Security Directory

M

Mediothek Krefeld

mediothek.blog

61

Mediothek Krefeld operates as a modern media library serving the local community in Krefeld, Germany. The website functions as a blog and information portal providing book reviews, media tips, community projects, and event information. The organization positions itself as a cultural and educational institution with a focus on engaging local readers and library users. The business model is non-profit and community-oriented, with a clear emphasis on education and media access.

D

Devitec ApS

devitec.dk

55

Devitec ApS is a Danish IT solutions provider specializing in custom software development, system integration, data analysis, and process monitoring primarily for process and food production industries. Established in 2008, the company positions itself as a niche provider focused on delivering tailored IT applications that improve operational efficiency and reduce costs for its clients. The website content is primarily in Danish and targets a professional B2B audience within Denmark. Technically, the website is built using basic HTML, CSS, and JavaScript without modern frameworks or CMS platforms. The site lacks mobile optimization and accessibility features, indicating a need for modernization. Performance is moderate, with no advanced analytics or tracking scripts detected, reflecting a minimalistic digital footprint. From a security perspective, the site lacks important security headers, DNSSEC is not enabled, and there is no visible HTTPS enforcement or HSTS headers, which lowers the security posture. Privacy compliance is addressed through linked privacy and cookie policies hosted on Iubenda, indicating awareness of GDPR requirements. However, there is no visible incident response or security policy information, and no terms of service page is present. Overall, the website is functional and provides essential business information but would benefit from technical and security improvements to enhance trust and compliance. The domain registration is consistent and long-standing, supporting the legitimacy of the business. Strategic recommendations include improving security headers, enabling DNSSEC, enforcing HTTPS, enhancing mobile responsiveness, and publishing security and incident response policies.

D

Datenschutz Pöllinger GmbH

datenschutz-poellinger.de

56

Datenschutz Pöllinger GmbH is a specialized German company providing comprehensive data protection consulting, information security, and IT security services. They combine expert advisory with proprietary software solutions for data protection management, targeting businesses needing GDPR compliance and security certifications such as ISO 27001 and TISAX. The company also offers training and whistleblower system implementations, positioning itself as a trusted partner in the data protection ecosystem. Technically, the website is built on the auctores CMS platform, leveraging modern JavaScript libraries like jQuery and Slick Carousel, with good mobile optimization and SEO practices. Security posture is strong with HTTPS enforced and nonce usage in scripts, though some security headers and incident response details are missing. Overall, the site is professional and trustworthy, though it lacks explicit privacy and cookie policies, which impacts compliance scoring.

B

Bibliotheek.nl

bibliotheek.nl

58

Bibliotheek.nl serves as the national portal for public libraries in the Netherlands, providing access to a wide range of library services including physical and digital collections, membership information, educational resources, and community engagement opportunities. The platform supports a large network of 133 library organizations with 800 branches, positioning itself as a key public service in Dutch education and culture. The website is well-structured, user-friendly, and targets a broad audience from children to adults interested in reading, learning, and community activities. Technically, the website is built on Adobe Experience Manager CMS, leveraging modern web technologies such as JavaScript and CSS. It demonstrates good mobile optimization, accessibility, and SEO practices. The site uses HTTPS exclusively, ensuring secure communications, and implements cookie consent mechanisms aligned with GDPR requirements. Analytics are handled via Matomo, indicating a privacy-conscious approach to user tracking. From a security perspective, the site maintains a solid posture with HTTPS and secure form handling but lacks explicit security headers and a public security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website's public service nature, confirming legitimacy and consistency. Overall, Bibliotheek.nl is a trustworthy, professional, and well-maintained public service website with strong content quality and compliance. Opportunities exist to enhance security transparency and incident response readiness to further strengthen trust and resilience.

podcast.de is a German-language podcast directory and media portal established since 2004, offering a comprehensive platform for podcast discovery, news, tips, and related services. The website targets podcast listeners and creators primarily in Germany, providing millions of free audio and video downloads along with editorial content. Technically, the site uses modern web technologies such as Vue.js and Matomo analytics, hosted on Schlundtech servers, ensuring a stable and moderately performant user experience with good mobile optimization. Security posture is solid with HTTPS and CSRF protections, though lacking explicit security headers and published security policies. Privacy compliance is limited due to missing visible privacy and cookie policies. Overall, the site is professional, trustworthy, and well-positioned in the German podcast media market.

F

Homepage - filmfriend

filmfriend.de

59

filmfriend.de is a German-based media streaming platform offering feature films, documentaries, and kids movies accessible via library card authentication. The service targets general audiences including families and film enthusiasts, positioning itself as a niche streaming provider with curated content and ad-free viewing. The website is built using Angular framework and hosted on Azure DNS infrastructure, indicating a modern technical foundation. While the site demonstrates good content quality, design, and navigation, it lacks explicit privacy, cookie, and security policies, which impacts its compliance posture. Security headers and incident response contacts are not evident, suggesting room for improvement in security maturity. Overall, the domain appears legitimate with professional hosting but limited public registrant data. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, and providing clear contact information to improve trust and compliance.

H

Hall-Wattens Tourismus

hall-wattens.at

57

Hall-Wattens Tourismus operates as the official tourism organization for the Hall-Wattens region in Tirol, Austria, providing comprehensive information and services to tourists including accommodation booking, event promotion, and activity guidance. The website is professionally designed with excellent content quality, targeting travelers interested in seasonal vacations and cultural experiences in the Austrian Alps. Technically, the site leverages modern web technologies such as Next.js and React, ensuring good performance and mobile optimization. Security measures include HTTPS enforcement and appropriate security headers, alongside a robust cookie consent mechanism aligned with GDPR requirements. However, the absence of WHOIS data limits domain trust assessment, though the website's professional presentation and clear contact details support its legitimacy. Overall, the site presents a low-risk profile with strong business credibility and privacy compliance.

B

Bad Hindelang

badhindelang.de

58

Bad Hindelang is a regional tourism website promoting vacation activities such as hiking, skiing, and family holidays in the Allgäu Alps region of Germany. The site targets tourists and families seeking outdoor recreational opportunities. Technically, the website is built on TYPO3 CMS, hosted behind Cloudflare, and uses modern web technologies with good mobile optimization and SEO practices. Security-wise, HTTPS is enabled and a consent management platform is implemented, but the site lacks visible security headers and explicit privacy and terms of service policies. Overall, the site is legitimate and professionally presented but would benefit from enhanced privacy disclosures and security hardening.

N

Nikita Hovratov

nikita-hovratov.de

47

Nikita Hovratov operates as a specialized TYPO3 CMS freelancer based in Hamburg, Germany, offering services including new TYPO3 website development, relaunches, updates, and custom extensions. The website positions the business as a niche expert with a strong focus on personalized client communication and technical excellence in TYPO3 implementations. The digital infrastructure is built on TYPO3 CMS with hosting provided by StratoServer, featuring a modern responsive design and good SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements in security headers and incident response documentation are recommended. Privacy compliance is partially addressed with a GDPR privacy policy but lacks a cookie consent mechanism. Overall, the website reflects a trustworthy, professional small business with a clear market focus and good technical maturity.

S

Stadt Neuburg an der Donau

neuburg-donau.de

47

The website www.neuburg-donau.de serves as the official municipal portal for the city of Neuburg an der Donau, Germany. It provides comprehensive information about city administration, public services, local government activities, events, and economic development. The site targets residents, local businesses, visitors, and government officials, positioning itself as a key information hub for the municipality. The business model is that of a public sector entity delivering essential government services and citizen engagement platforms. Technically, the website employs modern web technologies including JavaScript, CSS, and integrates a consent management platform to comply with cookie regulations. Accessibility features are present, and the site is mobile optimized with good SEO practices. The CMS appears to be custom or proprietary, typical for government websites. Performance is moderate with no major issues detected. From a security perspective, the site enforces HTTPS and uses a consent manager for cookie compliance. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident in the provided HTML snippet. There is no visible privacy policy or incident response information, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. The domain WHOIS data is limited but does not raise immediate concerns. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic recommendations include publishing a detailed privacy policy, enhancing security headers, and providing clear contact information for data protection and incident response. These steps will improve compliance, security posture, and user trust.

A

Augsburg Marketing

augsburg-city.de

38

Augsburg City is a well-established city marketing platform operated by Augsburg Marketing, focusing on promoting shopping, cultural events, leisure activities, and tourism in Augsburg, Germany. The website serves as a comprehensive guide for residents and visitors, offering event calendars, shopping tips, and city vouchers. It maintains a strong market position as a key local resource for city-related information and promotion. Technically, the website uses modern web technologies including JavaScript, SVG graphics, and Matomo analytics for privacy-conscious user tracking. Hosting is provided by Schlund Technologies, and the site demonstrates good mobile optimization, accessibility, and SEO practices. The site is fully accessible without any WAF or security challenges. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks publicly visible security policies or incident response contacts, which could be improved. No vulnerabilities or exposed sensitive data were detected. The domain registration data aligns well with the website's purpose and location, indicating legitimacy. Overall, Augsburg City presents a professional, trustworthy, and user-friendly online presence with strong compliance to privacy regulations. Strategic improvements in security transparency and incident response readiness would further enhance its security posture.

H

Haus Sankt Ulrich

haus-sankt-ulrich.de

36

Haus Sankt Ulrich is a specialized hospitality business operating as a conference and city hotel in Augsburg, Germany, affiliated with the Diözese Augsburg. The website presents a professional image with clear descriptions of accommodation, conference facilities, and gastronomy services targeting business travelers, groups, and individual guests. The business occupies a niche market position combining religious affiliation and architectural heritage with hospitality services. Technically, the website uses legacy JavaScript libraries and custom CMS or framework, hosted on Amazon AWS infrastructure. While the site is functional and well-structured, it lacks modern security headers and uses an outdated jQuery version, which poses security risks. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professionally maintained but could improve technical and security aspects.

L

Landschaftsverband Rheinland (LVR)

lvr.de

52

The Landschaftsverband Rheinland (LVR) is a large regional public authority in Germany serving approximately 9.8 million people with a workforce of around 22,000 employees. The organization provides a broad range of social, youth, psychiatric, educational, and cultural services. The website reflects a mature digital presence with comprehensive content targeting citizens, social institutions, and government partners. Technically, the site uses standard web technologies including JavaScript, CSS, and Matomo analytics, with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit incident response information are absent. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Overall, the domain and website are legitimate and trustworthy, consistent with a government entity.

I

ifo Institute

econpol.eu

68

The ifo Institute's EconPol Europe platform is a reputable economic policy research and advisory network focused on European economic and fiscal policy. It leverages a global network of economists, including Nobel laureates, to provide evidence-based policy advice. The website is professionally designed, well-structured, and targets policymakers, researchers, and the public interested in economic policy. Technically, it uses Drupal 10 CMS hosted on Microsoft Azure DNS infrastructure, with modern web technologies and good mobile optimization. Security posture is strong with HTTPS and cookie consent mechanisms, although explicit security policies and vulnerability disclosures are absent. Overall, the site is trustworthy and compliant with GDPR, with clear contact information and active social media presence.

D

Drohnen-Shows.de

drohnen-shows.de

38

Drohnen-Shows.de is a specialized service provider offering customizable drone light shows and laser shows primarily targeting the German market. Their services cater to event organizers, companies, families, and the general public seeking unique and memorable aerial light experiences. The website is professionally designed using WordPress with modern plugins and themes, providing good SEO optimization and mobile responsiveness. The technical infrastructure is solid, hosted on German servers with HTTPS enabled, but lacks some advanced security headers and cookie consent mechanisms. Security posture is adequate but could be improved with explicit policies and incident response contacts. Overall, the business presents itself as a niche player with consistent branding and a clear service offering.

L

Land in Sicht e.V.

landinsicht.koeln

43

Land in Sicht e.V. is a small non-profit cultural association based in Germany, specializing in literature mediation and organizing literary events such as street art readings and short story nights. The organization targets literature enthusiasts and the local community in Cologne, supporting young authors and fostering cultural engagement. The website serves as an informational platform for event announcements, calls for submissions, and community outreach. Technically, the site is built on WordPress using the Twenty Twenty-One theme, hosted likely in Germany with a stable domain registration dating back to 2014. The site is mobile-optimized and accessible, though SEO and privacy compliance could be improved. Security posture is moderate with HTTPS enabled but lacking advanced security headers and DNSSEC. No privacy or cookie policies were found, indicating compliance gaps with GDPR requirements. Contact information is limited to an email address, with no phone or physical address provided. Social media presence is established on Facebook and Instagram. Overall, the website is professional and trustworthy for its niche but would benefit from enhanced privacy and security measures.

S

Stichting Heuvellandbibliotheken

heuvellandbibliotheken.nl

57

Stichting Heuvellandbibliotheken operates as a regional public library network serving multiple municipalities in the Limburg region of the Netherlands. The organization provides a broad range of library services including lending physical and digital media, hosting community events, and offering digital literacy support. The website reflects a well-maintained digital presence with clear navigation, mobile optimization, and relevant content targeting residents and visitors of the Heuvelland area. Technically, the site is built on Adobe Experience Manager CMS, employs HTTPS, and uses Matomo for analytics, indicating a modern and privacy-conscious infrastructure. Security posture is solid with no visible vulnerabilities or exposed sensitive data, though formal security policies and incident response contacts are not published. Overall, the site demonstrates a high level of professionalism and trustworthiness appropriate for a public service entity.

R

Rhein-Kreis Neuss

rhein-kreis-neuss.de

56

Rhein-Kreis Neuss operates as a regional government authority in Germany, providing a comprehensive range of public services and information to residents, businesses, and visitors. The website serves as a digital portal for administrative, cultural, educational, and economic services, reflecting a well-structured and professionally maintained online presence. The use of TYPO3 CMS and Matomo analytics indicates a mature digital infrastructure with a focus on privacy and user experience. Technically, the website demonstrates good implementation practices, including responsive design, accessibility features, and SEO optimization. Security measures such as HTTPS and privacy-conscious analytics configurations are in place, although explicit security headers and incident response policies are not publicly documented. The domain registration data aligns well with the website's governmental nature, supporting its legitimacy and trustworthiness. Overall, the security posture is solid but could be enhanced by publishing formal security policies and implementing additional HTTP security headers. Privacy compliance is strong, with clear cookie and privacy policies and mechanisms for user consent. The website content is safe for general audiences, with no adult or questionable material detected. Strategically, Rhein-Kreis Neuss should focus on enhancing transparency around security and incident response to further build trust and resilience. The digital platform is well-positioned to support the district's public service mission effectively.

S

Stadt Dormagen

dormagen.de

64

Stadt Dormagen operates as the official municipal government website for the city of Dormagen, Germany. It provides comprehensive information and services related to city administration, tourism, culture, business, and citizen engagement. The site targets residents, tourists, and local businesses, positioning itself as a central digital hub for municipal services and community information. The website is built on TYPO3 CMS and incorporates accessibility and multilingual features, reflecting a mature digital infrastructure suitable for a government entity. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site demonstrates a professional and trustworthy presence with good content quality and user experience.

W

Westdeutscher Rundfunk

wdr5.de

56

The website www1.wdr.de/radio/wdr5/index.html represents Westdeutscher Rundfunk (WDR), a large and established public broadcasting media entity in Germany. It offers a comprehensive range of radio programming, podcasts, news, and cultural content targeted primarily at German-speaking audiences interested in politics, culture, and regional news in North Rhine-Westphalia (NRW). The site is professionally designed with consistent branding and excellent content quality, reflecting WDR's strong market position in the media industry. Technically, the site uses modern web technologies including JavaScript, CSS, and ARD's proprietary player scripts, with responsive design optimized for mobile devices. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies are absent. Privacy compliance is weak due to missing privacy and cookie policies and lack of consent mechanisms. Contact information is limited to a phone hotline and a contact form, with no direct emails or incident response contacts visible. Overall, the site is trustworthy and safe for general audiences, with no adult or explicit content detected.

V

VR-Bank eG

vrbank-eg.de

61

VR-Bank eG operates as a regional cooperative bank in Germany, providing local banking and financial services to its community. The website serves as an informational portal highlighting the bank's offerings and commitment to local customer service. The technical infrastructure is based on modern web technologies including Angular Material and uses Dynatrace for performance monitoring, indicating a moderate level of digital maturity. However, the site lacks visible privacy and cookie policies, which impacts compliance and trust. Security posture is moderate with no explicit security headers or incident response information found, suggesting room for improvement in security transparency and best practices. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security disclosures to improve user trust and regulatory adherence.

S

Sparkasse Aachen

sparkasse-aachen.de

70

Sparkasse Aachen is a regional financial institution providing a broad range of banking and financial services including online banking, loans, investments, insurance, and personal advisory services. The website targets both private and corporate customers with a comprehensive digital presence and strong local market positioning, supported by awards and certifications. Technically, the site is built on a modern CMS platform (likely Adobe Experience Manager), uses HTTPS with good security practices, and integrates monitoring and analytics tools such as Dynatrace and Google Analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is strong with session management and cookie consent mechanisms, though explicit security policy and incident response contacts are not published. Overall, the website is professional, trustworthy, and compliant with GDPR and cookie regulations, making it a reliable digital channel for the bank's customers.

G

Geburtshaus Levi Strauss Museum

levi-strauss-museum.de

42

The Geburtshaus Levi Strauss Museum is a specialized cultural institution located in Buttenheim, Germany, dedicated to the life and legacy of Levi Strauss, the inventor of blue jeans. The museum offers exhibitions, educational programs, and a museum shop, targeting general visitors, fashion enthusiasts, and cultural tourists. It holds a niche market position with international recognition through awards. Technically, the website is built on WordPress using a child theme of Twenty Twenty-One, hosted on servers associated with flessio.com and flessio.de. The site demonstrates good mobile optimization and SEO practices but lacks advanced security headers and cookie consent mechanisms. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though improvements are recommended in security policy transparency and headers. Overall, the website is professional, trustworthy, and provides clear contact information and social media presence, supporting its credibility as a legitimate museum entity.

V

Vereinigung der Bayerischen Wirtschaft e. V.

vbw-bayern.de

66

The website www.vbw-bayern.de represents the Vereinigung der Bayerischen Wirtschaft e. V., a voluntary, cross-sector economic interest association for the Bavarian economy. It serves as a key platform for economic policy advocacy, information dissemination, and member services targeting Bavarian businesses and stakeholders. The site features rich content including events, publications, podcasts, and press releases, reflecting an active engagement with its audience. The business model is non-profit and focused on regional economic representation, positioning vbw as a leading economic association in Bavaria. Technically, the site employs a modern web stack with JavaScript, CSS, and HTML5, utilizing libraries such as Swiper.js for interactive sliders and etracker for analytics. The site is mobile-optimized, accessible, and SEO-friendly, though it appears to use a custom or proprietary CMS. Performance is moderate, with good mobile and accessibility features. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. Security headers are minimal but present, and no critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced security posture. Overall, the site is trustworthy, professional, and compliant with privacy regulations, serving its business purpose effectively. Strategic improvements in security transparency and header implementation would further strengthen its security posture.

C

Verdiene dauerhaft mehr Geld mit deinem Design!

calculate.design

47

The website calculate.design offers specialized online tools aimed at designers to help them calculate appropriate hourly rates and project pricing. It features two main products: KAJY, a free hourly rate calculator, and VTV Design, a paid project pricing calculator with extensive examples. The site is professionally designed, with consistent branding and endorsements from recognized design professionals and organizations such as AGD and PAGE Magazin. Technically, the site uses standard web technologies (HTML5, CSS, JavaScript) and is moderately optimized for performance and mobile use. Security posture is moderate with no visible advanced security headers or policies, and no HTTPS status was explicitly found in the provided data. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. No contact emails or phone numbers are provided on the main page, which limits direct communication channels. Overall, the site is trustworthy and serves a niche market effectively.

O

Oberfrankenstiftung

oberfrankenstiftung.de

54

The Oberfrankenstiftung is a publicly governed foundation focused on promoting welfare in the Oberfranken region of Germany. It supports projects in social, cultural, and scientific fields by allocating funds from its endowment. The website reflects a well-structured and professional digital presence with comprehensive information about its activities, funding opportunities, and recent projects. The foundation positions itself as a key regional non-profit entity with strong ties to local government and cultural institutions. Technically, the website employs standard web technologies such as Bootstrap and jQuery, ensuring responsive design and good user experience. While the site is well-structured and content-rich, it lacks advanced security headers and cookie consent mechanisms, which are important for GDPR compliance and overall security posture. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable scripts. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in security maturity. The WHOIS data aligns well with the website content, showing a consistent and legitimate domain registration. Overall, the website is trustworthy, professionally maintained, and serves its target audience effectively. Strategic enhancements in security headers, privacy compliance, and incident response transparency would further strengthen its security posture and user trust.

S

shoddy.site

shoddy.site

68

Shoddy.site is a small independent Mastodon server operated by an individual named Chris, providing a general purpose fediverse social media service. The website serves as an about page describing the service and its administration, targeting general users interested in decentralized social media. The business model is community-driven and personal, with no commercial or enterprise scale indicated. Technically, the site runs on a Glitch-soc fork of Mastodon version 4.3.5, with a modern JavaScript and CSS stack, and is moderately optimized for mobile and accessibility. Security posture is basic with HTTPS enabled but lacks DNSSEC and security headers, and no published security or incident response policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism or GDPR explicit statements. Overall, the site is trustworthy for its scale and purpose but could improve security and compliance transparency.

P

Pixelfed

pixelfed.org

64

Pixelfed is an open-source decentralized photo sharing social media platform founded in 2018, headquartered in Canada. It offers privacy-friendly, ad-free, chronological feeds and federated social networking via the ActivityPub protocol. The platform targets users seeking ethical and privacy-focused alternatives to mainstream social media. Technically, Pixelfed employs modern web technologies including Vue.js, serves content over HTTPS, and is hosted on DigitalOcean with DNS and domain registration managed by Cloudflare. The website is well-designed, mobile-optimized, and provides apps on major mobile platforms. Security posture is solid with HTTPS and CSRF protections, but lacks some security headers and formal policies. Privacy compliance is limited due to missing privacy and cookie policies. Overall, Pixelfed demonstrates a mature, trustworthy presence in the decentralized social media niche with strong community and sponsor support.

N

nph Kinderhilfe Lateinamerika e.V.

nph-kinderhilfe.org

61

nph Kinderhilfe Lateinamerika e.V. is a well-established non-profit organization dedicated to improving the lives of children in Latin America and Haiti through education, protection, and family support. With a history dating back to 1954, the organization operates with a clear mission to provide safe environments and opportunities for children to grow and thrive. The website reflects a professional and consistent brand image, targeting donors, supporters, and stakeholders interested in child welfare. Technically, the website is built on modern frameworks such as Next.js and React, leveraging Directus as a CMS. It demonstrates good performance, mobile optimization, and SEO practices. The presence of Google Tag Manager indicates moderate user tracking for analytics and marketing purposes. From a security perspective, the site uses HTTPS with strong SSL configuration and includes essential security headers. However, there is no explicit security policy or incident response information publicly available, which could be improved. The WHOIS data is unavailable due to query failure or privacy protection, which is common for non-profits but slightly reduces trustworthiness. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic recommendations include publishing a security policy, incident response contacts, and vulnerability disclosure information to enhance transparency and trust.

W

WEISSER RING Stiftung

weisser-ring-stiftung.de

50

The WEISSER RING Stiftung is a German non-profit foundation dedicated to supporting victims of crime and strengthening their societal position. The foundation operates through funding projects aligned with its mission, supported by donations and conservative investment strategies. The website presents a professional and consistent brand image, targeting donors, supporters, and victims seeking assistance. Technically, the site is built on Drupal 10, hosted likely by Deutsche Telekom, and uses Piwik analytics with privacy-conscious settings. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and incident response policies could be improved. Overall, the site is trustworthy and well-maintained, reflecting the foundation's reputable standing in the non-profit sector.

A

Aktion Mensch

familienratgeber.de

68

Familienratgeber.de is a German non-profit information platform affiliated with Aktion Mensch, providing comprehensive information, advice, and local contact addresses for people with disabilities and their families. The website offers a digital chat assistant, detailed navigation by life areas and rights, and regional partner collaboration to maintain up-to-date data. Technically, the site uses modern JavaScript frameworks such as Alpine.js, integrates map services via MapLibre GL JS, and employs Tealium for tag management and analytics. The site is well-optimized for accessibility and mobile devices, with clear navigation and professional design. Security posture is solid with HTTPS enforcement and consent management, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, GDPR compliant, and serves its target audience effectively.

P

Pomoc.sk

pomoc.sk

58

Pomoc.sk is a Slovak non-profit helpline and educational platform dedicated to child and youth internet safety, supported by the European Commission and Slovak government bodies. It provides free 24/7 telephone counseling, online chat, and email support, alongside accredited educational programs addressing cyberbullying, online risks, and digital literacy. The organization has a strong market position in Slovakia with over 18 years of experience and recognized partnerships with UNICEF and government ministries. Technically, the website uses standard web technologies including HTML, CSS, JavaScript, Google Analytics for tracking, and a third-party chat widget (Livechatoo). The site is moderately optimized for performance and mobile use but lacks advanced accessibility features and comprehensive SEO optimization. No CMS or hosting provider details are evident. From a security perspective, the site uses HTTPS and avoids exposing sensitive data but lacks visible security headers and published security or incident response policies. Privacy and cookie policies are absent, representing compliance gaps with GDPR and related regulations. The site does not show signs of vulnerabilities or malicious content but would benefit from improved security best practices. Overall, Pomoc.sk is a trustworthy and professionally presented resource for child internet safety in Slovakia, with solid business credibility but room for improvement in privacy compliance and security posture.

The website www.lowicz.eu serves as the official municipal government portal for the city of Łowicz in Poland. It provides basic local government information, contact details, and links to related municipal business and tourism sites. The site targets residents and visitors seeking official information and services. The business model is that of a government service provider with a local authority market position. Technically, the site is simple, built with basic HTML and CSS, with minimal mobile optimization and no detected CMS or advanced frameworks. There is no evidence of analytics or tracking technologies, and no forms for data collection are present. Security posture is limited; no HTTPS status or security headers were detected in the provided data, and no privacy or cookie policies are published. Contact information is clearly provided, enhancing business credibility. WHOIS data is unavailable due to EURid privacy policies, which is common for .eu domains but reduces transparency. Overall, the site is safe, suitable for general audiences, and functions as a basic informational portal.

S

StädteRegion Aachen

staedteregion-aachen.de

61

StädteRegion Aachen operates as a regional governmental authority in Germany, providing a wide range of administrative and public services to residents and stakeholders within its jurisdiction. The website serves as a comprehensive portal offering information on governance, history, digital infrastructure, social services, and citizen engagement. The target audience primarily includes local citizens, businesses, and public sector partners. The business model is centered on public administration and service delivery, positioning the entity as a key regional government institution. Technically, the website is built on the TYPO3 CMS platform, utilizing modern web technologies such as JavaScript and CSS. The site demonstrates good digital maturity with mobile optimization, accessibility features, and SEO best practices. Performance is moderate, with room for optimization. Security measures include HTTPS enforcement and standard security headers, contributing to a solid security posture. Security evaluation reveals strengths in encryption and cookie consent mechanisms, though the absence of explicit security policies, incident response contacts, and vulnerability disclosure reduces transparency. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with comprehensive privacy and cookie policies aligned with GDPR requirements. Overall, the website presents a professional, trustworthy, and secure platform for regional government services. Strategic recommendations include publishing detailed security policies, establishing vulnerability disclosure channels, and enhancing contact information for security incidents to further strengthen trust and compliance.

JTL-Connect is a professional e-commerce event organized by JTL-Software-GmbH, targeting customers, partners, and interested parties in the e-commerce sector primarily in Germany. The website promotes the 8th JTL-Connect event scheduled for October 2, 2026, in Cologne, providing information and networking opportunities. The company holds a solid market position as an established event organizer within the German e-commerce ecosystem. Technically, the website is built on WordPress with modern SEO practices using Yoast SEO Premium. It integrates multiple analytics and marketing tools such as Google Analytics, Matomo, Facebook Pixel, Microsoft Clarity, and LinkedIn Insight Tag, demonstrating a mature digital infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. From a security perspective, the site enforces HTTPS, employs Google reCAPTCHA for form protection, and implements a comprehensive cookie consent mechanism aligned with GDPR requirements. However, it lacks explicit security headers and a published security policy or incident response information, which are areas for improvement. Overall, the website is trustworthy, compliant with privacy regulations, and professionally maintained. The risk level is low, but strategic enhancements in security transparency and accessibility could further strengthen its posture.

S

Speed Dial 2

speeddial2.com

52

Speed Dial 2 is a well-established browser extension focused on enhancing the new tab page experience for users of Google Chrome, Firefox, Microsoft Edge, and Brave. With over a decade of presence since 2011 and more than one million downloads, it offers customizable, organized, and productivity-enhancing features including bookmark management and a mobile app. The website reflects a professional and user-centric approach with strong branding and positive user testimonials. Technically, the site employs modern web technologies, asynchronous analytics scripts, and is hosted likely behind Cloudflare, ensuring good performance and security. The security posture is solid with HTTPS and some security headers, though there is room for improvement in explicit cookie consent and published security policies. Overall, the site demonstrates high business credibility and technical maturity, with minor gaps in privacy compliance and incident response transparency.

Michal Šimonfy's website serves as a comprehensive portfolio showcasing his digital and new media artworks, including installations, netart, and public space actions. The site targets art enthusiasts, galleries, and cultural institutions, positioning the artist as an independent creative professional with international recognition and awards. The business model is centered on artistic presentation rather than commercial transactions. Technically, the website employs standard web technologies such as HTML5, CSS, JavaScript, and jQuery, supplemented by Google Analytics and New Relic for monitoring. While the site is functional and moderately optimized, it lacks advanced frameworks or CMS platforms and could benefit from improved mobile responsiveness and accessibility. From a security perspective, the site uses HTTPS but lacks important security headers and formal privacy or cookie policies, which impacts compliance and user trust. No forms or sensitive data collection are present, reducing risk exposure. The WHOIS data aligns well with the website's claims, supporting legitimacy. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, security hardening, and modernization of technical components to improve user experience and regulatory adherence.

G

GL Service gGmbH

gl-service-ggmbh.de

67

GL Service gGmbH is a German non-profit organization focused on social services including employment promotion, youth welfare, catering, and community facility management. The website is professionally designed using WordPress and Gutenberg, with good mobile optimization and clear navigation. The business targets local community members and institutions, providing essential social and municipal services. Technically, the site uses modern web standards and includes structured data for local business identification. Security posture is good with HTTPS and security headers implemented, though there is room for improvement in privacy compliance and incident response transparency. Overall, the site is trustworthy and well-maintained, serving its community effectively.

A

Amazon

aboutamazon.ca

60

The About Amazon Canada website serves as a corporate informational portal for Amazon's operations and initiatives in Canada. It highlights Amazon's core principles, business segments including e-commerce, cloud services, devices, and entertainment, and provides access to localized content and international sites. The site is well-branded, professionally designed, and targets a broad audience including customers, partners, and stakeholders interested in Amazon's corporate story and impact. Technically, the site employs modern web technologies such as Polymer web components, asynchronous loading of third-party SDKs, and integrates analytics tools like Chartbeat and Adobe DTM for performance and marketing insights. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response information are not prominently disclosed. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting Amazon's commitment to data protection. Overall, the site demonstrates a mature digital presence consistent with a global enterprise.

D

Das Kartenhaus

daskartenhaus.info

54

Das Kartenhaus is a small German ticketing service operating since 2021, providing event ticket sales at 8 physical locations and online via affiliate partnerships with platforms like eventim.de. The website is built on WordPress using the Vantage theme and includes standard cookie consent mechanisms compliant with GDPR. The technical infrastructure is moderate in performance with good mobile optimization but lacks advanced security headers and DNSSEC. Security posture is adequate with HTTPS enforced but could be improved with additional security controls. No explicit incident response or security policies are published. Overall, the business appears legitimate and trustworthy with clear contact phone information and transparent affiliate disclosures.

B

BotTalk

bottalk.io

60

BotTalk is a specialized AI voice solution provider targeting news publishers and media companies. Their platform aggregates multiple leading text-to-speech providers into a single audio hub, enabling easy integration, paywall support, and audio monetization through advertising partnerships. The company positions itself as a niche leader with a clear focus on enhancing user engagement and subscription value through audio content. Technically, the website is built on modern frameworks like Next.js and React, hosted with Cloudflare DNS, and integrates analytics and form services for marketing and support. Security posture is good with HTTPS and domain transfer protections, though improvements in DNSSEC and security headers are recommended. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-optimized for its target audience.

L

Literaturbüro NRW e.V.

literaturbuero-nrw.de

40

Literaturbüro NRW e.V. is a well-established non-profit organization based in Düsseldorf, Germany, dedicated to promoting literature and culture across North Rhine-Westphalia. Founded in 1980, it supports authors and young talents through events, publications, and educational projects. The organization is publicly funded by the city of Düsseldorf and the state of NRW, positioning it as a key cultural institution in the region. The website reflects this mission with clear content, event calendars, and resources for writers and literature enthusiasts. Technically, the website is built on Drupal 10, indicating a modern and maintainable CMS platform. The site is mobile-optimized, accessible, and well-structured with good SEO practices. Hosting appears stable with known DNS providers. However, there is no visible cookie consent mechanism or advanced security headers, which could be improved to enhance compliance and security posture. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. No incident response or security policy pages are published, and no vulnerability disclosure mechanism is evident. Social media integration is strong, but no analytics or tracking scripts were detected, suggesting minimal user tracking. Overall, the security posture is solid but could benefit from additional headers and privacy enhancements. The overall risk is low given the non-profit cultural nature of the organization and the absence of suspicious indicators. Strategic recommendations include implementing cookie consent, publishing security policies, adding security headers, and considering a vulnerability disclosure page to improve transparency and compliance.

K

kajado GmbH

kajado.de

50

kajado GmbH is a small, established digital agency based in Dortmund, Germany, founded in 2014. The company specializes in web design, web development using WordPress, TYPO3, and Laravel, e-commerce solutions including WooCommerce and Magento, and comprehensive online marketing services such as SEO, SEA, content marketing, and social media marketing. They also offer workshops and seminars, serving clients across Germany from Berlin to Berchtesgaden. The website reflects a professional and consistent brand image with clear contact information and strong trust signals including customer testimonials and third-party review integration. Technically, the website is built on WordPress 6.7.2 with popular plugins like Yoast SEO and WPBakery Page Builder, supported by Borlabs Cookie for GDPR-compliant cookie management. The site is mobile-optimized, moderately performant, and SEO-friendly. Hosting appears to be managed via your-server.de based on nameservers. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Security-wise, the site demonstrates good practices but lacks explicit published security policies or incident response contacts. GDPR compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. No terms of service or vulnerability disclosure policies were found. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness. The overall risk is low, with recommendations to enhance security headers, publish security and incident response policies, and consider a vulnerability disclosure mechanism to further strengthen trust and compliance.

The website virae.org serves as a personal portfolio for Michal Šimonfy, showcasing his artwork and webdesign services. It targets a general audience interested in digital media and creative design. The business model is primarily personal branding and portfolio display, with no evident commercial transactions or e-commerce features. The site has been active since 2007, indicating a stable online presence in the creative niche. Technically, the website uses basic HTML5, CSS, and jQuery (version 1.6.2) along with Google Analytics for visitor tracking. Hosting and DNS services are provided via Cloudflare, though DNSSEC is not enabled. The site demonstrates moderate performance and basic mobile optimization but lacks modern frameworks or CMS platforms. SEO and accessibility features are minimal but present. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks DNSSEC and security headers, which are recommended for enhanced protection. The use of an outdated jQuery version introduces potential vulnerabilities. No privacy, cookie, or terms of service policies are present, and no contact or incident response information is provided, limiting compliance with GDPR and other regulations. Overall, the website is a modest personal portfolio with moderate technical and security maturity. Strategic improvements in security headers, updated libraries, and privacy compliance would enhance trust and protection. The risk level is low given the non-commercial nature but could be improved to safeguard visitor data and reputation.

E

eSlovensko

eslovensko.sk

54

eSlovensko is a Slovak non-profit organization focused on informatization of municipalities and public services, with a strong emphasis on eGovernment and social responsibility projects. The website showcases numerous awards and recognitions spanning two decades, highlighting its established presence and influence in the Slovak public sector. The organization targets government entities, municipalities, and citizens interested in digital public services and social initiatives. Technically, the website is basic, using legacy HTML and CSS without modern frameworks or responsive design, and it relies on Google Analytics for visitor tracking. Security posture is moderate with DNSSEC enabled and a valid domain registration, but lacks visible security headers and privacy compliance documentation. Overall, the site is trustworthy but would benefit from modernization and enhanced privacy and security practices.

S

S-Communication Services GmbH

s-communication.de

61

S-Communication Services GmbH (S-Com) is a well-established creative agency affiliated with the Sparkassen-Finanzgruppe and parent company DSV-Gruppe. The company specializes in brand communication, digitalization, and enhancing customer experiences for Sparkassen financial institutions. With over 25 years of market experience and a large team of experts, S-Com positions itself as a key player in the financial services marketing and digital transformation sector. The website reflects a professional and consistent brand image, targeting Sparkassen and related stakeholders. Technically, the site is built on Adobe Experience Manager, uses modern JavaScript modules, and integrates various marketing and analytics tools, including Google Tag Manager and TrustCommander for cookie consent. Security is well addressed with HTTPS and a Content-Security-Policy header, although additional security headers could enhance protection. Privacy compliance is strong, with clear policies and consent mechanisms in place. However, explicit contact information and security incident response details are not publicly available on the homepage. Overall, the site is trustworthy, well-designed, and compliant with GDPR requirements.

K

Klarna

sofort.de

68

Klarna is a leading European payment service provider that has integrated Sofortüberweisung into its platform, offering customers a seamless, secure, and familiar payment experience. The website clearly targets German-speaking online shoppers and merchants, emphasizing ease of use, security, and buyer protection. Klarna's market position is strong, supported by a comprehensive suite of payment options and a well-branded digital presence. Technically, the site uses modern web technologies including React and integrates analytics and tracking tools such as Google Analytics and FullStory, ensuring good performance and user experience across devices. Security is robust with HTTPS, multi-factor authentication, and buyer protection prominently featured, although explicit incident response and vulnerability disclosure policies are not publicly detailed. Overall, the site is professional, trustworthy, and compliant with GDPR, with clear contact channels and comprehensive policy documentation.

H

Hertener Stadtwerke GmbH

hertener-stadtwerke.de

64

Hertener Stadtwerke GmbH is a regional energy utility company based in Herten, Germany, with a long-standing history of approximately 125 years. The company provides a comprehensive range of energy products and services including electricity, natural gas, district heating, water supply, photovoltaic solutions, and e-mobility infrastructure. Their website targets private customers in the Herten region, offering detailed information and customer service options. The business model focuses on regional energy supply and customer-centric services, supported by digital tools such as a customer portal and mobile app. The company maintains a consistent brand presence and demonstrates trustworthiness through structured data, official contact information, and social media engagement.

Š

Štatistický úrad Slovenskej republiky

scitanie.sk

57

The website www.scitanie.sk serves as the official portal for the 2021 Census of Population, Houses, and Apartments conducted by the Statistical Office of the Slovak Republic. It provides comprehensive statistical data, including basic and extended results, geospatial data, and time series related to population, housing, and households. The target audience includes government officials, researchers, and the general public interested in demographic and housing statistics. The site is positioned as an authoritative government source with a clear focus on transparency and data dissemination. From a technical perspective, the website employs modern web technologies such as deferred JavaScript loading, web fonts, and Google Analytics with user consent. The site is mobile-optimized and accessible, with clear navigation menus and structured content. However, there is no detected CMS or advanced frameworks explicitly identified. Performance is moderate, with room for optimization. Security-wise, the site enforces HTTPS and includes a cookie consent mechanism aligned with GDPR requirements. However, it lacks explicit security headers like Content Security Policy or HSTS, and no dedicated security or incident response policies are visible. No vulnerabilities or suspicious elements were detected in the provided content. The WHOIS data confirms the domain's legitimacy as a Slovak government entity, enhancing trust. Overall, the website demonstrates a solid foundation in content quality, technical implementation, and business credibility but could improve its security posture and privacy compliance by adding explicit policies and security headers. Strategic recommendations include implementing security headers, publishing clear contact and incident response information, and establishing a vulnerability disclosure policy to enhance trust and compliance.

U

UzemnePlany.sk

uzemneplany.sk

39

UzemnePlany.sk is a specialized Slovak information portal dedicated to urban planning, territorial development, and related legislative and architectural topics. It serves a professional and public audience including architects, urban planners, local governments, and students. The portal offers extensive resources such as urban plans, articles, legal documents, and event information, positioning itself as the largest information source in Slovakia for this sector. Technically, the site uses a custom CMS with JavaScript libraries like jQuery and jQuery UI, providing moderate performance and basic mobile optimization. Security-wise, the site employs HTTPS but lacks advanced security headers and explicit security policies, which could be improved to enhance protection and compliance. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professional but could benefit from enhanced security and privacy practices.