the site is built on TYPO3 CMS with a modern JavaScript stack and is hosted by a professional hosting provider. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent implemented, though security headers are not explicitly detected. Privacy compliance is strong with a comprehensive privacy policy and cookie management. No critical vulnerabilities or suspicious WHOIS patterns were found, indicating a trustworthy domain and business presence.

P

Philippka-Sportverlag GmbH & Co. KG

dhb-trainercenter.de

41

The DHB Trainer Center website serves as the official digital training platform for the Deutscher Handballbund, providing licensed and aspiring handball trainers with blended-learning educational content, including e-learning modules and training concepts. The platform is well-positioned in the niche sports education market, offering both free and paid content to enhance trainer qualifications. Technically, the site is built on TYPO3 CMS with modern frontend technologies and includes privacy-conscious analytics and cookie consent mechanisms. Security posture is adequate with HTTPS and email obfuscation, though it lacks explicit security policies and incident response contacts. Overall, the site is professional, trustworthy, and well-aligned with its business purpose.

C

CONCORDIA Versicherungen

concordia.de

61

CONCORDIA Versicherungen is a well-established German insurance provider offering a wide range of insurance products including vehicle, health, legal protection, retirement, home, and business insurance. The company targets private individuals and businesses, emphasizing personalized consultation and tailored insurance solutions. The website reflects a strong market position with comprehensive product information and a professional digital presence. Technically, the site is built on TYPO3 CMS, uses modern web technologies, and is hosted by a reputable provider. It includes cookie consent management and Google Tag Manager for analytics, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved and a formal security policy or incident response contact is absent. Overall, the site is trustworthy, professionally designed, and compliant with GDPR requirements. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and security.

I

interkey

interkey.de

63

Interkey is a German trade association established in 1964, representing security technology specialist shops. The website serves as a professional platform to promote experience, competence, trust, quality, and innovation within the security technology industry. The target audience includes security professionals and businesses operating in this sector. The site is built on WordPress, utilizing the Yoast SEO plugin and FontAwesome icons, indicating a moderate level of digital maturity. The website is accessible, well-structured, and optimized for mobile devices, providing a good user experience. However, it lacks visible privacy and cookie policies, contact information, and security headers, which are critical for compliance and trust. The absence of incident response and security policy information suggests room for improvement in security posture. Overall, the site is professional but would benefit from enhanced security and privacy features to improve trust and compliance.

The Bayerischer Verband für Sicherheit in der Wirtschaft e.V. (BVSW) is a well-established Bavarian association founded in 1976 that supports businesses in security-related matters. It acts as a bridge between politics and industry, cooperating closely with Bavarian security authorities. The organization offers a broad range of training courses, seminars, and informational events aimed at enhancing security awareness and capabilities among its members, which include companies from various sectors such as industry, insurance, IT, and private services. The website reflects a professional and consistent brand image, targeting security professionals and businesses in Bavaria. Technically, the website is built on WordPress with common plugins and frameworks like Bootstrap and Smart Slider 3. It is hosted on a domain managed by DomainControl (GoDaddy), uses HTTPS, and shows moderate performance and good mobile optimization. However, some security best practices such as security headers and cookie consent mechanisms are missing, and no analytics or tracking scripts were detected in the provided content. From a security perspective, the site maintains a good posture with HTTPS and no visible vulnerabilities or exposed sensitive data. The absence of incident response contacts and vulnerability disclosure mechanisms suggests room for improvement in security transparency and readiness. Privacy compliance is partially addressed with a privacy policy page, but no cookie consent banner was found. Overall, the website is trustworthy, professional, and serves its niche well. Strategic recommendations include enhancing security headers, implementing cookie consent, adding incident response information, and maintaining regular updates to plugins and CMS to mitigate risks.

D

Deutscher Judo-Bund e.V

judobundesliga.de

52

The website judobundesliga.de serves as the official platform for the German Judo Bundesliga, providing league information, news, ticket sales, and archives primarily targeting judo athletes and fans in Germany. The site is branded consistently with the Deutscher Judo-Bund e.V and offers a professional user experience with good design and navigation. The technical infrastructure leverages modern web technologies including Bootstrap, jQuery, and Font Awesome, hosted on German name servers, indicating a moderate level of digital maturity. Security posture is adequate but could be improved by implementing security headers and cookie consent mechanisms. No blocking or WAF challenges were detected, allowing full content accessibility. Overall, the site is trustworthy and safe for general audiences.

Z

ZWEI14 GmbH

zwei14.app

58

ZWEI14 GmbH is a German-based creative and digital agency specializing in strategic brand communication and digital marketing services. The company positions itself as a partner for businesses seeking impactful and unique brand communication, offering a broad range of services including branding, consulting, design, digital marketing, and content creation. Their website reflects a professional and modern digital presence, leveraging TYPO3 CMS and advanced web technologies such as GSAP and Swiper.js for animations and interactive elements. The agency demonstrates strong compliance with GDPR through a comprehensive cookie consent mechanism and clear privacy policies. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although security headers could be improved. Overall, the website is well-designed, user-friendly, and trustworthy, supporting the company's market position as a competent and service-oriented agency.

The website at https://cdn.fcp.codes/ is currently inaccessible beyond a minimal 404 Not Found error page, indicating either a misconfiguration or that the domain is not actively hosting content. The absence of metadata, scripts, forms, or any business-related content prevents meaningful analysis of the company's operations, services, or market positioning. The WHOIS data is malformed and provides no registrar, creation, expiry, or registrant information, which further reduces trust and transparency. From a technical perspective, the site lacks HTTPS enforcement and security headers, which are critical for secure web operations. No modern technologies, analytics, or tracking mechanisms are detected, suggesting minimal or no active digital infrastructure. The security posture is weak due to missing SSL and lack of security best practices. Privacy compliance is non-existent, with no privacy or cookie policies found. Overall, the domain appears to be either unused, under development, or abandoned. The lack of content and registration data poses a high risk for trust and legitimacy. Strategic recommendations include establishing proper domain registration records, deploying HTTPS with valid certificates, publishing privacy and cookie policies, and providing clear business and contact information to improve credibility and security posture.

D

DokuMe

dokume.net

48

DokuMe is a German-based service provider specializing in digital transformation and business strategy consulting for companies and sports organizations such as federations, trainers, and clubs. The website presents two main service areas targeting corporate clients and sports entities, emphasizing digitalization strategies. The business appears to be a small-sized entity founded in 2013, with a focused niche market and consistent branding. Technically, the website uses modern frontend technologies including Bootstrap and FontAwesome, and employs Matomo for analytics, indicating some attention to privacy. Hosting is provided by Cronon GmbH, a reputable German hosting provider. Security posture is basic with HTTPS enabled but lacking advanced security headers and DNSSEC. Privacy and cookie policies are absent, which impacts compliance. Contact information is minimal, limited to a single email address, with no phone or physical address details. Overall, the website is professional and safe, but could improve in privacy compliance and security best practices.

S

Sponsoo GmbH

sponsoo.it

47

Sponsoo GmbH operates a leading European online platform that connects sponsors with athletes, teams, clubs, and sports associations across more than 300 sports disciplines. The platform facilitates sponsorship deals by enabling athletes and organizations to create sponsorship profiles and offers, while sponsors can search and select ideal sponsorship opportunities. The company targets athletes, sponsors, sports teams, and brands, positioning itself as a major player in the sports sponsorship marketplace since its founding in 2014. Technically, the website employs modern web technologies including AngularJS, Google Tag Manager, Facebook Pixel, and Google Analytics for tracking and marketing purposes. The site is mobile-optimized with good SEO practices and a professional design, although accessibility features are basic. The platform supports secure user authentication with CSRF protection and OAuth login options via Facebook, Google+, and XING. From a security perspective, the site uses HTTPS with good SSL configuration and secure login forms. However, it lacks visible security headers and does not publish a security policy or incident response contacts. There is no explicit cookie consent mechanism despite GDPR compliance indications. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, Sponsoo presents a trustworthy and professional online presence with a solid business model and market position. Strategic improvements in security headers, privacy consent, and incident response transparency would enhance its security posture and compliance. The platform's extensive social media presence and press coverage further reinforce its credibility and market reach.

S

Sponsoo GmbH

sponsoo.in

60

Sponsoo GmbH operates a leading online marketplace for sports sponsorship, connecting athletes, teams, clubs, associations, and sports events with sponsors and brands. The platform facilitates sponsorship deals by providing profiles and offers, targeting a broad audience in the sports and marketing sectors. The company has established a strong market position since its founding in 2014, supported by reputable media coverage and European institutional backing. Technically, the website employs modern web technologies including AngularJS, Google Tag Manager, Google Analytics, and Facebook Pixel for marketing and analytics. The site is mobile-optimized with good navigation and content quality, though some accessibility features could be improved. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS and includes CSRF protection in forms. Social login options are implemented securely. However, the absence of explicit security headers and published security policies indicates room for improvement. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. Overall, the website is professional, trustworthy, and aligned with its business goals. Strategic improvements in privacy compliance and security transparency would enhance its risk posture and user trust.

S

Sponsoo GmbH

sponsoo.ch

60

Sponsoo GmbH operates Europe's largest online marketplace for sports sponsorship, connecting thousands of athletes, teams, clubs, associations, and events with sponsors and companies. The platform facilitates sponsorship profile creation, portfolio browsing, and deal support, positioning itself as a leading player in the European sports marketing sector. The website is professionally designed, multilingual, and integrates modern web technologies including AngularJS, Google Analytics, and Facebook Pixel for marketing and tracking purposes. Security posture is solid with HTTPS and CSRF protections, though improvements are needed in security headers and cookie consent mechanisms. The business demonstrates legitimacy with consistent WHOIS data and transparent registration details. Overall, the platform offers a trustworthy and functional service for its target audience.

S

Sponsoo GmbH

sponsoo.at

57

Sponsoo GmbH operates Europe's largest online marketplace for sports sponsorship, connecting athletes, teams, clubs, associations, and events with sponsors and companies. The platform facilitates sponsorship deals by providing profiles, portfolio browsing, and deal support, targeting a broad audience within the sports and corporate sectors. Founded in 2014 and based in Austria, Sponsoo has established a strong market position supported by media references and European institutional backing. Technically, the website employs modern JavaScript frameworks such as AngularJS and Symfony backend components, integrating Google Analytics, Facebook Pixel, and social login capabilities. The site is mobile-optimized with good SEO and user experience. Security posture is solid with HTTPS and CSRF protections, though lacking explicit security headers and incident response information. Privacy compliance is adequate with a comprehensive GDPR privacy policy but missing cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-positioned in its niche.

S

Sponsoo GmbH

sponsoo.com

63

Sponsoo GmbH operates an online marketplace platform specializing in sports sponsorship, connecting athletes, teams, clubs, associations, and sports events with potential sponsors and brands. The platform offers profiles and sponsorship opportunities, facilitating deal-making and implementation support. The company positions itself as a leading marketplace in this niche, targeting a broad audience within the sports and marketing sectors. The website is professionally designed, multilingual, and includes various trust signals such as media mentions and support from European institutions. Technically, the website employs modern web technologies including AngularJS, Google Tag Manager, Google Analytics, and Facebook Pixel for marketing and analytics purposes. The site uses HTTPS with secure login forms and CSRF protection, but lacks some security headers and cookie consent mechanisms. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site demonstrates good practices such as encrypted connections and secure authentication flows. However, the absence of security headers, cookie consent, and vulnerability disclosure policies indicates room for improvement. The missing WHOIS data for the domain is a notable concern, potentially impacting trust and legitimacy assessments. Overall, Sponsoo presents a credible and professional online presence with a solid business model and market position. Strategic improvements in security posture, privacy compliance, and domain registration transparency are recommended to enhance trust and compliance.

The domain zvizgavka.si is newly registered in June 2023 with OVH as the registrar. The website is currently not set up and only displays a minimal placeholder page stating "zvizgavka.si is not set up." There is no business information, metadata, or content available to analyze. The technical infrastructure is minimal with no detected CMS, frameworks, or scripts. Security posture is weak due to lack of HTTPS and security headers. No privacy or cookie policies are present, and no contact information is provided, limiting trust and credibility. Overall, the site appears to be in an initial stage of deployment or abandoned before launch. From a technical perspective, the site is hosted with OVH but lacks any modern web technologies or optimizations. There is no evidence of analytics, advertising, or tracking mechanisms. The absence of security best practices such as HTTPS and security headers poses risks if the site were to go live without improvements. Security evaluation highlights critical gaps including no SSL, no security headers, and no privacy compliance. The domain registration is consistent and legitimate but the lack of content and policies results in a low trust score. There are no signs of malicious activity or blocking mechanisms. The overall risk is low in terms of maliciousness but high in terms of business credibility and security readiness. Strategic recommendations include implementing HTTPS, developing content and policies, adding contact information, and deploying security headers to improve trust and compliance.

F

Flori Radlherr / Gerhard Keuschnig

foto-webcam.eu

43

Foto-Webcam.eu is a specialized website offering a comprehensive overview of live webcams primarily focused on Alpine and European regions including Austria, Germany, Italy, Switzerland, and Greenland. The site provides high-quality webcam images for tourism, nature observation, and general public interest. The business operates as a niche service provider with a small-scale footprint, focusing on delivering reliable live image feeds and related product information. Technically, the website employs modern web technologies including responsive design, JavaScript, CSS, and Bootstrap framework, ensuring good user experience across devices. The site supports dark mode and uses manifest files indicating progressive web app capabilities. Security posture is moderate with HTTPS usage but lacks visible security headers and cookie consent mechanisms. WHOIS data is privacy protected by EURid, which is typical for .eu domains, but limits transparency regarding domain registration details. Overall, the website is professional, content-rich, and trustworthy for its intended audience.

activeMind.legal Rechtsanwaltsgesellschaft mbH is a specialized law firm operating from Berlin, Munich, and London, focusing on European and international data protection law, IT law, and compliance advisory services. The firm targets businesses and organizations requiring expert legal counsel in these domains. The website reflects a professional and consistent brand image, with clear messaging about their services and geographic presence. The business model centers on providing specialized legal advice, positioning itself as a niche player in the legal services market for data protection and IT compliance. Technically, the website is built on WordPress using Elementor and Yoast SEO plugins, indicating a modern and maintainable infrastructure. The site includes multilingual support and integrates tracking and consent management tools such as LeadLab, Etracker, and Usercentrics CMP. Performance and mobile optimization are good, though accessibility features are basic. SEO practices are well implemented with proper meta tags and structured data. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers in the HTML content. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is typical for law firms to safeguard registrant privacy. However, the absence of publicly available privacy policy and terms of service pages is a compliance gap. Overall, the security posture is solid but could be improved with additional headers and clearer compliance documentation. The overall risk assessment is moderate with a good trust level based on website professionalism and domain legitimacy. Strategic recommendations include publishing comprehensive privacy and terms of service pages, adding security headers, and implementing a security.txt file for vulnerability disclosure to enhance transparency and compliance.

S

Sobat777

jungle-world.com

40

Sobat777 is an Indonesian online gambling platform offering a variety of betting services including lottery, slots, casino games, sports betting, RNG games, and peer-to-peer betting. The website targets mature Indonesian users interested in gambling and positions itself as a trusted and large player in the local market. The platform uses AMP technology to optimize mobile user experience and integrates Google Analytics for tracking. However, the site lacks critical compliance documents such as privacy and cookie policies, and does not provide clear contact emails or physical addresses, limiting transparency and trust. Security posture is basic with HTTPS enabled but missing important security headers and policies. WHOIS data is privacy protected and the site is accessed via an IP address, which reduces legitimacy perception. Overall, the site is functional but has significant gaps in compliance, security, and business transparency.