Security Directory

H

Hobbytec

hobby-tec.de

56

Hobbytec is a medium-sized manufacturer specializing in aluminum garden structures such as winter gardens, pergolas, carports, and photovoltaic solutions. The company operates primarily in Germany with a strong presence across several European countries through partner sites. Their business model focuses on custom-made, turnkey solutions including transport and installation services. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site uses modern web technologies including jQuery, Google Tag Manager, and Google reCAPTCHA to enhance user experience and security. Hosting appears to be managed through Czech providers, consistent with the company's regional footprint. Security posture is solid with HTTPS and spam protection on forms, though some security headers and policies are missing. Privacy compliance is well addressed with GDPR-consent mechanisms and a privacy policy. Overall, the site is trustworthy and safe for general audiences.

H

Hobbytec

hobbytec.pl

52

Hobbytec is a medium-sized company specializing in the manufacture and sale of aluminum winter gardens, pergolas, garage carports, and terrace roofing solutions. The company operates primarily in Poland and neighboring Central European countries, with multiple regional partner domains indicating a broad market presence. Their business model focuses on providing high-quality, functional, and design-oriented outdoor home products with an emphasis on customer service and showroom experiences. Technically, the website employs modern web technologies including jQuery, Google Tag Manager, Google Analytics, Facebook Pixel, and reCAPTCHA for security. The site is well-structured, mobile-optimized, and includes privacy and cookie compliance mechanisms. Security posture is good with HTTPS and form protections, but lacks some advanced security headers and published security policies. WHOIS data is unavailable, which slightly reduces trustworthiness but the overall digital footprint and business information suggest a legitimate and professional operation.

T

TT HOLDING, a.s.

skladova-okna.cz

51

The website www.skladova-okna.cz is an established e-commerce platform operated by TT HOLDING, a.s., specializing in the sale of new plastic windows and doors primarily in the Czech Republic and neighboring countries. The company positions itself as a significant player with a large warehouse and showroom, offering both stock and custom-configured products. The site provides comprehensive product information, customer testimonials, and technical support including installation guides, reflecting a mature digital presence. Technically, the website employs modern web technologies including jQuery, Google reCAPTCHA v3, Google Tag Manager, and the OMNIX CMS platform. It demonstrates good performance, mobile optimization, and accessibility standards. Security measures such as HTTPS and CAPTCHA are implemented, though some HTTP security headers and incident response disclosures are absent. From a security and compliance perspective, the site includes a detailed privacy policy and cookie consent mechanism aligned with GDPR requirements. Contact information is clearly presented, and certifications such as APEK membership and verified customer reviews enhance trust. However, the absence of WHOIS data limits domain registration transparency, slightly impacting trustworthiness. Overall, the website is professional, secure, and user-friendly, serving a medium-sized business with a strong market position in retail and manufacturing of plastic windows and doors. Strategic improvements in security headers and incident response transparency are recommended to further strengthen its security posture.

M

Moravská Bastei MOBA, s. r. o.

mobaknihy.cz

65

Moravská Bastei MOBA, s. r. o. operates the website mobaknihy.cz, a Czech online bookstore and publishing house offering a wide range of printed books, e-books, and audiobooks. The company targets Czech-speaking readers interested in various literary genres including historical novels, crime, thrillers, and popular series. The business model is primarily e-commerce retail combined with publishing activities, supported by a loyalty program and physical sales points. The website is professionally designed with consistent branding and good content quality, providing a trustworthy user experience.

C

Centribal

centribal.com

64

Centribal is a technology company specializing in AI-driven chatbot and virtual assistant platforms designed to enhance customer and employee experiences through conversational AI and omnichannel engagement. Founded in 2020, the company offers a SaaS platform that integrates generative AI and supports multiple communication channels such as WhatsApp, Instagram, email, SMS, push notifications, and voice. Their market position is that of a specialized provider with a medium-sized footprint and a portfolio of notable clients, emphasizing scalability, customization, and rapid deployment. Technically, the website is built on WordPress with modern SEO practices using Yoast SEO and jQuery libraries. The platform mentions Kubernetes for scalable deployments, indicating a mature technical infrastructure. The site is mobile-optimized and performs moderately well, with good accessibility and SEO optimization. Hosting and domain registration are managed through IONOS SE, with DNS servers provided by UI-DNS. From a security perspective, the site enforces HTTPS and has domain transfer protections but lacks DNSSEC and some recommended security headers. No explicit security or incident response policies are published, and no cookie consent mechanism is present, which may affect GDPR compliance. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, Centribal presents a professional and trustworthy online presence with solid business credibility and technical implementation. Strategic improvements include enhancing privacy compliance with cookie consent, enabling DNSSEC, and publishing security policies to strengthen trust and regulatory adherence.

S

SHEAN s.r.o.

omnix.cz

58

Omnix.cz is a Czech-based technology company operated by SHEAN s.r.o., providing an integrated CMS and e-commerce platform tailored for businesses seeking unified web content management and online sales solutions. The platform emphasizes system integrations, multilingual content, configurators, and automation to serve a diverse client base with over 170 e-shop solutions and 200 web presentations. Technically, the website employs modern web technologies including HTTPS, Google Tag Manager, and reCAPTCHA, ensuring a secure and user-friendly experience. However, the absence of WHOIS data and explicit security policies slightly diminishes trustworthiness. Overall, the site is professional, well-structured, and compliant with GDPR, though improvements in security transparency and WHOIS data availability are recommended.

Banca Transilvania is a leading Romanian financial institution offering a wide range of banking products and services tailored for shareholders, foreigners, and Romanians living abroad. The website highlights digital banking capabilities such as online account opening via BT Pay, personal and mortgage loans, and investor relations, positioning the bank as a modern and customer-centric organization with a strong digital presence. The site is professionally designed, mobile-optimized, and provides multilingual support to cater to its international audience. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, and reCAPTCHA for security and analytics. The infrastructure supports fast loading times, accessibility features, and SEO best practices, reflecting a mature digital platform. Security measures include HTTPS enforcement, security headers, and fraud assistance information, indicating a robust security posture. While explicit security policies and incident response details are not prominently published, the site demonstrates good privacy compliance with clear cookie consent mechanisms and GDPR-aligned privacy policies. The domain WHOIS data is privacy protected as per ROTLD policies, which is typical for Romanian domains and justified for a large financial institution. Overall, the website presents a trustworthy and professional image with strong business credibility and technical maturity.

K

KinetiXx

kinetixx.de

59

KinetiXx is a specialized German retailer offering high-quality gloves for sports, tactical, and work applications. The company emphasizes protection, comfort, and performance, targeting sports enthusiasts, tactical professionals, and workers. The website is built on a modern e-commerce platform (Shopware 6) with integrations for search and analytics, hosted on a reputable German hosting provider. Security posture is strong with HTTPS and consent mechanisms, though explicit privacy and terms policies are missing. Overall, the site is professional and trustworthy with room for improvement in compliance documentation and contact transparency.

A

AutoScout24 GmbH

autoscout24.at

72

AutoScout24 GmbH operates the largest online automotive marketplace in Europe, providing a platform for buying and selling new and used vehicles including cars, motorcycles, and commercial vehicles. The website targets private and professional buyers and sellers primarily in Austria and other European countries. The business model centers on connecting vehicle sellers with buyers through a comprehensive digital marketplace, supported by dealer services and vehicle valuation tools. The company is part of the Scout24 AG group, indicating a strong market position and enterprise scale. Technically, the website employs modern web technologies including React, service workers for offline capabilities, and a consent management platform to ensure GDPR compliance. The site is well-optimized for mobile devices and accessibility, with fast loading times and a professional design. Security is robust with HTTPS enforced, strong security headers, and bot protection via Google reCAPTCHA Enterprise. Privacy policies and cookie consent mechanisms are comprehensive and clearly presented. The security posture is strong with no detected vulnerabilities or exposed sensitive data. However, the site lacks a dedicated security policy or incident response contact information, which could be improved. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness. Strategic recommendations include publishing a formal security policy, establishing clear incident response channels, and considering a vulnerability disclosure program to enhance transparency and trust. Regular audits of third-party scripts and continued adherence to privacy regulations will further strengthen the security and compliance posture.

S

SANITINO

sanitino.sk

67

Sanitino.sk is a professional e-commerce retailer specializing in sanitary technology and bathroom equipment, serving primarily the Slovak market with a strong presence in multiple European countries through localized sister domains. The website offers a broad range of products from reputable brands such as Grohe, Hansgrohe, Geberit, and Kludi, supported by technical advice and fast delivery services. The business is positioned as a leading seller in its sector with a medium-sized operation and a clear focus on customer service and product variety. Technically, the website employs modern JavaScript frameworks, asynchronous loading, and tracking tools such as Google Tag Manager and OneTrust for cookie consent, ensuring a good user experience and compliance with privacy regulations. Security posture is solid with HTTPS enforced and nonce usage in scripts, although some security headers could be improved. Overall, the site is trustworthy, professionally designed, and compliant with GDPR, with no signs of malicious activity or content blocking.

The website shop.verbraucherzentrale.de is an e-commerce platform operated by Verbraucherzentrale NRW e.V., a reputable consumer advice organization in Germany. It offers a variety of consumer advice books, e-books, and software focused on topics such as retirement, finance, health, environment, law, and insurance. The platform targets German consumers seeking reliable and authoritative guidance on these subjects. The business model centers on retailing informational products to empower consumers with knowledge and practical tools. The website maintains a consistent brand image and provides comprehensive product descriptions, enhancing trust and professionalism. Technically, the site is built on the Shopware CMS platform, utilizing modern JavaScript libraries, SVG icons, and Google Analytics for tracking. The site is mobile-optimized with good accessibility and SEO practices, ensuring a positive user experience. Hosting is managed via domaincontrol.com, indicating professional DNS management. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and employs consent mechanisms for analytics and advertising cookies, demonstrating GDPR compliance. However, explicit security headers and a published security policy or incident response plan are absent, representing areas for improvement. No vulnerabilities or suspicious patterns were detected in the content or WHOIS data, supporting a strong legitimacy profile. Overall, the website presents a trustworthy and professional platform for consumer advice products, with solid technical implementation and privacy compliance. Strategic enhancements in security policy transparency and header implementation would further strengthen its security posture.

S

Stadtwerke Augsburg Holding GmbH

sw-augsburg.de

66

Stadtwerke Augsburg Holding GmbH operates as a regional utility provider in Augsburg, Germany, offering a comprehensive range of services including electricity, gas, water supply, district heating, and mobility solutions such as public transport, carsharing, and bike sharing. The website reflects a mature business with a strong regional presence and multiple customer portals facilitating online service access. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies and responsive design to ensure good user experience across devices. Security posture is adequate with HTTPS enforced and secure form handling, though improvements are recommended in security headers and privacy compliance. The absence of explicit privacy and cookie policies suggests a compliance gap that should be addressed. Overall, the domain registration data aligns well with the business, indicating legitimacy and trustworthiness.

D

DB Fernverkehr AG

bahnundhotel.com

48

Bahn und Hotel is a German travel comparison portal specializing in train and hotel package deals, primarily targeting travelers interested in 1st class train travel within Germany and select European cities. The website is affiliated with DB Fernverkehr AG, a major player in the German transportation sector, and leverages official Deutsche Bahn branding and social media channels. The platform offers users an interactive search experience with date pickers, traveler selectors, and destination teasers, supporting a user-friendly booking process. Technically, the website employs modern web technologies including Laravel Livewire for reactive components, Alpine.js for frontend interactivity, and ES modules for JavaScript. Hosting and DNS are managed via Amazon Registrar, Inc., indicating a reliable infrastructure. The site is mobile optimized and accessible, with good SEO practices evident in meta tags and structured content. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, but lacks DNSSEC and visible security headers, which are recommended for enhanced protection. No explicit security or incident response policies are publicly available, and no vulnerability disclosure or security.txt files were found. Privacy compliance is supported by a comprehensive privacy policy, though no cookie consent mechanism was detected. Overall, Bahn und Hotel presents a professional and trustworthy online presence with a solid technical foundation and good business credibility. Security posture is adequate but could be improved by implementing DNSSEC, security headers, and explicit incident response information. Privacy compliance is good but would benefit from a visible cookie consent mechanism.

H

Hotel am Dom

hotel-am-dom.com

63

Hotel am Dom is a small hospitality business located in the historic center of Bamberg, Germany, offering 15 double rooms with modern amenities and a cozy atmosphere. The hotel targets tourists, business travelers, groups, and cyclists visiting Bamberg, providing services such as free WiFi, parking, and 24-hour check-in. The website is professionally designed with good content quality and clear navigation, supporting direct bookings and showcasing local attractions. Technically, the site uses modern web technologies including Google Tag Manager and consent management tools, with responsive design and embedded Google Maps for location. Security posture is strong with HTTPS, captcha on contact forms, and GDPR compliance, though security headers could be improved. The absence of WHOIS domain registration data is a concern for domain legitimacy, but the website content and business information appear consistent and trustworthy. Overall, the site demonstrates a good balance of business credibility, technical implementation, and privacy compliance, suitable for its hospitality market niche.

B

Budapest Főváros Önkormányzata

budapest.hu

61

Budapest.hu is the official city government portal for Budapest, Hungary, providing residents, businesses, and visitors with comprehensive information about municipal services, city developments, green initiatives, cultural events, transportation, utilities, and business-related matters. The website is well-branded and consistent with the official identity of Budapest's local government, supported by a domain registered since 1997, indicating a long-standing and legitimate presence. Technically, the site leverages modern web technologies including the Next.js React framework, Google Fonts, and SVG icons, delivering a responsive and user-friendly experience optimized for mobile devices. SEO practices are well implemented with appropriate meta tags and Open Graph data. Performance is moderate, with preloading of key assets and deferred JavaScript loading. From a security perspective, the site enforces HTTPS and includes some security headers, though additional headers like X-Frame-Options and Content-Security-Policy could enhance protection. No vulnerabilities or exposed sensitive data were detected in the analyzed content. However, the site lacks explicit privacy and cookie policies, as well as a vulnerability disclosure or incident response contact, which are important for compliance and security transparency. Overall, Budapest.hu presents a trustworthy and professional government portal with good technical implementation and business credibility. The main areas for improvement include publishing comprehensive privacy and cookie policies with consent mechanisms, enhancing security headers, and providing clear contact information for security incidents and general inquiries.

H

Hotel Alt Bamberg

hotel-alt-bamberg.de

56

Hotel Alt Bamberg is a small hospitality business located in the historic city center of Bamberg, Germany. It offers 36 modern double rooms with amenities such as free WiFi, a Greek restaurant on site, and convenient services like 24-hour check-in and bike terraces. The hotel is part of the Friedrich Hotels group and targets tourists, business travelers, cyclists, and groups seeking comfortable accommodation with local charm. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive contact options including a secure contact form with captcha. Technically, the website uses modern web technologies including Google Tag Manager for analytics and a consent management platform to ensure GDPR compliance. The site is hosted securely over HTTPS with no visible blocking or WAF challenges. However, security headers are not explicitly detected and could be improved. Privacy policies and cookie consent mechanisms are clearly linked and implemented, reflecting a strong commitment to data protection. From a security perspective, the site demonstrates good practices such as encrypted connections and user consent management but lacks explicit incident response or security policy disclosures. No vulnerabilities or suspicious patterns were detected. Overall, the website and domain registration data are consistent and legitimate, supporting a trustworthy online presence for the hotel. The overall risk assessment is low, with recommendations focusing on enhancing security headers, publishing security policies, and maintaining regular audits of third-party scripts to sustain a strong security posture.

H

Hotel Rosenhof

hotel-rosenhof.com

59

Hotel Rosenhof is a small hospitality business located near Bamberg, Germany, offering comfortable accommodation with 36 double rooms and modern amenities. The hotel targets tourists, business travelers, families, and groups, providing services such as breakfast buffet, meeting rooms, and event hosting. The website is professionally designed, mobile-optimized, and includes clear contact information and GDPR-compliant privacy and cookie policies. Technically, the site uses modern web technologies including Google Tag Manager and a consent management platform, with embedded Google Maps and SVG icons enhancing user experience. Security posture is good with HTTPS enforced and CAPTCHA on contact forms, though security headers are not explicitly detected. The absence of WHOIS data raises concerns about domain registration transparency, which slightly impacts trustworthiness. Overall, the website presents a credible and professional online presence for the hotel business.

H

Hotel National Bamberg

hotel-national-bamberg.de

53

Hotel National Bamberg is a historic, family-run 3-star hotel located near the Bamberg train station in Germany. Established in 1886, it offers a blend of comfort, tradition, and elegance with a focus on business travelers, tourists, families, and groups. The hotel provides accommodation, conference facilities, breakfast services, and promotes local cultural experiences. Technically, the website is built on a modern stack with CMS features, uses Google Tag Manager for analytics, and implements GDPR-compliant consent management. Security posture is good with HTTPS and CAPTCHA on forms, though it lacks explicit security policy pages and some security headers. Overall, the site is professional, trustworthy, and well-optimized for users.

S

Smoke Corporation GmbH

hookahflow.de

48

HookahFloW, operated by Smoke Corporation GmbH, is a well-established German online retailer specializing in shisha products, including tobacco, accessories, and related items. Founded in 2013, it has grown to become one of the best-rated shisha shops in Germany, serving a large adult customer base with over 3,000 products and a strong community presence. The website demonstrates a professional e-commerce setup using the Shopware platform, integrating modern payment solutions like Klarna and offering extensive customer support including WhatsApp contact. The site is well-optimized for mobile and accessibility, with comprehensive legal and privacy documentation ensuring GDPR compliance. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers could be explicitly verified. Overall, the business shows high credibility, trustworthiness, and customer satisfaction.

M

Mohrenhaus - Das Haus für schöne Sachen

mohren-haus.de

53

Mohren-Haus is a German-based e-commerce retailer specializing in lifestyle, gifts, kitchenware, home decor, fashion, and accessories. The website presents a well-structured online shop with a clear focus on branded and quality products, targeting a general audience interested in unique and beautiful items. The business appears to be a small local/regional player with an online presence to expand its reach. Technically, the website uses modern web technologies including Google Tag Manager and Facebook Pixel for marketing and analytics, hosted on Alfahosting with consistent WHOIS data. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks some security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policy pages, although a cookie consent mechanism is present. Overall, the website is legitimate and trustworthy but could improve transparency and security practices.

P

profihost

profihost.com

71

Profihost is a German managed hosting provider offering a broad range of IT infrastructure services including managed servers, cloud solutions, domain registration, and security services. The company targets businesses and professionals seeking reliable and high-performance hosting solutions. The website demonstrates a mature digital presence with professional design, clear navigation, and comprehensive service descriptions. Technically, the site uses modern web technologies, including Google Tag Manager for analytics and Consentmanager.net for cookie compliance, ensuring GDPR adherence. Security posture is solid with HTTPS enforced and cookie consent mechanisms, though explicit security headers and published security policies are absent. The lack of WHOIS data for the domain raises concerns about domain registration status, which should be verified to ensure legitimacy. Overall, the website is professional and trustworthy, with room for improvement in security transparency and domain registration clarity.

B

Better Internet for Kids (European Commission initiative)

saferinternet.org

73

Better Internet for Kids is an official European Union initiative aimed at creating a safer and better internet environment for children and young people. The platform provides resources, policy monitoring, research, and campaigns to empower and protect young internet users across the EU. It operates under the European Commission's digital strategy and uses a modern Drupal 10 CMS with the European Commission's design system for consistent branding and accessibility. Technically, the website is well-structured, mobile-optimized, and uses HTTPS with a good security posture, although explicit security headers could be improved. Privacy compliance is strong with a clear cookie consent mechanism and GDPR-aligned policies. The site does not expose sensitive contact information directly but provides contact through dedicated pages. Security-wise, the site shows no signs of vulnerabilities or malicious content. The domain is a subdomain of europa.eu, indicating high legitimacy and trustworthiness despite the lack of WHOIS data due to EURid privacy policies. Overall, the site is professional, trustworthy, and serves as a key EU resource for child online safety. Recommendations include enhancing security headers, publishing a formal security policy and incident response information, and implementing a vulnerability disclosure policy to further strengthen trust and security posture.

A

Aktion Mensch

familienratgeber.de

68

Familienratgeber.de is a German non-profit information platform affiliated with Aktion Mensch, providing comprehensive information, advice, and local contact addresses for people with disabilities and their families. The website offers a digital chat assistant, detailed navigation by life areas and rights, and regional partner collaboration to maintain up-to-date data. Technically, the site uses modern JavaScript frameworks such as Alpine.js, integrates map services via MapLibre GL JS, and employs Tealium for tag management and analytics. The site is well-optimized for accessibility and mobile devices, with clear navigation and professional design. Security posture is solid with HTTPS enforcement and consent management, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, GDPR compliant, and serves its target audience effectively.

A

Amazon

aboutamazon.fr

66

About Amazon France is a corporate informational website representing Amazon's presence and activities in France. The site highlights Amazon's core principles, business sectors including e-commerce, cloud services, logistics, and entertainment. It serves as a communication platform for corporate information, sustainability efforts, workplace culture, and economic impact in France. The website is professionally designed with consistent branding aligned with Amazon's global identity. Technically, it employs modern web technologies, including JavaScript, SVG icons, JSON-LD structured data, and integrates consent management and analytics tools. Security posture is strong with HTTPS enforced and privacy compliance mechanisms in place, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site is trustworthy, well-maintained, and compliant with GDPR requirements, serving a general audience interested in Amazon's corporate footprint in France.

A

Amazon

aboutamazon.it

51

About Amazon Italia is a localized corporate website providing news, insights, and information about Amazon's operations, impact, and initiatives in Italy. It serves as a communication platform targeting Italian consumers, employees, partners, and stakeholders interested in Amazon's business activities, sustainability efforts, and employment opportunities. The site reflects Amazon's position as a leading global e-commerce and technology company with a strong presence in Italy, offering services ranging from retail to cloud computing and logistics. Technically, the website employs modern web technologies including custom elements, SVG icons, and integrates third-party services such as TrustArc for consent management and Chartbeat for analytics. The site is hosted on Amazon's infrastructure, ensuring reliable performance and security. It is mobile-optimized and accessible, with good SEO practices implemented. From a security perspective, the site enforces HTTPS, uses consent management for GDPR compliance, and includes security headers. No vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not publicly detailed, which could be improved. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. It effectively supports Amazon's brand and business objectives in the Italian market.

R

RegioEntsorgung AöR

regioentsorgung.de

69

RegioEntsorgung AöR operates as a regional public authority focused on waste disposal and recycling services in Germany. The website provides comprehensive information about waste separation, collection services, service locations, customer support, and career opportunities. It targets residents and businesses within its service region, positioning itself as a trusted local waste management provider. The business model is centered on public service delivery with direct citizen engagement. Technically, the website is built on TYPO3 CMS, a robust and mature content management system. It employs responsive design, SVG icons, and modern JavaScript for interactive elements. The site includes a cookie consent mechanism compliant with GDPR, uses Google Analytics for tracking, and is optimized for mobile and accessibility standards. Performance is moderate, with good SEO and navigation clarity. From a security perspective, the site enforces HTTPS and implements cookie consent controls. However, it lacks explicit security policy documentation, incident response contacts, and security.txt files. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms domain legitimacy and consistency with the business identity. Overall, the website demonstrates a solid digital presence with good privacy compliance and business credibility. Strategic improvements in security transparency and incident response readiness would enhance trust and resilience.

D

Diakonisches Werk im Kirchenkreis Recklinghausen

diakonie-kreis-re.de

67

Diakonisches Werk im Kirchenkreis Recklinghausen is a large non-profit social service organization based in Germany, serving over 4500 clients daily with a broad range of care, counseling, and support services. The organization holds a significant regional market position as the third largest employer in the Recklinghausen district, focusing on vulnerable populations including elderly, families, people with disabilities, and those in need of social integration. Their website is powered by TYPO3 CMS and incorporates modern consent management via Usercentrics, reflecting a mature digital infrastructure. The site is well-designed, mobile-optimized, and accessible, with clear navigation and comprehensive content about their services and engagement opportunities. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are not published. Overall, the domain registration data aligns well with the organizational identity, supporting legitimacy and trustworthiness.

B

BSR

bsr.de

64

BSR is a large municipal service provider based in Berlin, specializing in waste management, recycling, environmental education, and city cleanliness. The website reflects a well-established organization with a strong focus on sustainability and community engagement through various programs and services. The company holds certifications and operates multiple subsidiaries, reinforcing its market position as a key player in Berlin's environmental sector. Technically, the website uses the Scrivito CMS platform with modern web technologies, ensuring good mobile optimization and accessibility. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers and incident response information could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR, targeting residents and businesses in Berlin.

K

Kreisstadt Bergheim

bergheim.de

67

The website www.bergheim.de serves as the official online portal for the municipal government of Kreisstadt Bergheim in Germany. It provides residents and visitors with news, press releases, and access to various public services and administrative information. The site is positioned as a local government authority platform, focusing on community engagement and service delivery. The content is well-structured, professionally presented, and targets a general audience including local citizens and stakeholders. Technically, the website is built on the Information Enterprise Server platform by Sitepark GmbH, utilizing modern web technologies such as JavaScript and the Slick Slider library for interactive content. The site is mobile-optimized and accessible, with a good SEO foundation. HTTPS is enforced, ensuring secure communication, though some security headers appear to be missing. From a security perspective, the site demonstrates a solid baseline with HTTPS and no visible sensitive data exposure. However, it lacks explicit privacy and cookie policies, security headers, and incident response information, which are important for compliance and trust. No vulnerabilities or malicious content were detected in the provided content. Overall, the website is trustworthy and professional, suitable for its role as a government information portal. Strategic improvements in privacy compliance and security hardening would enhance its posture and user trust.

L

Landkreis Bayreuth

landkreis-bayreuth.de

61

Landkreis Bayreuth operates as the official government website for the Bayreuth district in Germany, providing a broad range of public services and information to residents and stakeholders. The site covers areas such as citizen services, education, culture, environment, traffic, veterinary services, and economic development, positioning itself as a comprehensive resource for local governance and community engagement. The website is built on TYPO3 CMS, a robust and widely used content management system for government entities, ensuring a stable and scalable digital infrastructure. The design is professional, mobile-optimized, and accessible, supporting a positive user experience across devices. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and published security policies, which could be improved to enhance trust and compliance. Privacy compliance is limited due to the absence of explicit privacy and cookie policies, which is a notable gap given GDPR requirements. Overall, the website is trustworthy and credible, serving its governmental function effectively, but would benefit from enhanced privacy and security transparency.

O

Obec Ladice

ladice.sk

68

Obec Ladice operates an official municipal website serving the local community of Ladice, Slovakia. The site provides residents and visitors with essential information including local news, public notices, contact details for municipal offices, event calendars, weather forecasts, and community services. The website also promotes a mobile application to enhance accessibility and engagement. The business model is focused on public service and community information dissemination, positioning itself as a trusted local government portal.

O

Obec Moškovec

moskovec.sk

64

Obec Moškovec operates an official municipal website serving the local community in Slovakia. The site provides comprehensive information about the municipality's history, governance, news, events, and public services. It targets residents and visitors seeking local government information and community updates. The website is positioned as a trusted source for official communications and public documents. Technically, the site employs modern web technologies including JavaScript modules, Google reCAPTCHA for security, and accessibility features to ensure usability across devices. The platform is built on the ModerneObce.sk CMS, which is tailored for municipalities. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance including cookie consent mechanisms. However, the site lacks explicit security policy and incident response disclosures. Overall, the website is professional, trustworthy, and well-maintained, supporting the municipality's digital presence effectively.

O

Obec Kozárovce

kozarovce.sk

66

Obec Kozárovce operates as the official municipal government website for the Kozárovce community in Slovakia. It provides residents and visitors with local news, event calendars, public notices, contact information, and community services. The website serves as a central hub for municipal communication and public engagement, reflecting a small government entity focused on transparency and accessibility. Technically, the site employs modern web technologies including HTTPS, JavaScript frameworks, and accessibility features, ensuring a good user experience across devices. Security measures such as HTTPS, reCAPTCHA, and cookie consent mechanisms are in place, although explicit security policies and incident response contacts are not published. Overall, the website demonstrates a solid security posture with no evident vulnerabilities or suspicious content. The domain registration data aligns well with the website's governmental nature, supporting its legitimacy and trustworthiness.

S

Sparkasse Vest Recklinghausen

vesterleben.de

55

Vesterleben is a regional digital magazine and information portal serving the Vest region in Germany. It provides local news, event listings, and community engagement content, supported by reputable local institutions including Sparkasse Vest Recklinghausen, Diakonie Recklinghausen, Hertener Stadtwerke, and RDN-Verlag. The website targets residents and visitors interested in regional culture, social events, and local initiatives. The business model is based on regional media publication with digital content and downloadable print editions, positioning itself as a trusted local information source.

V

Vest Erleben

vest-erleben.de

55

Vest Erleben is a regional media platform serving the Vest Recklinghausen area in Germany, providing local news, event information, and community engagement. The website is supported by a consortium of local institutions including Sparkasse Vest Recklinghausen, Diakonie Recklinghausen, Hertener Stadtwerke, and RDN-Verlag, positioning it as a trusted source for regional content. The platform targets residents and visitors interested in cultural, social, and economic developments within the region. Technically, the website is built on WordPress with modern enhancements such as ElasticPress for search, Matomo for analytics, and responsive design elements ensuring good mobile usability. The site uses HTTPS and includes basic security practices like CSRF tokens, but lacks some advanced security headers and explicit cookie consent mechanisms. Performance is moderate with good SEO and accessibility basics. From a security perspective, the site demonstrates a reasonable posture with encrypted connections and no visible vulnerabilities or exposed sensitive data. However, it could improve by implementing security headers, publishing incident response contacts, and adding a vulnerability disclosure policy. Privacy compliance is partially addressed with a privacy policy present, but cookie consent mechanisms are missing despite tracking usage. Overall, Vest Erleben is a credible and professionally maintained regional media website with solid business credibility and technical infrastructure. Strategic improvements in privacy compliance and security transparency would enhance trust and regulatory adherence.

H

Heinz Sielmann Stiftung

wanninchen.de

51

The Heinz Sielmann Stiftung operates the Naturlandschaft Wanninchen, a nature experience center dedicated to biodiversity, environmental education, and conservation in Germany. The website effectively communicates their mission, events, and fundraising opportunities, targeting nature enthusiasts, educators, and donors. The organization holds recognized certifications that enhance trust and credibility. Technically, the site is built on TYPO3 CMS with modern web technologies, ensuring good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS, security headers, and consent management in place, though a dedicated security policy and incident response information are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

Neue Bühne Senftenberg is a regional cultural institution based in Germany, specializing in theatrical performances, seasonal events, and youth theater programs. The website serves as a platform for event promotion, ticket sales, and community engagement, targeting a broad audience including families, educators, and theater enthusiasts. The organization maintains an active social media presence and provides clear contact information, reinforcing its community-oriented business model. Technically, the website is hosted on Amazon AWS infrastructure and utilizes Matomo for analytics, indicating a moderate level of digital maturity. The site is mobile-optimized with a clean design and structured navigation, though accessibility features are basic. Security is well-handled with HTTPS enforced and no visible vulnerabilities, but the absence of security headers and cookie consent mechanisms suggests room for improvement in compliance and defense-in-depth. From a security perspective, the site demonstrates good practices such as encrypted connections and no exposed sensitive data. However, it lacks formal security policies, incident response information, and vulnerability disclosure mechanisms, which are important for transparency and trust. The privacy policy is present and GDPR compliant, but cookie consent is missing, which could pose compliance risks. Overall, the website is professional, trustworthy, and serves its business purpose effectively. Strategic enhancements in privacy compliance, security headers, and incident response transparency would further strengthen its security posture and regulatory adherence.

G

Gingco Communication GmbH & Co. KG

gwa-online.de

64

GWA Kreis Unna operates as a regional public service provider specializing in waste management, recycling, and sustainable building materials within the Kreis Unna area in Germany. The organization offers a broad range of services including waste calendars, consulting on waste disposal, service products, and commercial waste solutions, positioning itself as a key environmental service entity in the region. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to residents and businesses in the area. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies such as Swiper.js for sliders and Google reCAPTCHA for form security. Hosting appears to be managed by 1&1 IONOS SE, inferred from the nameservers. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and includes security best practices such as cookie consent mechanisms and use of reCAPTCHA. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are absent, representing areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy, compliant with GDPR, and provides a safe user experience. Strategic recommendations include publishing security and incident response policies, enhancing accessibility, and implementing a security.txt file to improve transparency and security posture.

M

Mittelzentraler Städteverbund Göltzschtal

das-goeltzschtal.de

49

The Mittelzentraler Städteverbund Göltzschtal website serves as the official regional portal for four municipalities in the Göltzschtal region of Germany, focusing on intermunicipal cooperation, regional development, economic promotion, and tourism. The site targets local citizens, visitors, and businesses, providing information about community projects, economic opportunities, and cultural events. The business model is non-commercial, centered on governmental and non-profit collaboration to strengthen the region. The website is well-branded and consistent with official municipal identities, reflecting a trustworthy regional government presence. Technically, the site is built on the TYPO3 CMS platform, utilizing modern web technologies such as deferred JavaScript loading and responsive design. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. Hosting appears to be with a German provider, consistent with the regional focus. No advanced analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS and employs some best practices such as deferred script loading. However, explicit security headers are not detected, and there is no visible security policy or incident response information. No vulnerabilities or exposed sensitive data were found in the HTML content. Privacy compliance is partially addressed with a privacy policy page, but no cookie consent mechanism is evident. Overall, the security posture is adequate but could be improved with additional headers and transparency. The overall risk assessment is low given the nature of the site as a regional governmental portal with no commercial transactions or sensitive data collection. Strategic recommendations include implementing security headers, adding cookie consent, publishing a security policy, and considering a vulnerability disclosure mechanism to enhance trust and compliance.

D

Deutscher Volkshochschul-Verband e. V.

volkshochschule.de

62

The Deutscher Volkshochschul-Verband e. V. operates the website volkshochschule.de, serving as the central platform for adult education centers (Volkshochschulen) in Germany. The site provides course finding tools, educational policy information, and news updates, targeting adult learners and educational institutions. It holds a strong position as a leading non-profit educational association in Germany. Technically, the website is built on the Sitepark CMS platform, hosted on bringe.net, and employs modern web technologies including responsive images and SVG icons. The site is mobile optimized and accessible, with good SEO practices. Security-wise, the site enforces HTTPS, uses anonymized Matomo analytics, and provides a GDPR-compliant cookie consent mechanism. However, explicit security policies and incident response contacts are not found, which could be improved. Overall, the website is professional, trustworthy, and compliant with privacy regulations, making it a reliable resource for its audience.

S

Stadt Duisburg

duisburg.de

59

The website duisburg.de serves as the official digital portal for the city of Duisburg, Germany, providing residents and visitors with comprehensive information about city services, events, tourism, and administrative functions. It positions itself as a key government resource with a broad range of public service offerings and community engagement initiatives. The site demonstrates consistent branding and a professional presentation aligned with municipal government standards. Technically, the site is built on the Information Enterprise Server platform by Sitepark GmbH, utilizing modern web technologies including SVG icons, accessibility plugins, and JavaScript frameworks. The site is mobile optimized and includes accessibility features enhancing usability for diverse users. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though explicit security headers and privacy policies are not clearly present in the provided content. Analytics are conducted via Matomo, indicating moderate user tracking with some privacy compliance gaps. Overall, the site is trustworthy and well-maintained, though improvements in privacy transparency and security headers would enhance compliance and user trust.

W

Weigl-Aufzüge Gesellschaft m.b.H. & Co. KG

weigl.at

49

Weigl-Aufzüge Gesellschaft m.b.H. & Co. KG is a well-established Austrian family-owned company specializing in the manufacturing, planning, installation, and servicing of elevators, stairlifts, homelifts, and related mobility solutions. With a history dating back to 1899, it holds a leading market position in Austria as the largest elevator producer and market leader for stairlifts and wheelchair lifts. The company targets both end consumers and businesses seeking high-quality mobility and lift solutions, offering a broad product portfolio and regional presence in Austria, Germany, Slovenia, and Switzerland. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including asynchronous JavaScript, SVG icons, and Google Tag Manager for analytics and marketing. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience with clear navigation and comprehensive content. However, some technical improvements could be made, such as implementing security headers and cookie consent mechanisms to enhance privacy compliance. From a security perspective, the site uses HTTPS with good SSL configuration and avoids exposing sensitive data. There is no visible security policy or incident response information on the site, and no WHOIS data is available for the domain, which slightly reduces trustworthiness. The company demonstrates trust through certifications, state awards, and detailed contact information. No vulnerabilities or malicious content were detected. Overall, the website presents a professional and trustworthy digital presence for a mature manufacturing business. Strategic recommendations include improving privacy compliance with cookie consent, adding security headers, and publishing explicit security and incident response policies to strengthen the security posture and user trust.

The Maison Départementale des Personnes Handicapées de Seine-et-Marne (MDPH 77) is a government entity providing centralized access to rights and benefits for persons with disabilities in the Seine-et-Marne region of France. The website serves as an official portal offering information, application processing, partner resources, and event updates tailored to the disabled community and their families. It is positioned as a trusted regional public service with a clear mission and strong local government backing. Technically, the website is built on Drupal 8, hosted by Scaleway, and employs modern web standards including responsive design, SVG icons, and privacy-focused analytics via Matomo. Cookie consent is managed through a compliant mechanism (Tarteaucitron), reflecting good privacy practices. The site demonstrates good SEO, accessibility, and user experience, with clear navigation and professional branding consistent with government standards. From a security perspective, the site uses HTTPS with a good SSL configuration and clientTransferProhibited domain status, indicating protection against unauthorized domain transfers. While explicit security headers are not visible in the HTML, the overall posture is solid with no exposed sensitive data or vulnerabilities detected. However, the site lacks publicly visible security policies or incident response contacts, which could be improved. Overall, the website is a well-maintained, trustworthy government portal with strong compliance to privacy regulations and a clear focus on serving its target audience. The risk profile is low, with recommendations to enhance security headers and publish security policies to further strengthen trust and resilience.

The website represents the official digital presence of the Conseil départemental de Seine-et-Marne, a French local government entity. It provides a broad range of public services and information targeting residents, professionals, and partners within the Seine-et-Marne department. The site is well-structured with clear navigation and integrates social media channels to enhance outreach. Technically, it is built on Drupal 8, hosted by SCALEWAY, and uses Matomo for analytics, indicating a modern and privacy-conscious approach to user tracking. Security posture is solid with HTTPS and domain transfer protections, though it lacks explicit security headers and published privacy or cookie policies, which are areas for improvement. Overall, the domain registration and website content are consistent and legitimate, reflecting a trustworthy government service portal.

P

Plinko

plinkosoldiveri.it

49

Plinkosoldiveri.it is a newly established Italian website dedicated to the gambling game Plinko, providing detailed information, guides, strategies, and affiliate links to online casinos offering Plinko games. The site targets Italian players interested in gambling and offers localized content including demo versions and mobile app instructions. Technically, the site uses standard web technologies with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. The domain is very new but currently expired, which poses a risk to business continuity and trust. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is a niche affiliate platform with good content quality but needs improvements in security and compliance to enhance trust and reliability.

P

Private by Design, LLC

ruby.social

68

Ruby.social is a niche Mastodon instance dedicated to the Ruby programming language community, operated by Private by Design, LLC based in the US. The platform offers a federated social networking experience tailored for Ruby enthusiasts, with active user engagement and a clear community focus. Technically, the site runs Mastodon version 4.4.1 with modern web technologies including Ruby on Rails and React, delivering a good user experience with mobile optimization and accessible navigation. Security posture is moderate, with HTTPS enforced and domain registration protections in place, but lacking security headers and formal security policies. Privacy compliance is basic, with a privacy policy present but no cookie consent or terms of service. Overall, the website is trustworthy and professionally maintained, though improvements in security and privacy transparency are recommended.

N

Neos Foundation e.V.

neos.social

64

Neos.social is a niche Mastodon instance operated by Neos Foundation e.V., focused on providing a social networking platform for discussions related to Neos and connecting users to the broader Fediverse. The platform leverages the open-source Mastodon software (version 4.4.1) and modern web technologies such as React and JavaScript ES modules, delivering a responsive and user-friendly experience. The website content is well-structured and relevant to its target audience, with a consistent branding approach and clear community focus. From a technical perspective, the site employs modern frameworks and technologies, including WebSockets for real-time communication, and uses CDN resources for media delivery. However, some security best practices such as enabling DNSSEC and implementing security headers are not observed, which could be improved to enhance the overall security posture. The absence of cookie consent mechanisms and limited privacy compliance indicators suggest room for improvement in regulatory adherence. Security-wise, the domain registration is transparent and consistent with the organization's identity, enhancing trustworthiness. The domain is protected against unauthorized transfers, but lacks DNSSEC. No critical vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the site maintains a moderate security posture but would benefit from enhanced security policies and compliance measures. Strategically, Neos.social serves a small but focused community, positioning itself as a specialized social platform within the Fediverse ecosystem. The lack of commercial advertising and tracking aligns with privacy-conscious user expectations. To strengthen its market position and trust, the platform should consider publishing more comprehensive privacy and security policies, implementing cookie consent, and improving technical security controls.

S

Spreadshirt

spreadshirt.pl

61

Spreadshirt.pl is a professional e-commerce platform specializing in custom apparel and merchandise, positioning itself as the largest T-shirt printing company in Europe. The website offers users the ability to purchase ready-made designs or create their own, with a focus on fast shipping and a broad product range. The platform targets a general audience interested in personalized clothing and accessories. Technically, the site employs modern JavaScript frameworks, including Lit and Glide.js, and integrates a comprehensive cookie consent mechanism via OneTrust, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and standard security headers likely in place, though explicit security policies and incident response contacts are not published. The absence of WHOIS data from the Polish registry limits domain trust verification, but the website's professional presentation and privacy compliance mitigate concerns. Overall, the site demonstrates a solid balance of business credibility, technical sophistication, and privacy adherence.

S

Spreadshirt

spreadshirt.no

64

Spreadshirt.no is a well-established e-commerce platform specializing in custom printed apparel and products, positioning itself as Europe's largest T-shirt printing company. The website offers a user-friendly interface with clear navigation, modern design, and comprehensive content focused on custom design and shopping experiences. Technically, the site employs modern JavaScript frameworks and libraries, including Lit and Glide.js, and integrates robust cookie consent management via OneTrust, ensuring GDPR compliance. Security posture is strong with HTTPS enforced and multiple security headers present, although public security policies and incident response contacts are not disclosed. The absence of WHOIS data for the .no domain is a notable gap, limiting full domain legitimacy verification. Overall, the site demonstrates a mature digital presence with good privacy and security practices, suitable for its large-scale e-commerce operations.