Security Directory

E

Energieküste

ready-charged-career.de

46

The website 'Ready. Charged. Career!' serves as a regional career platform focused on renewable energy opportunities at the German North Sea coast, branded as Energieküste. It targets professionals, students, and career changers interested in the energy transition, providing information on training, education, and job openings. The platform is supported by a network of partner companies and educational institutions, enhancing its market position as a key regional hub for energy sector careers. Technically, the site is built on Kirby CMS, employs Matomo for privacy-conscious analytics, and uses modern web technologies including SVG graphics and responsive design. Hosting is managed via Schlund Technologies, with a good SSL configuration and privacy compliance mechanisms in place, including cookie consent and GDPR-aligned privacy policies. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though explicit security policies and incident response contacts are not published. No critical vulnerabilities or exposed sensitive data were detected. The site is fully accessible without WAF or blocking mechanisms, ensuring a smooth user experience. Overall, the site demonstrates a high level of professionalism, content quality, and technical maturity, making it a trustworthy and effective platform for its intended audience. Strategic improvements could focus on enhancing security headers and publishing formal security policies to further strengthen trust and compliance.

T

Technisches Betriebszentrum AöR

tbz-flensburg.de

52

The Technisches Betriebszentrum Flensburg is a municipal service provider focused on environmental management, waste disposal, city maintenance, and infrastructure services for the city of Flensburg, Germany. The website presents a professional and comprehensive digital presence, offering detailed information about services, current news, and educational programs. The company maintains active communication channels including phone, email, and social media, enhancing accessibility for residents. Technically, the website is built on the gradwerk CMS 6 platform, utilizing modern web standards such as HTML5, CSS3, and JavaScript. It features responsive design and accessibility considerations, with a cookie consent mechanism compliant with GDPR. Performance is moderate with preloading of resources and optimized images. From a security perspective, the site enforces HTTPS and implements cookie consent management. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the municipal identity, supporting legitimacy. Overall, the site is trustworthy, well-maintained, and suitable for its public service role. Strategic improvements in security transparency and incident response readiness would further enhance its posture.

L

Elixir | PC Game Launcher

ln.onl

59

Elixir.games appears to be a technology-focused website offering a PC game launcher platform aimed at gamers. The site is minimalistic with limited content and lacks detailed business or contact information. The technical infrastructure includes modern web fonts and JavaScript but lacks advanced frameworks or CMS indications. Security posture is weak due to missing HTTPS verification, absence of security headers, and no visible privacy or cookie policies. The WHOIS data is unavailable or malformed, indicating privacy protection or data access issues, which reduces trustworthiness. Overall, the site is functional but lacks maturity in security, compliance, and business transparency.

L

LILA HILFE e.V.

lilahilfe.org

61

Lila Hilfe e.V. is a German non-profit feminist solidarity organization dedicated to supporting women affected by gender-based violence and structural discrimination. The organization operates primarily within Germany, providing financial aid, resources, and community support to its target audience. The website reflects a clear mission and offers membership and donation options to sustain its activities. Technically, the site is built on a modern React and Next.js framework, ensuring fast performance, excellent mobile optimization, and good accessibility. The content is rich, professionally presented, and highly relevant to its audience. Security-wise, the site uses HTTPS and avoids exposing sensitive data, but lacks explicit security headers and formal security policies. Privacy compliance is moderate, with a comprehensive privacy policy but no visible cookie consent mechanism. Overall, the domain appears legitimate despite the absence of WHOIS data, likely due to privacy protection common in non-profits. The site maintains a high trust level with clear branding and social media presence.

The website switchadhub.com appears to be a newly registered domain with minimal content primarily consisting of embedded iframes and tracking pixels. There is no visible business information, contact details, or privacy and cookie policies, indicating a lack of transparency and professionalism. The domain is registered with EurotrashNames.com LLC, a registrar of questionable reputation, and the domain age is less than one year, which is inconsistent with an established business presence. Technically, the site uses basic HTML and JavaScript but lacks modern security practices such as HTTPS enforcement and security headers. The presence of tracking pixels without consent mechanisms raises privacy concerns. Overall, the site appears to be an ad-serving or intermediary platform rather than a fully developed business website.

E

Erhvervsstyrelsen

erhvervsstyrelsen.dk

57

Erhvervsstyrelsen is a Danish government agency dedicated to simplifying and promoting responsible business operations across Denmark. The website serves as an authoritative portal offering regulatory guidance, support services for startups and existing businesses, and information on sustainability reporting, digital administration, and international trade. It holds a strong market position as the official regulatory body with a large organizational size and a history dating back to 2001. The site is well-branded, professionally designed, and targets Danish businesses and entrepreneurs.

V

Virk

virk.dk

62

Virk.dk is the official Danish government digital portal serving as the primary gateway for businesses to access public services. Established in 2001, it holds a strong market position as an essential government service platform targeting Danish businesses. The website employs modern frontend technologies such as Bootstrap and Vue.js, indicating a moderate level of digital maturity and a focus on responsive design and user experience. Security posture is basic with HTTPS enabled but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to the absence of visible privacy and cookie policies. Overall, the site is professional, trustworthy, and safe for general audiences but would benefit from enhanced security and privacy transparency.

S

Startup Denmark

startupdenmark.info

65

Startup Denmark is an official government-supported program designed to facilitate entrepreneurs from outside Denmark in launching their businesses within one of the world's most digitalized and entrepreneur-friendly countries. The website provides comprehensive guidance on visa application processes and access to Denmark's strong entrepreneurial ecosystem. The program targets startup founders seeking to establish their ventures in Denmark, offering visa facilitation and business support services. The site is professionally designed, mobile-optimized, and provides clear navigation and relevant content, reflecting a high level of digital maturity. Technically, the website is built on the Drupal CMS platform, leveraging modern web technologies including JavaScript and SVG graphics. The site demonstrates good performance and accessibility standards, with a cookie consent mechanism and privacy policy in place, indicating compliance with GDPR requirements. Analytics are conducted via Piwik Pro, ensuring moderate user tracking with privacy considerations. From a security perspective, the site enforces HTTPS and implements cookie consent but lacks certain security headers such as Content-Security-Policy and X-Frame-Options, which are recommended to enhance protection. There is no visible security policy or incident response contact information, representing an area for improvement. The WHOIS data is limited due to TLD restrictions but does not raise concerns, and the domain is consistent with an official government program. Overall, the website presents a trustworthy and professional front for the Startup Denmark program, with minor technical and security enhancements recommended to further strengthen its posture and compliance.

C

CSC – Tieteen tietotekniikan keskus Oy

eduuni.fi

52

Eduuni is a Finnish service platform provided by CSC – Tieteen tietotekniikan keskus Oy, focused on enabling secure and flexible collaboration across educational and research organizations. The platform offers a suite of cloud-based services including Microsoft 365/Azure environments, SharePoint workspaces, Atlassian Confluence wiki, Jira project management, and identity management through Eduuni-ID. The website reflects a professional and consistent brand presence targeting educational institutions and their stakeholders in Finland. Technically, the website is built on WordPress hosted on WordPress.com infrastructure, leveraging modern web technologies and integrations with Microsoft and Atlassian products. The site demonstrates good performance, mobile optimization, and basic accessibility features. Analytics are implemented via Jetpack Stats with minimal user tracking. From a security perspective, the site enforces HTTPS with excellent SSL configuration but lacks some advanced security headers and explicit incident response contacts. Privacy policies and terms of service are available on linked wiki pages, though no cookie consent mechanism is present on the main site. The domain registration is transparent and consistent with the business entity, indicating high legitimacy. Overall, Eduuni presents a trustworthy and well-maintained digital presence with room for improvement in privacy compliance and security header implementation.

B

Bücher Pustet

pustet.de

67

Bücher Pustet is a well-established regional bookstore chain in Bavaria, Germany, with a nearly 200-year history. The company operates multiple physical stores and a comprehensive online shop offering books, eBooks, audiobooks, calendars, games, and related products. Their services include community events, gift vouchers, and specialized offerings for schools, libraries, and corporate clients. The website reflects a mature retail business with a focus on customer engagement and regional presence. Technically, the website uses modern web technologies including Bootstrap and FontAwesome, with a custom CMS managing rich content modules. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security is well-implemented with HTTPS and multiple security headers, but lacks visible privacy and cookie policies, which are important for GDPR compliance. The security posture is strong with no detected vulnerabilities or exposed sensitive data. However, the absence of public incident response information and vulnerability disclosure mechanisms suggests room for improvement in transparency and preparedness. Overall, the site is trustworthy and professional but should enhance privacy compliance and user consent mechanisms. Strategically, Bücher Pustet should prioritize publishing comprehensive privacy and cookie policies, implement consent banners, and provide clear security and incident response information to strengthen user trust and regulatory compliance. Enhancing accessibility and continuous security audits will further improve the site's quality and resilience.

F

Falck US

falck.us

68

Falck US operates in the transportation sector, specializing in emergency medical and ambulance services. The website presents a professional and consistent brand image, targeting a general audience seeking emergency transportation solutions. The technical infrastructure leverages modern technologies including Microsoft ASP.NET, Citrix for security, Azure Application Insights for telemetry, and Google Tag Manager for analytics, indicating a mature digital presence. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though the absence of explicit privacy policies and contact information suggests room for improvement in compliance and transparency. The lack of WHOIS data reduces trust slightly but is common for enterprises using privacy protection services. Overall, the website is functional, secure, and professionally maintained with moderate risk.

F

Falck

falck.fi

74

Falck is a well-established company providing travel assistance services primarily targeting travelers seeking safety and emergency support during their journeys. The website is professionally designed with good localization in Finnish and includes comprehensive cookie consent mechanisms compliant with GDPR. The technical infrastructure leverages modern analytics tools such as Microsoft Application Insights and Google Tag Manager, indicating a mature digital presence. Security posture is strong with HTTPS enforced and telemetry monitoring in place, though some security headers and explicit security policies are not visible in the analyzed content. Overall, the website is trustworthy and professionally maintained, serving a large audience in the transportation and healthcare sectors in Finland.

F

Falck Italia

falckitalia.it

70

Falck Italia operates as a medium-sized company in the emergency medical and healthcare services sector in Italy, providing ambulance and safety services. The website presents a professional and consistent brand image with good content quality and clear navigation. Technically, the site uses modern technologies including Microsoft Application Insights and Google Tag Manager for analytics and tracking, with a compliant cookie consent mechanism ensuring GDPR adherence. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response information are not publicly available. Overall, the site is trustworthy and well-maintained, supporting the company's market position as a reputable service provider in transportation and healthcare. Strategic improvements could focus on enhancing contact transparency and publishing security-related policies.

F

Falck France

falck.fr

68

Falck France operates as a regional branch of the Falck Group, specializing in emergency and healthcare services. The website is professionally designed, primarily targeting French-speaking users, and integrates modern analytics and cookie consent mechanisms to comply with privacy regulations. The technical infrastructure includes Microsoft Application Insights and Google Tag Manager, indicating a moderate level of digital maturity. Security posture is generally strong with HTTPS enforced and privacy compliance evident, although explicit security headers and detailed security policies are absent. The absence of WHOIS data for the domain introduces some uncertainty regarding domain legitimacy, but the presence of multiple related Falck domains and consistent branding supports the business's authenticity. Overall, the website is functional, compliant, and trustworthy with room for improvement in transparency and security documentation.

F

Falck España

falck.es

73

Falck España operates as a regional branch of the Falck Group, specializing in healthcare, emergency, and safety services. The website reflects a professional presence with a focus on user experience and compliance with cookie consent regulations. The technical infrastructure leverages modern technologies such as Microsoft ASP.NET, Citrix, Azure Application Insights, and Google Tag Manager, indicating a mature digital environment. Security posture is adequate with HTTPS and monitoring tools in place, though improvements in security headers and explicit privacy policies are recommended. The absence of accessible WHOIS data limits full domain legitimacy assessment, but the website content and linked domains support a trustworthy business identity.

F

Falck Romania

falck.ro

75

Falck Romania operates as a regional branch of the Falck group, providing healthcare and emergency services within Romania. The website reflects a professional presence with consistent branding aligned with the Falck group. The business targets general public and corporate clients requiring emergency medical and safety services. The digital infrastructure leverages modern technologies including Microsoft ASP.NET, Citrix for security, Azure Application Insights for monitoring, and Google Tag Manager for analytics. The website is mobile optimized and implements a comprehensive cookie consent mechanism, indicating good privacy compliance. Security posture is solid with HTTPS enforced and use of secure third-party services, though security headers are not explicitly detected. No critical vulnerabilities or suspicious patterns were found. WHOIS data is privacy protected by ROTLD, which is standard for Romanian domains, and does not raise legitimacy concerns. Overall, the website is a credible and professional digital asset for Falck Romania.

F

Falck

falck.no

75

Falck is a well-established healthcare service provider focused on occupational health and career services in Norway, aiming to improve health, work ability, and quality of life for the Norwegian workforce. The website reflects a professional and consistent brand presence with a clear focus on healthcare services. Technically, the site uses modern technologies including Microsoft Application Insights and Google Tag Manager for monitoring and analytics, hosted likely on Microsoft Azure. The site is mobile optimized and accessible with good SEO practices. Security posture is strong with HTTPS and cookie consent mechanisms in place, though explicit security headers and incident response information are absent. The lack of WHOIS data suggests privacy protection, which is common for large enterprises. Overall, the site is trustworthy and compliant with GDPR, but could improve transparency around security policies and contact information.

F

Falck

falcksverige.se

71

Falck Sverige is a regional branch of the Falck group, providing services in healthcare, rehabilitation, rescue, and preparedness. The website presents a professional image with clear branding and a focus on helping people through various service areas. The technical infrastructure leverages modern telemetry and analytics tools such as Microsoft Application Insights and Google Tag Manager, indicating a mature digital presence. The website is well-optimized for mobile and includes a comprehensive cookie consent mechanism compliant with GDPR standards. However, the absence of WHOIS data for the domain www.falcksverige.se raises questions about domain registration legitimacy, although the presence of multiple related Falck domains suggests a broader corporate infrastructure. Security posture is strong with HTTPS and telemetry but lacks explicit security headers and published security policies. Contact information is not directly available on the site, which could impact user trust and compliance transparency.

F

Falck Deutschland

falck.de

10

Falck Deutschland is a prominent healthcare and emergency services provider operating in Germany, offering ambulance and rescue services. The website demonstrates a solid digital presence with compliance to GDPR through a comprehensive cookie consent mechanism and integration of advanced analytics tools such as Microsoft Application Insights and Google Tag Manager. The technical infrastructure is modern, leveraging reputable third-party services and hosted on EuroDNS-managed domains. Security posture is generally good with HTTPS enforced and telemetry in place, though there is room for improvement in security headers and explicit security policies. Contact and legal information such as terms of service and incident response contacts are not readily visible, which could be enhanced to improve trust and compliance. Overall, the website is professional, well-branded, and targets a general audience seeking healthcare and emergency services in Germany.

B

BAVARIA Bratislava s.r.o.

bavariabratislava.sk

10

BAVARIA Bratislava s.r.o. operates as an authorized BMW dealership and service center located in Bratislava, Slovakia. The company offers a comprehensive range of BMW vehicles including new and used cars, alongside financial services, servicing, and original accessories. Positioned as the largest and most modern BMW showroom in Slovakia, it targets BMW customers seeking premium automotive products and services. The website reflects a professional and consistent brand image aligned with BMW standards. Technically, the website is built on the siteLAB CMS platform and incorporates modern JavaScript libraries such as Swiper.js and Owl Carousel for UI components, along with Google reCAPTCHA for form security and Facebook SDK for customer chat integration. The site is mobile-optimized and includes SEO best practices, although some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and integrates anti-bot measures via reCAPTCHA. However, it lacks explicit security headers and a published security policy or incident response contact, which are recommended for enhanced trust and compliance. Privacy and cookie policies are well implemented with clear consent mechanisms, supporting GDPR compliance. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements in security headers and incident response transparency would further strengthen its posture.

L

Liftago

liftago.sk

69

Liftago is a Czech Republic-based transportation company specializing in taxi rides and courier deliveries, operating across 15 cities. The company offers services via a mobile app and website, targeting both consumers and businesses seeking reliable on-demand transportation solutions. The website is professionally designed, mobile-optimized, and provides clear information about services, privacy, and terms. Technically, the site leverages modern web technologies including Webflow CMS, Google Tag Manager, and Cookiebot for consent management, hosted likely on Cloudflare infrastructure ensuring good performance and security. Security posture is strong with HTTPS enforcement, comprehensive cookie consent, and security headers, though no explicit security policy or incident response contacts are published. Overall, Liftago presents a trustworthy and professional digital presence with moderate to high maturity in technical and privacy compliance aspects.

The domain centotag.io is registered to Media Group Denmark ApS, a Danish company established in 2020. The website currently hosts only a placeholder page provided by Simply.com, indicating that the domain is parked or not actively used for business purposes. There is no business description, services, or contact information available on the site. The technical infrastructure is minimal, with basic HTML, CSS, and JavaScript, and DNS hosted via Cloudflare. No CMS or advanced frameworks are detected. Security posture is weak due to lack of visible HTTPS enforcement, security headers, and privacy policies. No analytics or tracking scripts are present, indicating minimal data collection or user tracking. Overall, the website lacks content, trust signals, and compliance documentation, resulting in a low trust and security score.

P

PandaSuite

pandasuite.com

66

PandaSuite is a well-established no-code platform founded in 2012 that enables users to create engaging web, mobile, desktop, and touchscreen applications without coding. The platform targets creators, businesses, marketers, and educators seeking flexible and multimedia-rich interactive content solutions. It holds a strong market position supported by reputable client logos and positive user ratings. Technically, the website employs modern web technologies including Astro framework, PostHog analytics, and Cloudflare DNS, delivering fast performance and excellent mobile optimization. Security posture is good with HTTPS and domain transfer protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the website is professional, trustworthy, and technically mature, with room for enhanced privacy and security transparency.

Noembed.com is a specialized technology service providing a unified oEmbed proxy API that simplifies embedding content from a wide range of supported sites, including those without native oEmbed support. The service targets developers and web integrators who require consistent embeddable content responses. The business operates as a small entity with open source code hosted on GitHub and is supported by a community of users and contributors. The website is professionally designed with clear navigation and good content relevance, though it lacks formal privacy and cookie policies. Technically, the site uses standard web technologies including HTML5, CSS3, and JavaScript, and is hosted on the Fastly CDN platform, ensuring good performance and reliability. Google Analytics is used for visitor tracking, but no advanced frameworks or CMS are detected. Mobile optimization and accessibility are basic but adequate for the target audience. From a security perspective, the domain registration is consistent and legitimate, registered with Gandi SAS since 2011, with clientTransferProhibited status enabled. However, DNSSEC is not enabled, and the website lacks security headers and formal security policies. No forms or sensitive data collection mechanisms are present, reducing attack surface. Privacy compliance is weak due to missing policies and cookie consent mechanisms. Overall, the website presents a moderate risk profile with no critical vulnerabilities detected but would benefit from improved privacy compliance and security hardening. Strategic recommendations include enabling DNSSEC, adding privacy and cookie policies, implementing security headers, and publishing incident response and vulnerability disclosure information.

The website ttcontacts.com currently presents minimal accessible content, primarily consisting of obfuscated JavaScript code without visible metadata, business descriptions, or contact information. The domain is registered with Amazon Registrar, Inc. since 2020, indicating a relatively new presence. The lack of privacy policies, cookie consent mechanisms, and terms of service suggests the site is either under development or not fully operational. Technically, the site uses JavaScript but lacks visible modern frameworks or CMS indications. Security posture is weak due to absence of HTTPS and security headers. Overall, the site lacks transparency and trust signals, limiting its credibility and user confidence.

K

Kassenärztliche Vereinigung Schleswig-Holstein

kvsh.de

54

The Kassenärztliche Vereinigung Schleswig-Holstein (KVSH) operates as a regional healthcare self-administration body representing approximately 6,100 physicians and psychotherapists in Schleswig-Holstein, Germany. The website serves as an authoritative portal providing comprehensive information on medical billing, contracts, regulations, IT infrastructure in practices, and patient services. It targets medical professionals and patients within the region, offering detailed resources and guidance. The site is built on TYPO3 CMS, indicating a mature and stable technical infrastructure with good mobile optimization and accessibility. Security posture is solid with HTTPS enabled and secure form handling, though improvements are recommended in cookie consent and security header implementation. Overall, the website demonstrates high professionalism and trustworthiness appropriate for a public healthcare institution.

K

KZ-Gedenkstätte Husum-Schwesing | Erinnern und Handeln

kz-gedenkstaette-husum-schwesing.de

39

The website kz-gedenkstaette-husum-schwesing.de serves as an informational and memorial platform dedicated to the Husum-Schwesing concentration camp history. It targets a general audience interested in historical remembrance and education. The site operates on WordPress using the Divi theme and integrates OpenStreetMap for location services. The technical infrastructure is standard for small non-profit organizations, with moderate performance and basic mobile optimization. Security posture is limited, with no evident security headers or policies, and privacy compliance is minimal due to the absence of privacy and cookie policies. The domain WHOIS data is limited, showing only name servers from a hosting provider, with no detailed registrant information, which slightly reduces trust but is not uncommon for small organizations. Overall, the site is functional and professional but lacks advanced security and compliance features.

N

Bin kurz beim Amt.

nordfriesland.digital

54

The website nordfriesland.buergerportal.sh is a government-operated citizen portal for the Nordfriesland district in Germany, providing digital access to administrative services. It is built on the TYPO3 CMS platform and incorporates accessibility features to support users with various disabilities. The site uses Matomo analytics with privacy-conscious settings and includes a cookie consent mechanism via Klaro. However, no explicit privacy policy or terms of service documents were found, which is a gap in compliance and transparency. WHOIS data is unavailable or protected, which is typical for privacy reasons but limits domain trust verification. Overall, the site demonstrates a moderate to good level of technical maturity and accessibility but could improve in privacy and security documentation.

V

Voith

voith.com

73

Voith is a family-owned enterprise specializing in industrial technology sectors such as drive technology, hydropower, and papermaking automation. The company positions itself as a responsible and sustainable technology provider with a global reach. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to industrial clients and partners. Technically, the site employs modern JavaScript libraries, Cookiebot for consent management, and Google Tag Manager for analytics, indicating a well-maintained infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of HTTP security headers and a public security policy suggests room for improvement. Privacy compliance is strong, with GDPR-aligned cookie consent and a detailed privacy policy. The lack of WHOIS data reduces transparency but does not significantly detract from the site's credibility given its professional presentation and business focus.

S

Swiss Life Deutschland

swisslife.de

69

Swiss Life Deutschland operates as a leading insurance and financial advisory provider in Germany, offering comprehensive insurance, pension plans, and financial consulting services. The website reflects a mature enterprise-level business with a strong market position and a clear focus on serving private and corporate clients. The content is professionally crafted in German, targeting the German market with consistent branding and trust indicators such as ISO certifications and GDPR compliance. The business model centers on insurance and holistic financial planning, supported by a well-established parent company, Swiss Life Holding AG.

E

European Southern Observatory

eso.org

65

The European Southern Observatory (ESO) is a leading intergovernmental organization dedicated to astronomical research and the operation of world-class ground-based observatories in the Southern Hemisphere. The website serves as a comprehensive portal for scientific discoveries, public outreach, educational resources, and detailed information about ESO's telescopes and instruments. It targets a broad audience including researchers, educators, students, and astronomy enthusiasts worldwide. The business model is non-profit and government-oriented, focusing on advancing astronomy and related technologies. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, jQuery, and integrates Matomo analytics for privacy-conscious visitor tracking. It is hosted on CDN77, ensuring fast content delivery and good performance. The site is mobile-optimized, accessible, and SEO-friendly, with clear navigation and multilingual support. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and implements cookie consent mechanisms aligned with GDPR. While explicit security headers like Content-Security-Policy are not confirmed, best practices are largely followed. No vulnerabilities or exposed sensitive data were detected. However, the absence of a public security policy or vulnerability disclosure program is noted. Overall, the website presents a low-risk profile with strong trust indicators and professional content. The lack of WHOIS data limits domain registration insights but does not detract from the site's legitimacy. Strategic recommendations include enhancing security header implementation, publishing a security policy, and establishing a vulnerability disclosure channel to further strengthen trust and compliance.

A

Adldinger Unternehmensgruppe

adldinger.de

51

Adldinger Unternehmensgruppe is a German construction and real estate company focused on building with tradition and solutions for the future. The website presents a professional and consistent brand image targeting general public and business clients in the real estate sector. The technical infrastructure is modern, leveraging Webflow CMS, JavaScript libraries such as Swiper.js, and third-party services like Cookiebot for cookie consent and Google Analytics for user tracking. Hosting is provided by rzone.de, consistent with the domain's WHOIS data. Security posture is adequate with HTTPS enabled and cookie consent implemented; however, the absence of explicit security headers and privacy policy pages indicates room for improvement. The website is accessible without WAF or security challenges, and no suspicious WHOIS patterns were detected, supporting the domain's legitimacy. Overall, the site scores moderately high in business credibility and technical implementation but should enhance privacy compliance and security best practices.

W

WhistleOut

whistleout.com

70

WhistleOut is a well-established online platform specializing in the comparison of phone and internet plans, providing consumers in the United States with expert guides, reviews, and news to help them make informed decisions. The website is professionally designed, mobile-optimized, and rich in relevant content, positioning it as a trusted resource in the telecommunications comparison market. Technically, the site employs a modern technology stack including Google Analytics, Google Tag Manager, Crazy Egg, Mouseflow, and Microsoft Application Insights, indicating a mature digital infrastructure focused on user analytics and experience optimization. Security-wise, the site enforces HTTPS, implements multiple security headers, and uses a consent management platform for privacy compliance, though it lacks explicit public security policies or incident response information. The absence of WHOIS registration data reduces transparency but does not detract significantly from the site's legitimacy given its professional presentation and clear affiliate disclosures. Overall, WhistleOut demonstrates a strong digital presence with good security posture and privacy compliance, suitable for its consumer audience.

K

Kieler Nachrichten

kn-online.de

59

Kieler Nachrichten is a well-established regional news media organization based in Germany, focusing on delivering comprehensive news coverage for Kiel and the surrounding Schleswig-Holstein region. The website offers a broad range of content including politics, sports, culture, and lifestyle, supported by digital services such as e-paper, podcasts, and newsletters. It operates under the umbrella of the RedaktionsNetzwerk Deutschland, indicating a strong partnership network and market presence. Technically, the site leverages modern web technologies including React and implements consent management mechanisms to comply with GDPR requirements. The security posture is solid with HTTPS enforced and standard security practices observed, although explicit security policies and incident response contacts are not publicly available. Overall, the site demonstrates a high level of professionalism and trustworthiness suitable for its audience and business model.

D

Deutscher Ärzteverlag GmbH

aerzteblatt.de

70

Deutscher Ärzteverlag GmbH operates the website Deutsches Ärzteblatt, a leading German medical news and professional journal platform. The site provides current health policy news, medical research updates, and professional information targeting medical professionals and healthcare stakeholders. The business model is primarily media publishing with revenue from subscriptions and advertising. The website is well-positioned in the German healthcare media market with a strong reputation and comprehensive content offerings including ePaper and CME materials. Technically, the website uses modern web technologies including Next.js and React, hosted likely via GoDaddy's domain control services. It integrates advanced consent management tools such as Contentpass and Sourcepoint to ensure GDPR compliance. The site is optimized for performance, mobile responsiveness, and accessibility, providing a high-quality user experience. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements multiple security headers. It uses consent-based tracking and advertising scripts, minimizing privacy risks. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policy and incident response information are not publicly available, representing an area for improvement. Overall, the website demonstrates a mature digital presence with strong compliance and security posture, serving a professional audience with trustworthy content. Strategic recommendations include publishing detailed security policies, establishing incident response contacts, and enhancing transparency around vulnerability disclosures to further strengthen trust and security culture.

K

KAARISMA Recruitment GmbH

kaarisma-blue.de

61

KAARISMA BLUE Recruitment is a specialized recruitment agency based in Germany focusing on placing Servicetechniker and industrial technical professionals. The company positions itself as a modern headhunting service with a strong emphasis on matching candidates and employers harmoniously, particularly in sales and technical roles. Their business model revolves around active process support until successful hiring, targeting companies seeking qualified service technicians. The website content is professional, well-branded, and clearly communicates their value proposition. Technically, the site uses Kirby CMS and Matomo analytics, indicating a moderate level of digital maturity with some privacy-conscious tracking. Security posture is adequate with HTTPS enabled but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. Overall, the site is accessible, trustworthy, and serves its business purpose effectively.

S

Stadt Karlsruhe

karlsruhe.de

69

The website www.karlsruhe.de serves as the official digital portal for the city of Karlsruhe, Germany, providing residents and visitors with access to a wide range of municipal services, information on city administration, social programs, environmental initiatives, cultural events, and mobility options. The site is well-positioned as a comprehensive government resource, targeting local citizens, businesses, and stakeholders. Technically, the site is built on the TYPO3 CMS platform, leveraging modern web technologies including SVG graphics and Matomo analytics configured with privacy in mind. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security-wise, the website enforces HTTPS and employs a cookie consent mechanism aligned with GDPR requirements, though it lacks explicit security policy and incident response disclosures. Overall, the site is trustworthy, professionally maintained, and compliant with relevant privacy regulations, with no detected blocking or WAF interference.

D

Deutsche Stiftung Denkmalschutz

denkmalschutz.de

48

The Deutsche Stiftung Denkmalschutz website represents a well-established non-profit organization dedicated to the preservation of cultural heritage and monuments in Germany. The site provides comprehensive information about their mission, projects, events, and donation opportunities, positioning them as the largest private initiative in their sector. The website is built on TYPO3 CMS, featuring modern design elements and good mobile optimization, reflecting a mature digital presence. Security posture is solid with HTTPS and secure forms, though there is room for improvement in security headers and cookie consent mechanisms. Overall, the site demonstrates high professionalism and trustworthiness, supported by recognized donation seals and transparent reporting.

S

Steuerkontor Weinert

steuerkontor-weinert.de

58

Steuerkontor Weinert is a well-established tax consultancy firm based in Rostock, Germany, with over 25 years of experience. The company specializes in digital financial and payroll accounting, personalized tax planning, and business consulting services tailored for commercial, freelance, and non-profit organizations primarily in the Mecklenburg-Vorpommern region. Their business model focuses on professional services with a strong emphasis on digital transformation and cooperative client relationships. The website reflects a consistent and professional brand image, supported by recognized certifications such as go-digital and Offensive Mittelstand. Technically, the site is built on the Contao CMS platform, uses modern web technologies including lazy loading for images, and integrates Google Tag Manager for analytics. Hosting is provided by Timme Hosting, consistent with the domain's WHOIS data.

M

Merkle Manufactory

warpcast.com

58

Farcaster.xyz operates as a decentralized social network and crypto wallet platform, targeting crypto enthusiasts and digital asset traders. The business is positioned as a niche social network that facilitates discovery, trading, and creation within the crypto ecosystem. The company behind the site is Merkle Manufactory, founded in 2021, with a small-sized operation focused on technology innovation in blockchain social networking. The website promotes app downloads for iOS and Android, indicating a multi-platform presence. Technically, the website employs modern web technologies including React, Google Fonts, and Fathom Analytics for lightweight user tracking. Hosting and DNS services are provided via Cloudflare, ensuring good performance and security at the infrastructure level. The site is mobile-optimized with good design quality and user experience, although accessibility features are basic. SEO optimization is present but minimal. From a security perspective, the site uses HTTPS and has domain transfer protections enabled. However, it lacks DNSSEC, explicit security headers, and a cookie consent mechanism, which are areas for improvement. No contact or incident response information is provided, limiting transparency in security governance. The privacy policy exists but is basic and does not explicitly confirm GDPR compliance. No vulnerability disclosure or security.txt files were found. Overall, the website is professional, trustworthy, and safe for general audiences with no adult or questionable content. The domain registration is consistent with the business timeline and shows no suspicious patterns. Strategic recommendations include enhancing security headers, enabling DNSSEC, implementing cookie consent, and providing clearer security and contact information to improve compliance and trust.

D

Dynamic

dynamic.xyz

74

Dynamic is a fintech and crypto technology company specializing in wallet infrastructure, authentication, and secure key management through a flexible SDK. Positioned as a leading provider in the multi-chain wallet ecosystem, Dynamic serves fintech firms, crypto businesses, and stablecoin platforms with enterprise-grade solutions. The company recently became part of Fireblocks, enhancing its market position and resource base. The website reflects a mature digital presence with comprehensive product offerings, customer case studies, and a demo environment to engage developers and clients. Technically, the site is built on Webflow with modern JavaScript libraries and integrates analytics and marketing tools such as HubSpot and Google Tag Manager. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place. No critical vulnerabilities or compliance gaps were detected, though incident response and vulnerability disclosure policies could be more explicit. Overall, Dynamic presents a professional, trustworthy, and technically sound platform with a clear focus on fintech wallet infrastructure.

D

DMK Vall 042 d.o.o.

okusi.hr

41

Okusi hrvatske tradicije is a Croatian tourism and gastronomy promotion platform operated by DMK Vall 042 d.o.o., focusing on showcasing traditional Croatian cuisine, wines, and local agricultural products. The website targets tourists and gastronomy enthusiasts interested in authentic Croatian culinary experiences. It collaborates with local and county tourist boards to enrich the tourism offer with gastronomic content. Technically, the website is built on Joomla CMS using Bootstrap 3 and FontAwesome, with moderate performance and good mobile optimization. Security posture is moderate with no detected security headers or privacy policies, and SSL status is unknown from the provided data. Contact information is clearly provided, and social media presence includes Facebook and YouTube. Overall, the site is professional and trustworthy but lacks formal privacy and security disclosures.

The website croatia.hr serves as the official Croatian tourism portal, managed by CARNET, a reputable Croatian academic and research network. It provides extensive information about Croatia's travel destinations, cultural attractions, and events, targeting tourists and travelers globally. The site is well-branded and professionally designed, reflecting its government affiliation and authoritative market position in tourism promotion. Technically, the site employs modern web technologies including Vue.js, integrates third-party services such as Mailchimp for marketing and Dynatrace for performance monitoring, and is hosted with Microsoft Azure DNS infrastructure. The website demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS with strong security headers and uses monitoring tools to maintain performance and security. However, it lacks visible privacy and cookie policies, as well as explicit contact information and incident response details, which are important for compliance and user trust. No vulnerabilities or suspicious indicators were detected in the analyzed content. Overall, croatia.hr is a trustworthy and professionally maintained government tourism website with strong technical and security foundations. To enhance compliance and user trust, it is recommended to publish clear privacy and cookie policies, provide contact details, and include vulnerability disclosure and incident response information.

S

seabirds.de GmbH

seabirds.de

46

seabirds.de GmbH operates a specialized flight school and charter service based at Flugplatz Oldenburg-Hatten, Germany. The company offers pilot training including PPL and LAPL licenses, sightseeing flights, and aircraft chartering. The website is professionally designed with clear navigation and relevant content targeting aviation students and enthusiasts. Technically, the site uses Bootstrap and jQuery with integrations for Google Analytics and Facebook SDK, though it employs an outdated jQuery version which poses some security risks. Security posture is moderate with HTTPS implied but lacking explicit security headers and incident response information. Privacy compliance is addressed with a cookie consent banner and a privacy policy linked in the imprint. Overall, the site is trustworthy and well-positioned locally but could improve technical security and transparency.

I

Ipša – Maslinova ulja

ipsa-maslinovaulja.com

45

The website appears to be a Croatian language site focused on olive oil products, likely representing a small business in the energy/agriculture sector. The domain is well established since 2009, indicating a stable presence. The technical infrastructure is based on WordPress with common plugins and libraries, showing a moderate level of digital maturity. However, the site lacks critical privacy and cookie policies, contact information, and security best practices such as security headers and DNSSEC. No advanced analytics or tracking mechanisms were detected, suggesting minimal user tracking. The security posture is basic with room for improvement in SSL enforcement and header implementation. Overall, the site is functional but lacks comprehensive compliance and security features, which could impact user trust and regulatory adherence.

S

Stena Projects

stena-projects.eu

45

Stena Projects is a Croatian-based company specializing in the design and manufacture of handcrafted interior and exterior decorative elements, including stone and wood wall claddings, 3D decorations, decorative columns, and custom projects. The company targets customers seeking elegant and modern design solutions that blend art and nature. Their market position is that of a niche provider with a focus on quality and craftsmanship. Technically, the website is built on WordPress using modern plugins such as WPBakery and Slider Revolution, with multilingual support via WPML. The site is hosted by a Croatian hosting provider, Plus Hosting Grupa d.o.o., and employs HTTPS with good SSL configuration. Security posture is solid but could be improved by adding security headers and formal security policies. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service detected. Overall, the website is professional, user-friendly, and trustworthy, with room for improvement in privacy and security documentation.

T

Teatar uz more

teataruzmore.com

49

Teatar uz more is a cultural theater festival based in Croatia, established in 2021, focusing on organizing theater events and performances primarily in Split and surrounding regions. The website serves as a platform for event scheduling, ticket sales, and festival information targeting theater enthusiasts and the general public interested in cultural events. The business operates on a small scale with a clear regional focus. Technically, the website is built on WordPress using popular plugins such as Yoast SEO, Contact Form 7, and Revolution Slider, indicating a mature but standard digital infrastructure. The site is mobile-optimized and SEO-friendly, providing a good user experience. Security-wise, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and some advanced security headers, suggesting room for improvement. Privacy compliance is well addressed with a comprehensive cookie policy and consent mechanism in Croatian language, aligning with GDPR requirements. Overall, the site is trustworthy, professional, and well-positioned within its niche cultural sector.

K

Knjižnice grada Zagreba

kgz.hr

10

Knjižnice grada Zagreba operates as the official public library network for the City of Zagreb, Croatia. The website provides comprehensive information about library services, locations, events, and digital resources targeting a broad audience including children, youth, and adults. The organization is positioned as a key cultural and educational institution within the region, with a history dating back to 2000. The site demonstrates consistent branding and a professional online presence with active social media engagement.

S

SeenThis AB

sitestream.co

57

Sitestream, operated by SeenThis AB, is a technology company specializing in optimizing website image delivery to reduce data waste and improve user experience. Their solution automatically selects the fastest and most data-efficient image formats tailored to each user's device and connection, contributing to reduced carbon emissions from internet usage. The company targets website owners and developers seeking performance and environmental benefits through a SaaS model with easy integration options. Technically, the website is built using modern frameworks like Svelte, with fast performance and good mobile optimization. Security posture is solid with HTTPS and some security headers, though improvements like a comprehensive Content-Security-Policy and security.txt are recommended. Privacy compliance is adequate with accessible privacy and cookie policies, though no explicit consent mechanism was detected. Overall, the site is professional, trustworthy, and aligned with its business goals.

L

Landesportal Mecklenburg-Vorpommern

studieren-mit-meerwert.de

47

The website 'Studieren mit Meerwert' serves as a comprehensive regional education portal promoting universities and study programs in Mecklenburg-Vorpommern, Germany. It targets prospective and current students, including international visitors, by providing detailed information about study opportunities, campus life, and career prospects. The platform is operated under the Landesportal Mecklenburg-Vorpommern, reflecting a public sector educational initiative with a strong regional focus. Technically, the site is built on TYPO3 CMS and employs modern web technologies such as jQuery, YouTube iframe API, and Typekit fonts. It features a responsive design with good accessibility and SEO practices. Cookie consent is implemented with an opt-in mechanism, ensuring GDPR compliance. The site integrates social media channels and interactive elements like study program search and multimedia galleries. From a security perspective, the website uses HTTPS and obfuscates email addresses to prevent spam. However, it lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or malicious content were detected. The WHOIS data aligns with the website's regional educational purpose, showing consistent domain usage and hosting. Overall, the website demonstrates a high level of professionalism, content quality, and user experience, with minor recommendations to enhance security headers and publish vulnerability disclosure information.