Security Directory

Z

Ženský magazín

zenskymag.cz

41

Ženský magazín is an online Czech women's magazine focusing on lifestyle, health, horoscopes, housing, and advice. The website targets Czech-speaking women and operates as a small media outlet founded in 2021. The business model centers on content publishing with advertising partnerships. Technically, the site runs on WordPress with the Newspaper theme and related plugins, hosted under the REG-WEDOS registrar. The site is mobile-optimized and moderately performant but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but missing security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. No contact or incident response information is provided, limiting trust and compliance. Overall, the site is safe for general audiences and presents a professional appearance but would benefit from enhanced privacy, security, and contact transparency.

K

Katholischer Seelsorgebereich Main-Itz

seelsorgebereich-main-itz.de

61

The website 'Katholischer Seelsorgebereich Main-Itz' serves as an informational portal for a Catholic pastoral care area in Germany, targeting local parishioners and community members. It provides comprehensive information on church services, community events, pastoral care, and contact options primarily through web forms. The site is well-structured, accessible, and includes privacy and cookie consent mechanisms, reflecting a commitment to GDPR compliance and user accessibility. Technically, it leverages the Alkacon Mercury CMS platform, uses Matomo analytics for privacy-conscious tracking, and hosts content on servers associated with internet1.de. Security posture is adequate with HTTPS in use and privacy features, though explicit security headers and incident response policies are not evident. The domain registration data aligns with the website's purpose and location, supporting its legitimacy. Overall, the site is professional, trustworthy, and suitable for its community-focused mission.

S

Stadt Nürnberg

nuernberg.de

64

The website www.nuernberg.de is the official city portal for Nürnberg, Germany, providing comprehensive information and services related to city administration, events, news, and citizen engagement. It serves a broad audience including residents, visitors, and stakeholders interested in municipal affairs. The site is professionally designed with a strong emphasis on accessibility, multilingual support, and user-friendly navigation. The content is rich, relevant, and regularly updated, reflecting a mature digital presence for a large government entity. Technically, the site is built on the IMPERIA CMS platform, utilizing JavaScript libraries including jQuery and jQuery UI, with Cookiebot managing cookie consent and Matomo for analytics. The infrastructure appears stable and hosted on city-managed servers. Performance is moderate with good mobile optimization and accessibility features. However, the use of an outdated jQuery version presents a minor security risk. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and a published security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is strong, with clear GDPR-aligned privacy and cookie policies. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance suitable for a government portal. Strategic improvements include updating JavaScript libraries, publishing a security policy, and enhancing security headers to further strengthen the security posture.

B

Bildungs- und Tagungshäuser Vierzehnheiligen

bildungshaeuser-vierzehnheiligen.de

57

Bildungs- und Tagungshäuser Vierzehnheiligen is a regional educational and spiritual center located in Bad Staffelstein, Germany, affiliated with the Erzbistum Bamberg. The organization offers a broad range of educational programs, spiritual retreats, conference and meeting facilities, guest accommodations, and hospitality services including the Gasthof Goldener Hirsch. Their target audience includes groups, families, and individuals interested in spirituality, education, and pilgrimage activities. The website reflects a well-structured, professionally designed platform that supports their mission and services effectively. Technically, the website is built on the Alkacon Mercury CMS platform, utilizing modern JavaScript libraries and Matomo for privacy-conscious analytics. The site is mobile-optimized and includes accessibility features such as the eyeAble plugin, enhancing usability for diverse users. Hosting appears to be managed within the kirche-bamberg.de infrastructure, ensuring reliable performance and security. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism compliant with GDPR. However, explicit security headers and incident response policies are not evident, representing areas for improvement. No vulnerabilities or suspicious activities were detected in the content or scripts. Privacy policies and terms of service are clearly presented, supporting regulatory compliance. Overall, the website demonstrates a solid security posture and digital maturity appropriate for a non-profit educational and hospitality organization. Strategic recommendations include enhancing security headers, publishing incident response contacts, and continuous monitoring of third-party scripts to maintain security and trust.

The website at st-michaelsbund-bamberg.de is a domain parking and sales landing page with minimal content focused on offering the domain for sale. It provides a categorized interface for navigation but no actual business services or products. The site includes basic bot detection and a captcha challenge to prevent automated access, indicating some minimal security awareness. However, there is no evidence of HTTPS enforcement or security headers, and no contact or business information is provided, limiting trust and credibility. Technically, the site uses standard HTML, CSS, and JavaScript with a modern responsive design and basic accessibility features. The performance is moderate, and SEO optimization is basic. The lack of WHOIS data and domain registration details raises concerns about the domain's legitimacy and age, suggesting it may be recently registered or parked without active use. Security posture is limited to client-side bot detection and captcha, with no visible advanced security measures or compliance indicators. Privacy compliance is minimal, with only a basic privacy policy page and no cookie consent mechanism. Overall, the site presents a low trust profile with limited business credibility. Strategically, the domain appears to be held for resale rather than active business use, and the lack of transparency and security features should be addressed if the domain is to be developed into a legitimate business site.

K

KKV Bildungswerk Bayern e. V.

bwb-akademie.de

59

KKV Bildungswerk Bayern e. V. is a well-established non-profit organization focused on adult education within Bavaria, Germany. The organization offers a broad range of educational events and programs centered on societal, professional, faith-based, cultural, and health topics, targeting adults interested in personal development and community engagement. The website reflects a consistent brand identity aligned with its mission and provides comprehensive information about upcoming events, organizational structure, and contact details. Technically, the website is built on the Alkacon Mercury CMS platform, leveraging JavaScript and Matomo analytics for user tracking. It is hosted on infrastructure associated with the Erzbistum Bamberg, indicating a stable and regionally focused hosting environment. The site demonstrates good mobile optimization, accessibility compliance, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, reflecting awareness of privacy and data protection requirements. However, it lacks publicly available formal security policies and incident response contacts, which could be improved to enhance trust and compliance. No critical vulnerabilities or suspicious content were detected. Overall, the website presents a trustworthy and professional digital presence for a regional educational non-profit, with room for improvement in formal security documentation and incident response readiness.

The website is a domain sales landing page hosted as a subdomain of forsaledomain.net, offering a domain for sale alongside a curated list of discounted product deals primarily sourced from Amazon. The business model appears to be a combination of domain sales and affiliate marketing targeting German-speaking consumers interested in bargain shopping. The site uses basic modern web technologies including Google Fonts and JavaScript for live search and affiliate link tracking. However, it lacks critical business and security information such as privacy policies, contact details, and HTTPS enforcement. The WHOIS data for the domain is missing, indicating the domain is likely unregistered or parked, which significantly reduces trustworthiness. Overall, the site is functional but minimalistic and lacks professional business credibility and security maturity.

The website is a domain sales and affiliate marketing landing page offering various product deals across multiple categories such as electronics, home & kitchen, beauty, clothing, and toys. It promotes Halloween deals for 2025 and indicates that the domain is currently for sale. The site targets general consumers looking for discounted products and operates primarily as an affiliate marketing platform with domain sales as a secondary focus. Technically, the site uses modern web standards including HTML5, CSS3, JavaScript, and Google Fonts, with a responsive design optimized for mobile devices. However, it lacks advanced security headers and privacy policies, which reduces its compliance posture. The security posture is basic with HTTPS assumed but no explicit security headers or contact information for incident response. The WHOIS data is unavailable, indicating the domain or subdomain is either unregistered or dynamically assigned, which raises questions about legitimacy and trustworthiness. Overall, the site is functional and safe for general audiences but lacks transparency and compliance features expected from professional e-commerce platforms.

C

Caritas-Pirckheimer-Haus

cph-nuernberg.de

45

The Caritas-Pirckheimer-Haus (CPH) is a well-established educational and cultural institution based in Nürnberg, Germany, serving over 50,000 adults and youth annually. It offers a broad range of educational programs, events, and projects focused on society, religion, history, politics, ethics, culture, inclusion, and participation. Additionally, it operates a conference center and hotel with 44 rooms, catering to both private and professional guests. The website reflects a medium-sized non-profit organization with a strong community and educational focus. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including JavaScript and CSS, and integrates accessibility features such as font size adjustment and skip links. The site is mobile-optimized and SEO-friendly, with a moderate performance profile. Hosting appears to be managed by a professional provider indicated by the nameservers. From a security perspective, the site enforces HTTPS and uses secure forms but lacks visible security headers and a vulnerability disclosure policy. No cookie consent mechanism was detected, which may impact GDPR compliance. No contact emails or phone numbers are explicitly listed in the HTML, though contact forms and social media channels are available. Overall, the security posture is good but could be improved with additional headers and explicit privacy controls. The website content is safe for general audiences, focusing on educational and cultural topics without any adult or explicit content. The domain registration data is limited but consistent with the website's German educational non-profit identity. No WAF or blocking mechanisms were detected, allowing full content access and analysis.

F

Fliesen Lang GmbH & Co KG

fliesen-lang-gmbh.de

56

Fliesen Lang GmbH & Co KG is a small, established tile laying specialist operating in Kirchheim unter Teck, Germany. The company offers a range of services including consultation, planning, and installation of tiles and natural stone for residential and commercial properties. Their website reflects a professional local business with clear service descriptions and contact information. Technically, the site is built on the IONOS MyWebsite CMS platform, uses modern web technologies like HTML5, CSS3, and JavaScript libraries such as jQuery and swipebox, and is hosted by IONOS with HTTPS enabled, ensuring secure connections. However, the site lacks privacy and cookie policies, security headers, and incident response information, which are important for compliance and security posture. Overall, the website is functional, well-branded, and trustworthy but could improve in privacy compliance and security best practices.

F

Festool

festool.de

65

Festool GmbH is a well-established German manufacturer and retailer of high-quality power tools and system solutions targeted at professional craftsmen. Founded in 1925, the company holds a strong market position as a premium brand in the manufacturing and retail sectors. Their website reflects a professional and comprehensive digital presence, offering detailed product information, customer support, and e-commerce capabilities. The target audience is clearly professional tradespeople seeking reliable and tailored power tool solutions. Technically, the website employs modern technologies such as Vue.js, Google Tag Manager, and Usercentrics for consent management, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities. Privacy compliance is robust, with clear GDPR-aligned privacy and cookie policies and a consent mechanism. Business credibility is high, supported by transparent contact information, legal company data, and consistent branding. Overall, the website demonstrates a mature and secure digital infrastructure suitable for a large enterprise in the manufacturing industry.

S

Stadtwerke Nürtingen GmbH

sw-nuertingen.de

61

Stadtwerke Nürtingen GmbH is a regional utility company providing essential services including electricity, gas, water, district heating, and highspeed internet to the Nürtingen area in Germany. The company emphasizes regional economic support and customer-centric service, offering digital tools such as mobile apps and online customer portals to enhance user experience. Their market position is that of a trusted regional energy and telecommunications provider with a medium-sized operational footprint. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, with modern JavaScript libraries and a responsive design ensuring good performance and accessibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved and incident response information is not publicly detailed. Overall, the website is professional, trustworthy, and compliant with GDPR, serving a general audience without any adult or questionable content.

A

AWG Mode

awg-mode.de

69

AWG Mode is a German-based e-commerce retailer specializing in affordable fashion for the entire family, including women, men, and children, as well as home decoration, traditional costumes, and sportswear. The company positions itself as a provider of quality yet budget-friendly clothing with fast shipping and a focus on top brands. The website is professionally designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content tailored to family consumers. Technically, the site leverages modern technologies including Shopware CMS, Cookiebot for consent management, Google Analytics 4, and various marketing and tracking tools, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced, cookie consent mechanisms, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies in German, reflecting GDPR adherence. However, contact information and explicit security policies are not readily found, which could be improved. Overall, the domain registration data aligns with the business claims, supporting legitimacy and trustworthiness.

Volksbank Mittlerer Neckar eG is a regional cooperative bank in Germany focused on providing banking and financial services to private customers. The website targets private customers and emphasizes the strength of the cooperative banking group. The site uses modern web technologies including Angular and Angular Material, with performance monitoring via Dynatrace. The technical infrastructure appears solid with HTTPS enabled and a professional design, although some security best practices such as security headers and explicit privacy policies are missing. No signs of blocking or WAF interference were detected, allowing full content access. Overall, the site is professional and trustworthy but could improve transparency and compliance by adding privacy, cookie, and security policies.

K

Kreissparkasse Esslingen-Nürtingen

ksk-es.de

69

Kreissparkasse Esslingen-Nürtingen operates a comprehensive online banking platform serving both private and corporate customers in Germany. The website offers a wide range of financial products including checking accounts, credit cards, loans, insurance, investment products, and real estate services. The bank positions itself as a trusted regional financial partner with a strong local presence and multiple customer engagement channels including phone, chat, and social media. The site is professionally designed with clear navigation and mobile optimization, reflecting a mature digital infrastructure. Technically, the website leverages modern web technologies and likely uses Adobe Experience Manager as its CMS. It employs JavaScript, CSS, and React components for dynamic content delivery. The site is well-optimized for SEO and accessibility, with a moderate performance profile. Security measures include HTTPS enforcement, session timeout warnings, and cookie consent management, although explicit security headers could be further verified. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, featuring comprehensive privacy and cookie policies aligned with GDPR requirements. However, no explicit security policy or incident response contact information was found. The domain WHOIS data is consistent with the website's branding and location, supporting legitimacy and trustworthiness. Overall, the website demonstrates a high level of professionalism, security, and user experience suitable for a major regional bank. Strategic recommendations include enhancing transparency around security policies, publishing vulnerability disclosure information, and verifying security headers to further strengthen the security posture.

K

KÖ8 Shopping Center Köngen

koe8.de

55

KÖ8 Shopping Center Köngen is a local retail and family activity center based in Germany, targeting general audiences with offers and events for families. The website presents a professional and consistent brand image with good content quality and clear navigation. Technically, the site uses modern web technologies including service workers, Cookiebot for consent management, and responsive design, hosted on UI-DNS infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not published. Privacy compliance is good with a clear privacy policy and cookie consent dialog. Overall, the site is trustworthy and well-maintained for its business scope.

H

Holidu GmbH

tomas-travel.online

67

Holidu GmbH operates the Holidu Smart Destination platform, providing innovative and comprehensive destination management solutions tailored for tourism destinations and hosts. The company leverages advanced technology combined with personal service to optimize marketing and booking processes for vacation rentals and related services. Their market position is strong, supported by multiple subsidiary brands and a medium-sized operation based in Germany. Technically, the website employs modern frameworks such as React and Tailwind CSS, hosted on AWS infrastructure, with good performance and mobile optimization. Security posture is solid with HTTPS, security headers, and cookie consent mechanisms, though explicit security policy documentation and incident response contacts are absent. Overall, the site is professional, trustworthy, and compliant with GDPR, with extensive analytics and marketing integrations. The domain registration data aligns well with the business claims, indicating legitimacy and consistency.

S

Stadt Bad Dürkheim

bad-duerkheim.de

65

The website www.bad-duerkheim.de serves as the official municipal portal for the city of Bad Dürkheim in Germany. It provides comprehensive information about local government services, cultural events, tourism, and citizen services. The site is well-structured and targets residents, tourists, and local businesses, positioning itself as a key information hub for the region. The business model is typical of a government entity, focusing on public service delivery and community engagement. Technically, the website is built on the Ionas4 CMS platform, utilizing modern web technologies including SystemJS, Lit Web Components, and jQuery for legacy support. The site demonstrates good mobile optimization, accessibility, and SEO practices. Hosting is managed via Telekom Domains, indicating a stable and reputable infrastructure. From a security perspective, the site enforces HTTPS with strong SSL configurations and uses integrity attributes on scripts and fonts to prevent tampering. However, it lacks explicit security headers such as Content-Security-Policy and does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is safe, professional, and trustworthy, with minor gaps in privacy and security policy disclosures. It does not contain any adult or questionable content, making it suitable for a general audience.

W

Westfalen-Blatt

westfalen-blatt.de

59

Westfalen-Blatt is a well-established regional news media company serving the Ostwestfalen-Lippe region in Germany. The website offers comprehensive news coverage, including local events, sports, and classifieds, supported by subscription and advertising revenue models. It is part of the larger Zeitungsgruppe Münster media group, indicating a strong market position in regional media. The site is professionally designed with consistent branding and good content quality targeting a general audience in Germany.

S

Stadtverwaltung Schifferstadt

schifferstadt.de

65

The website www.schifferstadt.de serves as the official digital presence of the Stadtverwaltung Schifferstadt, the local government administration of Schifferstadt, Germany. It provides comprehensive information and services related to living, governance, culture, tourism, economy, and environmental initiatives in the city. The site targets residents, visitors, and local businesses, offering structured navigation and a broad range of municipal services. The business model is that of a government entity focused on public service delivery and community engagement. Technically, the website employs modern web technologies including AngularJS, SystemJS, and the Ionas CMS platform. It is hosted on German infrastructure with nameservers indicating regional providers. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Security is robust with HTTPS enforced and script integrity checks, although explicit security headers and policies could be enhanced. From a security and compliance perspective, the site implements a cookie consent mechanism and uses an accessibility tool (eye-able). However, it lacks explicit privacy policy, terms of service, and vulnerability disclosure pages, which are recommended for full GDPR compliance and transparency. No critical vulnerabilities or suspicious activities were detected. The WHOIS data aligns well with the website's government nature, showing consistent registration and hosting. Overall, the site is professional, trustworthy, and well-suited for its public service role. Strategic improvements include publishing comprehensive privacy and security policies, enhancing security headers, and providing incident response contacts to strengthen compliance and user trust.

S

Stadt Speyer

speyer.de

62

The website www.speyer.de is the official digital presence of the city of Speyer, Germany, serving as a comprehensive portal for tourism, culture, city services, and public information. It positions itself as a trusted source for residents and visitors, highlighting Speyer's UNESCO World Heritage status and providing rich content on local attractions, events, and services. The site targets tourists, local citizens, and cultural enthusiasts, offering multilingual support and accessible design. Technically, the site employs modern web technologies including the ionas4 CMS, SystemJS module loader, AngularJS directives, and integrates analytics tools such as Google Analytics and Matomo. It features responsive design and accessibility enhancements, including the eye-able accessibility tool and cookie consent management compliant with GDPR. Performance is moderate, with good mobile optimization and SEO practices. From a security perspective, the site enforces HTTPS and implements privacy and cookie policies with user consent mechanisms. However, it lacks explicit security headers and published incident response or vulnerability disclosure policies. No critical vulnerabilities or suspicious content were detected. The WHOIS data is minimal but consistent with a legitimate municipal domain. Overall, the website demonstrates a strong business credibility and technical maturity suitable for a government entity, with room for improvement in security policy transparency and technical security headers. The risk profile is low, with no indications of malicious activity or compliance failures.

C

CURACON GmbH Wirtschaftsprüfungsgesellschaft

curacon.de

53

CURACON GmbH Wirtschaftsprüfungsgesellschaft is a large, well-established German auditing and consulting firm specializing in healthcare, social economy, public sector, and church sectors. With over 500 employees across 14 locations, it offers comprehensive services including auditing, consulting, tax, and legal advice. The company is positioned among the top 20 auditing firms in Germany and operates several subsidiaries to cover specialized areas such as IT security and interim management. The website reflects a professional and consistent brand image with rich content and clear navigation, targeting institutional clients in its sectors. Technically, the site is built on TYPO3 CMS with integrations for marketing and analytics via HubSpot and Microsoft Clarity, and it implements a robust cookie consent mechanism.

A

art kaleidoscope | Das Kunstmagazin für Frankfurt/Main und dem Rhein-Main Gebiet

artkaleidoscope.de

58

The website artkaleidoscope.de serves as a regional art magazine focused on Frankfurt/Main and the Rhein-Main area, providing quarterly publications, interviews, stories, and reports on current art events, artists, and exhibitions in museums, galleries, and off-spaces. The target audience primarily consists of art enthusiasts and cultural consumers within the region. The business model revolves around media publication and digital content delivery, including a mobile app. Technically, the site is built on Weblication CMS, uses HTTPS, and integrates etracker analytics for user tracking with a cookie consent mechanism. The design and content quality are good, with clear navigation and mobile optimization. Security posture is moderate, with HTTPS enabled but lacking explicit security headers and detailed privacy policies. Contact is available via a web form, but no direct emails or phone numbers are provided. Overall, the site is safe, professional, and trustworthy for general audiences.

K

k/c/e Marketing GmbH

museumsufercard.de

53

The MuseumsuferCard website represents a well-established cultural offering managed by k/c/e Marketing GmbH in cooperation with the Kulturamt der Stadt Frankfurt am Main. It provides annual access cards to 39 museums and cultural events in Frankfurt and surrounding areas, targeting culture enthusiasts, families, and tourists. The site is professionally designed with clear navigation, mobile optimization, and rich content describing the product offerings and benefits. Technically, the site uses modern JavaScript libraries such as Swiper.js, integrates Google Tag Manager and Facebook Pixel for analytics and marketing, and employs Usercentrics for GDPR-compliant consent management. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is good with a clear privacy policy and cookie consent mechanism. Contact information is comprehensive, enhancing business credibility. Overall, the site scores high on professionalism, trustworthiness, and user experience.

S

ScalaZ

afrika-junior.de

47

Afrika-Junior is an educational website operated by ScalaZ, targeting children and parents with informative content about Africa. The platform offers a variety of educational materials including articles, media content such as videos and music, quizzes, and interactive games. It positions itself as a niche non-profit educational resource with a focus on African knowledge and culture. The website is hosted on Alfahosting and built using Wolf CMS, indicating a small-scale but functional technical infrastructure. The site demonstrates basic to good digital maturity with a clean design, clear navigation, and a cookie consent mechanism, though mobile optimization and accessibility are basic. Security posture is moderate with HTTPS enabled but lacking advanced security headers and explicit security policies. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site is safe, trustworthy, and compliant with GDPR requirements, though it could benefit from enhanced security practices and more comprehensive business and incident response information.

M

MorgueFile

morguefile.com

59

MorgueFile is a well-established online platform founded in 2001 that provides a large collection of over 410,000 free stock photos for commercial and creative use. The website targets creative professionals such as illustrators, designers, educators, and the general public seeking free image resources. Its business model primarily revolves around offering free content while monetizing through affiliate marketing partnerships, notably with Shutterstock. The site maintains a consistent brand presence and offers a user-friendly experience with good navigation and mobile optimization. Technically, MorgueFile employs modern web technologies including Vue.js for its frontend, integrates multiple analytics and tracking services such as Google Analytics, Google Tag Manager, and Hotjar, and uses Cloudflare for DNS and likely CDN services. The website performance is moderate with good SEO and accessibility basics, though there is room for improvement in security headers and DNS security. From a security perspective, the site uses HTTPS and has domain transfer protections in place, but lacks DNSSEC and security headers which are recommended best practices. Privacy compliance is basic; while a privacy policy and terms of service exist, there is no cookie consent mechanism or advanced GDPR compliance indicators. No direct contact information or incident response contacts are provided, which could be improved for transparency and trust. Overall, MorgueFile presents a trustworthy and professional platform with a strong market position in free stock photography. Strategic improvements in security practices and privacy compliance would enhance its risk posture and user trust.

GetSimpleCMS is an open source content management system focused on simplicity and efficiency, written in PHP and designed as a flatfile CMS. The project is community-supported and originally developed by Chris Cagle. The website serves as an informational and project hub hosted on GitHub Pages, providing documentation, credits, and links to the GitHub repository. The technical infrastructure is modern for a static site, leveraging Jekyll for site generation and GitHub for hosting. The CMS itself requires PHP and certain extensions, targeting developers and small to medium website owners seeking a lightweight CMS solution. Security posture is moderate; while the CMS recommends Apache for security and .htaccess usage, the website lacks HTTPS enforcement and security headers, which should be addressed. Privacy and cookie policies are absent, and no direct contact information is provided, limiting compliance and user trust. Overall, the site is legitimate and trustworthy as an open source project but would benefit from improved security and privacy practices.

E

Event-Band-buchen.de

event-band-buchen.de

41

Event-Band-buchen.de is a German-language website specializing in direct booking of live music bands and DJs for events across Germany and Austria. The platform offers a curated selection of bands in five main categories including jazz, party, mobile, DJ plus live musicians, and gala bands. The business model focuses on eliminating agency fees by enabling direct contact between clients and bands, targeting event organizers and private customers seeking professional live entertainment. The website features rich content including detailed band descriptions, embedded videos, and an interactive quiz to assist users in selecting the right band for their event. Technically, the website is built with standard HTML5, CSS3, and JavaScript, incorporating Google Analytics for visitor tracking and an embedded third-party quiz tool. The site is mobile-optimized with good navigation and SEO practices, though no CMS or advanced frameworks are detected. Hosting details are limited, with generic name servers noted. Performance is moderate, and accessibility is basic. From a security perspective, the site uses HTTPS as implied by canonical URLs but lacks visible security headers and explicit privacy or cookie policies. No incident response or vulnerability disclosure mechanisms are present. WHOIS data is minimal and generic, which slightly reduces trustworthiness, but the website content and business presentation are professional and consistent with a small, legitimate event music booking service. Overall, the website presents a trustworthy and functional platform for live band bookings with room for improvement in privacy compliance, security hardening, and transparency regarding data protection.

C

Circus Roncalli GmbH

roncalli-shop.com

63

Circus Roncalli GmbH operates an official online souvenir shop offering a variety of merchandise including souvenirs, posters, program booklets, and gift ideas. The website is built on the Shopify platform, leveraging modern e-commerce technologies and third-party integrations such as FastBundle for product bundling, Cookiebot for cookie consent management, and Google Tag Manager for analytics. The site demonstrates good design quality, mobile optimization, and user experience, targeting general consumers interested in Circus Roncalli memorabilia. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Security posture is moderate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and visible privacy or terms of service documentation. Contact information is not readily available in the analyzed content, which may impact user trust and compliance. Overall, the site is functional and professional but would benefit from enhanced transparency and security documentation.

W

Werbeagentur Göbler | Mediendesign + Beratung | Dinslaken - Wesel - NRW

agentur-goebler.de

50

Werbeagentur Göbler is a small, established advertising agency based in Dinslaken, Germany, serving the Wesel and NRW regions. The company specializes in media design, consulting, web and print design, and content marketing services including blogging, podcasting, and video production. With over 20 years of experience and more than 500 successful projects, the agency positions itself as a trusted local expert in creative advertising solutions. The website reflects a professional and consistent brand image, targeting businesses seeking to enhance their marketing presence both online and offline. Technically, the website is built on WordPress using the Avada theme, enhanced with modern JavaScript libraries such as jQuery and Lottie animations. SEO is well addressed through the Rank Math plugin, and privacy compliance is managed via the Complianz GDPR plugin. The site is mobile-optimized and performs moderately well, with good accessibility and SEO practices. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and detailed security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website content and business claims, indicating a trustworthy domain registration. Overall, Werbeagentur Göbler presents a secure, professional, and GDPR-compliant online presence suitable for its business model. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining regular plugin audits to sustain security posture.

T

Troester GmbH & Co. KG

troester.de

57

Troester GmbH & Co. KG is a well-established German manufacturing company specializing in extrusion technology for rubber and plastics processing. With a history dating back to 1892, the company holds a strong international market position, offering advanced machinery and comprehensive services including field and digital services, upgrades, and spare parts. The website reflects a mature digital presence with professional design, clear navigation, and relevant content targeting industrial clients. Technically, the site is built on WordPress with modern web standards and privacy-conscious analytics via Matomo. Security posture is solid with HTTPS and no exposed sensitive data, though improvements could be made in cookie consent and security policy transparency. Overall, the site demonstrates high business credibility and trustworthiness, supporting Troester's reputation as a leader in its sector.

H

Hannover United e. V.

hannover-united.de

58

Hannover United e. V. is a German non-profit sports club specializing in wheelchair basketball, competing in the 1. Bundesliga. The website serves as the official platform for news, team information, sponsorship opportunities, and community engagement. It targets sports enthusiasts, supporters of inclusive sports, and potential sponsors. The club maintains a strong market position within its niche, supported by multiple partnerships and memberships in recognized sports associations. Technically, the website is built on Amphi CMS and employs modern JavaScript libraries such as Owl Carousel and a consent management platform from Netzcocktail to ensure GDPR compliance. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS with a good SSL configuration and includes some security headers, though additional headers could enhance protection. No vulnerabilities or exposed sensitive data were found. Privacy compliance is well addressed with clear privacy and cookie policies and an active consent mechanism. Contact information is transparent and professionally presented. Overall, Hannover United's website reflects a professional, trustworthy, and community-focused organization with a solid digital presence. Strategic improvements in security headers and incident response transparency could further strengthen its security posture.

W

Werbeagentur Schulz-Design e. K.

schulzdesign.info

47

Werbeagentur Schulz-Design e. K. is a well-established full-service advertising agency based in Laatzen near Hannover, Germany. With over 15 years of experience, the agency specializes in advertising, web design, photography, and image film production, offering comprehensive services from concept to implementation. Their market position is strong within the Hannover region, serving a diverse client base across multiple industries. The website reflects a professional and modern digital presence, leveraging Joomla CMS and integrating advanced multimedia content and consent management tools. Security posture is robust with HTTPS, security headers, and privacy compliance mechanisms in place. No critical vulnerabilities or suspicious activities were detected. Overall, the agency demonstrates a mature digital infrastructure and a trustworthy business profile.

B

bricks

neuroncentrum.cz

40

Neuron Medical Centrum operates as a network of specialized medical clinics in the Czech Republic, offering comprehensive healthcare services including cardiology, physiotherapy, sports medical examinations, neurorehabilitation, nutritional therapy, and psychological care. The website serves as a portal to these services, targeting patients seeking specialized ambulatory care. The business appears to be recently founded in 2023, consistent with the domain registration date, and operates primarily in the healthcare sector with a small organizational size. Technically, the website is built on WordPress using the Bricks theme and several plugins such as Rank Math SEO and Complianz GDPR for SEO and privacy compliance. The site is hosted by Webglobe, indicated by the nameserver data. The website demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate with modern web technologies employed. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism, but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is consistent and legitimate, with no privacy protection or suspicious registration patterns. Overall, the website is professional and trustworthy with moderate security posture and privacy compliance. Strategic improvements include adding explicit privacy and security policies, enhancing security headers, and publishing vulnerability disclosure information to strengthen trust and compliance.

L

Landesinitiative n-21 Schulen in Niedersachsen online e.V.

n-21.de

57

Landesinitiative n-21 Schulen in Niedersachsen online e.V. is a well-established non-profit organization focused on advancing digital education in Lower Saxony, Germany. The initiative offers a variety of projects and services such as the Niedersächsische Bildungscloud, moin.schule, and Schul-Internetradio, targeting schools, educators, and students. It maintains strong partnerships with regional government bodies and educational institutions, reinforcing its credibility and market position. Technically, the website is built on a modern stack including JavaScript, jQuery, Swiper.js, and the NOLIS CMS platform. It is hosted with Cloudflare DNS services and demonstrates good mobile optimization, accessibility, and SEO practices. The site uses HTTPS with excellent SSL configuration and includes a cookie consent mechanism, reflecting a good level of digital maturity. From a security perspective, the site enforces HTTPS and uses cookie consent banners but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website's educational and regional focus, indicating legitimacy. Overall, the website presents a low risk profile with strong business credibility and good technical implementation. Strategic improvements in security headers and incident response transparency would further enhance its security posture.

S

SL One s.r.o.

sl-one.cz

63

SL One s.r.o. operates as an investment special purpose vehicle (SPV) founded by colleagues from the legal firm SEDLAKOVA LEGAL. The company provides a unique employee benefit allowing its staff to invest alongside each other in promising startups, sharing both risks and profits. The business model focuses on supporting startups with capital and legal backing, targeting employees of the parent legal firm and innovative startups seeking investment. The website is professionally designed, well-structured, and optimized for mobile devices, reflecting a small but focused enterprise in the Czech Republic. Technically, the website leverages modern JavaScript frameworks, Google Tag Manager, Google Analytics, and Facebook Pixel for marketing and analytics purposes. It is built on the Solidpixels CMS platform and employs HTTPS with good SSL configuration. However, explicit security headers such as CSP and HSTS are not detected, indicating room for improvement in security hardening. Privacy and cookie policies are present and GDPR compliant, with a functional cookie consent mechanism. From a security perspective, the site demonstrates a moderate security posture with secure forms and no visible vulnerabilities. The absence of WHOIS data limits domain legitimacy verification, which slightly impacts trust scores. No direct contact emails or phone numbers are published, with communication facilitated solely through a contact form. No social media presence is linked from the site. Overall, SL One presents a credible and professional investment vehicle with a niche market focus. Enhancing domain transparency and security headers would strengthen trust and security posture. The site is safe for general audiences with no adult or questionable content detected.

S

Start Guide, s.r.o.

startguide.cz

56

Start Guide, s.r.o. is a Czech-based investment fund focused on supporting digital startups in the Central and Eastern European region. The company provides financial investments, practical mentoring, and strategic consulting to early-stage technology startups, emphasizing added value beyond capital. Their approach includes close collaboration with founders on vision, strategy, and scaling to market leadership. The website reflects a professional and consistent brand image, showcasing a dedicated team with relevant expertise and testimonials from portfolio founders. Technically, the website is built using modern JavaScript frameworks (Nuxt.js) and leverages Cloudflare for DNS and likely CDN services. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. No analytics or tracking scripts were detected, indicating a privacy-conscious approach, but no formal privacy or cookie policies are published. From a security perspective, the site uses HTTPS and does not expose sensitive data. However, it lacks explicit security headers and published security or incident response policies. The absence of privacy and cookie policies is a compliance gap given the GDPR relevance. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the company's founding year and no privacy protection masking. Overall, the website presents a trustworthy and professional image with strong business credibility but would benefit from enhanced privacy compliance and security best practices to improve its security posture and regulatory adherence.

T

Tikiti.cz s.r.o.

tikiti.cz

49

Tikiti.cz s.r.o. is a small creative and technology studio based in Brno, Czech Republic, specializing in web application development, creative design, event organization, chatbot solutions, and ticketing and parking systems. The company has an established market presence with municipal and commercial clients, demonstrated by their portfolio and long domain registration since 2015. The website is professionally designed with good content quality and clear navigation, targeting businesses and municipalities seeking digital and creative services. Technically, the site uses modern front-end technologies such as Bootstrap, jQuery, and FontAwesome, providing a good mobile experience and moderate performance. However, there is no detected CMS or hosting provider information. Security posture is moderate with HTTPS implied but lacking visible security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, the site is safe, professional, and trustworthy but would benefit from improved privacy and security practices.

G

GoDaddy Operating Company, LLC

devserver.me

71

The website is a domain sales landing page hosted by GoDaddy, offering the domain devserver.me for purchase or lease. It targets individuals and businesses interested in acquiring premium domains, leveraging GoDaddy's trusted platform and brokerage services. The site is professionally designed with clear calls to action, multiple payment options, and customer support contact information, reflecting a mature e-commerce business model within the domain aftermarket industry. Technically, the site employs modern web technologies including React with Next.js, secure HTTPS, and integrates third-party services such as Google reCAPTCHA and Tealium for analytics and consent management. The performance and mobile optimization are good, ensuring a positive user experience. Security best practices are observed with appropriate headers and secure payment processing. From a security perspective, the site demonstrates a strong posture with no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies are comprehensive and GDPR compliant, though explicit incident response and vulnerability disclosure information are not present. The WHOIS data for the subdomain is unavailable, which is consistent with it being a GoDaddy-managed landing page rather than a separately registered domain. Overall, the site presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include publishing explicit security and incident response policies to enhance transparency and trust further.

A

Awwwards

awwwards.com

64

Awwwards is a recognized platform that awards and promotes the best developers, designers, and web agencies worldwide. It serves as a hub for web design inspiration and trends, targeting professionals in the web development and design industry. The website demonstrates a high level of digital maturity with modern technologies and a professional design, providing an excellent user experience and clear navigation. However, the absence of WHOIS data and lack of visible privacy and security policies indicate gaps in transparency and compliance. Security posture is moderate due to missing security headers and unclear SSL configuration. Overall, the site is trustworthy and professional but would benefit from enhanced security and privacy disclosures to improve compliance and user trust.

Q

Quorum (fka Cision GR)

vocusgr.com

70

Quorum, formerly known as Cision Government Relations, operates a customer login portal for its government relations software and political action committee management services. The company targets government relations professionals and political organizations, positioning itself as an established player in this niche sector. The website content is minimal, focusing on user authentication for existing customers rather than marketing or informational content. Technically, the site uses basic web technologies including JavaScript and CSS, with Adobe Typekit for fonts. Hosting appears to be on Amazon AWS infrastructure based on DNS nameservers. The site lacks advanced SEO, accessibility, and mobile optimization features, indicating a moderate level of digital maturity. No CMS or modern frameworks are detected. From a security perspective, the site uses POST forms with password fields that disable autocomplete, but lacks visible security headers and CSRF protections. DNSSEC is not enabled on the domain. The domain is well-established with a long registration history and no privacy protection, supporting legitimacy. However, the absence of privacy and cookie policies and GDPR compliance indicators suggests compliance gaps. Overall, the website is functional for its purpose but could improve in security posture, privacy compliance, and technical modernization to enhance trust and user experience.

C

C O R E 1

core1.digital

54

C O R E 1 is a Czech digital agency specializing in advanced web technologies and AI integration, operating since 2007. The company positions itself as a leader in AI-enhanced web solutions, offering services including UI/UX design, custom web development, and marketing campaigns. Their client base includes over 220 active clients, supported by strong testimonials and partnerships with recognized associations in UX and AI. Technically, the website is built on a proprietary CMS with modern web technologies, including video.js and multiple marketing and analytics integrations. The site is well-optimized for mobile and accessibility, with a professional design and clear navigation. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response contacts are absent. WHOIS data is unavailable due to TLD restrictions, but the website content and contact information align with a legitimate business presence. Overall, the site demonstrates a mature digital infrastructure and credible business operations.

M

Martin Liesel

parking-sneznik.cz

45

Parking Sněžník is a small local parking service provider operating in the Czech Republic, offering parking spaces for personal vehicles with a clear pricing model and operational rules. The website is professionally designed with good content quality and clear navigation, targeting drivers needing parking near Sněžník. The technical infrastructure is based on standard web technologies including HTML5, CSS, JavaScript, and jQuery, hosted on SuperHosting.cz with Google Fonts integration. The site is mobile optimized and performs moderately well. Security posture is adequate with HTTPS usage but lacks explicit security headers and formal privacy or cookie policies, which are important for GDPR compliance. Contact information is complete and transparent, enhancing business credibility. No tracking or advertising scripts were detected, indicating minimal user data collection.

P

Parkum s.r.o.

parkum.cz

56

Parkum s.r.o. operates a professional online parking payment platform primarily serving drivers, municipalities, and parking operators in the Czech Republic and Slovakia. The website offers a modern, user-friendly interface enabling online payment of parking fees without the need for physical tickets or cash. The platform integrates with various parking infrastructures including parking houses, open parking lots, and virtual parking areas. The company positions itself as a digital innovator in the transportation sector, collaborating with municipalities and commercial centers to streamline parking management. Technically, the website employs modern JavaScript frameworks, responsive design, and reputable third-party services such as Pays.cz for secure payment processing. Privacy and cookie policies are clearly presented with consent mechanisms in place, reflecting good compliance with GDPR requirements. Security posture is solid with HTTPS enforced and use of trusted payment gateways, though explicit security headers and incident response information could be improved. The absence of WHOIS registration data slightly impacts trust but the overall professional presentation and business model indicate a legitimate and credible operation.

C

cloudHQ LLC

cloudhq.net

71

cloudHQ LLC is a small technology company specializing in email productivity solutions, cloud backup, and migration services primarily targeting Google Workspace (G Suite) users. The company offers a broad portfolio of Chrome extensions and SaaS tools designed to enhance Gmail functionality, streamline email workflows, and provide secure cloud data backup and migration. With a user base exceeding 2 million and a focused product suite, cloudHQ holds a niche market position as a trusted provider of email and cloud productivity enhancements. The website reflects a mature digital presence with comprehensive product information, social media integration, and customer engagement features. Technically, the site employs modern web technologies including JSON-LD structured data, Google Analytics, and responsive design, ensuring good performance and SEO. Security posture is solid with HTTPS enforced, though some security headers are absent and no explicit vulnerability disclosure or incident response contacts are provided. Privacy compliance is supported by a comprehensive privacy policy and GDPR adherence, but lacks a cookie consent mechanism. WHOIS data is unavailable, which introduces some uncertainty about domain registration transparency, though the business information and online presence support legitimacy. Overall, cloudHQ presents a professional, trustworthy, and technically competent online platform with room for security and privacy enhancements.

V

Verband der Bildungszentren im ländlichen Raum e.V.

lernen-im-gruenen.de

63

The Verband der Bildungszentren im ländlichen Raum e.V. is a German non-profit association representing 46 educational centers focused on adult and youth education in rural areas. Their services include continuing education, dialogue opportunities, and community engagement formats such as political discussions and local forums. The website reflects a well-established network with a clear mission to promote education and societal participation in rural regions. Technically, the site uses the RoSys® Truevision CMS with Turbolinks for navigation, delivering a moderately performant and mobile-optimized experience. Security posture is adequate with HTTPS and cookie consent mechanisms, though lacking advanced security headers and explicit incident response policies. Overall, the site is trustworthy, privacy-conscious, and professionally presented, supporting its role as a reputable educational network.

H

Hohenlohe

hohenlohe.de

49

The website www.hohenlohe.de serves as a regional tourism information portal for the Hohenlohe region in Germany. It provides visitors with details on local attractions, events, accommodations, cycling and hiking tours, and wine tourism opportunities. The site targets tourists and visitors interested in exploring this region, positioning itself as a key resource for regional travel and leisure activities. The business model focuses on promoting tourism and regional culture rather than direct commercial transactions. Technically, the website is built on the Neos CMS platform, leveraging the Flow PHP framework. It uses modern web technologies including web fonts and asynchronous JavaScript loading. Hosting and DNS are managed via Cloudflare, providing performance and security benefits. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate rather than fast. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism via Cookiebot, indicating awareness of privacy compliance requirements. However, explicit privacy policies, terms of service, and security policies are not found in the provided content. Security headers are not explicitly detected, and no vulnerability disclosure or incident response information is available. The WHOIS data is limited, with Cloudflare name servers and a domain status of 'connect', which reduces transparency but is not uncommon for legitimate sites. Overall, the website presents a professional and trustworthy front for regional tourism promotion but would benefit from enhanced transparency in privacy and security policies, improved security headers, and clearer contact information. These improvements would strengthen compliance and user trust while reducing potential risks.

B

Bildungshaus Kloster St. Ulrich

bildungshaus-kloster-st-ulrich.de

50

Bildungshaus Kloster St. Ulrich is a small educational institution affiliated with the Erzdiözese Freiburg, focused on providing learning and experiential spaces rooted in Christian values for rural communities. Their offerings include seminars, spiritual retreats, and family-oriented events targeting diverse age groups including youth, adults, and families. The website reflects a well-structured and professionally presented digital presence with clear navigation and relevant content. Technically, the site uses standard web technologies with custom or unknown CMS, moderate performance, and good mobile optimization. Security posture is adequate with HTTPS usage but lacks advanced security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and serves its educational mission effectively.

W

Wordpress Developement

fastpress.dev

45

The website fastpress.dev represents a small technology business specializing in WordPress development services. The site is built on WordPress using the Bricks theme and incorporates SEO optimization via the Rank Math plugin. The content is minimal, primarily presenting a single page with limited textual information, indicating a basic online presence. The target audience appears to be businesses or individuals seeking WordPress development expertise. Technically, the site uses modern web technologies and is served over HTTPS, ensuring secure communication. However, the lack of visible security headers and absence of privacy or cookie policies indicate room for improvement in security and compliance. No contact information or forms are present, limiting user engagement and trust signals. Overall, the security posture is moderate with no critical vulnerabilities detected, but the site would benefit from enhanced security practices and transparency. The domain registration data aligns well with the website content, supporting legitimacy. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and providing clear contact channels to improve trust and compliance.

L

LandFrauenverband Südbaden im BLHV e.V. mit Bildungs- und Sozialwerk des LFVS e.V.

landfrauenverband-suedbaden.de

52

The LandFrauenverband Südbaden is a well-established regional non-profit organization founded in 1949, serving approximately 17,500 members across 205 local clubs. It focuses on political advocacy, education, and social work for women living in rural areas of Southern Baden, Germany. The website reflects a clear mission and target audience with consistent branding and relevant content. Technically, the site uses legacy JavaScript libraries and is hosted on private nameservers, with moderate performance and basic mobile optimization. Security posture is moderate with no visible vulnerabilities but lacks modern security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional but could benefit from technical and security enhancements.