Security Directory

M

Město Pyšely

pysely.cz

47

Město Pyšely operates an official municipal website serving the residents and visitors of the town of Pyšely in the Czech Republic. The site provides comprehensive information about the city, including news, events, public notices, practical information such as waste management and water services, and contact details for municipal offices. The website targets local citizens and stakeholders interested in municipal affairs and community activities. The business model is that of a government entity providing public services and information digitally. Technically, the website uses a custom CMS platform with modern JavaScript libraries such as jQuery, Bootstrap, Swiper.js, and mmenu.js to deliver a responsive and user-friendly experience. The site is mobile optimized and structured with clear navigation, although some accessibility features are basic. Performance is moderate, with no major technical issues detected. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism, indicating some attention to privacy compliance. However, no explicit privacy policy page or security policy is found, and no security headers were detected in the provided data. The WHOIS data for the domain is unavailable, which limits the ability to fully verify domain legitimacy and ownership. No vulnerabilities or exposed sensitive data were identified. Overall, the website is a trustworthy and professional municipal portal with good content quality and user experience. The main risks relate to the lack of WHOIS transparency and incomplete privacy documentation. Strategic recommendations include publishing a privacy policy, enhancing security headers, and providing incident response contacts to improve trust and compliance.

O

Obec Lštění

lsteni-zlenice.cz

47

Obec Lštění operates an official municipal website serving the local community in the Czech Republic. The site provides comprehensive information about local government activities, official notices, event calendars, contact details, and integrated services such as payment portals and environmental monitoring. The website targets residents and visitors seeking municipal services and updates. Technically, the site uses a variety of JavaScript libraries including jQuery, Highcharts, and Bootstrap, indicating a moderately modern infrastructure with good mobile optimization and user experience. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks advanced security headers and explicit incident response information. The absence of WHOIS registration data reduces transparency and trustworthiness from a domain registration perspective. Overall, the site is functional, trustworthy for its purpose, but could improve in security and registration transparency.

The website www.mestocernosice.cz serves as the official online presence for the town of Černošice, Czech Republic. It provides comprehensive information about the municipality, including governance, public services, cultural events, and practical information for residents and visitors. The site is well-structured with clear navigation and a professional design consistent with government standards. The primary audience includes local citizens and stakeholders interested in municipal affairs. Technically, the website employs a range of established front-end libraries such as jQuery, Bootstrap, and Swiper, ensuring a responsive and user-friendly experience across devices. The site uses external CDNs for fonts and icons, contributing to moderate performance. However, no CMS or hosting provider details were identified, and no advanced frameworks appear in use. From a security perspective, the site uses HTTPS (assumed from the URL), but no explicit security headers were detected in the provided data. A cookie consent banner is implemented, indicating some level of privacy compliance, though no dedicated privacy policy or terms of service pages were found. The absence of WHOIS data for the domain is a notable concern, as it limits verification of domain legitimacy and ownership, which is unusual for an official government domain. Overall, the site is functional and professional but would benefit from enhanced transparency regarding privacy policies, security headers, and domain registration details to improve trustworthiness and compliance with modern standards.

The website www.e-deska.cz provides an electronic official notice board software solution primarily targeted at Czech municipalities or administrative bodies. The service offers intuitive document posting, automatic archiving, and scheduling capabilities for official documents, supporting multiple file formats. The business model appears to be software provision, with free offerings for clients whose websites are managed by the provider. The website content is basic and primarily informational, with limited interactive features beyond a login form for administrative access. From a technical perspective, the site uses basic HTML, CSS, and JavaScript without modern frameworks or CMS detected. The site lacks mobile optimization and accessibility features, and performance is moderate. There is no evidence of HTTPS enforcement or advanced security headers, which weakens the security posture. The login form is present but lacks visible security enhancements such as CSRF tokens. Security evaluation reveals significant gaps including absence of HTTPS, missing security headers, and no visible privacy or cookie policies, indicating poor compliance with GDPR and modern security standards. The WHOIS data is unavailable, which raises concerns about domain legitimacy and trustworthiness. However, the website content is safe, non-adult, and focused on government-related software services. Overall, the site scores low to moderate on AI scoring metrics due to technical and security deficiencies. Strategic recommendations include implementing HTTPS, adding security headers, improving privacy compliance, enhancing login security, and modernizing the technical stack to improve trust and user experience.

R

Rozhledna Špulka

rozhlednaspulka.cz

43

Rozhledna Špulka is a community-driven project representing the microregion CHOPOS in the Czech Republic, focused on a lookout tower and educational trail developed in cooperation with 21 municipalities and multiple partners. The website serves as an informational and promotional platform for events, news, and gallery content related to the lookout tower. Technically, the site is built on WordPress using legacy JavaScript libraries such as jQuery 1.7.2, with moderate performance and basic mobile optimization. Security posture is moderate with HTTPS enabled but lacking modern security headers and using outdated libraries that may expose vulnerabilities. Privacy and cookie policies are absent, reducing compliance with GDPR and other regulations. The WHOIS data is unavailable, which limits domain trust assessment, but the presence of partner logos and regular content updates suggest a legitimate local initiative. Overall, the website is functional and informative but would benefit from technical and compliance improvements.

The Asociace DSO České republiky is a non-profit association representing voluntary municipal unions in the Czech Republic, focusing on fostering inter-municipal cooperation and supporting functional microregions. The organization aims to promote financial stability and recognition of public administration performance by municipalities, the Czech Republic, and regional authorities. Their website serves as an official platform providing strategic documents, project examples, news updates, and contact information for stakeholders. Technically, the website employs a custom CMS with a modern frontend stack including jQuery, Bootstrap, Swiper.js, and other UI libraries. The site is mobile-optimized with a clear navigation structure and cookie consent mechanisms, reflecting a moderate level of digital maturity. However, no advanced analytics or tracking tools are detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS and implements cookie consent but lacks visible security headers and explicit security policies. No vulnerabilities or exposed sensitive data were found in the analysis. The absence of WHOIS data limits domain registration insights, but the website's professional presentation and partner references support its legitimacy. Overall, the site is well-structured, content-rich, and trustworthy, serving its target audience effectively. Strategic recommendations include enhancing security headers, improving accessibility, and publishing detailed security and incident response policies to strengthen trust and compliance.

M

MŠ Petrov

mspetrov.cz

46

MŠ Petrov operates as a small local kindergarten located in Petrov, Czech Republic, providing preschool education and childcare services. The website presents a clear and consistent brand image with detailed descriptions of its educational offerings and community engagement. The institution targets parents and guardians of young children in the local area, emphasizing a nurturing and creative learning environment. Technically, the website employs modern JavaScript libraries such as jQuery, Bootstrap, and Swiper.js, and is built on a CMS platform likely provided by Galileo Corporation. The site is mobile optimized and accessible, though performance is moderate. Security posture is adequate with HTTPS and cookie consent mechanisms in place, but lacks advanced security headers and formal privacy documentation. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact information appear legitimate and professional. Overall, the site scores well on content quality and business credibility but should improve privacy compliance and security best practices.

M

Mateřská škola Měchenice

msmechenice.cz

40

Mateřská škola Měchenice is a small local preschool educational institution based in the Czech Republic, offering early childhood education services primarily to local families. The website serves as an informational portal for parents and guardians, providing basic details about the school. The digital infrastructure is built on WordPress using the Divi theme and enhanced with the Yoast SEO plugin, indicating a moderate level of digital maturity. The site is hosted by WEDOS, a known Czech hosting provider, and uses HTTPS to secure communications. From a security perspective, the website has a basic posture with HTTPS enabled but lacks important security headers and formal privacy or cookie policies, which are critical for GDPR compliance and user trust. No incident response or vulnerability disclosure mechanisms are present, which could be a concern for security readiness. The absence of contact emails and phone numbers on the site limits direct communication channels for users and security reporting. Overall, the website is functional and serves its purpose as a local educational site but requires improvements in privacy compliance, security best practices, and contact transparency to enhance trustworthiness and regulatory adherence. The domain registration details align well with the business profile, supporting legitimacy. Strategic enhancements in security headers, privacy documentation, and user contact information are recommended to strengthen the site's security posture and compliance.

T

TJ Sokol Nespeky

sokolnespeky.cz

56

TJ Sokol Nespeky operates as a local amateur football club in the Czech Republic, providing community sports engagement through multiple football teams across various age groups. The website serves as a hub for match reports, schedules, league standings, and club news, targeting local players, fans, and community members. The club's market position is that of a small, community-focused sports organization competing in regional leagues. Technically, the website is built on WordPress with the SportsPress Pro plugin, leveraging common web technologies such as jQuery and Google Fonts. The site is moderately optimized for mobile and performance, with basic SEO and accessibility features. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and explicit incident response contacts. The absence of WHOIS data limits domain trust assessment, but the website content and structure indicate a legitimate local sports club. Overall, the site is functional, informative, and safe for general audiences.

M

Mateřská škola Nespeky

msnespeky.cz

46

Mateřská škola Nespeky operates as a local preschool educational institution in the Czech Republic, providing early childhood education and various extracurricular activities. The website serves as an official information portal for parents and the community, featuring details about classes, projects, events, and contact information. It maintains partnerships with reputable organizations such as Mensa ČR and is involved in EU co-financed projects, indicating a stable community presence and funding support. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Swiper.js, and custom CMS components, delivering a responsive and accessible user experience. The site includes cookie consent mechanisms and GDPR-compliant privacy information, reflecting awareness of privacy regulations. Performance is moderate with good mobile optimization and SEO practices. From a security perspective, the site uses HTTPS and implements cookie consent but lacks visible advanced security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data reduces domain trustworthiness, but the website content and external partnerships support legitimacy. Overall, the website presents a trustworthy, well-maintained educational resource with good privacy compliance and moderate security posture. Strategic improvements in security headers and domain registration transparency would enhance trust and resilience.

S

Systempartner IT-Vertriebs GmbH & Co. KG

systempartner-it.de

51

Systempartner IT-Vertriebs GmbH & Co. KG is a well-established IT service provider based in Lüneburg, Germany, with over 25 years of experience. The company specializes in delivering tailored IT infrastructure, security, analysis, telephony solutions (notably 3CX VoIP), refurbished hardware, and cloud services primarily targeting businesses and institutions in Northern Germany. Their strong partnerships with leading technology vendors such as Sophos, Lenovo, Microsoft, and others position them as a trusted regional player with a comprehensive service portfolio. The website reflects a professional and modern digital presence with active content updates and clear business information. Technically, the website is built on WordPress with WooCommerce and uses reputable plugins like Yoast SEO and Borlabs Cookie for SEO and privacy compliance. The hosting appears stable with nameservers linked to Kasserver. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be enhanced. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is good, with room for improvement in publishing explicit security policies and vulnerability disclosure mechanisms. Privacy compliance is strong, with GDPR-aligned policies and cookie consent. The domain WHOIS data aligns well with the business claims, supporting legitimacy. No WAF or blocking mechanisms interfere with content access. Strategic recommendations include enhancing security headers, publishing a security policy and security.txt file, and maintaining regular updates to plugins and themes to sustain security and compliance.

The website www.domainmarkt.de/stadt-lueneburg.de operates as a domain marketplace specializing in the sale of premium domains, exemplified by the offering of stadt-lueneburg.de at a promotional price. The business is positioned as a niche reseller targeting German businesses and entrepreneurs seeking to establish a solid online presence through premium domain acquisition. The site is owned by nomino GmbH, a small-sized company operating in the real estate domain sector. Technically, the website employs legacy JavaScript libraries such as jQuery 1.11.0 and easySlider 1.7, with a basic CSS styling approach. The site demonstrates moderate performance and basic mobile optimization but lacks advanced accessibility and SEO features. Security posture is moderate; no HTTPS status is confirmed, and no security headers are detected, which presents an area for improvement. Privacy compliance is minimal, with a basic privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Overall, the site is functional and professional but would benefit from enhanced security and privacy practices to improve trust and compliance.

S

Sparkasse Uelzen Lüchow-Dannenberg

sparkasse-uelzen-luechow-dannenberg.de

65

Sparkasse Uelzen Lüchow-Dannenberg is a regional German savings bank offering a broad range of financial services including online and mobile banking, accounts, loans, investments, insurance, and real estate services. The website targets both private and business customers with a clear focus on accessibility and user support. The bank holds recognized certifications such as the BITV accessibility test and IHK quality seal, reinforcing its trustworthiness and market position. Technically, the website is built on Adobe Experience Manager CMS, utilizing modern web technologies like JavaScript and CSS, with good mobile optimization and accessibility features. The site employs HTTPS with a secure SSL configuration and includes cookie consent mechanisms compliant with GDPR. However, explicit security headers are not detected, indicating room for security enhancements. From a security perspective, the site demonstrates good practices such as session timeout warnings and secure forms but lacks publicly available security policies or incident response contacts. No vulnerabilities or suspicious domains were found. Analytics usage includes Google Universal Analytics with moderate user tracking and privacy compliance. Overall, the website is professional, trustworthy, and well-structured, suitable for its financial services audience. Strategic improvements in security headers and incident response transparency could further strengthen its security posture.

S

Selmatec Systems GmbH

selmatec.de

62

Selmatec Systems GmbH is a specialized German company providing advanced industrial machine vision and infrared temperature measurement systems. Their offerings include a broad range of infrared sensors, imaging systems, and customized engineering solutions tailored for industries such as automotive, steel, energy, and cement production. The company positions itself as a niche provider focusing on quality assurance and integration of IR and vision technologies into production lines. Technically, the website is built on the Contao CMS platform using modern JavaScript libraries like jQuery and Swipe.js, delivering a professional and responsive user experience. Security posture is adequate with HTTPS and cookie consent implemented, though lacking advanced security headers and explicit incident response policies. Overall, the domain and website content appear legitimate and trustworthy with clear contact information and social media presence. Recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms to improve trust and compliance.

SAFETEC IT-SYSTEME Vertriebsgesellschaft mbH is a German-based company specializing in the sales, maintenance, and support of high-performance scanners and related hardware and software solutions. Established in 1999, the company emphasizes a strong customer service culture with nationwide support technicians and flexible maintenance contracts. Their business model focuses on B2B sales and after-sales services including repairs, training, and test device loans. The website reflects a professional and consistent brand presence targeting business customers in Germany. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern JavaScript libraries such as jQuery and MediaElement.js for enhanced user experience. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with no major technical issues detected. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. From a security perspective, the site enforces HTTPS and uses secure forms with CSRF tokens. However, explicit HTTP security headers are not detected, and no public security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the content. The domain WHOIS data is minimal but consistent with the business claims, though lacking detailed registrant information. Overall, SAFETEC presents a trustworthy and professional online presence with solid privacy and security foundations. Strategic improvements could include publishing explicit security policies, adding security headers, and implementing a vulnerability disclosure process to further enhance trust and compliance.

P

Pickbrenner GmbH

pickbrenner.de

56

Pickbrenner GmbH is a small, local business based in Lüneburg, Germany, specializing in office solutions including printing, copying, office furniture, and telephony systems. The company positions itself as a provider of optimal service and expertise in office-related products and services. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard JavaScript polyfills, indicating a moderate level of technical maturity. The site is mobile optimized and presents a professional design with relevant business content. Security-wise, the website uses HTTPS and includes scripts to harden fetch and XHR requests, but lacks visible security headers and privacy-related policies, which are critical for compliance and trust. The WHOIS data for the domain is missing, raising concerns about domain legitimacy and ownership verification. Overall, the website is functional and business-focused but requires improvements in security posture, privacy compliance, and domain registration transparency.

O

OHE Maschinenbau GmbH

ohe.de

52

OHE Maschinenbau GmbH is a well-established German manufacturing company specializing in hydraulics, electrohydraulics, and valves. Founded in 1946, it has evolved from a small workshop into a globally recognized specialist with a registered trademark since 1960. The company offers a range of products including hydraulic and electrohydraulic control systems, valves, and accessories for high-pressure hoses, targeting industrial clients and engineering firms. The website reflects a professional and consistent brand image with clear navigation and multilingual support.

Nordson Corporation operates as a global leader in precision engineering and manufacturing technology solutions, serving diverse industrial markets with fully integrated systems, aftermarket parts, and consumables. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive privacy and cookie policies, indicating a strong commitment to user experience and regulatory compliance. The technical infrastructure leverages modern frameworks such as Bootstrap, Google Tag Manager, and Cookiebot, with hosting likely supported by Cloudflare CDN, ensuring good performance and security. Security posture is robust with HTTPS enforcement and cookie consent mechanisms, although explicit security headers and public security policies could be enhanced. Overall, the site demonstrates a high level of professionalism and trustworthiness, despite the absence of WHOIS registration data which slightly reduces domain trust. Strategic recommendations include publishing detailed security policies, improving contact information visibility, and adding vulnerability disclosure mechanisms to further strengthen security and compliance.

L

Lünecom

luenecom.de

65

Lünecom is a regional internet service provider based in northern Germany specializing in fiber optic internet, IP telephony, and IPTV services. The company positions itself as a local provider delivering high-speed internet connectivity to consumers and businesses in its region. The website reflects a professional and consistent brand image with clear messaging about its core offerings and target market. The digital infrastructure leverages HubSpot CMS and marketing tools, Cookiebot for GDPR-compliant cookie consent, and integrates analytics platforms such as Google Analytics and Hotjar for user behavior insights. The technical implementation is modern and mobile-optimized, providing a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie management. However, the site lacks explicit terms of service and security policy pages, which could enhance legal and security transparency. WHOIS data is limited due to DENIC privacy restrictions but shows no inconsistencies with the business claims. Overall, Lünecom's website is trustworthy, professional, and compliant with GDPR, serving its regional telecommunications market effectively.

L

Leitz

leitz.com

61

Leitz is a well-established brand specializing in office supplies, office solutions, and stationery products, targeting office workers and home office users. The website presents a professional and consistent brand image with a focus on premium quality products rooted in German heritage. The technical infrastructure includes modern analytics and cookie consent technologies, with a CMS likely based on Episerver. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is generally good with HTTPS enabled and cookie consent mechanisms in place, though security headers and explicit security policies are lacking. The absence of WHOIS data reduces domain trustworthiness, but the website content and branding support legitimacy. Privacy compliance is partially implemented, with cookie consent but no visible privacy policy or terms of service pages in the provided content. Overall, the website is professional and trustworthy but could improve transparency and security practices.

L

Landkreis Harburg

landkreis-harburg.de

53

Landkreis Harburg operates as a regional government authority in Germany, providing a wide range of public services including administration, social services, education, environmental management, and tourism information. The website serves residents, businesses, and visitors with comprehensive information and digital services such as online appointment booking and service portals. The site is well-structured, professionally designed, and consistent with the branding of a government entity. Technically, the site uses a custom CMS (NOLIS), modern web technologies, and includes accessibility and SEO optimizations, though some accessibility features could be improved. Security posture is strong with HTTPS, security headers, and spam protection on forms, but lacks a visible cookie consent mechanism and vulnerability disclosure policy. Overall, the website is trustworthy and fulfills its role as a government information portal effectively.

K

Kenda Elektrotechnik

kenda.de

43

Kenda Elektrotechnik is a small, locally focused electrical service provider operating in the Köln-Bonn region of Germany. With approximately 40 years of experience, the company offers a range of services including smart home automation, photovoltaic installations, electric vehicle charging solutions, lighting, and general electrical installations. The website is built on WordPress using the Avada theme and integrates modern technologies such as LayerSlider and Leaflet for maps. The site is well-structured, mobile-optimized, and presents a professional image with partner logos from recognized brands. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or terms of service. Overall, the website reflects a credible and trustworthy small business with room for improvement in security and privacy transparency.

G

Gemeinsame kommunale Anstalt IT-Verbund Uelzen

it-verbund-uelzen.de

45

The IT-Verbund Uelzen is a regional governmental IT service provider serving multiple municipalities and administrative bodies in the Uelzen district of Germany. It operates as a joint municipal institution providing comprehensive IT infrastructure, hardware, software, and ICT services to support public sector digital operations. The website reflects a professional and consistent brand presence, targeting government entities and public administration professionals. Technically, the site is built on WordPress with common plugins and hosted on Hetzner, a reputable German hosting provider. The site is mobile-optimized and includes modern UI elements such as sliders and consent management. Security posture is solid with HTTPS enforced and a cookie consent mechanism in place, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, compliant with GDPR, and free from suspicious content or vulnerabilities.

H

Happy-Beton GmbH & Co. KG

happy-beton.de

62

Happy-Beton GmbH & Co. KG is a well-established German company specializing in the production and distribution of ready-mixed concrete and construction materials, serving the northern German market with over 40 locations. Their services include transport concrete, rental of concrete pumps, and supply of natural building materials such as sand and gravel, supported by a strong regional presence and certifications like CSC. The website is professionally designed, mobile-optimized, and built on the Contao CMS platform, integrating modern JavaScript libraries and a comprehensive cookie consent mechanism. Security posture is solid with HTTPS and cookie consent, though some security headers and policies could be improved. Contact information is transparent and comprehensive, supporting business credibility. Overall, the digital infrastructure supports their business model effectively with room for enhanced security policies and incident response disclosures.

H

Handwerkskammer für München und Oberbayern

handwerkskammer.de

64

The website www.handwerkskammer.de represents a collective initiative of all 53 Handwerkskammern (craft chambers) in Germany, serving as a central platform to harmonize services, digital presence, and communication for the German handcraft sector. It provides resources and information related to training, business management, and digital transformation for its members and the public. The site is well-structured, professionally designed, and targets a broad audience including members, businesses, and the general public interested in the craft industry. Technically, the site uses a modern CMS (ODAV), integrates accessibility tools, and employs standard web technologies such as jQuery and Bootstrap. It also uses Google Analytics and Tag Manager for analytics and tracking, with a compliant cookie consent mechanism in place. Security-wise, the site enforces HTTPS, uses bot protection (Friendly Captcha), and manages cookie consent responsibly, though it lacks publicly visible security policies or incident response contacts. Overall, the site is trustworthy, secure, and compliant with GDPR, reflecting a mature digital presence for a governmental sector organization.

H

Hamburger Waagenbau GmbH

hamburger-waagenbau.de

44

Hamburger Waagenbau GmbH is a medium-sized German company specializing in manufacturing and servicing weighing and data technology solutions. Positioned as a leading regional provider in northern Germany, the company offers a broad range of products including various types of scales, custom weighing solutions, IT software, and calibration services. Their target audience primarily consists of industrial and commercial clients requiring precise and reliable weighing systems. The website reflects a professional and consistent brand image with clear navigation and relevant content. Technically, the site is built on WordPress with modern frameworks and includes Google Analytics with privacy-conscious settings. Security posture is solid with HTTPS and cookie consent implemented, though additional security headers and policies could enhance protection. WHOIS data aligns with the business claims, showing no privacy protection or suspicious registration details. Overall, the website demonstrates good digital maturity and business credibility.

G

GfA Lüneburg – gkAöR (gemeinsame kommunale Anstalt des öffentlichen Rechts)

gfa-lueneburg.de

53

GfA Lüneburg is a public municipal waste management entity operating in the Landkreis and Hansestadt Lüneburg, Germany. It provides comprehensive waste collection, transport, composting, and problem waste disposal services with a workforce of approximately 220 employees. The organization is positioned as a certified waste management specialist and serves both private and commercial customers. The website reflects a regional public service provider with a clear focus on environmental sustainability and community service. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Contact Form 7, including Google reCAPTCHA v3 for form security. The site is mobile optimized and SEO friendly but lacks some advanced security headers and a cookie consent mechanism, which are recommended for GDPR compliance. Security posture is good with HTTPS enforced and no visible vulnerabilities, but improvements in security headers and incident response disclosures are advised. Overall, the domain and website content are consistent with a legitimate public entity, though WHOIS data is minimal. Strategic recommendations include enhancing security headers, adding cookie consent, and publishing a vulnerability disclosure policy to improve trust and compliance.

F

FIOR & GENTZ

fior-gentz.de

62

FIOR & GENTZ is a specialized orthopaedic technology company based in Germany, offering orthoses, therapy shoes, orthotic shoes, and orthosis construction services. The company targets healthcare professionals and patients requiring orthopaedic solutions, supported by educational resources such as online tutorials and product catalogs. The website is built on TYPO3 CMS, leveraging modern frontend frameworks and Cloudflare for DNS and likely CDN services, providing a moderate performance and good mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms in place, though security headers and explicit security policies are absent. The site uses Google Analytics and AdSense for marketing and analytics with GDPR-compliant cookie consent. Overall, the website is professional, trustworthy, and compliant with privacy regulations, with no signs of blocking or malicious content.

D

DE-VAU-GE Gesundkostwerk Deutschland GmbH

de-vau-ge.de

51

DE-VAU-GE Gesundkostwerk Deutschland GmbH is a well-established German manufacturer specializing in breakfast cereals, muesli bars, plant-based drinks, and snacks. Founded in 1899, it holds a strong market position as one of Europe's largest producers in its sector, primarily serving the European food retail market including private label partnerships. The website reflects a mature digital presence with comprehensive product information, sustainability initiatives, and career opportunities. Technically, the site is built on WordPress with modern plugins and analytics tools, optimized for SEO and mobile use. Security posture is solid with HTTPS, anti-spam measures, and cookie consent mechanisms, though additional security headers and explicit security policies could enhance protection. Overall, the site demonstrates high professionalism, compliance with GDPR, and trustworthy business practices.

B

borowiakziehe KG

borowiakziehe.de

46

borowiakziehe KG is a small, established marketing and communication agency based in Lüneburg, Germany, with over 25 years of experience. The company offers a range of services including marketing, advertising, website development, online marketing, corporate design, and social media concepts. Their website showcases client projects and highlights their expertise and local market presence. Technically, the website is built on the Contao CMS platform, utilizing modern JavaScript libraries such as jQuery and Colorbox for enhanced user experience. The site is mobile-optimized and provides clear navigation and professional design. Security posture is moderate; while no critical vulnerabilities or exposed sensitive data are evident, the absence of security headers and cookie consent mechanisms indicates room for improvement. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy and trustworthiness of the company.

B

BerlinerLuft. Technik GmbH

berlinerluft.de

50

BerlinerLuft. Technik GmbH is a medium-sized German company specializing in the development and production of ventilation, climate technology, and industrial air systems. Their website presents a comprehensive portfolio of products and solutions targeting technical building equipment professionals and industrial clients. The company maintains a strong market position with a focus on sustainable and modular system solutions. Technically, the website is built on TYPO3 CMS, integrates Google Analytics and Tag Manager for tracking, and demonstrates good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Overall, the site is professional, trustworthy, and GDPR compliant, with clear contact information and international presence.

B

Abdeckstreifen | Bausch Convert | Papierindustrie & Papierverarbeitung in Winsen (Luhe)

bausch-convert.de

54

The website www.bausch-convert.de is a small business site hosted on the Wix platform, with minimal visible content and no explicit business or contact information. The site lacks privacy, cookie, and terms of service policies, which indicates low compliance with data protection regulations such as GDPR. Technically, the site uses Wix's standard JavaScript libraries and Sentry for error tracking but lacks advanced security headers and configurations. The SSL configuration is basic but present, ensuring encrypted communication. Overall, the security posture is weak due to missing security headers and lack of incident response or vulnerability disclosure information. The site does not expose sensitive data or show signs of malicious activity but has low trustworthiness due to minimal content and lack of business transparency.

A

aminolabs.de is available for purchase - Sedo.com

aminolabs.de

71

The analyzed website is a domain sales landing page hosted on Sedo.com, a well-known domain marketplace platform. The page offers the domain aminolabs.de for purchase, targeting domain investors and buyers. The business model revolves around domain brokerage and parking services, with Sedo acting as the intermediary platform. The website content is basic, focusing on domain availability rather than detailed company information or services. Technically, the site uses modern web technologies including JavaScript modules and Cloudflare DNS for performance and security. However, advanced security headers and explicit privacy or security policies are not evident on this page. The domain registration data indicates a long-standing domain with appropriate transfer protections, consistent with legitimate domain marketplace practices. Overall, the site is functional but lacks comprehensive privacy and security disclosures.

F

Frauen gewinnen

frauen-gewinnen.eu

55

Frauen gewinnen is a government-backed initiative focused on promoting women's participation in the labor market in Niedersachsen, Germany. The website serves as an informational and support platform, providing resources, project information, and networking opportunities to women at various stages of their careers, including special focus groups such as single mothers, refugees, and female entrepreneurs. The initiative is funded by the Niedersächsisches Ministerium für Soziales, Gesundheit und Gleichstellung and co-financed by the European Union through the RIKA program. The site is built on TYPO3 CMS and uses Matomo for analytics, reflecting a moderate level of digital maturity with good mobile optimization and accessibility.

The website 'netzwerk-familie-wirtschaft.de' represents a regional non-profit network focused on promoting family-friendly business practices and supporting women's integration into the workforce in the German regions of Landkreis Harburg, Lüneburg, and Uelzen. It offers networking events, workshops, and coordination services to its members, targeting companies and individuals interested in family-friendly policies. The site is well-structured, with clear navigation and relevant content tailored to its audience. Technically, the website is built on Joomla CMS with Bootstrap framework, hosted by Cloudpit. It demonstrates moderate performance and good mobile optimization. The site uses HTTPS and implements a cookie consent mechanism, reflecting a privacy-conscious approach. However, it lacks advanced security headers and explicit incident response or vulnerability disclosure information. From a security perspective, the site shows good practices such as HTTPS enforcement and cookie consent but could improve by adding security headers and publishing security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is adequate with a clear privacy policy and cookie banner. Overall, the website is trustworthy, professional, and safe for general audiences. It effectively serves its niche community with relevant content and events. Strategic improvements in security policies and technical headers would enhance its security posture and compliance.

N

next Startup Day

next-startup-day.de

42

The next Startup Day website serves as the central platform for a major startup event in Niedersachsen, Germany, focusing on innovation, entrepreneurship, and networking among startups, investors, and companies. The event is supported by regional government entities, positioning it as a key regional initiative to foster startup ecosystem growth. The website provides detailed event information, speaker highlights, and partner collaborations, targeting startups, investors, and corporate participants. Technically, the site is built on WordPress with modern plugins such as Elementor and WooCommerce, ensuring a flexible and visually appealing user experience. SEO and structured data are well implemented, enhancing discoverability. Security posture is adequate with HTTPS and nonce usage, but lacks explicit security headers and documented policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

The domain win-nordwest.de currently serves as a redirect to wirtschaft-innovation-nordwest.de, indicating it is likely a secondary or placeholder domain related to a business or innovation network in the Nordwest region of Germany. The website itself contains minimal content, consisting solely of a frameset redirect with no additional information, policies, or contact details. This limits the ability to assess the business comprehensively. Technically, the site is hosted on German nameservers (rzone.de) and does not show signs of security blocking or WAF challenges, but lacks visible security headers, SSL details, or modern web technologies. The absence of privacy, cookie, or terms of service policies indicates poor compliance with GDPR and related regulations. Overall, the site’s security posture is weak due to minimal content and lack of security best practices. The domain appears legitimate but provides limited trust signals or business credibility.

E

EZN Innovationsberatung

ezn.de

44

EZN Innovationsberatung is a well-established German consulting firm specializing in innovation development, patent protection, and commercialization services since 1981. The company targets businesses, universities, founders, and inventors, offering expert advice, patent valuation, and support with funding programs. Their market position is strong, supported by extensive experience and reputable client references, including major universities. Technically, the website is built on WordPress with a modern plugin ecosystem supporting SEO, multilingual content, event management, and cookie compliance. The site is mobile-optimized and integrates Google Tag Manager and MailerLite for analytics and marketing. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers are missing and no explicit security policy or incident response contacts are published. Overall, the website is professional, trustworthy, and compliant with GDPR, providing a good user experience and clear business information.

C

Creatomatic

creatomatic.co.uk

68

Creatomatic is a Scotland-based digital agency specializing in web design, branding, and digital transformation services, with a focus on WordPress development and digital marketing. The company positions itself as a professional and trusted partner for businesses seeking to build and enhance their digital presence. The website reflects a small-sized agency with a solid reputation, supported by positive user ratings and active social media engagement. Technically, the site is built on WordPress, leveraging modern JavaScript libraries and analytics tools such as Google Tag Manager, Google Analytics, Hotjar, and Facebook Pixel, indicating a mature digital infrastructure. The website is served securely over HTTPS with CDN support, ensuring good performance and availability. Security posture is generally good with HTTPS and privacy consent mechanisms implemented, though explicit security headers and detailed privacy or cookie policies are not detected in the provided content. The absence of WHOIS data for the subdomain queried is expected and does not detract significantly from the domain's legitimacy. Overall, Creatomatic demonstrates a professional online presence with moderate technical sophistication and a good security baseline, suitable for its business model and market segment.

Tork is a leading global brand specializing in professional hygiene products and services, targeting businesses across various sectors such as offices, hospitality, and manufacturing. The website presents a professional and consistent brand image, reflecting its position as part of the Essity group. The digital infrastructure leverages modern technologies including React and Next.js, with integrations for analytics and consent management, indicating a mature digital presence. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance mechanisms, although explicit incident response and vulnerability disclosure information are absent. Overall, the website is trustworthy and well-maintained, but the absence of WHOIS data introduces a minor trust concern that should be investigated further.

H

Hoši děkujem - Vytvoř si fanouškovské video! #hosidekujem

hosidekujem.cz

8

The website hosidekujem.cz is a non-commercial fan engagement platform focused on celebrating the Czech hockey world champions of 2024 by allowing users to create personalized fan videos. The site targets a general audience, primarily hockey fans, and offers a simple, interactive experience without commercial intent. The technical infrastructure is modern, built on React and Next.js frameworks, and includes Google Analytics for visitor tracking. The site is mobile-optimized and presents a good user experience with clear navigation and consistent branding. However, there is a lack of visible security headers and no explicit privacy or cookie policies, which limits its privacy compliance posture. The absence of WHOIS data reduces the ability to verify domain legitimacy fully, though the site content and technology suggest a legitimate fan project. Overall, the security posture is moderate with room for improvement in transparency and data protection practices.

L

James Bond: The Final Mission

lastbond.com

49

The website www.lastbond.com is an interactive media experience themed around the James Bond franchise, specifically titled 'James Bond: The Final Mission'. It offers users the ability to watch a video revealing the new secret agent successor and create their own customized content. The site targets general audiences interested in entertainment and fan engagement. Technically, the site is built using modern web technologies including React and Next.js, with Google Tag Manager integrated for analytics. The design is visually consistent and mobile optimized, providing a good user experience. However, the site lacks critical business and security information such as WHOIS registration data, privacy and cookie policies, contact details, and security headers. This absence impacts the trustworthiness and compliance posture of the site. Overall, the site appears to be a small-scale media project or fan engagement platform rather than a formal commercial business.

M

Muthesius Kunsthochschule

muthesius.de

54

Muthesius Kunsthochschule is a specialized art university in Schleswig-Holstein, Germany, offering a range of Bachelor and Master programs in art, design, and spatial strategies. The institution emphasizes artistic freedom, interdisciplinary research, and international collaboration, serving a diverse student body including international students. The website reflects a mature digital presence built on WordPress, integrating accessibility and privacy compliance features such as cookie consent and GDPR-aligned policies. Social media and event information enhance community engagement. Security posture is solid with HTTPS and cookie management, though explicit security policies and incident response details are absent. Overall, the site is professional, trustworthy, and well-structured, supporting the institution's educational mission effectively.

The website www.konferenz-gesundheitswirtschaft.de represents the 21st National Industry Conference on Health Economy organized by BioCon Valley GmbH. It serves as a professional platform for decision-makers from politics, economy, and science to discuss healthcare sector challenges and innovations. The site is well-branded, content-rich, and targets a specialized audience interested in healthcare industry developments and networking. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries like jQuery and Modernizr, offering good mobile responsiveness and SEO optimization. Security posture is moderate with HTTPS usage implied but lacks explicit security headers and formal security policies. Privacy compliance is partially met with a privacy policy present but no cookie consent mechanism or terms of service. Overall, the site is trustworthy and professionally maintained, though improvements in security and privacy transparency are recommended.

The website www.ifem.cc is currently inaccessible due to a Cloudflare Turnstile security challenge page, which blocks direct access to any meaningful content. No business information, contact details, or policies are available on the landing page. The domain WHOIS data is unavailable or not publicly accessible, preventing verification of ownership, registration dates, or legitimacy. Technically, the site uses Cloudflare's security services but lacks visible security headers or SSL configuration details. Overall, the site appears to be either under protection or not fully operational for public access, limiting any substantive analysis.

J

JessenLenz GmbH

jledu.de

44

JessenLenz GmbH operates the website jledu.de, providing educational technology solutions primarily targeting schools in Germany. The company offers services under the brand eduXpert, focusing on collaboration with schools and providing support through a service center. The website is professionally designed using WordPress with the Divi theme and includes essential legal and contact information, indicating a legitimate and business-focused online presence. Technical infrastructure is modern and includes SEO optimization and cookie consent mechanisms, reflecting a good level of digital maturity. Security posture is adequate with HTTPS enforced and anti-spam measures in place, though there is room for improvement in security headers and explicit security policies. Overall, the website presents a low-risk profile with no signs of malicious activity or content safety concerns.

J

JessenLenz GmbH

jessenlenz.eu

49

JessenLenz GmbH is an established IT system house based in Lübeck, Germany, offering comprehensive IT services with over 40 years of experience. The company targets businesses seeking reliable IT solutions and positions itself as a trusted provider in the technology sector. The website is built on WordPress using the Divi theme and incorporates SEO best practices via the Yoast SEO plugin. Social media presence on Facebook and Instagram supports brand visibility. Technically, the site is moderately performant and mobile-optimized, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no evident vulnerabilities, but lacks explicit security policies or incident response information. Privacy compliance is limited due to the absence of a privacy policy and terms of service. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

Ramboll is a prominent international consultancy firm specializing in architecture, engineering, and advisory services, with a strong focus on sustainable development. The website reflects a professional and well-established business entity targeting corporate and public sector clients. The content is comprehensive and well-structured, emphasizing their commitment to creating sustainable societies where people and nature thrive. Technically, the site is built using modern frameworks such as Next.js and React, with Chakra UI for styling, indicating a mature digital infrastructure. The presence of Cookiebot and Google Tag Manager shows attention to privacy and analytics integration. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, though explicit security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and the site maintains good privacy compliance with GDPR. Overall, Ramboll's website demonstrates a high level of professionalism, technical maturity, and security awareness, supporting its market position as a leading consultancy firm.

Universitätsklinikum Frankfurt is a leading university hospital in Germany providing comprehensive patient care, medical research, and education. The website serves multiple audiences including patients, healthcare professionals, researchers, and students, offering detailed information about clinical services, research initiatives, and educational programs. The institution is well-positioned in the healthcare sector with a strong reputation supported by certifications such as ISO 9001:2015. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies like jQuery and Slick Slider for interactive content. The site demonstrates good performance, mobile optimization, and accessibility standards. Hosting appears to be managed by the university or German academic networks, ensuring reliability and security. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is evident with clear privacy and cookie policies, GDPR adherence, and minimal user tracking. However, explicit security policy and incident response contact information are not prominently provided. Overall, the website is professional, trustworthy, and well-maintained, reflecting the institution's credibility. Recommendations include publishing a dedicated security policy, adding vulnerability disclosure information, and providing incident response contacts to enhance transparency and security readiness.

N

New York Stock Exchange

nyse.com

66

The New York Stock Exchange (NYSE) website serves as a comprehensive platform for capital markets, providing services such as stock listings, trading, and market data distribution. It targets investors, listed companies, and financial professionals globally, positioning itself as a market leader under the parent company Intercontinental Exchange (ICE). The site features professional branding, rich content, and a modern technical infrastructure leveraging React and other contemporary web technologies. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although WHOIS data is unavailable likely due to privacy protections. Privacy and cookie policies are implemented with consent mechanisms, supporting GDPR compliance. Overall, the website demonstrates high professionalism, trustworthiness, and technical maturity.