Security Directory

H

Hotzenwald Tourismus GmbH

hotzenwald-schwarzwald.de

51

Hotzenwald Tourismus GmbH operates a regional tourism website promoting the Hotzenwald area in the Black Forest, Germany. The site provides comprehensive information on accommodations, activities, local culture, and environmental initiatives such as Fairtrade certification and the KONUS guest card for public transport. The business targets tourists seeking nature, family vacations, and cultural experiences in a quiet, scenic environment. The business model centers on tourism promotion and accommodation booking facilitation, positioning itself as a trusted regional authority. Technically, the website uses standard web technologies including JavaScript and CSS with a custom or unknown CMS. The site is mobile-optimized with clear navigation and good SEO practices but lacks modern frameworks or advanced accessibility features. Performance is moderate with no major errors detected. Security posture is basic; HTTPS is used but no explicit security headers or vulnerability disclosures are present. Privacy compliance is partial with a privacy policy available but no cookie consent mechanism. Overall, the security posture is adequate for a small tourism site but could be improved by implementing security headers, cookie consent, and publishing a security policy. The domain registration uses privacy-protected nameservers, which is common and justified for this business type. No suspicious patterns or vulnerabilities were detected. The website content is safe, family-friendly, and professionally presented, supporting a high trustworthiness rating. Strategic recommendations include enhancing security headers, adding cookie consent for GDPR compliance, publishing incident response information, and considering vulnerability disclosure policies to improve trust and security maturity.

H

Hans-Georg Hostrup

eiderstedt1.de

62

The website eiderstedt1.de represents a small regional cultural heritage and tourism business centered around the historic Haubarg Blumenhof farmstead in Tating, Germany. It provides detailed information about the heritage site, the Hochdorfer Garten, and the IGB heritage association, targeting tourists and visitors interested in cultural and garden tourism. The business model focuses on holiday apartment rentals and promoting local cultural landmarks. Technically, the website is built using the Zeta Producer CMS and standard web technologies including HTML5, CSS3, JavaScript, and jQuery. It features a responsive design with good mobile optimization and moderate performance. SEO and accessibility are basic but adequate for the site's purpose. No advanced analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site enforces HTTPS and implements a GDPR-compliant cookie consent mechanism. However, it lacks advanced security headers and does not provide explicit security policies or incident response contacts. No vulnerabilities or suspicious content were found, and the domain registration data aligns well with the website's content and business claims. Overall, the site is trustworthy, professionally presented, and suitable for its niche audience. Strategic improvements could include adding security headers, incident response information, and terms of service to enhance compliance and trustworthiness.

R

Richardsen-Bruchwitz-Stiftung

hochdorfer-garten.de

52

Hochdorfer Garten in Tating is a culturally significant Baroque garden managed by the Richardsen-Bruchwitz-Stiftung, a non-profit foundation dedicated to preserving this historic site as a public park. The website provides detailed information about the garden, its history, events, and visitor information, targeting tourists and local visitors interested in cultural heritage and nature. The site is well-structured, with clear navigation and relevant content, supporting the foundation's mission and community engagement. Technically, the website is built using the Zeta Producer CMS and employs standard web technologies including HTML5, CSS3, JavaScript, and jQuery. It uses FlexSlider for image slideshows and loads custom web fonts via Google Fonts. Hosting is provided by RZone, as indicated by the nameservers. The site is mobile-optimized and performs moderately well, with good SEO practices and accessibility at a basic level. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. No security headers were detected in the HTML content, and no explicit security or incident response policies are published. There are no visible vulnerabilities or exposed sensitive data. The WHOIS data is consistent with the website's regional and organizational context, supporting legitimacy. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic improvements include adding security headers, publishing a security policy, and enhancing accessibility features to further strengthen the site's security posture and user trust.

T

Tourismusverein Tating

tating-nordsee.de

52

Tourismusverein Tating operates as a regional tourism association promoting vacation opportunities in the village of Tating and surrounding Eiderstedt peninsula near the North Sea coast of Germany. The website serves as an informational and accommodation directory platform targeting tourists interested in rural and coastal holidays. The business model focuses on local tourism promotion without direct e-commerce or booking functionalities. Technically, the site is built using the Zeta Producer CMS, employs standard web technologies including JavaScript and CSS, and is hosted on a known German hosting provider's infrastructure. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit incident response policies. Privacy compliance is good with a clear privacy policy and cookie management. Overall, the website is trustworthy, professional, and safe for general audiences.

Nordfriesen Glasfaser is a regional telecommunications provider specializing in delivering high-speed fiber optic internet, telephone, and TV services to private customers in southern Nordfriesland, Germany. The company emphasizes reliable, fast, and future-proof connectivity solutions tailored to residential users. Their website is built on TYPO3 CMS and integrates Cookiebot for comprehensive cookie consent management, reflecting a commitment to privacy compliance. The site offers clear navigation, detailed service descriptions, and social media engagement, supporting a positive user experience and trustworthiness. Technically, the website demonstrates a modern infrastructure with HTTPS enabled and a moderate performance profile. However, security headers and explicit security policies are absent, indicating room for improvement in security posture. No blocking or WAF challenges were detected, allowing full content access and analysis.

M

MyDr Sp. z o.o.

mydr.pl

50

MyDr Sp. z o.o. operates a Polish-language healthcare platform providing patients with online access to medical data, appointment booking, and telemedicine services. The company is a recognized leader in cloud-based Electronic Medical Documentation software in Poland, with a strong market presence and a portfolio including specialized software for dental clinics. The website is professionally designed, mobile-optimized, and integrates with official app stores for iOS and Android applications. Technically, the site uses modern JavaScript frameworks such as Vue.js and mapping libraries like Leaflet.js, delivering a moderate performance experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements are recommended in security headers and cookie consent mechanisms. WHOIS data aligns well with the business claims, showing a consistent and legitimate domain registration. Overall, the platform demonstrates a mature digital infrastructure suitable for its healthcare audience.

Clinic Cloud is a Spanish-based healthcare software provider offering a comprehensive cloud-based clinic management platform with integrated artificial intelligence features. The company targets medical clinics, dental offices, physiotherapy centers, psychology practices, aesthetics, and franchises, providing tools for electronic medical records, appointment scheduling, financial management, user role management, consent management, and process automation. The platform is integrated with Doctoralia, a major health portal, enhancing its market position and client reach. Technically, the website is built on HubSpot CMS with modern marketing and analytics tools such as Google Tag Manager and Visual Website Optimizer, delivering a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS, domain locking, and no exposed sensitive data, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy compliance is basic, with a cookie consent mechanism present but no visible privacy or terms of service pages. Overall, the website reflects a professional and trustworthy business with room for improvement in privacy transparency and security disclosures.

D

DoktorTakvimi

doktortakvimi.com

68

DoktorTakvimi is a prominent Turkish online healthcare platform specializing in doctor search, appointment booking, and patient reviews. It operates as part of the Docplanner group, a recognized leader in healthcare technology. The website offers a comprehensive database of over 181,000 doctors and specialists, facilitating easy access to healthcare services for patients in Turkey. The platform supports online consultations and integrates modern digital tools to enhance user experience. Technically, the site employs a robust tech stack including JavaScript frameworks, Algolia search, Google Analytics, and HubSpot marketing tools, ensuring efficient performance and user engagement. Security measures such as HTTPS enforcement, security headers, and cookie consent mechanisms are well implemented, although explicit security policies and incident response details are not publicly available. The absence of WHOIS registration data is a notable anomaly but does not detract significantly from the platform's legitimacy given its professional presentation and market presence. Overall, DoktorTakvimi demonstrates a mature digital infrastructure with good privacy compliance and a strong market position in Turkey's healthcare sector.

Z

ZnanyLekarz

znanylekarz.pl

68

ZnanyLekarz.pl is a leading Polish online healthcare platform that enables patients to find doctors, read verified reviews, and book medical appointments online. It is part of the Docplanner group, a recognized international healthcare technology company. The website offers a comprehensive database of over 146,000 doctors and supports online consultations, reflecting a mature digital healthcare service. Technically, the site employs modern web technologies including Google Analytics, Google Tag Manager, Visual Website Optimizer, and OneTrust for cookie consent, ensuring good performance, SEO, and privacy compliance. Security posture is strong with HTTPS enforcement, security headers, and GDPR-aligned consent mechanisms, although explicit security policies and incident response contacts are not publicly disclosed. Overall, ZnanyLekarz.pl demonstrates a professional, trustworthy, and user-friendly platform with a strong market position in Poland's healthcare sector.

D

Doctoralia

doctoralia.com.mx

68

Doctoralia is a leading online healthcare platform in Mexico, offering a comprehensive directory of medical specialists, patient reviews, and online appointment booking services. The platform is part of the Docplanner group, which operates internationally. The website is well-structured, targeting patients seeking medical care with a user-friendly interface and extensive service listings. Technically, the site employs modern JavaScript frameworks, integrates with Google Analytics, Tag Manager, and Visual Website Optimizer for analytics and optimization, and uses Algolia for search functionality. Security is robust with HTTPS enforced and token-based WebSocket connections, though explicit security policies and headers could be enhanced. Privacy compliance is partially addressed with a comprehensive privacy policy and GDPR-related gates, but lacks a visible cookie consent mechanism. Overall, the site demonstrates a mature digital presence with good business credibility and technical implementation.

M

MioDottore

miodottore.it

74

MioDottore.it is a leading Italian online healthcare platform that enables patients to find doctors and clinics, read reviews, and book appointments online. It operates as part of the Docplanner group, leveraging a robust technical infrastructure with modern analytics and marketing tools. The website demonstrates good digital maturity with mobile optimization, SEO best practices, and user-friendly design. Security posture is strong with HTTPS enforcement, security headers, and GDPR-compliant consent management. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. Overall, the platform is trustworthy, professional, and well-positioned in the Italian healthcare market.

D

Doctoralia

doctoralia.co

69

Doctoralia Colombia is a well-established online platform that connects patients with medical specialists, enabling appointment booking and access to expert health advice. It serves a large user base in Colombia with over 60,000 healthcare professionals listed. The platform is part of the Docplanner group, a recognized player in healthcare technology. The website demonstrates a mature technical infrastructure using modern JavaScript frameworks, integrated analytics, and secure HTTPS connections. Privacy policies and terms of service are clearly linked, supporting compliance with data protection regulations such as GDPR. However, the absence of a visible cookie consent mechanism and dedicated security policy pages indicates room for improvement in privacy compliance and transparency. Security posture is strong with proper HTTPS and security headers, but incident response readiness and vulnerability disclosure are not publicly documented. Overall, the website is professional, trustworthy, and safe for general audiences seeking healthcare services online.

D

Doctoralia

doctoralia.com.br

67

Doctoralia is a leading online healthcare platform in Brazil that enables users to find healthcare professionals, read patient reviews, and schedule appointments both locally and via teleconsultation. The platform hosts over 500,000 specialists and offers a comprehensive directory with filtering by specialty, location, and insurance plans. The website is well-designed, mobile-optimized, and uses modern technologies such as Vue.js, Algolia search, and various analytics and marketing tools. Security is robust with HTTPS and security headers, though cookie consent mechanisms could be improved to enhance privacy compliance. The WHOIS data aligns with the business claims, showing a legitimate and consistent registration. Overall, Doctoralia presents a professional and trustworthy service for healthcare consumers and providers in Brazil.

D

Doctoralia

doctoraliar.com

68

Doctoralia is a prominent online healthcare platform in Argentina that facilitates finding medical specialists, reading patient reviews, and booking appointments both in-person and online. The website is well-structured, professionally designed, and targets patients and healthcare professionals in Argentina. It offers a comprehensive directory of specialists and integrates modern search and booking functionalities. The platform leverages advanced technologies including Vue.js, Algolia search, and multiple analytics and marketing tools to provide a seamless user experience. Security measures such as HTTPS and security headers are properly implemented, though some privacy compliance aspects like cookie consent banners could be improved. The absence of WHOIS registration data raises concerns about domain legitimacy, but the website content and branding are consistent with a reputable healthcare service. Overall, Doctoralia presents a strong digital presence with room for enhancements in privacy transparency and contact information availability.

F

Förderverein für regionale Entwicklung e.V.

kmu-intranet.de

62

The website www.kmu-intranet.de represents a German small to medium enterprise focused on providing digital intranet and organizational support solutions tailored for small and medium-sized businesses. Their offerings include a mobile employee communication app, time tracking, chat, document management, appointment booking, meeting management, and organizational helpers. The company positions itself as a niche provider with a strong emphasis on efficient workflows and employee support. The site is professionally designed, well-structured, and targets German-speaking SMEs seeking digital transformation tools. Technically, the website leverages modern web technologies including jQuery, Material Design Lite, and various JavaScript libraries for UI and interactivity. It is hosted in Germany on an ISO 27001 certified infrastructure, ensuring compliance with stringent data protection standards. The site is mobile-optimized and accessible, with good SEO practices and performance. Analytics are handled via Matomo, respecting user privacy with cookie consent mechanisms. From a security perspective, the site employs SSL encryption, cookie consent with categorized cookies, and CAPTCHA protections on forms. The hosting environment is ISO 27001 certified, indicating a mature security posture. However, explicit security headers like CSP and X-Frame-Options are not visible in the HTML and should be verified server-side. No vulnerabilities or exposed sensitive data were detected. Privacy policies and cookie policies are comprehensive and GDPR compliant. Overall, the website presents a trustworthy and professional digital presence with a solid security foundation. It effectively communicates its business offerings and maintains compliance with privacy regulations. Strategic improvements could include publishing an incident response policy and enhancing security headers. The domain registration is minimal but consistent with a small German business, with no suspicious indicators.

F

Förderverein für regionale Entwicklung e.V.

handwerk-intranet.de

64

The website www.handwerk-intranet.de represents a specialized digital platform aimed at supporting craft businesses in Germany with intranet and mobile app solutions. The company, Förderverein für regionale Entwicklung e.V., offers a suite of services including digital time tracking, device and vehicle management, contact management, and event scheduling. The platform is GDPR compliant, ISO 27001 certified, and provides a user-friendly experience accessible via web and mobile apps for iOS and Android. The site demonstrates a solid market position within its niche, targeting small to medium-sized craft enterprises seeking digital transformation tools. Technically, the website employs modern web technologies such as jQuery, Material Design Lite, and Slick Carousel, hosted on a German ISO 27001 certified environment with SSL encryption ensuring secure communications. Security posture is strong with granular access controls and captcha-protected forms, although the absence of explicit security headers is noted. Privacy compliance is robust with detailed cookie consent and a comprehensive privacy policy. Overall, the site is professional, trustworthy, and well-structured, with clear contact information and transparent data handling practices.

F

Förderverein für regionale Entwicklung e.V.

sozial-intranet.de

64

The website www.sozial-intranet.de represents a specialized digital platform offering intranet and communication solutions tailored for the social sector in Germany. Operated by the Förderverein für regionale Entwicklung e.V., it provides a suite of modules including digital time tracking, employee apps, appointment booking, document management, and organizational tools. The platform targets social organizations seeking to improve internal communication and resource management, positioning itself as a niche SaaS provider with a focus on efficiency and compliance. Technically, the website employs a modern tech stack with jQuery, Material Design Lite, and various JavaScript libraries to deliver a responsive and accessible user experience. Hosting is ISO 27001 certified and located in Germany, ensuring compliance with data protection regulations. The site features SSL encryption, cookie consent mechanisms, and uses Matomo analytics with moderate tracking, reflecting a mature digital infrastructure. From a security perspective, the site demonstrates good practices including encrypted data transmission, session management, CAPTCHA protection on forms, and adherence to GDPR. However, it lacks explicit incident response policies and vulnerability disclosure information, which could be improved to enhance trust and readiness. The domain registration data aligns with the business claims, showing no suspicious patterns. Overall, the website scores well on content quality, technical implementation, security posture, privacy compliance, and business credibility, making it a trustworthy and professional platform for its target audience.

K

Wenn zu Hause geschlagen wird, kannst du dir Hilfe holen!! | Kidsinfo häusliche Gewalt

kidsinfo-gewalt.de

39

The website www.kidsinfo-gewalt.de serves as an informational and support platform aimed primarily at children and families affected by domestic violence in Germany. It provides educational content about domestic violence, legal information, and guidance on where to find help. The site is non-commercial and appears to be a small-scale non-profit resource. The multilingual support indicates an effort to reach diverse audiences within Germany. Technically, the site is built on Drupal 7, an older CMS platform, and uses standard web technologies such as jQuery and CSS. The site’s performance and mobile optimization are basic but functional. Security posture is limited, with no visible security headers or HTTPS confirmation in the provided data, and no cookie consent mechanism, which is a compliance gap under GDPR. The WHOIS data is minimal but consistent with a legitimate domain registered for this purpose. Overall, the site is safe, trustworthy, and focused on child protection and domestic violence awareness, but it would benefit from technical and security improvements.

L

Landesverband autonomer Frauen-Notrufe NRW e.V.

frauennotrufe-nrw.de

62

The Landesverband autonomer Frauen-Notrufe NRW e.V. is a non-profit umbrella organization in North Rhine-Westphalia, Germany, uniting specialized women's emergency call centers focused on supporting women and girls affected by sexualized violence. Their services include free counseling, crisis intervention, legal process accompaniment, and prevention and public relations work. The organization targets victims of sexual violence within the NRW region and operates as a registered association since 2015, with roots dating back to 1986. The website reflects a professional and consistent brand image, providing clear information and partner links to regional counseling centers. Technically, the site is built on Weblication CMS and uses OpenLayers for interactive maps, hosted on GoDaddy infrastructure. The site is mobile-optimized with good navigation and content quality but lacks advanced SEO and accessibility features. Security posture is moderate, with HTTPS enabled but missing security headers and no visible incident response or vulnerability disclosure information. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and serves its non-profit mission effectively.

B

Bentjen Software GmbH

bentjen.de

42

Bentjen Software GmbH is a German software development company with over 20 years of experience specializing in custom software solutions, IT consulting, and an online booking system. The company serves a diverse clientele including notable enterprises such as Daimler AG and DEKRA, positioning itself as a trusted niche provider in the technology sector. Their website reflects a professional and consistent brand image with clear service offerings and client testimonials. Technically, the site is built on Joomla CMS with modern frameworks and demonstrates good mobile optimization and usability. Security posture is adequate with HTTPS enforced and cookie consent implemented, though improvements in security headers and incident response transparency are recommended. Overall, the domain registration and website content align well, supporting the legitimacy of the business.

S

Sparkasse Westmünsterland

stadtsparkasse-haltern.de

68

Sparkasse Westmünsterland is a regional German savings bank offering a comprehensive range of financial services including retail banking, loans, insurance, investment products, and private banking. The website targets both private and corporate customers, providing secure online banking and extensive product information. The bank maintains a strong local presence supported by digital services and a professional online platform. The site is well-branded, consistent, and includes multiple trust indicators such as certifications and awards. Technically, the website is built on modern web standards, likely using Adobe Experience Manager as its CMS. It employs HTTPS, cookie consent mechanisms, and integrates analytics tools like Google Analytics and Dynatrace. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience with clear navigation and professional design. From a security perspective, the site enforces HTTPS and uses secure forms for login and consent. While explicit security headers are not fully confirmed, the overall posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, with clear privacy and cookie policies aligned with GDPR requirements. However, the site lacks a published security policy or incident response contact details. Overall, the website is trustworthy, professionally maintained, and compliant with relevant privacy regulations. It presents minimal risk and serves as a reliable digital channel for the bank's customers.

D

D2 design studio

d2design.sk

53

D2 design studio is a small Slovak design agency established in 2004, offering creative solutions in graphic, interior, product design, and marketing services. The website presents a basic digital presence with minimal textual content and primarily image-based navigation. The technical infrastructure is simple, relying on legacy HTML and JavaScript without modern frameworks or CMS. Hosting is provided by a reputable Slovak provider with DNSSEC enabled, indicating a stable domain setup. Security posture is weak due to lack of HTTPS information, absence of security headers, and no visible privacy or cookie policies. No contact information or social media presence is evident, limiting user engagement and trust signals. Overall, the site is functional but lacks modern security and privacy compliance features.

B

Business Metropole Ruhr

business.ruhr

57

Business Metropole Ruhr is a regional economic development organization focused on promoting the Ruhrgebiet area in Germany. The website serves as a platform to showcase innovative projects, regional business interests, and economic transformation initiatives. It targets businesses, investors, municipalities, startups, and scientific communities within the region. The organization positions itself as a key driver of economic growth and sustainability in one of Germany's largest metropolitan areas. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including JavaScript and Cookiebot for cookie consent management. Google Tag Manager and Google Analytics are used for analytics and marketing purposes, with consent mechanisms in place to comply with privacy regulations. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site uses HTTPS and implements cookie consent with blocking mechanisms for tracking scripts. However, explicit security headers such as Content-Security-Policy and X-Frame-Options are not evident in the provided content. There is no visible security policy or incident response contact information, and no vulnerability disclosure or security.txt file is found. The WHOIS data is consistent and transparent, supporting the legitimacy of the domain. Overall, the website is professional, trustworthy, and compliant with basic privacy requirements, though it could improve by publishing explicit privacy and security policies and enhancing security header configurations. The risk level is moderate with no critical vulnerabilities detected.

B

BVB-Verlagsgesellschaft mbH

findcity.de

54

FindCity.de is a German-language online municipal search engine providing information about cities, municipalities, and districts across Germany. Operated by BVB-Verlagsgesellschaft mbH, it offers users access to municipal portraits, direct links to official websites, city maps, and business directories. The website targets citizens, local governments, and businesses seeking regional information. Technically, the site uses Bootstrap and jQuery for frontend presentation, with a moderate performance profile and good mobile responsiveness. Security-wise, the site lacks visible security headers and explicit HTTPS confirmation in the provided data, but it does implement a cookie consent mechanism and maintains a basic privacy policy, indicating some compliance with GDPR requirements. No critical vulnerabilities or blocking mechanisms were detected, and WHOIS data shows a consistent domain registration without privacy protection, supporting legitimacy. Overall, the site is functional, professional, and trustworthy for its niche audience.

W

Waltroper Parkfest

servicepark-waltrop.de

47

Servicepark Waltrop is a small local business specializing in event equipment rental and sales, primarily serving the Waltrop region in Germany. Their offerings include tents, furniture, party sets, water supply, fencing, and stands, supporting the Waltroper Parkfest event and similar occasions. The website is built on TYPO3 CMS and demonstrates a moderate level of digital maturity with good design, navigation, and mobile optimization. However, it lacks advanced analytics and tracking tools, indicating a focus on straightforward service presentation rather than extensive digital marketing. Security posture is adequate with HTTPS usage but lacks explicit security headers and published security policies. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy for its business scope but could improve in security and privacy transparency.

S

Stadtmarketing Waltrop e.V.

stadtmarketingwaltrop.de

61

Stadtmarketing Waltrop e.V. is a small non-profit organization dedicated to promoting the city of Waltrop through cultural events, community engagement, and local business support. The website is professionally designed using Squarespace, featuring clear navigation and mobile optimization. It provides detailed information about upcoming events, membership opportunities, and contact methods, targeting residents and visitors of Waltrop. The organization has been active since 2006, indicating a stable presence in the community. Technically, the website leverages Squarespace's platform and CDN, uses modern web fonts, and implements HTTPS with a cookie consent banner, reflecting a moderate level of digital maturity. However, it lacks advanced security headers and explicit security or incident response policies, which could be improved to enhance trust and compliance. From a security perspective, the site is accessible without WAF or blocking mechanisms, uses SSL properly, and does not expose sensitive data or vulnerable libraries. Privacy compliance is basic but present, with a privacy policy and cookie consent. Contact information is comprehensive, supporting business credibility. Overall, the website presents a trustworthy and professional image suitable for its community-focused mission. Strategic improvements in security policies and transparency could further strengthen its posture and user trust.

L

Lausitzer Seenland

lausitzerseenland.de

48

Lausitzer Seenland is a regional tourism website promoting a young holiday region located between Dresden and Berlin in Germany. The site offers comprehensive information on outdoor activities such as cycling, skating, water sports, and cultural experiences, alongside accommodation and activity booking services. The business operates as a regional tourism authority, targeting families, tourists, and outdoor enthusiasts. The website is well-structured with clear navigation and good content quality, supporting a positive user experience. Technically, it employs modern JavaScript libraries like Swiper and jQuery UI, with responsive design and moderate performance. Security posture is adequate with HTTPS enforced and secure form handling, though it lacks some security headers and a cookie consent mechanism. Privacy compliance is supported by a comprehensive privacy policy and terms of service, but cookie consent is missing. The domain registration data is consistent and trustworthy, aligning with the website's regional focus. Overall, the site is professional, trustworthy, and suitable for general audiences seeking tourism information.

E

Europäischer Parkverbund Lausitz

parkverbund.eu

46

The Europäischer Parkverbund Lausitz is a cultural and tourism network connecting nine significant parks and castles in the Lausitz region of Germany. The website serves as an informational and promotional platform targeting tourists and culture enthusiasts interested in historical gardens and heritage sites. It offers event calendars, guided tours, audiotours, and digital maps to enhance visitor experience. Technically, the site employs a custom CMS with a modern JavaScript stack including jQuery, Swiper, and Matomo analytics, hosted by Vautron Rechenzentrum AG. The website is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and cookie consent mechanisms, but lacks some advanced security headers and explicit incident response information. Overall, the site is trustworthy, compliant with GDPR, and free of suspicious content.

L

Landesarbeitsgemeinschaft Autonomer Frauenhäuser NRW e.V.

frauen-info-netz.de

45

The Frauen-Info-Netz gegen Gewalt website is a regional non-profit platform operated by the Landesarbeitsgemeinschaft Autonomer Frauenhäuser NRW e.V., providing critical information and support services for women affected by violence in North Rhine-Westphalia, Germany. The site offers real-time data on available women’s shelter places, links to related organizations, and practical safety tips. It targets women in need and professionals seeking resources, positioning itself as a trusted regional support network. Technically, the website is built on TYPO3 CMS and integrates Google Maps API for interactive shelter location services. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. No major analytics or tracking tools are present, reflecting a privacy-conscious approach. Security is adequate with HTTPS enforced and secure form handling, but lacks advanced security headers and explicit security policies. From a security perspective, the site shows a solid baseline with no detected vulnerabilities or exposed sensitive data. However, improvements could be made by implementing security headers and publishing a vulnerability disclosure policy. Privacy compliance is supported by a clear privacy policy, though cookie consent mechanisms are absent. WHOIS data is minimal but domain status is active and consistent with the business purpose. Overall, the website is a well-maintained, trustworthy resource for its target audience, with room for technical and security enhancements to strengthen compliance and resilience.

M

Mesto Levice

levice.sk

58

Mesto Levice operates an official municipal website serving the city of Levice, Slovakia. The site provides comprehensive information about local government, public services, cultural events, and community news. It targets residents, visitors, and local businesses, positioning itself as the authoritative source for city-related information. The business model is a government entity providing public digital services and information dissemination. Technically, the site uses a custom CMS platform (WEBY PORTÁL) with common web technologies such as jQuery and Fancybox. Hosting and technical operations are managed by WEBY GROUP s.r.o. The website is moderately optimized for performance and mobile devices, with basic accessibility features. Security posture is adequate with HTTPS and cookie consent mechanisms but lacks advanced security headers and incident response information. Overall, the site is trustworthy and professionally maintained, with room for security and technical improvements.

U

UPC BROADBAND SLOVAKIA, s.r.o.

upc.sk

57

UPC BROADBAND SLOVAKIA, s.r.o. operates a professional telecommunications website offering high-speed internet, television, streaming, and voice services primarily targeting Slovak households and businesses. The company positions itself as a leading provider with highly rated TV and fast internet packages, including bundled services and streaming partnerships with Disney+ and HBO Max. The website is well-structured, mobile-optimized, and provides clear navigation and service information, reflecting a mature digital presence. Technically, the site employs modern JavaScript frameworks, Google Tag Manager, and Visual Website Optimizer for analytics and marketing, with secure HTTPS and CSRF protections in place. Security posture is solid but could be enhanced with additional HTTP security headers and published security policies. Privacy compliance is evident with a comprehensive privacy and cookie policy, though explicit GDPR compliance indicators could be more prominent. Overall, the site demonstrates high business credibility with consistent branding and trust signals such as social media presence and customer support options.

R

Regionálne osvetové stredisko v Leviciach

roslevice.sk

56

Regionálne osvetové stredisko v Leviciach is a regional cultural and educational institution based in Levice, Slovakia, established in 2007. The organization focuses on promoting regional culture and education through events, programs, and archival services. The website serves as an informational portal with links to social media and archival resources, targeting the general public interested in regional cultural activities. The business model is non-profit and government-oriented, with a small organizational size and local market position. Technically, the website is built on the Webnode CMS platform and hosted on Amazon Cloudfront CDN, utilizing standard web technologies such as HTML5, CSS, and JavaScript. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. The cookie consent mechanism is implemented, but privacy and terms of service policies are absent. From a security perspective, the website enforces HTTPS with excellent SSL configuration but lacks security headers and published security policies. No forms or data collection mechanisms are present on the main page, reducing exposure to input-based vulnerabilities. The absence of privacy policy and incident response contacts indicates gaps in compliance and security readiness. Overall, the security posture is moderate but could be improved with better policy transparency and technical safeguards. The overall risk assessment suggests a low to moderate risk profile due to the nature of the organization and limited online data collection. Strategic recommendations include adding privacy and terms of service pages, implementing security headers, publishing incident response contacts, and enhancing transparency to build trust and compliance with GDPR and other regulations.

A

Alena Gajdošová - ALDOX LEVICE

aldoxlevice.sk

55

ALDOX LEVICE is a Slovakian full-service advertising agency established in 2002, offering comprehensive marketing, graphic design, printing, promotional events, and advertising products. The company targets business clients seeking creative advertising solutions and brand promotion. Their market position is that of a small, local agency with a focus on quality and client satisfaction. The website reflects their business model and services clearly, with consistent branding and good content quality. Technically, the website is built on the Webnode CMS platform and hosted on AWS Cloudfront CDN, utilizing modern JavaScript and Google Tag Manager for analytics. The site is moderately optimized for performance and mobile devices, though accessibility and SEO could be improved. The technical infrastructure is adequate for a small business but lacks advanced frameworks or custom development. From a security perspective, the site uses HTTPS, which is a positive baseline. However, it lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure information is available, indicating a low maturity in security governance. The absence of these policies and mechanisms represents a compliance and trust gap. Overall, the website is functional and professional but requires improvements in privacy compliance and security best practices to enhance trustworthiness and regulatory adherence. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and establishing incident response contacts to improve the security posture and user confidence.

C

CK SATUR

satur.sk

53

CK SATUR is a well-established Slovak travel agency founded in 1998, offering a wide range of holiday packages including seaside vacations, cruises, exotic destinations, and sightseeing tours. The company operates with a strong market presence supported by 20 physical branches and a professional online platform. Their website is designed to cater to travelers seeking comprehensive travel solutions with easy navigation and a modern user experience. Technically, the site employs modern JavaScript libraries and tracking tools such as Google Tag Manager, Microsoft Clarity, Hotjar, and SalesManago, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement and appropriate security headers, although the absence of a dedicated security policy or incident response page suggests room for improvement. Privacy compliance is robust, leveraging Cookiebot for consent management and providing a comprehensive privacy policy in Slovak. Overall, the website demonstrates high professionalism, trustworthiness, and business credibility, making it a reliable platform for travel services.

X

X-BIONIC®

x-bionicshop.sk

48

X-BIONIC® operates an e-commerce platform specializing in functional sportswear, targeting athletes and active individuals primarily in Slovakia. The website is built on WordPress with WooCommerce, indicating a mature and widely supported e-commerce infrastructure. The presence of Google Tag Manager suggests active marketing and analytics efforts. However, the site lacks explicit privacy and cookie policies, which are critical for GDPR compliance and user trust. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosures. The domain registration data is consistent and supports the legitimacy of the business. Overall, the site is functional and professional but requires improvements in privacy compliance and security best practices.

D

DoNoHarm

monocle-search.com

56

Monocle Search is a specialized SaaS provider offering a fast, typo-tolerant search plugin designed specifically for Squarespace websites. The company, branded under DoNoHarm, targets Squarespace site owners and developers who require enhanced search capabilities beyond the native Squarespace functionality. Their market position is niche but well-supported by endorsements from recognized Squarespace experts and a clear subscription-based business model with tiered plans. Technically, the website leverages modern web technologies including the Astro framework, integrates payment processing via Paddle, and uses multiple analytics tools such as ProfitWell, Tolt, and Ackee. The site is well-optimized for performance, mobile responsiveness, and SEO, providing an excellent user experience. Security posture is good with HTTPS enforced and no exposed sensitive data, though improvements are recommended such as enabling DNSSEC and adding security headers. Privacy compliance is adequate with clear privacy and cookie policies linked, but lacks a cookie consent mechanism. Business credibility is strong with clear contact emails, testimonials, and transparent pricing. Overall, the website and business present a professional and trustworthy front with room for minor security and compliance enhancements.

The website 'datteln.org' serves as an internal information portal for the city of Datteln, Germany, primarily focused on communicating technical problems and planned solutions to its users. The site is relatively new, established in early 2024, and is operated by the municipal government. The content is minimal but relevant, targeting residents and internal stakeholders of the city administration. The business model is public service oriented, with no commercial aspects evident. The site maintains a moderate level of professionalism with basic branding and navigation clarity. From a technical perspective, the website uses standard web technologies including HTML5, CSS3, and JavaScript, hosted on servers associated with kasserver.com. The site is mobile optimized and provides a smooth user experience, though it lacks advanced frameworks or CMS identification. Performance is moderate, and SEO practices are basic but present. No analytics or advertising technologies are detected, indicating a focus on privacy and simplicity. Security posture is adequate but could be improved. HTTPS is enabled, and the domain status includes clientTransferProhibited, which protects against unauthorized transfers. However, DNSSEC is not enabled, and no security headers were detected, which are recommended to enhance protection. The site lacks a cookie consent mechanism and detailed security or incident response policies. WHOIS data aligns well with the website content, confirming legitimacy and consistent registration details. Overall, the website is safe, with no adult or questionable content. It serves a clear governmental function with minimal tracking or advertising. Recommendations include enabling DNSSEC, adding security headers, implementing cookie consent for GDPR compliance, and publishing security and incident response policies to improve trust and compliance.

A

Aareon

aareon.com

66

Aareon is a leading European SaaS provider specializing in property management systems designed to streamline operations for property owners and managers. Their platform integrates multiple facets of property management including payments, sustainability planning, and customer engagement, targeting a broad audience across residential and commercial real estate sectors. The website reflects a mature digital presence with professional design, clear navigation, and multimedia content that supports their market positioning. Technically, the site is built on the HubSpot CMS platform, leveraging modern JavaScript libraries and responsive design techniques to ensure good performance and accessibility. Security best practices such as HTTPS enforcement and security headers are implemented, though explicit security policies and incident response information are not publicly detailed. The absence of WHOIS data for the domain introduces some uncertainty regarding domain registration transparency, but the professional quality of the website and the presence of privacy and cookie policies indicate a legitimate business operation. No signs of WAF or content blocking were detected, and the site does not contain any adult or questionable content. Overall, Aareon demonstrates a strong business and technical foundation with room for improvement in transparency and security communication.

L

Landesvermessung und Geobasisinformation Brandenburg

geobasis-bb.de

58

The Landesvermessung und Geobasisinformation Brandenburg (LGB) operates as the official geospatial data and mapping authority for the Brandenburg region in Germany. The website serves as a comprehensive portal offering a wide range of geodata products, including 3D models, aerial imagery, cadastral data, and thematic maps. It targets government agencies, geospatial professionals, and the general public interested in regional geoinformation. The business model is that of a public sector service provider, delivering authoritative geospatial data and digital services to support regional planning and administration. Technically, the website is built on a modern stack utilizing HTML5, CSS3 with the Foundation 5 framework, JavaScript, and jQuery UI. It is powered by the SixCMS content management system and hosted likely by Deutsche Telekom, ensuring reliable infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Privacy is well-managed through a GDPR-compliant cookie consent mechanism and the use of Matomo analytics activated only upon user consent. From a security perspective, the site enforces HTTPS and employs a clear cookie consent opt-in mechanism. While explicit security headers are not visible in the provided data, the overall posture is good with no exposed sensitive data or vulnerabilities detected. However, the site could improve by publishing explicit security policies and incident response information and implementing additional security headers. Overall, the website presents a professional, trustworthy, and privacy-conscious digital presence for a government entity. It effectively balances user experience, compliance, and security, making it a reliable source for geospatial information in Brandenburg.

M

Mittelzentraler Städteverbund Göltzschtal

das-goeltzschtal.de

49

The Mittelzentraler Städteverbund Göltzschtal website serves as the official regional portal for four municipalities in the Göltzschtal region of Germany, focusing on intermunicipal cooperation, regional development, economic promotion, and tourism. The site targets local citizens, visitors, and businesses, providing information about community projects, economic opportunities, and cultural events. The business model is non-commercial, centered on governmental and non-profit collaboration to strengthen the region. The website is well-branded and consistent with official municipal identities, reflecting a trustworthy regional government presence. Technically, the site is built on the TYPO3 CMS platform, utilizing modern web technologies such as deferred JavaScript loading and responsive design. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. Hosting appears to be with a German provider, consistent with the regional focus. No advanced analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS and employs some best practices such as deferred script loading. However, explicit security headers are not detected, and there is no visible security policy or incident response information. No vulnerabilities or exposed sensitive data were found in the HTML content. Privacy compliance is partially addressed with a privacy policy page, but no cookie consent mechanism is evident. Overall, the security posture is adequate but could be improved with additional headers and transparency. The overall risk assessment is low given the nature of the site as a regional governmental portal with no commercial transactions or sensitive data collection. Strategic recommendations include implementing security headers, adding cookie consent, publishing a security policy, and considering a vulnerability disclosure mechanism to enhance trust and compliance.

Ö

Öffentliche Versicherung Oldenburg

oeffentlicheoldenburg.de

55

Öffentliche Versicherung Oldenburg is a regional insurance provider based in Oldenburg, Germany, offering a comprehensive range of insurance products and services to private customers, businesses, and farmers. Their market position is strong within the Niedersachsen region, focusing on traditional insurance lines such as motor, property, liability, health, and retirement products. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their target audiences. Technically, the website employs modern JavaScript frameworks, deferred CSS loading, and integrates a consent management platform (Usercentrics) alongside Google Tag Manager for analytics and marketing. The site is mobile-optimized and uses structured data to enhance SEO and business information visibility. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and avoids exposing sensitive data or vulnerable libraries. However, it lacks explicit incident response contacts and a vulnerability disclosure policy, which are recommended for enhanced security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie management. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR requirements. The risk level is low, but improvements in security transparency and accessibility could further strengthen their digital maturity.

D

Docplanner Group

docplanner.com

64

Docplanner Group operates a comprehensive healthcare platform connecting patients with doctors and clinics across multiple countries. Their services include online appointment booking, practice management software for doctors, and patient experience solutions for clinics. The company positions itself as a leader in 13 countries with a large user base and extensive network of active doctors. Technically, the website uses modern frameworks such as Nuxt.js and integrates marketing and analytics tools like HubSpot and Google Analytics. The site is well-designed, mobile-optimized, and provides a professional user experience. Security posture is good with HTTPS enabled, but lacks some security headers and explicit privacy and cookie policies. WHOIS data is unavailable, which slightly impacts trust verification. Overall, the platform is credible, safe, and well-positioned in the healthcare technology sector.

S

Schrittsteine Duisburg

schrittsteine-duisburg.de

49

Schrittsteine Duisburg is a German government-supported environmental project focused on improving urban climate resilience and ecological diversity through community engagement and green space development. The website serves as an informational platform highlighting project news, events, and partner collaborations. Technically, the site is built on WordPress with modern web standards, hosted by a German provider, and uses HTTPS with valid SSL certificates. Security posture is adequate but could be improved by adding security headers and cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site is trustworthy and professionally presented, targeting local residents and stakeholders interested in climate and ecological initiatives.

W

Wirtschaftsbetriebe Duisburg - AöR

ob-karl-lehr-bruecke.de

43

The website represents Wirtschaftsbetriebe Duisburg - AöR, a public entity managing the OB-Karl-Lehr-Brückenzug infrastructure project in Duisburg, Germany. The site provides detailed information about the project's importance to local traffic and logistics, targeting residents, commuters, and stakeholders in transportation and urban infrastructure. The business is positioned as a key municipal infrastructure provider with a focus on transportation and logistics facilitation. Technically, the website is built on TYPO3 CMS, uses modern web technologies, and integrates Matomo for analytics. The site is hosted on DomainControl nameservers and uses HTTPS with good SSL configuration. The design is professional, mobile-optimized, and provides clear navigation and relevant content. From a security perspective, the site has HTTPS enabled and uses secure cookies for analytics, but lacks several security headers and a formal security policy or incident response contact. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and professionally maintained, with moderate technical and security maturity. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance the security posture and compliance level.

A

Asylkreis Haltern am See

asylkreis-haltern.de

61

Asylkreis Haltern am See is a small non-profit organization based in Germany focused on supporting refugees through community engagement, language courses, tutoring, and other assistance. The website is built on the Squarespace platform, featuring a professional and consistent design with good navigation and mobile optimization. Security posture is adequate with HTTPS and HSTS enabled, but lacks additional security headers and published security policies. Privacy compliance is limited due to absence of privacy and terms of service pages, though a cookie consent banner is present. Overall, the website is trustworthy and serves its community purpose effectively.

K

Kulturboitel

kulturboitel.de

41

Kulturboitel is a small, regionally focused cultural initiative based in Haltern am See, Germany, specializing in Kabarett and comedy events. Supported by local sponsors including the Sparkasse Westmünsterland, Halterner Zeitung, and the city itself, it provides event information and ticket sales primarily through an external platform. The website is well-structured, mobile-optimized, and professionally designed, targeting local culture enthusiasts. Technically, it uses standard web technologies with no detected CMS or advanced frameworks, hosted on korves.net. Security posture is adequate with HTTPS enabled but lacks advanced security headers and incident response information. Privacy compliance is basic with a privacy policy present but no visible cookie consent mechanism. Overall, the site is trustworthy and legitimate with strong local partnerships and clear contact details.

G

Google

merch.google

65

The website merch.google serves as the official online merchandise store for Google branded products, offering apparel, accessories, and gifts. It targets consumers globally with dedicated shipping options for the US, Canada, and other regions. The site is professionally designed with consistent Google branding and uses modern web technologies including Google Tag Manager and Analytics for marketing and tracking purposes. The technical infrastructure is solid with HTTPS enforced and use of standard JavaScript libraries, though some security headers are not explicitly detected. Privacy and cookie policies are notably absent on this landing page, which impacts compliance posture. Contact information is limited to an email address linked to a third-party marketing partner, suggesting outsourced customer support. Overall, the site is trustworthy and well-positioned as an official Google merchandise outlet.

Stadt Adorf/Vogtl. operates a municipal government website serving local citizens and tourists with information about the town, services, events, and contact details. The site positions itself as a regional hub for community engagement and tourism promotion within the Vogtlandkreis region of Germany. The business model is public administration with a focus on local government services and community outreach. Technically, the website uses legacy JavaScript libraries such as jQuery 1.6.2 and Prototype.js, indicating a need for modernization to improve security and performance. The site is built on the Plone CMS platform, which is known for stability but requires updates to its components. Security posture is moderate; HTTPS is used, and a cookie consent banner is implemented, but outdated libraries and missing security headers present vulnerabilities. Privacy compliance is good with a clear cookie policy and privacy policy in German, aligned with GDPR requirements. Contact information is transparent and professional, enhancing business credibility. Overall, the website is functional and trustworthy but would benefit from technical and security improvements.

H

Humble Bundle

humblebundle.com

66

Humble Bundle is a well-established e-commerce platform specializing in curated bundles of games, books, and software with a unique pay-what-you-want model that supports charity. Since its founding in 2010, it has built a strong market position by combining digital content sales with charitable giving, appealing to gamers, readers, and software users globally. The website demonstrates a mature digital infrastructure with modern technologies, responsive design, and comprehensive privacy and cookie management. Security posture is strong with HTTPS, security headers, and anti-bot measures, though explicit security policies and incident response information are not publicly available. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though WHOIS data is unavailable, possibly due to privacy protections or registry policies.

W

Wohnungsgesellschaft Ruhrgebiet mbH

woge.ruhr

45

Wohnungsgesellschaft Ruhrgebiet mbH is a regional housing company based in Germany with a long-standing history since 1930. The company manages approximately 1000 rental units across several cities in the Ruhrgebiet area, focusing on fair rents and cooperative tenant relationships. Their website serves as an information portal for tenants and property owners, providing access to housing services and community news. Technically, the website uses standard web technologies including HTML5, CSS3, and jQuery, hosted by a local provider. The site is mobile optimized and includes basic SEO and accessibility features. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and DNSSEC. No incident response or security policy information is publicly available. WHOIS data confirms the legitimacy and consistency of the domain registration with the business identity. Overall, the website is professional, trustworthy, and serves its target audience effectively.