Security Directory

P

Petr Sycha

petrsycha.cz

46

Petr Sycha operates a professional website focused on WordPress web development and template creation, targeting clients seeking modern, responsive web solutions. The business is positioned as a small, experienced service provider with over two decades of experience, primarily serving the Czech market. The website uses WordPress with the Divi theme and several performance and UI enhancement plugins, hosted by Wedos, a Czech hosting provider. The technical infrastructure is modern and moderately optimized for performance and mobile use. Security posture is good with HTTPS enabled and no visible vulnerabilities, though security headers and explicit policies are lacking. Privacy compliance is partial with a cookie policy and consent mechanism but no privacy or terms of service pages. Contact information is clearly presented in structured data, enhancing business credibility. Overall, the site is professional, trustworthy, and safe for general audiences.

G

Gemeinde Vaduz

vaduz.li

10

The website www.vaduz.li serves as the official online presence of the municipality of Vaduz, Liechtenstein. It provides comprehensive information about local government, administration, social services, environment, tourism, and community events. The site targets residents, visitors, and local businesses, offering a broad range of public services and community resources. The business model is that of a public sector municipal service provider, with a clear focus on transparency and community engagement. Technically, the site is built on the concrete5 CMS platform and leverages modern JavaScript libraries such as jQuery, Slick Carousel, Moment.js, and CLNDR.js for dynamic content and calendar functionalities. It uses Usercentrics for GDPR-compliant cookie consent management and Matomo for privacy-respecting analytics. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. From a security perspective, the website enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers such as Content-Security-Policy or X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response contact is noted as an area for improvement. Overall, the website is trustworthy, professional, and well-maintained, with strong alignment between domain registration data and website content. It is safe for general audiences and free from adult or questionable content. Strategic recommendations include enhancing security headers, publishing a security policy, and considering a vulnerability disclosure program to further strengthen security posture.

Études is a small architectural firm based in the Czech Republic, founded in 2018, focusing on innovative and sustainable architectural solutions. The company offers a range of services including renovation, restoration, consulting, project management, and digital engagement through an app and newsletter. The website is built on WordPress and hosted by a Czech hosting provider, reflecting a moderate level of technical maturity with good mobile optimization and accessibility. However, the site lacks critical privacy and security policies, contact information, and security headers, which impacts its overall security posture. No evidence of analytics or advertising tools was found, indicating minimal user tracking. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements in privacy compliance, security best practices, and contact transparency are recommended to enhance trust and compliance.

S

Safe Swiss Cloud

safeswisscloud.com

68

Safe Swiss Cloud is a Swiss-based cloud computing and managed IT services provider specializing in secure, sovereign cloud infrastructure hosted in Swiss data centers. The company offers a range of services including Private AI, managed IT operations, security, and 24/7 support, targeting enterprises in finance, healthcare, software, and manufacturing sectors. Their market position is strengthened by ISO certifications and a commitment to renewable energy usage. Technically, the website is built on WordPress with modern cloud technologies such as VMware, Openstack, and Kubernetes underpinning their services. The site is well-designed, mobile-optimized, and SEO-friendly, though it lacks explicit cookie consent mechanisms and visible contact emails or phone numbers, relying primarily on contact forms. Security posture is strong with HTTPS, domain transfer protection, and certifications, but could be improved with additional security headers and a vulnerability disclosure policy. Overall, the website and business present a trustworthy and professional image with minor areas for compliance and security enhancement.

SLOVAK INTERCARGO, s.r.o. is a Slovak company established in 1996 specializing in customs declaration, statistical, forwarding, and transport logistics services. The company targets business partners requiring comprehensive logistics and customs support, positioning itself as a reliable regional service provider with a partnership with CZECH INTERNATIONAL, a.s. The website reflects a professional business presence with clear contact information and service descriptions. Technically, the site uses modern JavaScript libraries such as jQuery, Modernizr, and Bootstrap, ensuring responsive design and moderate performance. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and published security policies. Overall, the website is trustworthy and professionally maintained, though improvements in security transparency and SEO could enhance its digital maturity.

S

Stadt Flensburg

flensburg-mitmachen.de

65

The website flensburg-mitmachen.de is the official online citizen participation platform for the city of Flensburg, Germany. It leverages the open source CONSUL platform, customized by demokratie.today, to provide residents with tools to engage in local projects, discussions, surveys, and events. The platform serves as a transparent and accessible channel for public involvement in municipal decision-making processes. The target audience is primarily the residents and stakeholders of Flensburg interested in civic engagement and local governance. Technically, the site is built on Ruby on Rails using the CONSUL framework, enhanced with CKEditor 5 for content editing and Klaro for cookie consent management. The site demonstrates good mobile responsiveness, accessibility, and SEO practices. It uses HTTPS with proper CSRF protections but could improve by adding more security headers and publishing a formal security policy. From a security perspective, the platform shows a solid posture with encrypted connections, consent mechanisms, and no visible vulnerabilities or tracking beyond consent management. However, it lacks explicit incident response contacts and vulnerability disclosure information, which are recommended for transparency and security maturity. Overall, the site is trustworthy, professionally maintained, and aligned with GDPR compliance. The domain WHOIS data is limited but consistent with an official municipal platform. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and possibly integrating analytics with privacy safeguards to better understand user engagement while maintaining compliance.

I

Innenstadtmanagement Flensburg

flensburg.city

57

Flensburg.City is the official website for the Innenstadtmanagement Flensburg, a municipal entity responsible for managing and promoting the city center of Flensburg, Germany. The organization focuses on urban development projects, community engagement, and event management to enhance the attractiveness of the city center. The website targets residents and visitors interested in local projects and cultural events, providing information and opportunities to participate. Technically, the website is built on the TYPO3 CMS platform, a robust and widely used open-source content management system. The site employs modern web technologies including JavaScript and CSS, and is optimized for mobile devices with good accessibility and SEO practices. Analytics are handled via plausible.io, a privacy-conscious analytics service, indicating a commitment to user privacy. From a security perspective, the site uses HTTPS but lacks visible advanced security headers and does not provide a vulnerability disclosure or security.txt file. No forms or sensitive data collection points were detected on the main page, reducing attack surface. The WHOIS data is unavailable due to registry limitations, but the domain is active and consistent with the municipal branding, supporting legitimacy. Overall, the website presents a professional and trustworthy digital presence for a local government entity with moderate technical sophistication and a good privacy posture. Strategic improvements in security headers and cookie consent mechanisms would enhance compliance and security posture further.

N

NetzWerkstatt GmbH & Co. KG

flensburg.digital

55

The website is a government-operated citizen portal for Flensburg, Germany, designed to provide digital administrative services and accessibility features to its users. It is powered by TYPO3 CMS and integrates Matomo analytics with a clear cookie consent mechanism, reflecting a commitment to user privacy and accessibility. The portal targets local citizens, offering a range of accessibility adjustments to support users with disabilities, indicating a strong focus on inclusivity. Technically, the site employs modern web technologies and frameworks, including TYPO3 CMS and JavaScript-based accessibility tools. The site appears well-structured, mobile-optimized, and accessible, though some performance and security headers could be improved. The absence of explicit privacy policies and contact information slightly detracts from the overall compliance and trustworthiness. From a security perspective, the site uses HTTPS and cookie consent but lacks visible security headers and incident response contacts. The WHOIS data is unavailable due to privacy protection, which is justifiable given the governmental nature of the site. No vulnerabilities or suspicious patterns were detected, and the site does not appear to be blocked by any WAF or security mechanism. Overall, the site presents a professional and trustworthy digital government service with good accessibility and privacy practices but would benefit from enhanced transparency in privacy policies and security disclosures.

G

GEF Ingenieur AG

siskmr.com

42

The website sisKMR.com represents GEF Ingenieur AG, a specialized engineering company providing software solutions for static calculations and optimization of district heating pipelines. The company holds a strong market position in Europe with over 30 years of experience and offers software, engineering services, training, and support primarily targeting planners, engineers, and manufacturers in the energy sector. The website is professionally designed, multilingual, and provides clear contact channels including forms, email, phone, and physical address. Technically, the site is built on WordPress with modern plugins and frameworks, delivering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is good with a comprehensive GDPR-aligned privacy policy, though no cookie consent mechanism or terms of service are present. Overall, the site is trustworthy and business credible, with minor improvements recommended in security and privacy transparency.

S

Stadtwerke Schwerin GmbH

swsn.de

49

Stadtwerke Schwerin GmbH is a regional utility provider based in Germany, offering a broad range of services including electricity, gas, heating, fiber-optic internet, and water supply. The company positions itself as a reliable and experienced service provider with over 30 years of operation, targeting both private and business customers in the Schwerin region. Their business model focuses on comprehensive energy and telecommunications services with customer-centric portals and digital tools such as tariff calculators. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its audience. Technically, the website is built on Drupal 10, leveraging modern web technologies and privacy-focused analytics via Matomo with cookies disabled. The presence of Usercentrics consent management indicates a strong commitment to GDPR compliance and user privacy. The site uses HTTPS and shows good security practices, although explicit security headers and a published security policy are not evident. No security incidents or vulnerabilities are visible in the content. Overall, the security posture is solid with room for improvement in publishing incident response contacts and security policies. The domain WHOIS data is minimal but does not raise concerns, aligning with the company's regional and established presence. Privacy and cookie policies are comprehensive and implemented with consent mechanisms. The site is free from adult or questionable content, making it safe for general audiences. Strategically, the company should consider enhancing transparency around security policies and incident response to further build trust. Continued investment in technical modernization and privacy compliance will support their market position as a trusted regional utility provider.

F

funkhaus

funkhaus.io

52

funkhaus is a digital-first creative studio based in Germany, specializing in branding, web development, and immersive digital experiences. The company targets brands and businesses seeking innovative digital solutions and positions itself as a creative agency with expertise in motion design, UI/UX, and WebGL technologies. The website currently suffers from a critical technical issue, returning an HTTP 500 error related to WebGL context creation, which severely impacts user experience and content accessibility. Technically, the site uses modern frameworks such as Nuxt.js and Tailwind CSS and is hosted behind Cloudflare DNS, but lacks DNSSEC and security headers, indicating room for security improvements. The security posture is moderate with HTTPS enabled and privacy-conscious analytics via Plausible, but missing privacy and cookie policies reduce compliance confidence. Overall, the domain registration is consistent and legitimate, with privacy protection justified for this business type.

R

R-S Matco LLC

rsmatco.com

47

R-S Matco LLC is a well-established supplier specializing in boiler tubing products and related services, serving industries such as power generation, industrial boilers, pulp & paper, and petrochemical sectors. The company positions itself as a leader with one of the largest inventories in the industry, offering value-added services including project management, rapid shipping, and custom tube preparation. The website reflects a professional B2B business model targeting industrial procurement professionals and plant managers. Technically, the website is built on WordPress with WPBakery Page Builder and integrates Google Tag Manager for analytics. The site demonstrates good design quality, mobile optimization, and clear navigation, though performance is moderate. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the security posture is moderate with no critical vulnerabilities detected, but improvements are needed in privacy compliance and security best practices. Contact information is clearly presented, enhancing business credibility. No adult or questionable content is present, making the site safe for general audiences. Strategic recommendations include implementing DNSSEC, adding security headers, publishing privacy and cookie policies with consent mechanisms, and establishing a formal security policy and incident response contacts to strengthen trust and compliance.

The website 'Buhlmann Port' presents a minimalistic virtual tour experience primarily in German. The business overview is limited to the virtual showroom concept with no detailed company information or services described. The site appears to target a general audience interested in virtual tours but lacks clear business model or market positioning details. Technically, the site uses basic HTML, CSS, and JavaScript with some preloading optimizations and mobile viewport settings, indicating moderate digital maturity. However, the absence of CMS or advanced frameworks suggests a simple infrastructure. Security posture is weak due to missing HTTPS confirmation, lack of security headers, and no visible privacy or cookie policies. The WHOIS data is notably absent, raising concerns about domain legitimacy and registration status. Overall, the site is functional but lacks critical trust and compliance elements, posing risks for user trust and regulatory adherence.

S

Sonntag & Partner Partnerschaftsgesellschaft mbB

sonntag-karriere.de

57

Sonntag & Partner Partnerschaftsgesellschaft mbB is a well-established professional services firm in Germany specializing in auditing, tax consulting, legal advice, and economic consulting. The website focuses on career opportunities, emphasizing personal development, team collaboration, and flexible working conditions. The company has a strong regional presence with over 45 years of experience and maintains a consistent brand image across its digital assets. Technically, the website is built on WordPress with modern JavaScript libraries and includes a cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the site is professional, user-friendly, and trustworthy, targeting job seekers in finance and legal sectors.

Sonntag & Partner Partnerschaftsgesellschaft mbB operates as a specialized IT consulting and software development firm based in Augsburg, Germany. The company focuses on delivering tailored solutions in digital transformation, IT compliance, process management, and project management. Their market position is that of a boutique consultancy with a strong emphasis on compliance and innovative technologies such as AI and low-code development. The website reflects a professional and consistent brand image targeting business clients seeking expert IT services. Technically, the website is built on WordPress with modern plugins and libraries, including jQuery and Borlabs Cookie for consent management. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features could be enhanced. Performance is moderate, with no critical errors or broken elements detected. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, explicit security headers are not detected in the HTML content, and no dedicated security policy or incident response contacts are provided. No vulnerabilities or exposed sensitive data were found, indicating a solid baseline security posture. Overall, Sonntag IT Solutions presents a trustworthy and professional online presence with strong compliance and business credibility. Strategic improvements in security headers and incident response transparency would further enhance their security posture and client trust.

S

SONNTAG Family Office

sonntag-fo.de

63

SONNTAG Family Office is a German-based family office service provider specializing in independent wealth management and asset structuring for high net worth individuals and families. The company positions itself as a trusted advisor in Augsburg and the broader South Germany region, focusing on preserving wealth and creating value. The website reflects a professional and consistent brand image, targeting affluent clients seeking neutral and independent financial consulting services. Technically, the website is built on WordPress with modern plugins such as All in One SEO Pro and Borlabs Cookie for cookie consent management. The use of FontAwesome icons and jQuery indicates a standard but effective technology stack. Security-wise, the site enforces HTTPS and implements cookie consent, but lacks visible security headers and published privacy or security policies, which are areas for improvement. Overall, the website is functional and professional but would benefit from enhanced transparency and security documentation to improve trust and compliance. The domain registration data aligns well with the business claims, supporting legitimacy and consistent market presence.

P

PARROT MEDIA GmbH

parrot-media.de

58

PARROT MEDIA GmbH is a well-established full-service advertising agency based in Lübeck, Germany, with over 18 years of experience serving diverse industries. The company offers a comprehensive range of services including website and online shop development, corporate design, print media, SEO, social media marketing, hosting, and IT services. Their market position is strong regionally, supported by a professional website, client references, and recognized partnerships such as Google Partner and Shopware. Technically, the website is built on TYPO3 CMS, uses modern web technologies, and integrates Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, although some HTTP security headers could be improved. Privacy compliance is robust with clear GDPR-aligned policies and cookie management. Overall, the business demonstrates credibility and professionalism with clear contact information and active social media presence. The domain registration is privacy protected via DENIC, which is typical for German domains and does not raise suspicion. No blocking or WAF mechanisms hinder access to the site, allowing full content analysis.

T

TB-Planungsgesellschaft

tb-planung.de

41

TB-Planungsgesellschaft is a recently founded (April 2024) German company specializing in technical planning and consulting services for energy infrastructure, particularly modern heat and cooling networks. The company targets municipal and private projects with a focus on sustainability and efficiency. Their website is professionally designed using WordPress and Elementor, providing clear service descriptions and partner references, notably to HPW-Fernwaerme. The technical infrastructure is modern but lacks advanced security headers and cookie consent mechanisms. No direct contact emails or phone numbers are publicly listed, relying on a contact form for communication. Overall, the security posture is basic with room for improvement in compliance and incident response transparency. The domain registration is consistent with the company's new establishment, though WHOIS data is minimal. The website content is safe and suitable for general audiences.

L

LANCIER Monitoring GmbH

junair.de

43

LANCIER Monitoring GmbH operates as the official German representative and certified service center for Jun-Air compressors, specializing in quiet and clean compressed air solutions for diverse industrial sectors including dental, food, machinery, and medical technology. The company offers a range of oil-free and oil-lubricated compressors with various accessories, emphasizing quality, reliability, and low noise. Their market position is strengthened by ISO 9001 certification and a certified service center status, targeting professional industrial customers primarily within Germany. Technically, the website is built on TYPO3 CMS with Bootstrap 5 and jQuery, providing a modern and responsive user experience. The site demonstrates good SEO and accessibility basics but lacks some advanced security headers and cookie consent mechanisms. Performance is moderate with a clean design and clear navigation. From a security perspective, the site uses HTTPS and secure forms but does not publish incident response contacts or vulnerability disclosure policies. No security headers were detected, and cookie consent is missing, indicating room for improvement in compliance and security posture. Overall, the website is professional, trustworthy, and business-focused with a solid technical foundation. Strategic improvements in security headers, privacy compliance, and incident response transparency would enhance the security and trustworthiness further.

S

Skylark Energy Solutions

skylark-energy.com

56

Skylark Energy Solutions is a small, US-based company founded in 2024, specializing in providing consulting and product solutions to electric utilities, with a focus on grid-enhancing technologies and asset monitoring. The company offers expert consulting services and specialized hardware and software products to support reliable infrastructure in the energy sector. The website is professionally designed using Squarespace, featuring clear navigation and mobile optimization, but lacks detailed business contact information and formal privacy or security policies. Technically, the site uses modern web technologies and enforces HTTPS with HSTS, indicating good baseline security practices. However, the absence of additional security headers and privacy compliance features suggests room for improvement. The WHOIS data for the domain is missing or unavailable, which raises concerns about domain legitimacy and registration consistency. Overall, the website presents a credible business front but requires enhanced transparency and compliance documentation to improve trust and security posture.

U

UpdraftCentral

updraftcentral.com

68

TeamUpdraft operates UpdraftCentral, a specialized WordPress site management platform that enables users to manage multiple WordPress sites from a single dashboard. The company targets WordPress administrators and developers seeking streamlined updates, backups, and optimization tools. The website presents a professional and consistent brand image with clear product offerings and subscription pricing models, positioning itself as a niche player in the WordPress management ecosystem. Technically, the site is built on WordPress with WooCommerce integration, leveraging modern JavaScript libraries and Google Tag Manager for analytics. The domain is well-registered and stable, with Cloudflare DNS services enhancing reliability. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced DNS security features like DNSSEC and explicit security headers. Privacy compliance is limited due to absence of visible privacy and cookie policies, and no GDPR-specific mechanisms are evident. Overall, the site is functional, professional, and trustworthy but would benefit from enhanced privacy disclosures and security best practices.

A

All In One Security

aiosecurity.com

62

All In One Security is a small business specializing in comprehensive commercial and residential security solutions, including ADT authorized installations. The company positions itself as a trusted provider offering surveillance cameras, access control, monitored fire systems, and audio/video integration. The website is built on WordPress using Elementor and Astra theme, reflecting a moderate level of digital maturity with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and anti-spam protections, but lacks advanced security headers and formal policies such as privacy and cookie policies. Overall, the site is professional and trustworthy but could improve compliance and security transparency.

U

UpdraftPlus

updraftplus.com

31

TeamUpdraft operates the UpdraftPlus website, offering the world's leading WordPress backup, restore, and migration plugin. The company targets WordPress site owners and developers, providing a SaaS model with tiered pricing plans. The business is positioned as a market leader with a strong reputation, supported by a high aggregate user rating and widespread adoption. Technically, the website is built on WordPress with WooCommerce integration, leveraging modern JavaScript libraries and marketing tools such as Google Tag Manager and Nelio A/B Testing. The infrastructure is supported by Cloudflare DNS and NameCheap registration, indicating a stable hosting environment. Security posture is good with HTTPS enabled and domain transfer protections, though improvements are possible by enabling DNSSEC and publishing explicit security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

Make: Community is an established media and community platform dedicated to makers, creatives, and innovators since 2005. It nurtures a global cultural movement celebrating creativity and innovation. The website leverages WordPress with BuddyPress to provide social and community features, supported by modern technologies such as Elementor and various analytics and marketing tools. The platform targets a broad maker audience and positions itself as a key player in the maker media space. Technically, the site is well-structured with good mobile optimization and SEO practices, though performance is moderate. Security posture is solid with HTTPS and authentication via Auth0, but lacks visible security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies and extensive tracking without clear consent mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security transparency.

A

Autodesk, Inc

tinkercad.com

56

Tinkercad is a free, web-based application developed by Autodesk, Inc, focused on providing accessible tools for 3D design, electronics, and coding. It targets educators, students, and hobbyists, serving as an introductory platform to Autodesk's broader design technologies. The website demonstrates a high level of digital maturity with modern frameworks like Angular, service workers for offline capabilities, and integration with Autodesk APIs. The content is rich, well-structured, and optimized for various devices, reflecting excellent user experience and design quality. Security posture is strong with HTTPS enforcement and bot protection via Google reCAPTCHA, complemented by kidSAFE COPPA certification ensuring child safety and privacy compliance. However, the absence of explicit cookie consent mechanisms and security headers suggests room for improvement in privacy compliance and security best practices. WHOIS data is unavailable, likely due to privacy protections, but the website's professional presentation and Autodesk branding support its legitimacy. Overall, the site is trustworthy, well-maintained, and suitable for its educational audience.

U

UltiMaker

ultimaker.com

10

UltiMaker is a well-established company specializing in professional 3D printing solutions, including a wide range of 3D printers, materials, and software tailored for industries such as manufacturing, automotive, defense, and education. The company positions itself as a leader in the 3D printing market, offering innovative and modular products that cater to professional and industrial needs. The website reflects a mature digital presence with comprehensive content and a professional design, targeting business customers and professionals seeking advanced 3D printing technologies. Technically, the site is built on WordPress and leverages modern JavaScript libraries and marketing tools, hosted with reputable providers and protected by HTTPS. However, there is a lack of visible privacy and cookie policies, which impacts compliance and user trust. Security posture is generally good with HTTPS and form protections but could be improved by adding security headers and publishing incident response information. Overall, the site is trustworthy and professional but should enhance privacy compliance and security transparency to align with best practices.

M

MakerBot

makerbot.com

67

MakerBot is a prominent provider of 3D printing solutions focused primarily on the education sector. Their website showcases a comprehensive ecosystem including 3D printers, software, certification programs, and extensive educational resources such as lesson plans and community support. The company targets educators, schools, and educational institutions worldwide, positioning itself as a leader in classroom 3D printing with over 10,000 schools served. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the site is built on WordPress with modern JavaScript libraries and marketing integrations such as Google Tag Manager and Marketo forms, supporting interactive features like quizzes and resource downloads. Security posture is good with HTTPS enforced and secure form handling, though the absence of explicit security headers and privacy policies suggests room for improvement. The WHOIS data is notably missing, which reduces domain trustworthiness and should be investigated further. Overall, the site is safe, professional, and well-positioned in its niche, but could enhance transparency and compliance documentation.

G

Gesellschaft für Energie und Klimaschutz Schleswig-Holstein (EKSH)

powernet.sh

48

PowerNet is a well-established sector-crossing conference focused on the energy transition in Northern Germany, organized by the Gesellschaft für Energie und Klimaschutz Schleswig-Holstein (EKSH). The website presents a professional and comprehensive platform for event information, networking, and expert exchange, targeting stakeholders from business, science, municipalities, and government. The site is built on TYPO3 CMS with modern frontend technologies, offering good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and incident response information are missing. The WHOIS data is incomplete and malformed, which slightly reduces domain trustworthiness, but the strong presence of official partners and government affiliations supports legitimacy. Overall, the website is a credible and professional resource for the energy transition community in Schleswig-Holstein.

E

Energieküste

ready-charged-career.de

46

The website 'Ready. Charged. Career!' serves as a regional career platform focused on renewable energy opportunities at the German North Sea coast, branded as Energieküste. It targets professionals, students, and career changers interested in the energy transition, providing information on training, education, and job openings. The platform is supported by a network of partner companies and educational institutions, enhancing its market position as a key regional hub for energy sector careers. Technically, the site is built on Kirby CMS, employs Matomo for privacy-conscious analytics, and uses modern web technologies including SVG graphics and responsive design. Hosting is managed via Schlund Technologies, with a good SSL configuration and privacy compliance mechanisms in place, including cookie consent and GDPR-aligned privacy policies. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though explicit security policies and incident response contacts are not published. No critical vulnerabilities or exposed sensitive data were detected. The site is fully accessible without WAF or blocking mechanisms, ensuring a smooth user experience. Overall, the site demonstrates a high level of professionalism, content quality, and technical maturity, making it a trustworthy and effective platform for its intended audience. Strategic improvements could focus on enhancing security headers and publishing formal security policies to further strengthen trust and compliance.

The Umweltbildungszentrum Flensburg is a small, non-profit educational institution affiliated with the Naturwissenschaftliches Museum Flensburg, focusing on environmental education and sustainability programs. Founded in 2014, it serves local schools, kindergartens, and the general public with a variety of educational offerings including excursions, workshops, and exhibitions. The website reflects a professional and consistent brand presence with clear contact information and official city sponsorship. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern JavaScript libraries such as jQuery and Colorbox for UI enhancements. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, there is room for improvement in security headers and explicit security policy documentation. From a security perspective, the site uses HTTPS and implements a cookie consent banner, indicating awareness of privacy compliance. No critical vulnerabilities or security issues were detected in the content or scripts. The WHOIS data aligns well with the website's claims, showing a consistent and legitimate registration. No WAF or blocking mechanisms interfere with content accessibility. Overall, the website presents a trustworthy and professional digital presence for an educational institution, with moderate technical sophistication and good privacy practices. Strategic improvements in security headers and formal security policies could further enhance its posture.

E

Engagiert in Flensburg - Ehrenämter und Freiwilligenbörse

engagiert-in-flensburg.de

44

The website engagiert-in-flensburg.de serves as a local platform dedicated to promoting volunteering and community engagement opportunities in Flensburg, Germany. It targets volunteers and organizations interested in Ehrenämter and Freiwilligenbörse activities. The platform operates likely as a non-profit or community service entity, focusing on connecting individuals with local volunteer opportunities. Technically, the site is built on WordPress using Elementor and integrates modern plugins such as Rank Math PRO for SEO and Google reCAPTCHA v3 for form security. Hosting is provided by agenturserver, a German hosting provider, which aligns with the website's regional focus. Security posture is moderate, with basic protections like reCAPTCHA but lacking advanced security headers and published policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site presents a good user experience with clear navigation and mobile optimization but requires improvements in transparency and security documentation to enhance trust and compliance.

T

Technisches Betriebszentrum AöR

tbz-flensburg.de

52

The Technisches Betriebszentrum Flensburg is a municipal service provider focused on environmental management, waste disposal, city maintenance, and infrastructure services for the city of Flensburg, Germany. The website presents a professional and comprehensive digital presence, offering detailed information about services, current news, and educational programs. The company maintains active communication channels including phone, email, and social media, enhancing accessibility for residents. Technically, the website is built on the gradwerk CMS 6 platform, utilizing modern web standards such as HTML5, CSS3, and JavaScript. It features responsive design and accessibility considerations, with a cookie consent mechanism compliant with GDPR. Performance is moderate with preloading of resources and optimized images. From a security perspective, the site enforces HTTPS and implements cookie consent management. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the municipal identity, supporting legitimacy. Overall, the site is trustworthy, well-maintained, and suitable for its public service role. Strategic improvements in security transparency and incident response readiness would further enhance its posture.

R

ruhr-concept KG

presse-service.de

57

ruhr-concept KG operates the website presse-service.de, a specialized press service portal established since 1995, targeting municipalities, associations, publishers, parties, companies, media offices, and hotel chains in Germany. The platform facilitates active press work by distributing press releases and media to editorial offices, subscribers, and readers. The website demonstrates a good level of content quality and professional design, with a strong focus on accessibility, integrating an advanced accessibility tool to support various user needs. Technically, the site is built on ASP.NET with Bootstrap and jQuery, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS usage but lacks explicit security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy but would benefit from enhanced security and compliance documentation.

L

Elixir | PC Game Launcher

ln.onl

59

Elixir.games appears to be a technology-focused website offering a PC game launcher platform aimed at gamers. The site is minimalistic with limited content and lacks detailed business or contact information. The technical infrastructure includes modern web fonts and JavaScript but lacks advanced frameworks or CMS indications. Security posture is weak due to missing HTTPS verification, absence of security headers, and no visible privacy or cookie policies. The WHOIS data is unavailable or malformed, indicating privacy protection or data access issues, which reduces trustworthiness. Overall, the site is functional but lacks maturity in security, compliance, and business transparency.

B

BEOS AG

beos.net

10

BEOS AG is a leading German asset manager and project developer specializing in corporate real estate including office, production, logistics, and service spaces. The company positions itself as a market leader with a comprehensive portfolio and a strong focus on sustainability and ESG goals. Their website reflects a mature digital presence with professional design, multilingual support, and integrated analytics and consent management tools. Security posture is solid with HTTPS and captcha protections, though some HTTP security headers are not explicitly detected. The absence of WHOIS data is a notable anomaly but does not detract from the overall legitimacy indicated by the website content and business information. Strategic recommendations include enhancing security headers, publishing a security policy, and clarifying domain registration details.

W

Wildwechsel

wildwechsel.de

63

Wildwechsel is a regional German media platform specializing in event listings and cultural information for areas including Kassel, Paderborn, Marburg, Nordhessen, and OWL. The website offers comprehensive event data such as concerts, parties, theater, and local activities, targeting a general audience interested in regional happenings. Technically, the site is built on WordPress and integrates various modern web technologies including Google Fonts, FontAwesome, and multiple analytics and advertising scripts. Hosting is provided via GoDaddy, and the site uses HTTPS with a good SSL configuration. Security measures include anti-spam and bot detection services, but explicit security headers are lacking, and no formal privacy or cookie policies are detected, indicating room for compliance improvement. Overall, the site presents a professional and trustworthy front with moderate technical performance and good content quality.

D

DOJ (Dienst für offene Jugendarbeit)

kinder-und-jugendfoerderung-wirkt.ch

47

The website 'Kinder und Jugendförderung wirkt' is a Swiss non-profit platform dedicated to promoting the development and well-being of children and youth across various cantons. It serves as an informational and support hub for actors involved in youth promotion, providing resources, consultation, and visibility to regional initiatives. The platform is backed by recognized governmental and non-profit organizations, enhancing its credibility and trustworthiness. Technically, the site is built on WordPress with modern SEO and analytics tools, offering a responsive and user-friendly experience. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the site is professional, compliant with privacy regulations, and well-positioned within its niche.

M

Mixmag

mixmag.net

69

Mixmag.net is a well-established global media platform specializing in dance music and clubbing culture, founded in 1999. It offers a broad range of content including news, videos, features, and an e-commerce shop, targeting dance music enthusiasts worldwide. The website demonstrates a mature digital infrastructure with modern technologies such as Craft CMS, Google Tag Manager, and multiple advertising and tracking integrations, all managed with GDPR-compliant consent mechanisms. The site is hosted behind Cloudflare DNS, ensuring reliable performance and security. Security posture is solid with HTTPS enforced and domain registration transparency, though some security headers could be improved. Privacy compliance is strong with clear privacy and cookie policies and active consent management. Overall, the site presents a professional and trustworthy media brand with extensive social media engagement and advertising partnerships.

L

LILA HILFE e.V.

lilahilfe.org

61

Lila Hilfe e.V. is a German non-profit feminist solidarity organization dedicated to supporting women affected by gender-based violence and structural discrimination. The organization operates primarily within Germany, providing financial aid, resources, and community support to its target audience. The website reflects a clear mission and offers membership and donation options to sustain its activities. Technically, the site is built on a modern React and Next.js framework, ensuring fast performance, excellent mobile optimization, and good accessibility. The content is rich, professionally presented, and highly relevant to its audience. Security-wise, the site uses HTTPS and avoids exposing sensitive data, but lacks explicit security headers and formal security policies. Privacy compliance is moderate, with a comprehensive privacy policy but no visible cookie consent mechanism. Overall, the domain appears legitimate despite the absence of WHOIS data, likely due to privacy protection common in non-profits. The site maintains a high trust level with clear branding and social media presence.

B

Breath:Sun:Bone:Blood

breathsunboneblood.com

46

Breath:Sun:Bone:Blood is a small independent music label based in Berlin, specializing in niche genres such as dark ambient, experimental, modern composition, black metal, and folk music. The website serves as a platform to showcase their releases, artists, and news, targeting music enthusiasts interested in these genres. The business model revolves around music distribution and artist promotion, with a presence on Bandcamp for direct music sales and streaming. Technically, the website is built on WordPress using the Enfold theme and several common plugins including LayerSlider and MediaElement.js. The site is moderately performant, mobile-optimized, and SEO-friendly with proper meta tags and structured data. Hosting and domain registration are consistent with the business location in Germany, using RegistryGate GmbH as the registrar. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks DNSSEC and explicit security headers, which are recommended to enhance security posture. No critical vulnerabilities or exposed sensitive data were detected. Privacy policies are present and written in German, reflecting compliance with EU regulations. Overall, the website is professional, trustworthy, and safe for general audiences. The main areas for improvement include adding explicit contact information, security policies, and enhancing DNS and HTTP security configurations to strengthen trust and resilience against attacks.

T

TixforGigs

tixforgigs.com

70

TixforGigs operates as an online ticketing platform primarily serving the German market, offering ticket sales, event listings, and artist and venue promotion. The website is well-structured, mobile-optimized, and provides a user-friendly experience with features such as login, registration, password reset, and two-factor authentication. Privacy and cookie policies are present, reflecting GDPR compliance and a privacy-conscious approach. However, the absence of WHOIS data and explicit terms of service pages slightly detract from the overall trustworthiness. The technical stack includes modern JavaScript frameworks and libraries, and the site uses HTTPS with captcha protections on forms, enhancing security posture. Overall, the platform appears legitimate and professionally maintained but would benefit from improved transparency in domain registration and security headers.

The website switchadhub.com appears to be a newly registered domain with minimal content primarily consisting of embedded iframes and tracking pixels. There is no visible business information, contact details, or privacy and cookie policies, indicating a lack of transparency and professionalism. The domain is registered with EurotrashNames.com LLC, a registrar of questionable reputation, and the domain age is less than one year, which is inconsistent with an established business presence. Technically, the site uses basic HTML and JavaScript but lacks modern security practices such as HTTPS enforcement and security headers. The presence of tracking pixels without consent mechanisms raises privacy concerns. Overall, the site appears to be an ad-serving or intermediary platform rather than a fully developed business website.

B

BBZ Schleswig

bbzsl.de

46

BBZ Schleswig is a regional vocational training and continuing education institution based in Schleswig and Kappeln, Germany. The website serves as an informational portal for educational offerings targeting students and professionals seeking vocational qualifications. The technical infrastructure is built on WordPress using the Divi theme, incorporating common analytics tools such as Google Analytics and Facebook Pixel. While the site demonstrates good design quality and user experience, it lacks explicit privacy and cookie policies, as well as visible contact information, which impacts its privacy compliance and business credibility scores. Security posture is moderate with no detected security headers or vulnerability disclosures, indicating room for improvement in security best practices. Overall, the website is safe for general audiences and functions well as an educational resource.

The website www.eeagrants.ro serves as the official Romanian governmental portal for the EEA and Norwegian Grants 2014-2021, managed by the Ministry of Investments and European Projects. It provides comprehensive information about grant programs, project calls, results, and bilateral relations, targeting Romanian governmental bodies, NGOs, and the general public interested in European funding opportunities. The site is well-branded with consistent use of official logos and government references, establishing high trustworthiness and credibility. Technically, the website employs a modern tech stack including Bootstrap, jQuery, Font Awesome, Google Fonts, Google Analytics, Facebook SDK, and Google Charts. It is mobile responsive with good SEO and accessibility basics, though accessibility could be improved. Performance is moderate, and the site uses HTTPS with a good SSL configuration. However, security headers are missing, and privacy and cookie policies are not explicitly present, indicating areas for compliance improvement. From a security perspective, the site shows good practices such as HTTPS enforcement and use of reCAPTCHA for forms, with no visible vulnerabilities or exposed sensitive data. The lack of security headers and formal incident response or vulnerability disclosure information are notable gaps. WHOIS data is privacy protected as per Romanian ROTLD policy, which is standard and justified for this governmental domain. Overall, the site is a professional, trustworthy government resource with solid technical foundations but could enhance privacy compliance and security posture by adding explicit policies and security headers. The risk level is low, but improvements in transparency and security best practices are recommended.

E

Erhvervsstyrelsen

erhvervsstyrelsen.dk

57

Erhvervsstyrelsen is a Danish government agency dedicated to simplifying and promoting responsible business operations across Denmark. The website serves as an authoritative portal offering regulatory guidance, support services for startups and existing businesses, and information on sustainability reporting, digital administration, and international trade. It holds a strong market position as the official regulatory body with a large organizational size and a history dating back to 2001. The site is well-branded, professionally designed, and targets Danish businesses and entrepreneurs.

V

Virk

virk.dk

62

Virk.dk is the official Danish government digital portal serving as the primary gateway for businesses to access public services. Established in 2001, it holds a strong market position as an essential government service platform targeting Danish businesses. The website employs modern frontend technologies such as Bootstrap and Vue.js, indicating a moderate level of digital maturity and a focus on responsive design and user experience. Security posture is basic with HTTPS enabled but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to the absence of visible privacy and cookie policies. Overall, the site is professional, trustworthy, and safe for general audiences but would benefit from enhanced security and privacy transparency.

E

Erhvervsstyrelsen

virksomhedsguiden.dk

70

Virksomhedsguiden.dk is an official Danish government platform operated by Erhvervsstyrelsen, providing comprehensive business support, guidance, and tools for entrepreneurs and companies. The website serves as a centralized resource for knowledge on starting, operating, and developing businesses in Denmark, targeting startups and established enterprises alike. It holds a strong market position as a trusted government service with a clear focus on business development and support. Technically, the site employs modern frontend technologies such as Vue.js, integrates analytics via Piwik PRO, and uses Tableau and Vimeo for data visualization and video content respectively. The site is well-optimized for mobile and accessibility, with good SEO practices and a professional design. Security-wise, the site enforces HTTPS, implements a robust cookie consent mechanism, and avoids exposing sensitive data, although it could improve by enabling DNSSEC and adding explicit security headers. Overall, the domain registration data aligns with the website's government affiliation, confirming its legitimacy and trustworthiness. The site does not exhibit any blocking or WAF challenges, allowing full content accessibility.

S

Startup Denmark

startupdenmark.info

65

Startup Denmark is an official government-supported program designed to facilitate entrepreneurs from outside Denmark in launching their businesses within one of the world's most digitalized and entrepreneur-friendly countries. The website provides comprehensive guidance on visa application processes and access to Denmark's strong entrepreneurial ecosystem. The program targets startup founders seeking to establish their ventures in Denmark, offering visa facilitation and business support services. The site is professionally designed, mobile-optimized, and provides clear navigation and relevant content, reflecting a high level of digital maturity. Technically, the website is built on the Drupal CMS platform, leveraging modern web technologies including JavaScript and SVG graphics. The site demonstrates good performance and accessibility standards, with a cookie consent mechanism and privacy policy in place, indicating compliance with GDPR requirements. Analytics are conducted via Piwik Pro, ensuring moderate user tracking with privacy considerations. From a security perspective, the site enforces HTTPS and implements cookie consent but lacks certain security headers such as Content-Security-Policy and X-Frame-Options, which are recommended to enhance protection. There is no visible security policy or incident response contact information, representing an area for improvement. The WHOIS data is limited due to TLD restrictions but does not raise concerns, and the domain is consistent with an official government program. Overall, the website presents a trustworthy and professional front for the Startup Denmark program, with minor technical and security enhancements recommended to further strengthen its posture and compliance.

Adiwidjaja Teamworks GmbH operates the domain atw.io, which currently hosts a minimal placeholder website with a 'Coming soon' message and an image. The company is registered in Germany since 2013, consistent with the domain registration data. The website lacks any descriptive business content, contact information, or policies, indicating it is not yet operational or publicly launched. The technical infrastructure is basic, with no detected CMS, frameworks, or advanced technologies. Security posture is minimal, with no security headers or DNSSEC enabled, though the domain uses a reputable registrar and is not privacy protected. Overall, the site presents low digital maturity and limited trust signals.