Security Directory

The website is an online booking platform for Hard Rock Hotel & Casino Sacramento at Fire Mountain, a hospitality and casino property located in Wheatland, California. It serves as a reservation interface for hotel rooms and related services, targeting adult customers interested in gaming and lodging. The site is branded consistently with the Hard Rock brand and integrates multiple third-party marketing and analytics tools to optimize user engagement and conversion. Technically, the site uses a modern JavaScript stack with integrations for Google Tag Manager, OneTrust for cookie consent, and various advertising pixels. The site is mobile responsive and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though explicit security headers could be improved. Privacy compliance is addressed with cookie consent mechanisms and a privacy policy, though direct contact information and security policies are limited. WHOIS data for the subdomain is not available, which is typical for subdomains managed under a parent domain. Overall, the site is legitimate, professionally maintained, and suitable for its business purpose.

The website is an online booking platform for Hard Rock Atlantic City, a hospitality property located in Atlantic City, New Jersey. It provides hotel room reservations and package bookings integrated with loyalty programs. The site is part of the Hard Rock Hotels chain, a well-known brand in the hospitality industry. The technical infrastructure includes modern JavaScript libraries, Google Maps API, and multiple analytics and advertising tools, indicating a mature digital presence. Security posture is generally good with HTTPS enforced and cookie consent implemented, though some security headers are not explicitly detected. The absence of visible privacy policy and terms of service pages is a compliance gap. WHOIS data is unavailable for the subdomain, which is expected, and the domain is consistent with the parent Hard Rock brand. Overall, the site is professional, trustworthy, and safe for general audiences.

I

Industrieverband Steine und Erden Baden-Württemberg e.V.

iste.de

51

The Industrieverband Steine und Erden Baden-Württemberg e.V. operates as a regional industry association representing the stones and earths sector in Baden-Württemberg, Germany. The website serves as an information hub providing news, events, educational initiatives, and service offerings to its members and the broader public interested in the industry. It maintains a professional and consistent brand presence with clear communication channels and social media engagement. Technically, the site is built on the 'cumodis simple cms' platform, uses modern web standards, and integrates Matomo analytics with privacy-conscious configurations. Security posture is adequate with HTTPS enforced and secure login forms, though the absence of explicit security headers suggests room for improvement. Privacy compliance is strong, evidenced by a comprehensive privacy policy and cookie consent mechanism. Overall, the site is trustworthy, well-maintained, and serves its target audience effectively.

W

Waibel

waibel-gruppe.de

56

Waibel is a medium-sized German company specializing in the building materials market, offering integrated services including extraction, production, transport logistics with its own fleet, shipping, and disposal. The company has over 50 years of experience and targets both construction companies and private customers. The website is built on TYPO3 CMS and uses modern web technologies, providing a professional and well-structured user experience with good mobile optimization. Security posture is moderate with HTTPS implied but lacking explicit security headers and policies. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the website reflects a credible business with room for improvement in security and privacy transparency.

S

SCHWING Stetter

schwing-stetter.com

49

SCHWING Stetter is a well-established German manufacturer specializing in concrete technology products such as truck-mounted concrete pumps, truck mixers, batching plants, and industrial pumping systems. The company maintains a strong global presence with multiple regional partner sites and subsidiaries, targeting construction industry professionals and industrial clients. Their website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on TYPO3 CMS, uses modern JavaScript frameworks, and integrates privacy-conscious analytics via Matomo. Cookie consent is managed effectively through Cookiebot, ensuring GDPR compliance. Security posture is solid with HTTPS enabled and basic security headers, though there is room for improvement in DNSSEC and advanced security headers. No critical vulnerabilities or suspicious patterns were detected. Overall, the website and domain registration data indicate a legitimate and credible business with a mature digital infrastructure.

A

AULBACH GmbH & Co. KG

aulbach.com

50

AULBACH GmbH & Co. KG operates as a medium-sized German company specializing in meat, poultry, and game specialties with a focus on convenience food products for professional kitchens and gastronomy. Their product range includes raw meat pieces, convenience items such as pre-cooked snacks, sausage products, and organic meat options. The company targets B2B customers in the catering and food service sectors, positioning itself as a reliable supplier with a broad assortment of traditional and innovative products. Technically, the website is built using the connectiv! WebCMS platform and employs older JavaScript libraries like Prototype.js and Scriptaculous. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. Cookie consent mechanisms are implemented, indicating awareness of privacy compliance requirements. However, no advanced analytics or marketing tools are detected. From a security perspective, the site lacks visible security headers and explicit security policies or incident response contacts. The SSL configuration and hosting details are not provided, limiting the assessment of encryption strength. The absence of WHOIS data for the domain is a notable concern, as it reduces trust in domain legitimacy despite the professional appearance of the website. Overall, the website presents a professional and trustworthy front for its business operations but would benefit from enhanced security practices, improved transparency in domain registration, and clearer contact information to strengthen its credibility and compliance posture.

HEMA Maschinen- und Apparateschutz GmbH is a medium-sized German manufacturing company specializing in machine protection products and services for industrial production machines. The company offers a broad portfolio including safety glass services, protection systems, clamping and braking systems, and sanitation technologies using ozone and UV-C. Their market position is supported by ISO 9001:2015 certification and a global presence with multiple international locations. The website is professionally designed using TYPO3 CMS, featuring multilingual support and modern consent management tools, indicating a mature digital infrastructure. Security posture is good with HTTPS, captcha-protected forms, and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. WHOIS data is unavailable, possibly due to privacy protection or recent registration, which slightly reduces transparency but does not detract from the overall legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to improve trust and compliance.

O

Oranto GmbH

oranto.de

54

Oranto GmbH is a small technology company based in Berlin, Germany, specializing in agile software development with a focus on Enterprise Content Management Systems, database applications, and scientific study platforms. Their key offerings include Oranto AI, a secure AI management solution emphasizing data privacy, and a flexible, GDPR-compliant Studienplattform for managing clinical and non-clinical studies. The company positions itself as a trusted partner for digital transformation, providing services such as web hosting, SEO, TYPO3 expertise, and IT consulting. Technically, the website is built on TYPO3 CMS, uses Matomo for privacy-conscious analytics, and is hosted via domainoffensive.de. The site is well-structured, mobile-optimized, and demonstrates good SEO practices.

E

Evangelische Kirche von Westfalen, Landeskirchenamt

ekvw.de

49

The Evangelische Kirche von Westfalen is a major regional Protestant church organization in Germany, providing religious, educational, and social services. The website serves as an information and engagement platform for members and the public, featuring news, events, and resources. The organization holds a strong market position as the fourth largest evangelical church in Germany, targeting a broad general audience interested in faith and community activities. Technically, the website is built on TYPO3 CMS, with modern web standards, responsive design, and accessibility features. It integrates third-party services for analytics and media content while maintaining GDPR compliance through a comprehensive cookie consent mechanism. Security posture is solid with HTTPS and privacy-respecting analytics, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is professional, trustworthy, and well-maintained, reflecting the organization's credibility and commitment to transparency.

M

Medienhaus der Evangelischen Kirche in Hessen und Nassau GmbH

ev-medienhaus.de

69

The Medienhaus der Evangelischen Kirche in Hessen und Nassau GmbH is a non-profit organization serving as the central media and publishing hub for the Evangelische Kirche in Hessen und Nassau. It offers a broad range of services including media production, publishing, seminars, and agency services tailored to church and diaconal staff and institutions. The website reflects a professional and consistent brand presence with clear navigation and relevant content for its target audience. Technically, the website is built on TYPO3 CMS, employs Matomo for privacy-conscious analytics, and uses standard web technologies such as JavaScript and CSS. The site is moderately optimized for performance and mobile devices, with a cookie consent mechanism ensuring GDPR compliance. Hosting is via DomainControl, a reputable registrar service. From a security perspective, the site enforces HTTPS and uses session cookies appropriately. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website demonstrates a solid security posture and good privacy compliance, supporting its role as a trusted media provider for a religious non-profit entity. Strategic improvements in security headers and incident response transparency would further enhance its security maturity.

A

Alma und Lovis

almalovis.de

49

Alma & Lovis is a German sustainable fashion brand specializing in eco-friendly and fair women's clothing. The company emphasizes timeless design, high-quality natural materials, and responsible production practices. Their market position is that of a niche retailer focused on slow fashion, targeting environmentally conscious female consumers. The website is built on the Shopware CMS platform and hosted behind Cloudflare, indicating a modern technical infrastructure with CDN and security benefits. The site is well-optimized for mobile devices and SEO, providing a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced, but lacks some security headers and explicit privacy and cookie policies, which are areas for improvement. No contact emails or phone numbers are directly visible, which may affect user trust and compliance. Overall, the website is safe, professional, and credible, with room to enhance privacy compliance and security best practices.

The website www.karriere-im-kreis.de serves as the official career portal for the Rhein-Sieg-Kreis regional government in Germany. It provides comprehensive information about job opportunities, dual education, and studies within the public sector, targeting job seekers in the Rhein-Sieg-Kreis area. The site is professionally designed with consistent branding and high-quality content, reflecting a strong regional government presence. Technically, the site uses the Sitepark CMS platform with modern JavaScript libraries and is hosted by a regional IT provider, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and secure form handling, though explicit security headers and incident response policies are not published. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the site is trustworthy, safe, and well-suited for its audience.

R

Rhein-Sieg-Kreis

rhein-sieg-kreis.de

58

The Rhein-Sieg-Kreis website serves as the official digital portal for the regional government of Rhein-Sieg-Kreis in Germany. It provides residents and stakeholders with access to a wide range of public services, including vehicle registration, political information, event calendars, and family support services. The site is well-structured and targets local citizens and public service users. The business model is that of a public sector entity focused on governance and community services. Technically, the site is built on the Information Enterprise Server by Sitepark GmbH, utilizing modern web technologies such as SVG icons and JavaScript for interactive elements. The site demonstrates good mobile optimization and accessibility features, although performance is moderate. Security posture is adequate with HTTPS usage implied, but lacks visible security headers and explicit security policies. Privacy compliance is weak due to the absence of clear privacy and cookie policies. Overall, the site is trustworthy and professional, but could improve transparency and security practices.

Elektrizitätswerk Goldbach-Hösbach GmbH & Co. KG operates as a regional utility and telecommunications provider in Germany, offering energy products such as electricity, gas, and water, alongside VDSL and fiber internet services and IPTV television. The website targets private customers with detailed product offerings and pricing, emphasizing local service and customer support. The company maintains a professional online presence with clear navigation and comprehensive contact options. Technically, the website uses Bootstrap and jQuery frameworks, with legacy Google Analytics for tracking. Mobile optimization and accessibility are well addressed, though some modernization opportunities exist. Security posture is moderate; while HTTPS is implied and email obfuscation is used, explicit security headers and policies are absent. Privacy compliance is supported by a cookie consent mechanism and a comprehensive privacy policy. Overall, the site is trustworthy and professionally maintained, suitable for its regional utility business model.

Mobilis Sport's website functions primarily as a login portal for users, likely members or customers of a sports-related service based in Hungary. The site provides minimal public-facing content beyond the login form and basic cookie usage disclosure. The business appears to be small and relatively young, founded around 2020, with no detailed business description or contact information available on the site. The technical infrastructure uses common open-source libraries such as AngularJS, jQuery, and AdminLTE for UI styling, indicating a moderate level of digital maturity but with room for modernization and improvement in SEO and accessibility. From a security perspective, the site employs basic best practices such as HTTPS assumed usage and password masking on login forms. However, it lacks important security headers, CSRF protections, and a proper cookie consent mechanism, which lowers its security posture. No explicit privacy policy or terms of service are present, which raises compliance concerns especially under GDPR. The absence of contact information and business credentials further limits trust and credibility. Overall, the website is functional for its purpose but lacks comprehensive security, privacy, and business transparency features. The domain age and WHOIS data suggest a legitimate small business operation, but the site would benefit from enhanced security controls, privacy disclosures, and richer content to improve user trust and compliance. Strategic recommendations include implementing full GDPR-compliant privacy and cookie policies, adding security headers and CSRF protections, fixing minor JavaScript issues, and providing clear business contact information to enhance credibility and user confidence.

E

ELB Learning

trivantis.com

75

ELB Learning is a professional eLearning solutions company specializing in corporate training, gamification consulting, and learning management systems. The company offers a wide range of services including custom course development, AI-powered training, VR simulations, and staff augmentation. Their market position is that of an established provider with a comprehensive portfolio targeting businesses seeking advanced learning and development solutions. Technically, the website is built on modern platforms such as Webflow and HubSpot, integrating various marketing and analytics tools to optimize user engagement and performance. The security posture is strong with HTTPS enforcement, SOC 2 Type II compliance, GDPR adherence, and cookie consent mechanisms, although explicit security headers could be improved. Overall, the website is professional, well-structured, and trustworthy, but the absence of WHOIS registration data raises concerns about domain legitimacy that should be further investigated.

H

Hauptverband der Deutschen Bauindustrie e.V.

bauindustrie.de

53

The Hauptverband der Deutschen Bauindustrie e.V. is the leading industry association representing the German construction sector. It advocates for the interests of construction companies at all levels of government and society, providing data, best practices, and policy dialogue to strengthen the industry's competitiveness. The website is professionally designed, content-rich, and targets construction professionals, policymakers, and stakeholders. Technically, the site is built on TYPO3 CMS with Bootstrap and uses Matomo for privacy-conscious analytics. It is mobile-optimized and well-structured for SEO and accessibility. Security posture is good with HTTPS enforced and cookie consent implemented, though formal security policies and incident response contacts are not published. Overall, the site is trustworthy, compliant with GDPR, and safe for general audiences.

S

Spruegel.de

spruegel.de

49

Spruegel.de is a German-based e-commerce retailer specializing in workwear, business clothing, and related accessories. The company targets professional and business customers seeking customizable clothing solutions, including logo embroidery and product individualization. The website is built on the Shopware 6 platform, indicating a modern e-commerce infrastructure with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though explicit privacy and terms of service pages are missing, which impacts compliance confidence. Tracking is performed via etracker and Google Analytics, with moderate user tracking levels. Overall, the website presents a professional and trustworthy front for its niche market segment.

P

Powerment GmbH & Co. KG

powerment.de

45

Powerment GmbH & Co. KG is a German-based specialist company focused on the acquisition and marketing of by-products from coal-fired power plants, such as fly ash, REA gypsum, and boiler sand, primarily serving the construction and building materials industry. The company benefits from strong partnerships with its parent companies EP Power Minerals and EnBW Energie Baden-Württemberg, positioning it as a reliable intermediary ensuring quality products and logistics. The website is professionally designed using TYPO3 CMS and Bootstrap, offering good content quality and clear navigation in German. Privacy compliance is well addressed with a cookie consent banner and detailed privacy policy. However, explicit security policies and incident response information are not present, and security headers are not detected, indicating room for improvement in security posture. Overall, the website is trustworthy, accessible, and well-aligned with its business objectives.

T

TC-Innovations GmbH

themeware.design

50

TC-Innovations GmbH operates the website themeware.design, offering ThemeWare®, a leading Shopware theme designed to boost sales and provide extensive customization options. The company positions itself as a market leader with over 20,000 downloads and 500+ five-star reviews, targeting Shopware e-commerce merchants seeking advanced theming solutions. The website demonstrates a mature technical infrastructure with modern frontend technologies, mobile optimization, and SEO best practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some improvements like DNSSEC and security headers could enhance protection. Overall, the domain registration aligns well with the business, supporting legitimacy and trust. No critical security or compliance issues were detected, and the site maintains a professional and trustworthy online presence.

7

711 Online Casino

711.nl

61

711 Online Casino operates as a Dutch online gambling platform offering casino games and sports betting services. The website targets adult users in the Netherlands, promoting player bonuses and emphasizing fairness and high RTP (Return to Player) rates. The business positions itself as a popular and trustworthy online casino within the Dutch market. Technically, the website employs modern web technologies including JavaScript frameworks (likely Vue.js), Google Tag Manager for analytics, and third-party marketing and support tools such as Zendesk and XtremePush. The site is mobile-optimized with good SEO practices but lacks explicit privacy and terms of service pages in the provided content. Security posture is moderate with HTTPS enforced and some security best practices observed, though some security headers are missing or not explicitly detected. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the domain registration data aligns well with the website's business claims, supporting legitimacy. The site is rated NSFW due to its gambling content and adult audience targeting.

3

32Red

32red.com

73

32Red is a well-established UK online casino brand offering a wide range of casino games, sports betting, and live casino experiences. The website targets adult UK players and promotes responsible gambling with clear terms and safer gambling policies. The business model focuses on online gambling services with a strong emphasis on promotions and user engagement. Technically, the site uses modern JavaScript frameworks, analytics tools like Hotjar and Snowplow, and cookie consent management via OneTrust, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and a published security policy would enhance trust. The absence of WHOIS data is a minor concern but common in the gambling industry due to privacy considerations. Overall, the site presents a professional and trustworthy online gambling platform.

Grosvenor Casinos operates a professional online casino platform targeting UK players, offering a variety of gambling services including slots, jackpots, live casino games, and poker. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, analytics, and user engagement tools. However, the absence of WHOIS registration data raises concerns about domain transparency and regulatory compliance, which is critical in the gambling industry. Security measures such as HTTPS and bot protection via Cloudflare Turnstile are in place, but explicit security policies and headers are not evident in the provided content. Privacy compliance is partially addressed through OneTrust cookie consent, though a clear privacy policy was not detected in the HTML snippet. Overall, the site presents a trustworthy and professional front but would benefit from enhanced transparency and security documentation.

8

888slots | 800+ Slots Spiele | Online Spiele Deutschland

888casino.com

68

The website www.888slots.de operates as an online gambling platform focused on slot games, targeting the German market. It positions itself as a leading provider of online slot entertainment with over 800 games, catering exclusively to adult users due to the nature of gambling services. The platform employs modern web technologies and integrates standard marketing and analytics tools such as Google Tag Manager and Adobe Helix RUM. Cookie consent is managed through OneTrust, indicating a baseline level of privacy compliance. However, explicit privacy policies and terms of service documents are not found in the provided content, which is a compliance gap. Security posture is solid with HTTPS enforcement and security headers, but incident response and security policy disclosures are absent. Overall, the domain registration and hosting align with the website's claims, supporting legitimacy. The site is professionally designed with good user experience and mobile optimization, though accessibility could be improved.

Paddy Power operates as a major online gambling and sports betting platform with a long-established domain dating back to 1998. The website is protected by Cloudflare's Web Application Firewall (WAF), which restricts access based on geographic location or network anomalies, resulting in limited content availability for analysis. The business targets adult users interested in betting services, with a business model centered on online gambling. Technical infrastructure includes Cloudflare for security and performance, but no advanced CMS or frameworks are detectable from the limited content. Security posture is difficult to fully assess due to access restrictions; however, no privacy or cookie policies are present on the accessible page, and DNSSEC is not enabled for the domain. The WHOIS data indicates a legitimate and mature domain with registrar protections in place. Overall, the site demonstrates a moderate level of business credibility but lacks visible compliance and security documentation on the landing page.

N

Napoleon Games NV

napoleongames.be

61

Napoleon Games NV operates a leading online gambling platform in Belgium, offering a wide range of casino games, live casino, dice games, and sports betting services. The company targets adult users (21+) and positions itself as Belgium's best online casino and bookie, supported by strong branding and sponsorships in Belgian sports. The website is professionally designed with consistent branding and clear navigation, providing comprehensive legal and responsible gaming information to comply with local regulations. Technically, the site uses modern web technologies including Vue.js, Google Tag Manager, and OneTrust for cookie consent, hosted via Fastly CDN, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and no exposed sensitive data, though the absence of explicit security policies and vulnerability disclosure mechanisms suggests room for improvement. Overall, the domain registration and WHOIS data confirm legitimacy and consistency with the business claims. The site is fully accessible without WAF blocking, and privacy compliance is well addressed. Recommendations include enhancing security headers, publishing security policies, and providing direct contact information for security incidents to further strengthen trust and compliance.

H

Hard Rock Hotels

hardrockhotels.com

72

Hard Rock Hotels operates a global hospitality and entertainment brand specializing in hotels, resorts, and casinos. The website presents a professional and consistent brand image targeting travelers and casino visitors. The business model focuses on providing hotel accommodations combined with casino and resort experiences, positioning itself as a major player in the hospitality industry. Technically, the site uses modern JavaScript libraries, multiple tag management systems, and analytics tools, indicating a mature digital infrastructure. However, mobile optimization and accessibility are basic and could be improved. Security posture is generally strong with HTTPS enforced and use of reputable third-party analytics, but lacks visible security headers and formal privacy or cookie policies. The absence of WHOIS data for the subdomain is expected and does not detract from legitimacy, as the subdomain is part of the larger hardrock.com domain. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced privacy compliance and security best practices.

D

Danske Spil

danskespil.dk

63

Danske Spil is Denmark's leading licensed gambling operator, offering a wide range of games including lottery, sports betting, casino, poker, and bingo. Established in 2000, it serves the Danish market with a strong emphasis on responsible gaming and compliance with national regulations. The website reflects a mature business with clear branding and a comprehensive portfolio of gambling products. Technically, the site uses modern web technologies including Sitecore CMS, JavaScript frameworks, and integrates monitoring tools such as AppDynamics and Sentry for performance and error tracking. Security posture is strong with enforced HTTPS, reCAPTCHA for bot protection, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is evident through the presence of privacy and cookie policies with consent mechanisms. Overall, the site is professional, trustworthy, and well-optimized for performance and user experience.

O

OneDoc SA

onedoc.ch

73

OneDoc SA operates a leading online medical appointment booking platform in Switzerland, enabling patients to find and book appointments with doctors, dentists, and therapists both for in-person visits and teleconsultations. Founded in 2017 and headquartered in Geneva, OneDoc has established a strong market position with subsidiaries covering different Swiss regions. The platform offers a user-friendly experience with mobile app support, SMS reminders, and a comprehensive help center. Technically, the website employs modern web technologies including Google Tag Manager, Google Maps API, and a consent management platform, ensuring good performance and mobile optimization. Security posture is strong, supported by ISO 27001 and DPCO certifications, encrypted data storage in Switzerland, and GDPR-compliant privacy and cookie policies. No critical vulnerabilities or suspicious activities were detected. Overall, OneDoc demonstrates a mature digital infrastructure and trustworthy business operations in the healthcare technology sector.

B

Brunner Medien AG

brunner-verlag.ch

65

Brunner Medien AG operates as a Swiss-based publishing company specializing in educational, religious, and pedagogical books and music. Their website serves as an e-commerce platform targeting German-speaking audiences interested in cultural and educational content. The company maintains a clear market niche with a professional online presence and a consistent brand image. Technically, the website employs modern JavaScript libraries and custom fonts, with a responsive design that supports good user experience across devices. Security posture is adequate with HTTPS and cookie consent mechanisms, though explicit security policies and headers could be improved. Privacy compliance is well addressed with accessible privacy and cookie policies. Overall, the website reflects a trustworthy and credible business with room for technical and security enhancements.

E

Evangelische Medienarbeit

evangelische-medienarbeit.de

59

Evangelische Medienarbeit (EMA) is a non-profit organization affiliated with the Landeskirche Hannovers, providing communication solutions, training, and media support primarily for church-related entities and professionals. The website serves as an information hub for their services including newsletters, events, and contact points. Technically, the site uses modern web technologies with a moderate performance profile and good mobile optimization. Security posture is solid with HTTPS and CSRF protections, though some improvements in security headers and cookie consent mechanisms are recommended. Overall, the site is trustworthy, professionally presented, and aligned with its organizational mission.

D

Das Ephoralbüro

das-ephoralbuero.de

56

Das Ephoralbüro website serves as an online handbook and resource platform primarily aimed at supporting office management within church administrative offices in Germany. It provides structured, transparent information to assist both new and experienced staff in their daily tasks. The platform is positioned as a niche internal resource within the government/non-profit sector, specifically church administration. Technically, the site is built on a modern web stack likely involving Ruby on Rails, with standard HTML5, CSS3, and JavaScript components. The site demonstrates moderate performance and basic mobile optimization, with room for improvement in accessibility and SEO. Security posture is moderate, with HTTPS implied and CSRF protections in place, but lacking explicit security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Business credibility is supported by consistent branding and official contact emails, though no phone or physical address is provided. Overall, the site is professional, trustworthy, and safe for general audiences.

R

Rechnungsprüfungsamt der evangelisch-lutherischen Landeskirche Hannovers

rpa-kirche.de

57

The Rechnungsprüfungsamt der evangelisch-lutherischen Landeskirche Hannovers is a specialized public institution responsible for financial auditing and control within the Evangelical Lutheran Church of Hanover. The website serves as an informational portal for church districts, congregations, and affiliated institutions, providing insights into their auditing activities, news, and career opportunities. The organization holds a stable market position within the government and non-profit sectors, focusing on transparency and accountability in church finances. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and Matomo analytics, hosted on a CDN for performance. Security posture is solid with HTTPS and CSRF protections, though improvements in security headers and cookie consent mechanisms are recommended. Overall, the site is professional, trustworthy, and well-structured, supporting the organization's mission effectively.

E

Evangelische Agentur der Evangelisch-lutherischen Landeskirche Hannovers

kirchliche-dienste.de

59

The Evangelische Agentur der Evangelisch-lutherischen Landeskirche Hannovers is a regional non-profit service agency supporting church communities and organizations in Niedersachsen, Germany. The website provides comprehensive information about their services including community support, fundraising, spiritual guidance, and public responsibility initiatives. The agency operates under the umbrella of the Evangelisch-lutherische Landeskirche Hannovers, indicating a strong institutional backing and trustworthiness. Technically, the website employs modern web technologies such as Font Awesome 7, Turbo (Hotwire), and Matomo analytics, reflecting a moderate level of digital maturity. The site is mobile-optimized and uses HTTPS with CSRF protection, but lacks some advanced security headers and cookie consent mechanisms, which are recommended for enhanced security and GDPR compliance. From a security perspective, the site shows good practices with encrypted connections and privacy-conscious analytics but could improve by publishing explicit security policies, incident response contacts, and vulnerability disclosure information. No critical vulnerabilities or suspicious patterns were detected. Overall, the website is professional, trustworthy, and serves its target audience effectively. Strategic improvements in privacy compliance and security transparency would further strengthen its posture.

E

Evangelische Medienarbeit (EMA)

systeme-e.de

58

Systeme-e.de is a German-language website operated by the Evangelische Medienarbeit (EMA), providing free digital communication and collaboration systems tailored for the Evangelical Church and its associated organizations. Established since 2011, the platform offers a suite of services including internal communication tools, website builders, newsletter systems, image databases, videoconferencing, event management, and resource booking. The website targets church staff and affiliated groups, positioning itself as a trusted non-commercial provider within the religious sector in Germany. Technically, the website is built on modern web standards with a Ruby on Rails backend implied by CSRF tokens, uses Matomo analytics configured for privacy, and is hosted on servers associated with kasserver.com. The site demonstrates good mobile optimization and a consistent branding approach. However, some security best practices such as explicit security headers and cookie consent mechanisms are not evident. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and avoids exposing sensitive data. The absence of a published security policy or incident response contacts is a gap. The WHOIS data aligns well with the website's claims, showing consistent domain registration and no privacy protection, which supports legitimacy. Overall, systeme-e.de presents a professional, trustworthy, and well-maintained digital presence for its niche audience. Strategic improvements in security transparency and privacy compliance could further enhance its posture and user trust.

K

Klaus Ludwig Verlag

gruppenhaus.de

55

Gruppenhaus.de is a well-established German online platform specializing in group accommodations such as seminar houses, youth hostels, and meeting venues. With over 30 years of market presence and a large inventory of more than 3,700 properties, it serves groups planning seminars, school trips, music rehearsals, and family gatherings. The platform emphasizes direct booking inquiries without commission, positioning itself as a trusted intermediary in the hospitality sector focused on group travel within Germany and Europe. The business is operated by Klaus Ludwig Verlag, with a clear German address and phone contact, reinforcing its legitimacy and local market focus. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, jQuery, and Leaflet for interactive maps. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, it lacks some advanced security headers and a cookie consent mechanism, which are important for GDPR compliance and enhanced security posture. The site enforces HTTPS with HSTS, indicating a good baseline for secure communications. From a security perspective, the site shows a moderate maturity level with no visible vulnerabilities or exposed sensitive data. The absence of certain security headers and cookie consent reduces the overall security and privacy compliance score. No incident response or vulnerability disclosure information is present, which could be improved to enhance trust and readiness. The WHOIS data aligns well with the business claims, showing consistent registration details and domain age appropriate for the company's history. Overall, gruppenhaus.de presents a professional and trustworthy online presence with solid business credibility and technical implementation. Strategic improvements in security headers, privacy compliance, and incident response transparency would further strengthen its security posture and regulatory adherence.

M

Sign in - Matomo

mws-monitor.de

59

The website mws-monitor.de hosts a Matomo analytics platform login page, providing a free/libre analytics service interface. The platform targets users who manage or access web analytics data, offering key services such as visitor tracking and data reporting. The site is technically based on the Matomo framework, utilizing JavaScript and PHP technologies with AngularJS elements. The infrastructure appears standard for a self-hosted analytics platform, with moderate performance and basic mobile optimization. Security features include HTTPS enforcement and password confirmation, with support for two-factor authentication, though explicit security headers are not detected. Privacy compliance is minimal on this page, with no visible privacy or cookie policies, and no contact or business information is publicly available. The domain WHOIS data is minimal but consistent with hosting provider name servers, showing no immediate red flags. Overall, the site is functional for its purpose but lacks public-facing compliance and business transparency information.

B

Bauindustrieverband Hessen-Thüringen e.V.

bauindustrie-mitte.de

46

Bauindustrieverband Hessen-Thüringen e.V. is a regional industry association representing the construction sector in the German states of Hessen and Thüringen. The organization acts as a political advocate and service provider for construction companies, offering employer association services, economic representation, sustainability initiatives, and educational events. The website reflects a professional and consistent brand presence, targeting industry stakeholders and members. Technically, the site is built on TYPO3 CMS with standard web technologies and demonstrates moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled but lacks advanced security headers and incident response information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and functional but could improve in security and privacy transparency.

B

Bistum Mainz

bistummainz.de

62

Bistum Mainz is a large non-profit Catholic diocese based in Germany, providing a wide range of religious, social, educational, and community services. The website serves as a comprehensive portal for parishioners and the general public, offering news, event information, pastoral resources, and social initiatives. It targets members of the Catholic community and residents within the diocese's region. Technically, the site is built on the Alkacon Mercury CMS platform, with a modern tech stack including responsive design, accessibility features, and privacy-conscious analytics via Matomo. The site is well-structured, professionally designed, and optimized for mobile and accessibility standards. Security posture is good with HTTPS enforced and cookie consent implemented, though security headers and explicit security policies are not visibly present. WHOIS data and domain registration details align well with the organization's identity, supporting legitimacy and trustworthiness. Overall, the site demonstrates a mature digital presence suitable for a large religious non-profit organization.

E

ExpiredDomains.com

espresso.church

71

ExpiredDomains.com operates as a specialized online platform providing comprehensive listings and insights for expired and expiring domain names. It serves domain investors, SEOs, and marketers by aggregating domain data across numerous TLDs and linking users to trusted registrars like GoDaddy for domain acquisition. The platform is well-positioned in the domain marketplace sector, trusted by thousands of users, and offers a user-friendly interface with detailed domain profiles and filtering capabilities. Technically, the website employs modern web standards with responsive design and moderate performance, supported by Cloudflare DNS and secure HTTPS connections. Security posture is solid with domain status protections and no evident vulnerabilities, though DNSSEC is not enabled and additional security headers could enhance protection. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. However, direct contact information such as emails or phone numbers is absent, relying solely on contact forms. Overall, the website is professional, trustworthy, and safe for general audiences, with no adult or explicit content detected.

The website originalshrine.org serves as an informational platform dedicated to the Original Shrine of the international Schoenstatt Movement, focusing on religious and cultural content. It provides visitors with historical information, event details, a live webcam feed, and media resources such as sermons. The site targets a broad audience interested in religious and cultural heritage, operating primarily as a non-commercial informational resource. The domain is well-established since 2012, registered with a reputable registrar, and shows consistency between WHOIS data and website content. Technically, the website employs basic web technologies including HTML, CSS, JavaScript with jQuery and Superfish for navigation menus, and Google Web Fonts. The hosting provider is Vautron Rechenzentrum AG. While the site uses HTTPS, it lacks advanced security headers and uses an outdated JavaScript library version, which could pose security risks. Mobile optimization and accessibility are basic, and SEO practices are minimal but functional. From a security perspective, the site benefits from HTTPS but misses DNSSEC and security headers, and no cookie consent mechanism is present. No forms or user data collection points were detected, reducing exposure to input-based vulnerabilities. The WHOIS data indicates a legitimate and stable domain registration with no privacy protection, aligning with the website's purpose. No signs of malware, phishing, or adult content were found, indicating a safe browsing experience. Overall, the website is moderately secure and credible but would benefit from updates to its technical stack, enhanced security practices, and improved privacy compliance. Strategic improvements in these areas would strengthen trust and user experience.

A

ARCHEKTA, s.r.o.

archekta.com

47

Archekta is a small Slovak architecture studio founded in 1991, specializing in architectural design and construction consulting with a focus on balancing art and architecture. The company has a strong regional presence with award-winning projects and a professional team. The website showcases their portfolio and team but lacks privacy and cookie policies, which are important for compliance. Technically, the site uses modern frameworks like Nuxt.js and Tailwind CSS, hosted on Websupport.cz, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled but lacks DNSSEC and security headers. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional and trustworthy but could improve compliance and security practices.

T

Tregler Paliva

tregler-paliva.cz

49

Tregler Paliva is a small, established business specializing in the purchase, processing, and sale of quality firewood primarily serving the Czech Republic and Austria. Founded in 1991, the company has a strong regional presence and targets both consumer and business customers seeking firewood products. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern JavaScript frameworks, Laravel Nova for administration, and integrates multiple analytics and tracking tools including Matomo, Google Tag Manager, Facebook Pixel, and Smartlook. The hosting and domain registration are consistent with the business location and claims, enhancing trustworthiness. Security posture is adequate with HTTPS enabled and secure admin routes, but lacks some security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies despite cookie consent mechanisms. Overall, the site is functional and trustworthy but would benefit from improved privacy transparency and security best practices.

D

Dolce e Luce Lighting Design Studio

dolceeluce.com

50

Dolce e Luce Lighting Design Studio is a small, internationally recognized independent lighting design and consultancy firm based in Rome, Italy, founded in 2018. The company offers a broad range of lighting design services including architectural, landscape, urban lighting, light art installations, and lighting controls. Their market position is strengthened by academic involvement and membership in professional lighting associations. Technically, the website is built on modern frameworks such as Nuxt.js and Tailwind CSS, with good mobile optimization and performance. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional and trustworthy, but improvements in privacy and security policies are recommended.

1

123map GmbH & Co. KG

123map.de

8

123map GmbH & Co. KG is a specialized company providing services, consulting, and software development in the field of geographic information systems (GIS) for over 20 years. Their offerings include online maps, geocoding, vector maps for graphic programs, and related software solutions targeting businesses and professionals requiring geospatial data and tools. The company operates primarily in Germany and maintains a small business profile with a focused niche market position. Technically, the website is built with standard HTML5, CSS3, and JavaScript, hosted under a reputable registrar (Key-Systems GmbH). The site is accessible, uses HTTPS, but lacks advanced security headers and DNSSEC, indicating moderate digital maturity. The website design and content are basic but consistent with the business focus, with limited mobile optimization and SEO features. From a security perspective, the site employs HTTPS and domain transfer protection but does not implement DNSSEC or security headers, which are recommended for enhanced protection. No forms or contact details are present on the main page, and no privacy cookie consent mechanism is implemented, which may impact GDPR compliance. No signs of tracking or advertising technologies were found, suggesting minimal user data collection. Overall, the website presents a moderate risk profile with no critical security issues detected. Strategic improvements in security headers, DNSSEC, and privacy compliance would enhance trust and protection. The domain's long registration history and consistency with business claims support legitimacy and credibility.

B

B2C, s.r.o.

dezeta.cz

45

Papírnictví DEZETA is an e-commerce and physical retail business operated by B2C, s.r.o., specializing in office, school, and paper products. The company has a local market presence in the Czech Republic, with a physical store located at Thákurova 7, Prague 6, and an online shop offering a wide range of stationery and related products. The website is built using modern JavaScript frameworks, specifically Vue.js, providing a responsive and user-friendly shopping experience. However, the site lacks some advanced security and privacy features such as cookie consent mechanisms and security headers. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business information provided on the site.

O

Office Pro s.r.o.

mujnavrh.cz

43

Office Pro s.r.o. operates a professional e-commerce platform specializing in office furniture and accessories, primarily serving the Czech market. The website offers a unique 3D office design tool enabling customers to create and customize office layouts online, enhancing user engagement and service differentiation. The company maintains a consistent brand presence with active social media channels and a comprehensive privacy and cookie policy aligned with GDPR requirements. Technically, the site leverages modern JavaScript libraries including Babylon.js for 3D rendering, and integrates multiple analytics and advertising pixels for marketing optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though additional security headers and explicit security policies could enhance trust. The absence of WHOIS data limits domain transparency, but the website's professional content and business indicators suggest legitimate operations. Overall, the site is well-positioned in its niche with moderate technical maturity and good compliance practices.

The website bastlirna.hwkitchen.cz is currently inaccessible due to a Cloudflare Turnstile CAPTCHA security challenge, which prevents direct content access and analysis. No business information, contact details, or policies are available on the page. The WHOIS query returned no registration data, indicating either privacy protection or a non-registered domain, which reduces trustworthiness. The technical infrastructure relies on Cloudflare for security and content delivery, but no further technology stack or CMS details are discernible. The security posture cannot be fully assessed due to the blocked content, but the absence of visible security headers or policies is a concern. Overall, the site presents a high risk due to lack of transparency and accessibility.

RUW Fachkonferenzen operates as a German-language platform organizing professional conferences. The website serves as an informational hub for event attendees and professionals interested in specialized conferences. The business model focuses on event organization and dissemination of conference-related information, targeting a niche audience within Germany. The website is built on WordPress and incorporates standard web technologies including JavaScript and Facebook Pixel for marketing and tracking purposes. While the site is accessible and mobile-optimized, it lacks comprehensive privacy and security disclosures, which impacts its overall trustworthiness. Security posture is moderate with no detected WAF or blocking mechanisms, but absence of security headers and explicit policies suggests room for improvement. The domain WHOIS data is minimal but does not raise immediate concerns about legitimacy. Strategic recommendations include enhancing privacy transparency, implementing security best practices, and providing clear contact and incident response information to improve compliance and user trust.

C

chemmedia AG

knowledgeworker.com

65

chemmedia AG operates the Knowledgeworker platform, a comprehensive E-Learning software suite designed for corporate clients. Their offerings include an AI-integrated authoring tool, a learning management system, a scenario-based digital coach, and a microlearning app. The company emphasizes GDPR compliance, data privacy, and high-quality, modular learning solutions. The website is professionally designed, mobile-optimized, and integrates modern analytics and marketing tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS and consent management, though some security headers could be enhanced. The absence of WHOIS data is notable but does not detract from the overall legitimacy given the professional presentation and client references. Strategic recommendations include enhancing security headers and publishing explicit security policies.