Security Directory

P

Praxis für Logopädie Jennifer Groß

logo-gross.de

52

Praxis für Logopädie Jennifer Groß is a small healthcare provider specializing in speech therapy services located in Püttlingen, Germany. The website presents a professional image with clear information about their services, team, and contact details. Their market position is local and focused on patients requiring speech and language therapy, including both adults and children. The business model is service-oriented healthcare with a focus on personalized patient care. Technically, the website is built on the cm4all CMS platform hosted by Strato, using standard web technologies such as HTML5, CSS3, JavaScript, and jQuery. The site is moderately performant and mobile-optimized with basic accessibility features. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers are missing and no explicit security or incident response policies are published. Overall, the website is trustworthy and compliant with GDPR, providing sufficient contact and privacy information for users.

V

VisionConnect GmbH

vision-connect.de

65

VisionConnect GmbH is a well-established digital agency based in Hannover, Germany, with over 25 years of experience since its founding in 1995. The company specializes in web development, design, SEO, and digital marketing services, leveraging platforms such as TYPO3 CMS and Wordpress. Their market position is strong, supported by long-term client relationships and a comprehensive service offering that includes strategy, design, technology, and communication solutions. The website reflects a professional and trustworthy digital presence with excellent content quality and user experience. Technically, the website is built on a modern stack with TYPO3 CMS, uses Matomo for privacy-conscious analytics, and implements GDPR-compliant cookie consent mechanisms. The site is mobile-optimized, accessible, and SEO-friendly, although some security headers could be improved. The SSL configuration is excellent, ensuring secure communications. However, there is no publicly available security policy or incident response information, which could be enhanced to improve transparency and trust. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and privacy-respecting analytics settings. No vulnerabilities or suspicious content were detected. The WHOIS data aligns with the business claims, showing a domain age consistent with the company's history and no privacy protection that would obscure legitimacy. Overall, the security posture is solid but could benefit from additional security headers and published policies. The overall risk assessment is low, with the website presenting a professional, secure, and compliant digital presence. Strategic recommendations include enhancing security headers, publishing a security policy and incident response contacts, and considering a vulnerability disclosure mechanism to further strengthen trust and security culture.

T

Kurz URLs mit Malware Schutz & Dereferrer Funktion

t1p.de

62

t1p.de is a German-based URL shortening service that emphasizes security and privacy by integrating malware and phishing protection, password protection for links, and dereferrer functionality. The service offers multiple domain options for short URLs, a browser extension, mobile app, and API access, targeting users who require safe and privacy-conscious link management. The website is well-structured, professionally designed, and provides comprehensive information about its services, including terms and privacy policies. Technically, the site uses modern JavaScript libraries such as jQuery and jQuery UI, with HTTPS enabled and CSRF protection in forms, indicating a solid technical foundation. However, some security best practices like security headers and cookie consent mechanisms are missing or not visible. The WHOIS data aligns with the website's German origin and service claims, supporting legitimacy. Overall, the site presents a trustworthy and professional service with room for improvement in privacy compliance and security hardening.

The website www.e-deska.cz provides an electronic official notice board software solution primarily targeted at Czech municipalities or administrative bodies. The service offers intuitive document posting, automatic archiving, and scheduling capabilities for official documents, supporting multiple file formats. The business model appears to be software provision, with free offerings for clients whose websites are managed by the provider. The website content is basic and primarily informational, with limited interactive features beyond a login form for administrative access. From a technical perspective, the site uses basic HTML, CSS, and JavaScript without modern frameworks or CMS detected. The site lacks mobile optimization and accessibility features, and performance is moderate. There is no evidence of HTTPS enforcement or advanced security headers, which weakens the security posture. The login form is present but lacks visible security enhancements such as CSRF tokens. Security evaluation reveals significant gaps including absence of HTTPS, missing security headers, and no visible privacy or cookie policies, indicating poor compliance with GDPR and modern security standards. The WHOIS data is unavailable, which raises concerns about domain legitimacy and trustworthiness. However, the website content is safe, non-adult, and focused on government-related software services. Overall, the site scores low to moderate on AI scoring metrics due to technical and security deficiencies. Strategic recommendations include implementing HTTPS, adding security headers, improving privacy compliance, enhancing login security, and modernizing the technical stack to improve trust and user experience.

The website www.domainmarkt.de/stadt-lueneburg.de operates as a domain marketplace specializing in the sale of premium domains, exemplified by the offering of stadt-lueneburg.de at a promotional price. The business is positioned as a niche reseller targeting German businesses and entrepreneurs seeking to establish a solid online presence through premium domain acquisition. The site is owned by nomino GmbH, a small-sized company operating in the real estate domain sector. Technically, the website employs legacy JavaScript libraries such as jQuery 1.11.0 and easySlider 1.7, with a basic CSS styling approach. The site demonstrates moderate performance and basic mobile optimization but lacks advanced accessibility and SEO features. Security posture is moderate; no HTTPS status is confirmed, and no security headers are detected, which presents an area for improvement. Privacy compliance is minimal, with a basic privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Overall, the site is functional and professional but would benefit from enhanced security and privacy practices to improve trust and compliance.

S

Sparkasse Uelzen Lüchow-Dannenberg

sparkasse-uelzen-luechow-dannenberg.de

65

Sparkasse Uelzen Lüchow-Dannenberg is a regional German savings bank offering a broad range of financial services including online and mobile banking, accounts, loans, investments, insurance, and real estate services. The website targets both private and business customers with a clear focus on accessibility and user support. The bank holds recognized certifications such as the BITV accessibility test and IHK quality seal, reinforcing its trustworthiness and market position. Technically, the website is built on Adobe Experience Manager CMS, utilizing modern web technologies like JavaScript and CSS, with good mobile optimization and accessibility features. The site employs HTTPS with a secure SSL configuration and includes cookie consent mechanisms compliant with GDPR. However, explicit security headers are not detected, indicating room for security enhancements. From a security perspective, the site demonstrates good practices such as session timeout warnings and secure forms but lacks publicly available security policies or incident response contacts. No vulnerabilities or suspicious domains were found. Analytics usage includes Google Universal Analytics with moderate user tracking and privacy compliance. Overall, the website is professional, trustworthy, and well-structured, suitable for its financial services audience. Strategic improvements in security headers and incident response transparency could further strengthen its security posture.

SAFETEC IT-SYSTEME Vertriebsgesellschaft mbH is a German-based company specializing in the sales, maintenance, and support of high-performance scanners and related hardware and software solutions. Established in 1999, the company emphasizes a strong customer service culture with nationwide support technicians and flexible maintenance contracts. Their business model focuses on B2B sales and after-sales services including repairs, training, and test device loans. The website reflects a professional and consistent brand presence targeting business customers in Germany. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern JavaScript libraries such as jQuery and MediaElement.js for enhanced user experience. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with no major technical issues detected. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. From a security perspective, the site enforces HTTPS and uses secure forms with CSRF tokens. However, explicit HTTP security headers are not detected, and no public security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the content. The domain WHOIS data is minimal but consistent with the business claims, though lacking detailed registrant information. Overall, SAFETEC presents a trustworthy and professional online presence with solid privacy and security foundations. Strategic improvements could include publishing explicit security policies, adding security headers, and implementing a vulnerability disclosure process to further enhance trust and compliance.

P

Pickbrenner GmbH

pickbrenner.de

56

Pickbrenner GmbH is a small, local business based in Lüneburg, Germany, specializing in office solutions including printing, copying, office furniture, and telephony systems. The company positions itself as a provider of optimal service and expertise in office-related products and services. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard JavaScript polyfills, indicating a moderate level of technical maturity. The site is mobile optimized and presents a professional design with relevant business content. Security-wise, the website uses HTTPS and includes scripts to harden fetch and XHR requests, but lacks visible security headers and privacy-related policies, which are critical for compliance and trust. The WHOIS data for the domain is missing, raising concerns about domain legitimacy and ownership verification. Overall, the website is functional and business-focused but requires improvements in security posture, privacy compliance, and domain registration transparency.

L

Leitz

leitz.com

61

Leitz is a well-established brand specializing in office supplies, office solutions, and stationery products, targeting office workers and home office users. The website presents a professional and consistent brand image with a focus on premium quality products rooted in German heritage. The technical infrastructure includes modern analytics and cookie consent technologies, with a CMS likely based on Episerver. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is generally good with HTTPS enabled and cookie consent mechanisms in place, though security headers and explicit security policies are lacking. The absence of WHOIS data reduces domain trustworthiness, but the website content and branding support legitimacy. Privacy compliance is partially implemented, with cookie consent but no visible privacy policy or terms of service pages in the provided content. Overall, the website is professional and trustworthy but could improve transparency and security practices.

L

Landkreis Harburg

landkreis-harburg.de

53

Landkreis Harburg operates as a regional government authority in Germany, providing a wide range of public services including administration, social services, education, environmental management, and tourism information. The website serves residents, businesses, and visitors with comprehensive information and digital services such as online appointment booking and service portals. The site is well-structured, professionally designed, and consistent with the branding of a government entity. Technically, the site uses a custom CMS (NOLIS), modern web technologies, and includes accessibility and SEO optimizations, though some accessibility features could be improved. Security posture is strong with HTTPS, security headers, and spam protection on forms, but lacks a visible cookie consent mechanism and vulnerability disclosure policy. Overall, the website is trustworthy and fulfills its role as a government information portal effectively.

H

Hamburger Waagenbau GmbH

hamburger-waagenbau.de

44

Hamburger Waagenbau GmbH is a medium-sized German company specializing in manufacturing and servicing weighing and data technology solutions. Positioned as a leading regional provider in northern Germany, the company offers a broad range of products including various types of scales, custom weighing solutions, IT software, and calibration services. Their target audience primarily consists of industrial and commercial clients requiring precise and reliable weighing systems. The website reflects a professional and consistent brand image with clear navigation and relevant content. Technically, the site is built on WordPress with modern frameworks and includes Google Analytics with privacy-conscious settings. Security posture is solid with HTTPS and cookie consent implemented, though additional security headers and policies could enhance protection. WHOIS data aligns with the business claims, showing no privacy protection or suspicious registration details. Overall, the website demonstrates good digital maturity and business credibility.

B

BerlinerLuft. Technik GmbH

berlinerluft.de

50

BerlinerLuft. Technik GmbH is a medium-sized German company specializing in the development and production of ventilation, climate technology, and industrial air systems. Their website presents a comprehensive portfolio of products and solutions targeting technical building equipment professionals and industrial clients. The company maintains a strong market position with a focus on sustainable and modular system solutions. Technically, the website is built on TYPO3 CMS, integrates Google Analytics and Tag Manager for tracking, and demonstrates good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Overall, the site is professional, trustworthy, and GDPR compliant, with clear contact information and international presence.

B

Abdeckstreifen | Bausch Convert | Papierindustrie & Papierverarbeitung in Winsen (Luhe)

bausch-convert.de

54

The website www.bausch-convert.de is a small business site hosted on the Wix platform, with minimal visible content and no explicit business or contact information. The site lacks privacy, cookie, and terms of service policies, which indicates low compliance with data protection regulations such as GDPR. Technically, the site uses Wix's standard JavaScript libraries and Sentry for error tracking but lacks advanced security headers and configurations. The SSL configuration is basic but present, ensuring encrypted communication. Overall, the security posture is weak due to missing security headers and lack of incident response or vulnerability disclosure information. The site does not expose sensitive data or show signs of malicious activity but has low trustworthiness due to minimal content and lack of business transparency.

C

Creatomatic

creatomatic.co.uk

68

Creatomatic is a Scotland-based digital agency specializing in web design, branding, and digital transformation services, with a focus on WordPress development and digital marketing. The company positions itself as a professional and trusted partner for businesses seeking to build and enhance their digital presence. The website reflects a small-sized agency with a solid reputation, supported by positive user ratings and active social media engagement. Technically, the site is built on WordPress, leveraging modern JavaScript libraries and analytics tools such as Google Tag Manager, Google Analytics, Hotjar, and Facebook Pixel, indicating a mature digital infrastructure. The website is served securely over HTTPS with CDN support, ensuring good performance and availability. Security posture is generally good with HTTPS and privacy consent mechanisms implemented, though explicit security headers and detailed privacy or cookie policies are not detected in the provided content. The absence of WHOIS data for the subdomain queried is expected and does not detract significantly from the domain's legitimacy. Overall, Creatomatic demonstrates a professional online presence with moderate technical sophistication and a good security baseline, suitable for its business model and market segment.

The website www.ifem.cc is currently inaccessible due to a Cloudflare Turnstile security challenge page, which blocks direct access to any meaningful content. No business information, contact details, or policies are available on the landing page. The domain WHOIS data is unavailable or not publicly accessible, preventing verification of ownership, registration dates, or legitimacy. Technically, the site uses Cloudflare's security services but lacks visible security headers or SSL configuration details. Overall, the site appears to be either under protection or not fully operational for public access, limiting any substantive analysis.

J

JessenLenz GmbH

jessenlenz.eu

49

JessenLenz GmbH is an established IT system house based in Lübeck, Germany, offering comprehensive IT services with over 40 years of experience. The company targets businesses seeking reliable IT solutions and positions itself as a trusted provider in the technology sector. The website is built on WordPress using the Divi theme and incorporates SEO best practices via the Yoast SEO plugin. Social media presence on Facebook and Instagram supports brand visibility. Technically, the site is moderately performant and mobile-optimized, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no evident vulnerabilities, but lacks explicit security policies or incident response information. Privacy compliance is limited due to the absence of a privacy policy and terms of service. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

N

National Shooting Sports Foundation

gunvote.org

52

GunVote is an advocacy and voter mobilization platform operated by the National Shooting Sports Foundation (NSSF), focused on protecting Second Amendment rights in the United States. The website provides resources such as candidate report cards and encourages gun owners and supporters to vote in elections. The platform targets a niche audience of firearm owners, hunters, and industry members, positioning itself as a key player in political advocacy within this sector. Technically, the site is built on WordPress using the Divi theme, leveraging modern JavaScript libraries and multiple third-party tracking and advertising services. While the site is mobile-optimized and has good design quality, it lacks comprehensive privacy and cookie policies, and does not implement DNSSEC or advanced security headers, which are areas for improvement. Security posture is moderate with HTTPS enforced and domain transfer protections in place. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the platform.

D

Danish Business Authority

danishbusinessauthority.dk

59

The Danish Business Authority is a Danish government agency dedicated to facilitating and regulating business activities within Denmark. The website serves as an authoritative source for entrepreneurs, business owners, and international trade participants, offering services such as business registration guidance, export control information, and access to relevant business registers. The agency positions itself as a key enabler for business growth and compliance in Denmark, supported by a well-structured and content-rich website. Technically, the website is built on the Drupal CMS platform, employing modern web technologies including JavaScript and SVG icons. It demonstrates good mobile optimization, accessibility, and SEO practices. The site uses HTTPS with a good SSL configuration and includes a cookie consent mechanism compliant with GDPR standards. Analytics are conducted via Piwik Pro, with explicit user consent for cookies. From a security perspective, the website enforces HTTPS and employs cookie consent for tracking. However, it lacks DNSSEC and security headers such as Content-Security-Policy or X-Frame-Options, which are recommended to enhance security posture. No security policy or incident response contacts are published, which could be improved to increase transparency and readiness. Overall, the website is trustworthy, professional, and well-maintained, reflecting the official nature of the Danish Business Authority. The domain registration data supports its legitimacy with a consistent history and no privacy protection masking ownership. Strategic recommendations include enabling DNSSEC, publishing security policies, and implementing additional security headers to further strengthen the security posture.

The domain okm.fi is registered to the Finnish Ministry of Education and Culture (Opetus- ja kulttuuriministeriö), a government entity in Finland. The website is intended to serve as an official government portal related to education and cultural affairs. However, the current website content is inaccessible due to a Cloudflare Turnstile security challenge page, which blocks direct access to the site's content. This limits the ability to analyze the website's content, policies, and user experience in detail. The WHOIS data confirms the legitimacy of the domain ownership and its alignment with the claimed government organization. From a technical perspective, the website uses Cloudflare as a security and performance provider, implementing Turnstile CAPTCHA to mitigate automated access. No other visible technologies, CMS, or analytics tools are detected due to the content block. The lack of visible privacy, cookie, or terms of service policies indicates incomplete compliance with common privacy standards. No contact information or forms are present in the accessible content, limiting user engagement and transparency. Security posture is difficult to fully assess because of the WAF challenge, but the use of Cloudflare and HTTPS is a positive indicator. However, the absence of security headers and published security policies reduces the overall security maturity. The domain registration data is consistent and appropriate for a government entity, supporting trustworthiness. Overall, the site presents a low digital maturity and limited transparency in its current state. Strategic recommendations include improving accessibility by reducing or customizing the WAF challenge for legitimate users, publishing comprehensive privacy and cookie policies, adding clear contact and security incident response information, and enhancing security headers and SSL configurations. These steps will improve user trust, compliance, and security posture while maintaining protection against threats.

I

infoklick.ch, Kinder- und Jugendförderung Schweiz

infoklick.ch

46

infoklick.ch is a Swiss non-profit organization dedicated to promoting youth participation and improving information dissemination in the children and youth sector. With over 25 years of history, it holds a respected position in the Swiss youth promotion landscape. The website provides resources, partner networks, and community engagement opportunities targeting children and young people in Switzerland. Technically, the site is built on TYPO3 CMS, uses standard web technologies, and integrates both Google Analytics and Matomo for analytics, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and privacy-respecting analytics, but lacks advanced security headers and cookie consent mechanisms. Overall, the site is trustworthy, professional, and content-rich, though improvements in privacy compliance and security policies are recommended.

A

ANPCDEFP

suntsolidar.eu

46

The website www.suntsolidar.eu serves as the official Romanian portal for the European Solidarity Corps (ESC), a European Union initiative promoting youth volunteering and solidarity projects. It provides comprehensive information, resources, event announcements, and guidance for both young people and organizations interested in participating in ESC programs. The site is well-branded with EU and Romanian government logos, indicating its official status and authoritative position in this sector. Technically, the site employs a custom CMS with legacy JavaScript libraries such as Prototype.js and Scriptaculous, alongside calendar and lightbox components. The site is served over HTTPS with a cookie consent mechanism, indicating compliance with GDPR. Accessibility features are present, and the site is moderately optimized for mobile devices. SEO and navigation are clear and user-friendly, supporting a good user experience. From a security perspective, the site uses HTTPS exclusively but lacks explicit security headers and publicly available incident response or security policies. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data is due to EURid privacy policies, but the domain's usage and content strongly suggest legitimacy. No advertising or tracking scripts were found, supporting a privacy-conscious approach. Overall, the site is a trustworthy, well-maintained government/non-profit portal with good content quality and compliance posture. Strategic improvements could include adding security headers, publishing incident response contacts, and enhancing mobile optimization to further strengthen security and user experience.

A

ANPCDEFP

erasmusplus.ro

46

The website www.erasmusplus.ro serves as the official Romanian National Agency portal for the Erasmus+ program, providing comprehensive information, resources, and updates related to EU-funded education, training, youth, and sport projects. It targets students, educators, institutions, and youth organizations, positioning itself as an authoritative source within Romania for Erasmus+ program details and support. The site demonstrates a solid digital infrastructure with a custom CMS, integration of JavaScript libraries, and modern analytics tools, ensuring good user experience and accessibility. Security posture is strong with HTTPS enforcement and GDPR compliance, although some security headers could be improved. The domain is privacy protected under ROTLD policies, which is typical for Romanian domains, and the website content and external links strongly support its legitimacy. Overall, the site is professional, trustworthy, and well-maintained, serving an important governmental and educational function.

A

Agenția Națională pentru Programe Comunitare în Domeniul Educației și Formării Profesionale (ANPCDEFP)

anpcdefp.ro

43

ANPCDEFP is a Romanian national agency dedicated to managing European Union educational and youth programs such as Erasmus+, the European Solidarity Corps, and SEE Grants. The agency plays a key role in transforming Romania through learning by providing funding, information, and support services to educational institutions, youth organizations, and public entities. The website reflects a professional government entity with consistent branding and comprehensive content focused on its mission and services. Technically, the site uses a mix of legacy and modern JavaScript libraries, with Google Analytics and Tag Manager for tracking. Security posture is strong with HTTPS enforced and multi-factor authentication mentioned for related EU platforms, though explicit security headers and incident response contacts are not visible. Privacy compliance is well addressed with a clear GDPR policy and cookie consent mechanism. Overall, the website is trustworthy, well-structured, and serves its target audience effectively.

K

Kreisstadt Siegburg

siegburg.de

66

The website siegburg.de is the official online presence of the Kreisstadt Siegburg, a municipal government entity in Germany. It provides comprehensive information and digital services to residents and visitors, including service portals, issue reporting, council information, event calendars, and citizen engagement platforms. The site is well-structured and targets local citizens and stakeholders, emphasizing accessibility and user-friendly navigation. The business model is typical for a government portal, focusing on public service delivery and community engagement.

The website siegburg.eu currently hosts only a default placeholder page generated by Plesk, indicating that it is not actively used for business or public-facing purposes. There is no meaningful content, contact information, or business description available. The domain is registered through united-domains AG, a reputable registrar, but no further registrant details or business legitimacy indicators are present. Technically, the site uses minimal JavaScript from Plesk assets and lacks any modern CMS or frameworks. Security posture is weak due to absence of HTTPS and security headers, and no privacy or cookie policies are implemented. Overall, the site presents a low-risk profile but also lacks any trust or credibility as a business website.

S

Smex Ed

smexed.com

55

Smex Ed is a small digital media company operating a free digital magazine focused on sexual empowerment and education. Founded in 2023, it offers educational content, a podcast, and advertising opportunities targeting a general audience interested in sexual health and empowerment. The website is hosted on WordPress.com and uses modern web technologies including embedded social media and podcast platforms. The business model relies on donations and advertising revenue. The site is professionally designed with good navigation and mobile optimization, though it lacks formal privacy and cookie policies, which is a compliance gap. Security posture is adequate with HTTPS and no visible vulnerabilities, but could be improved with enhanced security headers and published policies. Overall, the domain registration and hosting are consistent and legitimate for the business type.

The website www.ollizilk.de is currently inaccessible due to a Cloudflare Turnstile security challenge page, which prevents access to any substantive content or business information. The domain is active and uses Jimdo name servers, suggesting it is hosted or built on the Jimdo platform. Due to the lack of accessible content, no privacy, cookie, or terms of service policies are detectable, nor are there any contact details or business descriptions available. The technical infrastructure includes Cloudflare's security services, but no further technology stack details can be confirmed. Security posture cannot be fully assessed given the blocked content, but the presence of Cloudflare indicates some level of protection. Overall, the site cannot be properly evaluated for business credibility, compliance, or content quality at this time.

E-Werk Kulturzentrum GmbH operates a prominent cultural center in Erlangen, Germany, with over 35 years of history. The organization hosts a wide range of cultural events, concerts, and community programs, positioning itself as one of the largest cultural venues in Germany. The website reflects this focus with detailed event programming and cultural content aimed at regional and national audiences interested in arts and culture. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies and third-party services such as Cookiebot for consent management and Google/Facebook for analytics and marketing. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is strong, with comprehensive cookie categorization and GDPR-aligned consent. Overall, the site is trustworthy and professionally maintained, with no critical security or compliance issues detected.

The website represents a small non-profit cultural association named 'kleinkunst und Kulturverein Werne a.d. Lippe e. V.', focused on promoting local arts and cultural events in Werne, Germany. The site offers information about events, concerts, cinema, and community activities, targeting local culture enthusiasts. The business model is community-oriented, relying on event hosting and cultural promotion without commercial sales. Technically, the website is built using older technology (iWeb 3.0.4) with basic HTML, CSS, and JavaScript, lacking modern responsive design and accessibility features. The site does not demonstrate advanced SEO or performance optimization and appears to have moderate loading performance. Security posture is weak, with no evidence of HTTPS enforcement or security headers, and no visible incident response or security policies. Privacy compliance is minimal, with a basic privacy and terms page but no cookie consent mechanism. Overall, the site is functional for its purpose but requires modernization and security improvements.

R

Rockfield-Festival

rockfield-festival.de

54

Rockfield-Festival is a small regional event organizer hosting the Rockfield Festival 2024, a Woodstock-themed music festival in Ahaus, Germany. The website provides detailed event information, lineup, schedule, and contact phone number, targeting music fans and local attendees. The business model focuses on event promotion and ticket sales, leveraging social media channels for outreach. Technically, the site uses modern web technologies including React and the Chayns platform, hosted on Tobit infrastructure, delivering a moderate performance and good mobile experience. Security posture is adequate with HTTPS enforced but lacks visible security headers and formal privacy or cookie policies, indicating room for compliance improvements. Overall, the site is safe, family-friendly, and trustworthy for its purpose, though it would benefit from enhanced privacy and security disclosures.

O

Open Ground GmbH & Co. KG

wuppertal.cafe

10

Café 23 is a small hospitality business located in Wuppertal, Germany, offering a diverse selection of drinks, specialty coffees, vegetarian and vegan snacks, and hosting community events such as wine tastings and DJ nights. The business emphasizes values of tolerance, sustainability, and social justice, aiming to create a welcoming environment for all visitors. The website is bilingual (German and English), professionally designed, and provides comprehensive legal and privacy information consistent with German regulations. Technically, the site uses standard web technologies (HTML, CSS, JavaScript) with good mobile optimization and basic accessibility features. Security posture is moderate with no visible security headers or cookie consent mechanisms, but no critical vulnerabilities or exposed sensitive data were found. WHOIS data is unavailable due to TLD restrictions, but the domain expiry date and website content indicate an active and legitimate business. Overall, the site is trustworthy and well-maintained, though improvements in security headers and privacy compliance could enhance its posture.

S

Soulfood Cafe Simonz

cafe-simonz.de

9

Soulfood Cafe Simonz is a small hospitality business located in Wuppertal-Arrenberg, Germany, offering food, drinks, and cultural events including live music and private event hosting. The website provides clear contact information and event announcements, targeting local community members and visitors interested in dining and cultural experiences. Technically, the site is built on the IONOS MyWebsite platform, utilizing standard web technologies such as HTML5, CSS, JavaScript, and Facebook SDK for social integration. The site is served over HTTPS, ensuring secure connections, but lacks advanced security headers and formal privacy or cookie policies. Security posture is moderate with room for improvement in compliance and best practices. Overall, the website is functional, moderately optimized, and trustworthy for its business purpose.

P

Pfalz-Didgers

pfalz-didgers.de

46

The Pfalz-Didgers website represents a small community group based in the Pfalz region of Germany, dedicated to the cultural and musical promotion of the Didgeridoo. Their activities include regular meetings, concerts, workshops, and educational efforts to share the significance of the Didgeridoo and Aboriginal Australian culture. The website serves as an informational portal with event announcements and cultural content, targeting enthusiasts and local community members interested in this niche musical instrument. Technically, the website is built with standard HTML, CSS, and JavaScript, hosted on kasserver.com. It uses HTTPS but lacks advanced security headers and cookie consent mechanisms, indicating room for improvement in security and privacy compliance. The site is mobile-optimized with good navigation and content structure but does not employ analytics or tracking technologies, reflecting a privacy-conscious or low-budget approach. From a security perspective, the site has a basic posture with HTTPS enabled but missing important security headers and no visible incident response or security policies. No vulnerabilities or suspicious elements were detected. The WHOIS data aligns well with the website's regional and community focus, supporting legitimacy. However, the absence of contact information and cookie consent reduces trust and compliance scores. Overall, the website is a well-structured, niche cultural site with moderate technical maturity and basic security. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance trustworthiness and compliance with GDPR requirements.

S

Stadtmuseum Siegburg

stadtmuseum-siegburg.de

10

Stadtmuseum Siegburg is a local cultural institution in Germany providing museum exhibitions, events, guided tours, and educational programs. The website serves as an information portal for visitors and community members interested in local history and art. The technical infrastructure is based on the ionas4 CMS with modern web technologies including JavaScript modules and Matomo analytics, indicating a moderate level of digital maturity. Security posture is strong with HTTPS and script integrity checks, though explicit security policies and incident response contacts are not published. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the website is professional, well-structured, and trustworthy, serving its target audience effectively.

K

Kulturelle Landpartie

kulturelle-landpartie.de

51

Kulturelle Landpartie operates as a non-profit cultural festival organizer in Northern Germany, focusing on self-organized cultural events in the Wendland region. The website serves as an information portal for visitors, providing event details, travel guidance, and accommodation options. The organization holds a strong regional presence as the largest cultural festival of its kind in Northern Germany. Technically, the website is built on a custom CMS (Wendnet KLP-CMS) and uses standard web technologies including HTML5, CSS, and jQuery 3.6.0. Hosting is provided by Schlund Technologies, a professional hosting provider. The site demonstrates moderate performance and basic mobile optimization, with good SEO practices and clear navigation. From a security perspective, the website lacks advanced security headers and explicit HTTPS confirmation in the provided data, though no critical vulnerabilities or exposed sensitive data were found. Privacy and cookie policies are present but basic, with no explicit consent mechanism. No incident response or security policy information is available, indicating room for improvement in security maturity. Overall, the website is functional, trustworthy, and serves its cultural community well, but could benefit from enhanced security measures, improved privacy compliance mechanisms, and more transparent contact information to strengthen user trust and regulatory adherence.

L

Leinen Los! e.V.

guestritz14.de

49

Güstritz 14 is a small-scale collective living and working community based in Germany, operating under the association 'Leinen Los! e.V.'. The project focuses on sustainable living, cooperative work, cultural events, and solidarity-based agriculture. The website is built on the One.com Web Editor platform and hosted by One.com, featuring a moderate technical infrastructure with basic SEO and mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms but lacks advanced security headers and formal privacy policies. Contact information is clearly provided, enhancing business credibility. Overall, the site presents a trustworthy and community-oriented project with room for improvement in privacy and security practices.

U

umlaut recordings

analogue-birds.com

49

Analogue Birds is a small German music band celebrating 20 years of activity, offering their discography through an online shop hosted on umlaut.de. The website is minimalistic, primarily serving as a landing page with links to the shop and legal information hosted externally. The technical infrastructure is basic, using standard HTML, CSS, and JavaScript, hosted on kasserver.com with HTTPS enabled but lacking advanced security headers and cookie consent mechanisms. The security posture is moderate with no critical vulnerabilities detected but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is basic, with a privacy policy linked externally but no cookie policy or consent mechanism on the site. Business credibility is supported by the domain age and consistent content, though contact details are minimal. Overall, the site is functional but could benefit from enhancements in security, privacy, and user engagement.

The website uev.es is currently a parked domain page offered for sale via the Sedo domain marketplace. It does not represent an active business or service but rather serves as a placeholder with minimal content and advertising links. The site uses Sedo's parking platform and Google Adsense for monetization. There is no identifiable company information, contact details, or security policies beyond basic Sedo templates. Technically, the site uses standard HTML, CSS, and JavaScript with embedded iframes for ads and search functionality. Security posture is weak due to lack of HTTPS and security headers. Privacy compliance is minimal with only a basic privacy policy and cookie consent mechanism provided by Sedo. Overall, the site is low trust and low content quality, suitable only as a domain sale landing page.

G

GoDaddy Operating Company, LLC

owned.xyz

71

The website forsale.godaddy.com/forsale/owned.xyz is a professional domain sales landing page operated by GoDaddy Operating Company, LLC, a leading domain registrar and aftermarket platform. It offers the premium domain owned.xyz for sale with a clear call to action, secure transaction assurances, and customer support. The site targets individuals and businesses seeking premium domain names to establish or enhance their online presence. The business model is focused on domain aftermarket sales and brokerage, leveraging GoDaddy's extensive market position and infrastructure. Technically, the site is built using modern web technologies including React with Next.js framework, served via GoDaddy's hosting infrastructure. It employs HTTPS with excellent SSL configuration, uses Google reCAPTCHA for form security, and integrates third-party trust signals such as Trustpilot. The site is optimized for performance, mobile responsiveness, and accessibility, providing a good user experience. From a security perspective, the site demonstrates strong practices such as HTTPS enforcement and secure form handling. However, explicit security headers are not detected in the provided data, and no dedicated security or incident response policies are linked on the landing page. No vulnerabilities or exposed sensitive data were found. Privacy compliance is supported by GoDaddy's comprehensive privacy and cookie policies, with GDPR compliance indicated. Overall, the domain is a subdomain of godaddy.com, explaining the absence of WHOIS data for the subdomain itself. The site is legitimate, professionally maintained, and trustworthy. Strategic recommendations include enhancing security header implementation, publishing a vulnerability disclosure policy, and improving visibility of incident response contacts to further strengthen security posture and customer trust.

The website wombat.io is currently a domain parking page managed by IONOS SE, a known registrar and hosting provider under 1&1 Internet Inc. There is no active business content, product offerings, or services presented on the site. The domain is registered since 2017 and is consistent with the registrant information, indicating legitimacy as a parked domain rather than an operational business website. The site includes a cookie consent modal referencing external privacy and cookie policies hosted by the registrar's parking service provider, SedoParking. No contact information, security policies, or terms of service are present on the site. Technically, the site uses basic HTML, CSS, and JavaScript with external scripts loaded from sedoparking.com. The site is mobile basic optimized but lacks advanced SEO or accessibility features. Security posture is minimal with no detected security headers or HTTPS status provided, and DNSSEC is not enabled for the domain. Overall, the site is low in content quality and business credibility, serving primarily as a placeholder domain.

C

Conventus Congressmanagement & Marketing GmbH

dgina-kongress.de

10

The website dgina-kongress.de serves as the official portal for the 21st Annual Meeting of the Deutsche Gesellschaft für Notfallmedizin e.V. (DGINA) and the ICEM 2026 conference in Hamburg. It provides detailed event information, contact forms, and links to partner sites, targeting medical professionals and emergency medicine specialists. The site is professionally designed using TYPO3 CMS, with a clear structure and mobile optimization, supporting a positive user experience. Technically, it employs modern web technologies and integrates Matomo analytics for visitor tracking while maintaining GDPR compliance through a comprehensive cookie consent mechanism. Security posture is solid with HTTPS enforced and CAPTCHA protection on forms, though it lacks explicit security policies or incident response contacts. Overall, the domain registration aligns with the website content, indicating legitimacy and trustworthiness.

M

megamed.de steht zum Verkauf

megamed.de

40

The website megamed.de is currently a parked domain page indicating that the domain is for sale via a fixed price and escrow service provided by ELITEDOMAINS. The site content is minimal, focusing solely on domain sale information and redirecting or linking to seg.onepage.me for further details. The technical infrastructure is basic, using standard HTML, CSS, and JavaScript, hosted likely on DigitalOcean based on the IP address. There is no evidence of a CMS or advanced frameworks. Security posture is weak due to lack of HTTPS verification, absence of security headers, and no visible privacy or cookie policies. The WHOIS data is restricted by DENIC, providing no registrant or registrar information, which limits trust and transparency. Overall, the site serves a simple domain sale purpose with minimal business or security maturity.

H

HanseBelt e.V.

hansebelt.de

53

HanseBelt e.V. is a regional association focused on promoting the northern German region between Hamburg and Copenhagen, emphasizing economic development, cultural activities, and community engagement. The website serves as an information hub for residents, businesses, and potential members, offering news, events, and membership details. The organization positions itself as a key regional player facilitating networking and regional growth. Technically, the website is built on the GCMS platform, utilizing standard web technologies such as JavaScript, CSS, and jQuery. It is hosted on agency servers with a moderate performance profile and good mobile optimization. SEO and accessibility are adequately addressed, though some improvements could be made in accessibility features. From a security perspective, the site enforces HTTPS and implements a comprehensive cookie consent mechanism aligned with GDPR requirements. However, explicit security headers and incident response policies are not publicly documented, representing an area for enhancement. No vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and compliant with privacy regulations, making it a reliable resource for its target audience. Strategic improvements in security policies and technical headers would further strengthen its posture.

F

FlowChief GmbH

flowchief.de

50

FlowChief GmbH is a German-based software company specializing in industrial automation, process control, SCADA systems, and energy management solutions. The company offers a scalable software platform built entirely on web technologies, enabling remote access and control across devices. Their key offerings include the FlowChief platform, e-Gem energy management software, and remote control solutions. The company holds ISO 27001 certification, underscoring its commitment to information security. The website demonstrates a mature digital presence with modern technologies, comprehensive content, and strong customer references. Security practices are robust, including HTTPS, reCAPTCHA, and adherence to recognized standards. Overall, FlowChief presents as a credible and professional entity with a strong market position in the energy and industrial automation sectors.

E

Elektrotechnische Werke Fritz Driescher & Söhne GmbH

driescher.de

47

Elektrotechnische Werke Fritz Driescher & Söhne GmbH is a well-established German company specializing in the development, production, and distribution of low and medium voltage switchgear and railway technology solutions. With over 100 years of history and ownership of 300 patents, the company holds a strong market position as a global leader in its sector. Their product portfolio is broad and modular, catering to diverse industrial and energy sector clients worldwide. The company operates primarily from Germany with additional facilities in the Czech Republic, emphasizing 'Made in Germany' quality standards. Technically, the website employs a modern but straightforward technology stack including jQuery, Owl Carousel, and PhotoSwipe for multimedia and UI enhancements. The site is mobile-optimized with good SEO practices and a cookie consent mechanism that aligns with GDPR requirements. However, no advanced CMS or hosting provider details are evident, and performance is moderate. From a security perspective, the site uses HTTPS and implements cookie consent with granular options, but lacks published security policies, incident response contacts, or vulnerability disclosure mechanisms. Security headers and advanced protections are not evident, suggesting room for improvement in security posture. The WHOIS data is consistent and supports the legitimacy of the domain and company identity. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving as a credible digital presence for a medium-sized industrial manufacturer. Strategic improvements in security transparency and technical enhancements could further strengthen their digital maturity and risk management.

Züssi operates an e-commerce platform specializing in the retail of high-quality mineral stones and gemstone jewelry, targeting customers primarily in Germany. The website presents a professional and well-structured online shop with clear product offerings, pricing, and navigation. The technical infrastructure leverages modern web technologies including Shopware CMS, Google Tag Manager for analytics, and CookieFirst for consent management, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and consent mechanisms in place; however, the absence of WHOIS data and lack of explicit privacy and terms of service pages represent compliance and trust gaps. Overall, the site is functional and trustworthy but would benefit from enhanced transparency and security best practices.

The website sdk-set1.com is a newly registered domain with minimal content consisting solely of a JavaScript snippet that dynamically injects a script based on the referrer URL. There is no visible business information, contact details, or policies on the site, indicating it is either under development or serving a very narrow technical purpose. The domain is hosted using Google Cloud DNS services and registered through a reputable registrar, but the lack of content and business presence limits its credibility and trustworthiness. Technically, the site uses basic JavaScript without any modern frameworks or CMS detected. Security posture is weak due to absence of HTTPS enforcement and security headers, and the script injection based on referrer could pose security risks if not properly sanitized. No privacy or cookie policies are present, indicating non-compliance with GDPR and other privacy regulations. Overall, the site scores low on content quality, security, and privacy compliance, suggesting it is not yet a mature or trustworthy business website.

Palmknihy.cz is a prominent Czech online bookstore offering over 100,000 titles in printed, electronic, and audiobook formats. The website targets Czech-speaking readers and buyers, providing a broad catalog including books, stationery, gifts, and multimedia products. The business model is e-commerce retail with a strong market presence in the Czech Republic. The site is professionally designed with consistent branding and good content quality, supporting a large user base with a variety of product categories and promotions.

S

Sitevision AB

sitevision.se

64

Sitevision AB is a Swedish technology company specializing in content management systems (CMS) for intranets and websites, offering a platform that integrates AI and marketplace solutions to create engaging digital experiences. The company holds a strong market position in Sweden, supported by ISO 27001 certification and a robust partner ecosystem. The website demonstrates a mature digital infrastructure with modern technologies such as Piwik Pro analytics, Google Tag Manager, and a custom CMS framework. Security posture is strong, with HTTPS, script nonce usage, and privacy compliance evident, although some security headers could be more explicitly published. Overall, the site is professional, well-designed, and trustworthy, with no signs of blocking or malicious content.

K

Samlet guide til kultur, musik, teater og udstillinger - Find det hele på KultuNaut

kultunaut.dk

46

KultuNaut.dk is a Danish cultural event platform providing a comprehensive calendar for music, theater, exhibitions, and other cultural activities primarily in Denmark. The website offers multilingual support and allows users to search events by geography, genre, and date. It also supports event submissions and user ratings, positioning itself as a regional cultural aggregator. Technically, the site uses modern JavaScript libraries such as Leaflet for mapping and Pickaday for date selection, with a moderate performance and good mobile optimization. Security-wise, the site enforces HTTPS and includes a cookie consent mechanism but lacks visible security headers and explicit privacy or terms of service pages. The absence of WHOIS data limits domain trust assessment, though the site content and structure suggest legitimacy. Overall, KultuNaut.dk serves its target audience effectively but would benefit from enhanced transparency and security practices.