Security Directory

The Karlsruher Physikkurs website serves as an educational platform providing physics course materials, multilingual publications, and information about workshops and events related to physics education. It targets educators, students, and academic communities interested in physics. The site is hosted on KIT DNS infrastructure, indicating an affiliation with Karlsruhe Institute of Technology or related academic entities. The technical infrastructure is based on sitely.app CMS with standard web technologies and includes Google Analytics for tracking and Amazon affiliate links for monetization. Mobile optimization and accessibility are basic but functional. Security posture is moderate with HTTPS implied but lacking explicit security headers and formal privacy or cookie policies. No contact information or incident response details are provided, limiting user trust and compliance transparency. Overall, the site is a niche educational resource with good content quality but needs improvements in privacy, security, and contact transparency to enhance trust and compliance.

J

Juniorito

juniorito.de

62

Juniorito is a German-based e-commerce retailer specializing in pedagogically valuable children's furniture, climbing frames, and toys inspired by Montessori and Pikler principles. The company targets parents and caregivers seeking environmentally friendly and thoughtfully designed products for children. Positioned in a niche market, Juniorito leverages Shopify's platform to deliver a professional and user-friendly online shopping experience. The website features comprehensive GDPR-compliant privacy and cookie policies, integrated customer reviews, and active social media engagement, enhancing trust and customer confidence. Technically, the website is built on Shopify's Dawn theme with modern technologies including Google Tag Manager, Google Analytics, and multiple marketing pixels (Pinterest, TikTok). The site demonstrates good performance, mobile optimization, and SEO practices. Security posture is strong with HTTPS enforcement, secure cookie management, and cookie consent mechanisms, although explicit security policies and incident response information are not publicly disclosed. Overall, Juniorito presents a secure, compliant, and professionally managed e-commerce presence with moderate tracking and advertising practices aligned with GDPR. The absence of critical security issues and the presence of trust signals such as customer reviews and clear return policies contribute to a positive risk profile. Strategic recommendations include publishing a dedicated security policy, incident response contacts, and enhancing accessibility features to further strengthen compliance and user experience.

F

FLERBAR Online Shop | Alle Produkte online kaufen |

flerbar.de

63

The website www.flerbar.de operates as an official German online retailer specializing in FLERBAR vaping products, including disposable e-cigarettes, pods, and e-liquids. It targets adult consumers interested in vaping and nicotine products, offering fast shipping within Germany and payment options such as PayPal and Klarna. The site is built on the plentymarkets e-commerce platform using Vue.js, with integrations for analytics and marketing tools like Google Analytics, Microsoft Clarity, and Google Tag Manager. The website is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, HTTPS is enforced and a cookie consent mechanism is implemented, but explicit privacy policies and terms of service pages are not found, which is a compliance gap. WHOIS data is minimal and uses Alibaba DNS servers, which is unusual for a German retailer and slightly reduces trust. Overall, the site is functional and professional but would benefit from enhanced transparency and security documentation.

G

Guldast

guldast.de

62

Guldast is a German-based e-commerce retailer specializing in elegant women's bracelets made from silver, leather, and symbolic charms such as four-leaf clovers and hearts. The company targets female customers seeking stylish jewelry, including personalized options, and positions itself as a niche player offering quality products with free shipping over 30 euros. The website is built on the Shopify platform, leveraging modern e-commerce technologies and third-party integrations for reviews, analytics, and payment processing. The technical infrastructure is robust, with fast loading times, mobile optimization, and secure HTTPS connections. Security measures include the use of hCaptcha for form protection and secure payment gateways, although explicit security headers could be improved. Privacy compliance is strong, with clear cookie consent mechanisms and GDPR-aligned privacy policies. However, no formal security policy or incident response information is published. Overall, the site presents a professional and trustworthy online shopping experience with moderate tracking and marketing tools in use.

ITNOMIC is a specialized Austrian web agency providing comprehensive digital services including website creation with Contao CMS, e-commerce solutions using PrestaShop, and SEO/SEA optimization. The company emphasizes economic IT solutions with over 15 years of experience, targeting businesses across Austria. Their technical infrastructure leverages modern open-source platforms and integrates Google marketing and analytics tools with a strong focus on privacy compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though additional security headers and incident response policies could enhance their security maturity. Overall, the website is professional, accessible, and trustworthy, supporting a positive business reputation despite the lack of publicly available WHOIS data.

M

Malu Wilz Beauty Centre

malu-wilz.de

50

Malu Wilz Beauty Centre operates an e-commerce platform specializing in beauty and skincare products, targeting consumers interested in cosmetics and personal care. The website offers a range of products including makeup, skincare collections, and accessories, with a focus on a professional and user-friendly online shopping experience. The business is positioned as a niche retailer within the German market, leveraging a multilingual website to reach both German and English-speaking customers. Technically, the website is built on the OXID eShop Community Edition platform, utilizing common JavaScript libraries such as jQuery and FlexSlider for enhanced user interaction. The site is mobile-optimized with good SEO practices and includes a cookie consent mechanism aligned with GDPR requirements. Performance is moderate, with room for improvement in accessibility features and security headers. From a security perspective, the site enforces HTTPS and uses secure login forms, but lacks visible HTTP security headers and published security policies or incident response contacts. No vulnerabilities or suspicious content were detected, and privacy compliance is well addressed through accessible privacy and cookie policies. The absence of direct contact emails or phone numbers reduces immediate contactability but is mitigated by a contact form. Overall, the website presents a trustworthy and professional e-commerce presence with solid privacy compliance and a moderate security posture. Strategic improvements in security headers, incident response transparency, and accessibility could enhance the site's resilience and user trust.

G

Glitzerladen.de

glitzerladen.de

52

Glitzerladen.de is a specialized online retailer offering personalized and fashion jewelry primarily targeting the German market. The company provides a broad range of products including engraved bracelets, necklaces, rings, and accessories, with a focus on customization and affordable pricing. The business leverages trusted partnerships with payment providers such as PayPal and Klarna and is certified by Trusted Shops, enhancing customer trust and satisfaction. The website is professionally designed, mobile-optimized, and offers a smooth user experience with clear navigation and comprehensive product information. Technically, the website is built on the Shopware platform, hosted by Rackspeed, and integrates modern web technologies including Google Tag Manager, Google Analytics, and Trusted Shops widgets. Security measures include HTTPS enforcement, CSRF tokens, and cookie consent management, reflecting a mature digital infrastructure. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site demonstrates strong adherence to best practices with no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, with clear privacy and cookie policies and GDPR-aligned consent mechanisms. However, explicit security policies and incident response contacts are not present, representing an area for improvement. Overall, Glitzerladen.de presents a trustworthy and professional e-commerce platform with a solid security posture and compliance framework. Strategic enhancements in security policy transparency and accessibility could further strengthen its market position and customer confidence.

N

NailCrest

nailcrest.de

61

NailCrest operates a German-language e-commerce website specializing in premium black gin and related gift products. The site targets adult consumers interested in exclusive alcoholic beverages and gift sets. The business model is retail-focused, leveraging Shopify's platform for online sales and customer engagement. The website features professional design, clear navigation, and positive customer reviews, indicating a strong market position within its niche. Technically, the site uses modern web technologies and reputable third-party services such as Klaviyo for marketing and Judge.me for customer reviews, hosted on Shopify's secure infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers could be improved. Privacy compliance is limited due to the absence of visible privacy and cookie policies, which should be addressed to meet GDPR standards. Overall, the site is trustworthy and professionally managed but would benefit from enhanced transparency in privacy and contact information.

C

CukiDrip

cukidrip.com

68

CukiDrip is a newly established e-commerce retailer specializing in premium crypto-themed apparel and streetwear, targeting the Bitcoin, Ethereum, and Web3 enthusiast communities. The business operates primarily online via a Shopify platform, offering hoodies, t-shirts, and caps with a strong brand identity centered on crypto culture. The company emphasizes free worldwide shipping and maintains active social media channels to engage its niche audience. Technically, the website leverages modern e-commerce technologies and marketing tools, including Google Tag Manager, Microsoft Clarity, and various Shopify apps, ensuring a performant and mobile-optimized user experience. Security posture is solid with HTTPS enforced, clientTransferProhibited domain status, and use of hCaptcha for form protection, although DNSSEC is not enabled and no explicit security policy or incident response information is published. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is professional, trustworthy, and well-positioned within its niche market, though it would benefit from enhanced security disclosures and DNS security improvements.

W

Webwiki

webwiki.de

55

Webwiki.de operates as a German-language website search engine that aggregates and presents user reviews and ratings for websites, primarily targeting German-speaking internet users. The platform indexes a broad range of websites, providing detailed metadata, popularity rankings, and user-generated content to assist users in evaluating website trustworthiness and relevance. The business model centers on search and review services, monetized through advertising networks and partnerships across multiple country-specific domains. Technically, the site employs a classic Bootstrap and jQuery frontend with Google Tag Manager and Google Publisher Tags for analytics and advertising, hosted behind Cloudflare DNS services. The website demonstrates good SEO practices, mobile responsiveness, and a GDPR-compliant cookie consent mechanism with extensive vendor disclosures. Security posture is adequate with HTTPS and consent management but lacks explicit advanced security headers and published incident response policies. Overall, the site is professional, trustworthy, and compliant with European privacy regulations, though it is currently undergoing ownership transition with some functional limitations.

Unilever Česká republika operates as a regional branch of the global consumer goods giant Unilever PLC, providing a wide range of well-known brands in food, home care, and personal care sectors. The website reflects a mature enterprise-level digital presence with a focus on user experience, accessibility, and compliance with privacy regulations such as GDPR. The site employs modern web technologies including the Astro framework and integrates cookie consent management via OneTrust, alongside Google Analytics and Tag Manager for analytics and marketing purposes. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the site is professional, trustworthy, and well-optimized for performance and SEO.

P

Provident

provident.cz

61

Provident is a well-established consumer finance company operating in the Czech Republic, specializing in personal loans including online and cash loans. The company targets Czech consumers seeking accessible lending solutions. The website reflects a professional and consistent brand presence with clear service offerings and user-friendly navigation. Technically, the site is built on modern frameworks such as Next.js and React, with Tailwind CSS for styling, and integrates standard analytics and marketing tools like Google Tag Manager and Google Analytics. Security posture is strong with HTTPS enforcement and comprehensive security headers, although public security policies and incident response contacts are not prominently disclosed. Privacy compliance is robust, featuring GDPR-aligned privacy and cookie policies with consent mechanisms. Overall, the site demonstrates a mature digital infrastructure suitable for its business domain.

P

Penta Real Estate

pentarealestate.com

66

Penta Real Estate is a professional real estate development company focusing on residential and commercial projects. The website presents a clear market position with key services including project development, ESG initiatives, and career opportunities. The company targets real estate investors and clients seeking property solutions. Technically, the website is built on WordPress with Bootstrap and uses modern analytics and marketing tools such as Google Analytics, Hotjar, and Facebook Pixel. Cookie consent is implemented comprehensively, indicating GDPR compliance. Security posture is good with HTTPS enforced and bot protection via Google reCAPTCHA, though some security headers are not explicitly detected. The lack of WHOIS data limits domain trust verification, but the website content and structure suggest legitimacy. Overall, the site is professional, user-friendly, and compliant with privacy regulations.

I

International School Prague - Park Lane

parklane-is.cz

43

Park Lane International School Prague operates as an educational institution providing international schooling services in Prague. The website presents a professional and modern design, targeting parents and students seeking quality international education. The technical infrastructure is based on WordPress CMS with WooCommerce and Divi theme, integrating multiple analytics and tracking tools such as Google Tag Manager, Facebook Pixel, TikTok Pixel, and LinkedIn Insight Tag. Security posture is moderate with HTTPS enabled and use of reCAPTCHA, but lacks important security headers and visible privacy or cookie policies. The absence of WHOIS data raises concerns about domain registration legitimacy, although the website content and structure suggest a legitimate business. Overall, the site is safe for general audiences and well-optimized for mobile and SEO, but improvements in privacy compliance and security hardening are recommended.

M

Marks & Spencer

marksandspencer.com

68

Marks & Spencer is a large, established UK-based retail company specializing in fashion, home goods, beauty products, and food & drink. The website serves as a comprehensive e-commerce platform targeting a broad general audience with a focus on quality and trend-conscious consumers. The business model centers on multi-category retail with online shopping capabilities including delivery and collection options. The site demonstrates strong branding consistency and professional content quality. Technically, the website is built using modern web technologies including React with Next.js framework, and integrates multiple third-party analytics and marketing tools such as Google Tag Manager, mParticle, AppsFlyer, Optimizely, and Dynatrace RUM. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience across devices. From a security perspective, the site enforces HTTPS, employs standard security headers, and uses cookie consent mechanisms compliant with GDPR. However, explicit security policies, incident response information, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. The absence of WHOIS data limits domain registration trust analysis, but the website's professional presentation and content strongly indicate legitimacy. Overall, the website presents a low risk profile with strong business credibility and technical maturity. Strategic recommendations include publishing detailed security and incident response policies, establishing a vulnerability disclosure program, and enhancing transparency around data protection officer contacts and data retention policies.

A

AmRest Holdings SE

amrest.eu

75

AmRest Holdings SE operates as one of the largest restaurant operators in Europe, managing a portfolio of global and proprietary brands such as KFC, Starbucks, Burger King, Pizza Hut, and others. The company targets a broad audience including restaurant customers and investors, positioning itself as a market leader in the hospitality sector with a strong European presence. The website reflects a mature digital infrastructure built on Drupal 10, incorporating modern analytics and tracking tools like Piwik PRO, Google Tag Manager, and Microsoft Application Insights. Security posture is strong with HTTPS, CSP, and other security headers implemented, though explicit security policies and incident response information are not publicly disclosed. Privacy compliance is well addressed with comprehensive privacy and cookie policies and active consent mechanisms. Overall, the website is professional, trustworthy, and well-structured, supporting the company's enterprise-level operations.

T

TTI Technische Textilien International GmbH

tti-intern.de

50

TTI Technische Textilien International GmbH is a German manufacturing company specializing in the development, production, and distribution of technical textiles, particularly for personal protective equipment, heavy heat protection, and insulation products. Established in 1996, the company has a strong market presence with over 25 years of experience, serving customers in more than 20 countries. Their business model focuses on both standard and customized textile solutions, emphasizing quality and safety backed by ISO certification. Technically, the website is built on the dynamic commerce platform, utilizing modern JavaScript libraries such as jQuery, Google Tag Manager, and Google reCAPTCHA for security and analytics. The site is mobile-optimized with good SEO practices and moderate performance. Hosting is managed via dc-cluster.de nameservers, indicating professional infrastructure. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and a public security policy or vulnerability disclosure. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with accessible privacy and cookie policies aligned with GDPR requirements. Overall, the website and business demonstrate a high level of professionalism, trustworthiness, and compliance, with recommendations to enhance security headers and publish incident response information to further strengthen their security posture.

E

Environmental Information Data Centre

eidc.ac.uk

66

The Environmental Information Data Centre (EIDC) operates as a key data management and dissemination service within the UK environmental research sector. Affiliated with the Natural Environment Research Council (NERC) and hosted by the UK Centre for Ecology & Hydrology (UKCEH), it manages important terrestrial and freshwater datasets. The website reflects a professional and consistent brand presence, targeting researchers and data depositors with services focused on open science and data accessibility. Technically, the website is built on Drupal 10, leveraging modern web technologies including Google Tag Manager and Font Awesome. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Privacy compliance is well addressed with clear cookie consent mechanisms and a privacy policy, though a formal security policy and incident response information are absent. Security posture is strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and incident response contacts suggests room for improvement. The domain is long-established, registered directly with Nominet since 1996, consistent with the organization's history and legitimacy. Overall, the website is trustworthy, professional, and well-aligned with its mission, though enhancing security transparency and incident readiness would strengthen its posture further.

S

Scio Research, s.r.o.

scioresearch.com

65

Scio Research, s.r.o. is an independent Czech research organization specializing in pedagogical and psychological studies aimed at improving educational outcomes and preparing children for the future. The organization operates under the parent company scio s.r.o. and maintains partnerships with various academic and research institutions. Their website provides detailed research reports, project information, and a GDPR-compliant contact form for engagement. Technically, the site is built on Umbraco CMS, uses Google Tag Manager for analytics, and is hosted on Webglobe.cz. The site is mobile-optimized with good SEO and accessibility basics but lacks some advanced security headers. Security posture is solid with HTTPS and cookie consent mechanisms, though DNSSEC is not enabled and no explicit security policy or incident response information is published. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and consistency.

S

scio s.r.o.

scioskoly.cz

64

ScioŠkoly is a Czech Republic-based network of innovative primary and secondary schools focused on preparing students for the future with modern curricula and pedagogical approaches. The organization operates multiple schools across the country, emphasizing freedom, responsibility, and 21st-century skills development. Their business model includes running schools, educational research, teacher training, and related projects such as leisure activities and school catering. The website reflects a mature digital presence with comprehensive content, multimedia integration, and strong branding consistency. Technical infrastructure includes modern web technologies, responsive design, and integration with Google Tag Manager for analytics and marketing. Security posture is adequate with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. Overall, the domain registration and WHOIS data align well with the business claims, supporting legitimacy and trustworthiness.

A

aktiv

aktiv-online.de

44

aktiv-online.de is a German-language information portal focused on providing employees with news, advice, and insights related to the social market economy and German industry. Supported by approximately 40 employer associations, it offers a broad range of content including industry reports, financial advice, tax tips, and leisure topics. The website targets employees and professionals seeking reliable and practical information about work and life in Germany. The business model centers on content provision and engagement through newsletters and social media channels, positioning aktiv as a trusted media source within its niche. Technically, the website is built on TYPO3 CMS, a robust open-source content management system, and employs modern web technologies including Google Tag Manager and a self-hosted Matomo analytics platform. Usercentrics is used for consent management, ensuring GDPR compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and integrates consent management for privacy compliance. However, explicit security headers such as Content-Security-Policy and X-Frame-Options are not visibly declared, and there is no published security policy or incident response contact information. No vulnerabilities or suspicious content were detected. Overall, the security posture is solid but could be enhanced with additional headers and transparency. The domain registration data is consistent with the website's professional nature, using standard domain control nameservers without privacy protection. Contact information including email, phone numbers, and a physical address in Cologne, Germany, is clearly provided, reinforcing business credibility. Social media presence across major platforms further supports trust and engagement. Overall, aktiv-online.de is a well-established, trustworthy media portal with good technical and privacy compliance maturity. Strategic improvements in security transparency and policy publication would further strengthen its posture and user trust.

The Landesapothekerverband Niedersachsen e.V. operates as a regional professional association for pharmacists in Lower Saxony, Germany, providing advocacy, events, publications, and member services. The website reflects a medium-sized non-profit organization with a clear focus on healthcare professionals. Technically, the site is built on TYPO3 CMS, leveraging modern tools such as Google Tag Manager and Cookiebot for analytics and privacy compliance. The site is well-structured, mobile-optimized, and includes comprehensive privacy and cookie policies, demonstrating good GDPR adherence. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the website presents a professional and trustworthy digital presence aligned with its business objectives.

V

Verband Forschender Arzneimittelhersteller e.V.

vfa.de

60

The Verband Forschender Arzneimittelhersteller e.V. (vfa) is a prominent German pharmaceutical industry association representing leading research-based pharmaceutical companies. The website serves as a comprehensive platform providing information on pharmaceutical research, health policy, economic topics, and member services. It targets pharma companies, healthcare professionals, patients, and policymakers, positioning itself as a key industry voice in Germany. The site features professional design, clear navigation, and extensive content relevant to its audience. Technically, the site employs modern web technologies including Bootstrap, jQuery, and Google Tag Manager, with good mobile optimization and accessibility. Security posture is strong with HTTPS enforced, secure login forms, and cookie consent management, though explicit security headers and policies could be enhanced. Overall, the site is trustworthy, compliant with GDPR, and professionally maintained, supporting the vfa's role as a leading industry association.

B

BDG - Bundesverband der Deutschen Gießerei-Industrie

wer-giesst-was.de

48

The website 'wer-giesst-was.de' is operated by the BDG - Bundesverband der Deutschen Gießerei-Industrie, an established German industry association representing foundries. It provides a comprehensive directory of German foundries with over 300 selection criteria, facilitating supplier research for manufacturing professionals. The site targets companies and professionals in the manufacturing sector seeking foundry services within Germany. The business model centers on providing industry-specific information and supplier matching services, positioning BDG as a key resource in the German foundry market. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies such as jQuery, DataTables, Font Awesome, and Google Tag Manager for analytics and marketing. Hosting is provided by Intersolute, indicated by the domain's nameservers. The site demonstrates moderate performance with good mobile optimization and basic accessibility features. SEO practices are adequately implemented with proper meta tags and structured cookie consent. From a security perspective, the site enforces HTTPS and employs a GDPR-compliant cookie consent mechanism with opt-in for analytics cookies. However, it lacks explicit security headers and does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The security posture is solid but could be improved by adding security headers and formal incident response information. Overall, the website is professional, trustworthy, and compliant with privacy regulations. It serves its niche audience effectively with relevant content and functional features. The domain registration data aligns well with the website's purpose and business identity, indicating legitimacy and stability. No blocking or WAF mechanisms interfere with content access, allowing full analysis. Strategic recommendations include enhancing security headers, publishing a security policy and incident response contacts, and adding terms of service to improve legal clarity and user trust.

I

Influitive

influitive.com

72

Influitive is a well-established SaaS company founded in 2010, specializing in customer advocacy, engagement, and community platforms targeted at B2B companies. The company positions itself as a market leader with a comprehensive suite of services including customer advocacy, communities, experience, success, loyalty, and employee advocacy. Their website reflects a professional and consistent brand image with strong trust indicators such as industry awards and customer testimonials. Technically, the site is built on WordPress using the Divi theme, hosted on AWS infrastructure, and employs modern JavaScript libraries and marketing tools. The site is mobile-optimized and SEO-friendly, providing a good user experience.

M

Messer Hungarogáz Kft.

messer.hu

11

Messer Hungarogáz Kft. is a leading industrial gas supplier in Hungary, offering a wide range of gases including nitrogen, oxygen, carbon dioxide, argon, helium, and specialty gases. The company operates as part of the global Messer Group, serving various industrial sectors with bottled and liquefied gases, gas supply systems, and on-site gas generation. The website reflects a mature digital presence built on the Liferay CMS platform, integrating modern marketing and analytics tools such as HubSpot and Google Tag Manager. The site is well-structured, mobile-optimized, and provides comprehensive information about products, services, compliance, and corporate responsibility. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms in place, although explicit security policies and incident response details are not publicly disclosed. Overall, the domain registration data aligns with the business claims, indicating legitimacy and trustworthiness.

S

Statens veterinärmedicinska anstalt

sva.se

69

Statens veterinärmedicinska anstalt (SVA) is a Swedish government agency dedicated to animal health, disease surveillance, diagnostics, research, and public information. The website serves veterinarians, researchers, animal owners, and government bodies with comprehensive resources, including disease information, diagnostic services, and educational materials. The agency holds a strong national position as the authoritative body for veterinary medicine in Sweden. Technically, the website employs modern web technologies such as jQuery, Google Tag Manager, and Plausible Analytics, with a focus on privacy and performance. The site is mobile-optimized, accessible, and well-structured, providing a good user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. The WHOIS data for the subdomain 'www.sva.se' is unavailable, likely due to querying the subdomain instead of the main domain 'sva.se'. Despite this, the website's content, official contact information, and domain usage strongly indicate legitimacy. Privacy and cookie policies are comprehensive and GDPR compliant, but no explicit security policy or incident response contacts were found. Overall, the site is professional, trustworthy, and serves its government mandate effectively. Strategic improvements include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and compliance.

L

Lebenshilfe Hof

lebenshilfe-hof.de

54

Lebenshilfe Hof is a regional non-profit organization based in Germany, providing a range of social support services including early intervention, educational programs, therapeutic centers, workshops, and housing assistance. The website serves as an official information portal for their services and community engagement. The organization targets individuals and families seeking support in the Hof region, emphasizing inclusivity and social welfare. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies such as Google Tag Manager for analytics and Usercentrics for GDPR-compliant consent management. The site demonstrates good mobile optimization and accessibility features, including integration with ReadSpeaker for text-to-speech functionality. Hosting is managed via agenturserver, a professional hosting provider. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published privacy or terms of service documents. No vulnerability disclosure or incident response information is available, which could be improved to enhance trust and compliance. No suspicious or malicious activity was detected, and the content is safe for general audiences. Overall, Lebenshilfe Hof's website is professional and functional, supporting its mission as a non-profit social service provider. Strategic improvements in privacy documentation, security headers, and contact transparency would strengthen its security posture and compliance standing.

The GB Non-native Species Secretariat (NNSS) website serves as an official government resource coordinating efforts to manage invasive non-native species across Great Britain. It provides comprehensive information, alerts, and resources targeted at the general public, environmental stakeholders, and government agencies. The site is well-branded with official government logos and offers structured navigation to various informational sections including legislation, biosecurity, and local action groups. Technically, the website employs a modern technology stack including jQuery, Bootstrap, and Google Analytics, hosted behind Cloudflare for performance and security. The site is mobile-optimized and includes a cookie consent mechanism compliant with GDPR standards. Security posture is generally good with HTTPS enforced, though DNSSEC is not enabled and security headers are not explicitly detected. No direct contact emails or phone numbers are provided, relying instead on a contact form. No terms of service or security policies are published, and no vulnerability disclosure or incident response information is available. Overall, the website is trustworthy, professional, and serves its governmental informational purpose effectively.

N

National Biodiversity Network

nbn.org.uk

55

The National Biodiversity Network (NBN) is a UK-based non-profit organization dedicated to the collection, sharing, and dissemination of biodiversity data. It operates a large partnership network with over 200 members including conservation organizations, government bodies, and voluntary groups. The NBN Atlas serves as a comprehensive data portal with over 300 million species occurrence records. The website reflects a mature digital presence with a WordPress CMS, modern SEO practices, and integration of social media channels to engage its target audience of environmental professionals and citizen scientists. Technically, the site uses common frameworks and libraries such as Bootstrap, jQuery, and WooCommerce for e-commerce capabilities, with Google Analytics and Tag Manager for analytics and tracking. Security posture is good with HTTPS enforced and no obvious vulnerabilities, though some security headers and policies could be improved. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy policy or terms of service detected in the provided content. Overall, the site is professional, trustworthy, and well-positioned within its niche, though it would benefit from enhanced transparency around privacy and security policies.

U

UK Centre for Ecology & Hydrology

ceh.ac.uk

66

The UK Centre for Ecology & Hydrology (UKCEH) is a prominent UK-based government research institute specializing in environmental science focused on land and freshwater ecosystems. It operates under the Natural Environment Research Council (NERC) and delivers impactful scientific research, data services, and consultancy to governments, academia, and businesses. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistent with its authoritative position in environmental research. Technically, the site is built on Drupal 10 with modern JavaScript libraries and includes a robust cookie consent mechanism (Klaro) and analytics tools (Google Analytics, Google Tag Manager). The site is mobile-optimized and accessible, though there is room for improvement in security headers and explicit incident response disclosures. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with detailed privacy and cookie policies and user consent management. However, WHOIS data is unavailable, likely due to privacy protection, which is justified for this type of institution. Overall, UKCEH's website is professional, trustworthy, and well-aligned with its mission. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and compliance.

J

Joint Nature Conservation Committee

jncc.gov.uk

70

JNCC (Joint Nature Conservation Committee) is a UK government advisory body specializing in nature conservation. It provides scientific advice and coordination on biodiversity and environmental monitoring across the UK and internationally. The organization targets government entities, environmental professionals, researchers, and the public interested in nature conservation. The website reflects a professional and authoritative presence consistent with its government affiliation, offering comprehensive information, news, and resources related to its mission. Technically, the website employs a modern but stable technology stack including jQuery, Foundation framework, and Slick Carousel, integrated with Google Tag Manager and Google Analytics for tracking and marketing purposes. The site is mobile-optimized, accessible, and SEO-friendly, with a clear navigation structure and professional design. Hosting details are not explicit, but domain registration is through Nominet, consistent with UK government domains. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policy documentation and incident response contact information. No critical vulnerabilities or exposed sensitive data were detected. The use of third-party libraries is current but should be monitored for updates. Overall, the security posture is good but could be enhanced by adding security headers and formal security policies. The overall risk assessment is low, with high trustworthiness and legitimacy due to the domain age, consistent WHOIS data, and professional content. Strategic recommendations include publishing a dedicated security policy, adding security headers, and providing incident response contacts to improve transparency and security maturity.

Norsk Zoologisk Forening is a well-established Norwegian non-profit organization dedicated to zoology and wildlife interests. Founded in 2001, it serves a community of zoology enthusiasts and researchers by providing publications such as the Fauna journal, organizing events, and promoting species mapping and conservation efforts. The website reflects a professional and consistent brand presence with clear calls to action for membership and engagement. Technically, the site is built on WordPress using a modern stack of plugins including Yoast SEO, Google Tag Manager, and GDPR compliance tools. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Performance is moderate, with room for improvement in security headers and explicit incident response policies. Security posture is solid with HTTPS enforced and privacy compliance well addressed through cookie consent mechanisms and a comprehensive privacy policy. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a vulnerability disclosure policy and incident response information suggests areas for enhancement. Overall, the site presents a low-risk profile with strong business credibility and good privacy compliance. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining up-to-date software to sustain trust and compliance.

The website 'meistro Connect' appears to be a minimal landing page for a software application or service, primarily targeting German-speaking users. The site uses modern web technologies including React and Next.js, with Material-UI for styling. The presence of Google Analytics and Google Tag Manager indicates some level of user behavior tracking. However, the site content is very limited, showing only a logo and a loading spinner, with no visible business or contact information on the homepage. Privacy compliance is addressed through a cookie consent mechanism and a privacy policy page in German, but no terms of service or security policies are present. The domain is hosted on German servers, consistent with the language and domain, but WHOIS data is minimal, limiting full trust assessment.

L

Landwirtschaftsverlag GmbH

profi.de

54

profi.de is a German professional media website specializing in agricultural technology news, tests, and practical farming advice. It operates under Landwirtschaftsverlag GmbH, a recognized media publisher. The site offers subscription services, an online shop, and multimedia content targeting professionals in the agricultural sector. Technically, the website employs modern web technologies including Google Tag Manager, Usercentrics for consent management, and ad services via Google Ad Manager. The site is mobile-optimized with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were found. Overall, profi.de presents a professional, trustworthy digital presence with moderate to good technical maturity.

T

Startseite | top agrar

topagrar.com

62

Top agrar is a German-language agricultural news and information website providing up-to-date news, market prices, and specialized content for the agricultural sector. It targets German-speaking agricultural professionals and stakeholders with a broad range of services including news, newsletters, subscription options, job market listings, and agricultural weather information. The website is well-branded and professionally designed, reflecting a mature media business model reliant on advertising and subscriptions. Technically, the site employs modern web technologies including JavaScript frameworks, Google Tag Manager, and Usercentrics for consent management. It uses HTTPS with secure cookie attributes and integrates advertising and analytics services with user consent. The site is mobile-optimized and provides a good user experience with clear navigation and structured content. From a security perspective, the site enforces HTTPS and uses consent management for cookies, but lacks explicit security headers and published privacy or terms of service documents in the provided content. No contact information for security incidents or data protection officers was found, and no vulnerability disclosure mechanism is present. The WHOIS data is missing, which raises concerns about domain registration transparency. Overall, the website is professional and trustworthy in content and design but would benefit from improved transparency in domain registration, explicit privacy and terms policies, and enhanced security headers and disclosures.

P

Plinko slot

denieuweschepenvandoeksen.nl

62

The website www.denieuweschepenvandoeksen.nl is a Dutch-language content platform focused on the Plinko online casino game. It provides comprehensive guides, reviews, and casino recommendations targeted at Dutch-speaking online gamblers interested in Plinko. The site positions itself as a niche media provider with a small-scale business model centered on affiliate marketing and content monetization. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript ES modules, and integrates Google Analytics via Google Tag Manager. The site is mobile optimized with good SEO practices and structured data implementation. Security-wise, the site enforces HTTPS, uses CSRF tokens, and implements a cookie consent banner, but lacks explicit published security policies or incident response information. No critical vulnerabilities or suspicious content were detected. Overall, the site is professional, trustworthy, and compliant with GDPR-related cookie and privacy policies, though it could improve transparency on security and incident response. The domain uses privacy protection in WHOIS, which is justified given the gambling-related content. The site is safe for adults and does not contain explicit or NSFW content beyond gambling-related material.

Messe Stuttgart is a well-established trade fair organizer based in Stuttgart, Germany, founded in 1918. The company operates a large venue hosting numerous trade fairs, congresses, and exhibitions, serving both business clients and the general public. Their website reflects a mature digital presence with comprehensive event listings and structured data to enhance discoverability. Technically, the site is built on TYPO3 CMS, uses modern web technologies, and integrates consent management for privacy compliance. Security posture is strong with HTTPS, security headers, and no detected vulnerabilities, although explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and well-optimized for performance and user experience.

A

Atelier Neukom

atelier-neukom.ch

53

Atelier Neukom is a small Swiss creative agency specializing in graphic design, web design, and photography services. The company targets small and medium enterprises, municipalities, music schools, and various other sectors, offering tailored digital and print solutions. Their market position is that of a trusted local partner with a strong portfolio and long-standing client relationships. Technically, the website is built on Joomla CMS with modern integrations such as Google Analytics, Google Tag Manager, and HikaShop for e-commerce capabilities. The site is well-structured, mobile-optimized, and includes comprehensive privacy and cookie policies with active consent mechanisms. Security posture is good with HTTPS enforced and no evident vulnerabilities, though some security headers could be improved. Overall, the website reflects a professional and trustworthy business with transparent data protection practices.

O

ORMED GmbH, a company of Enovis

djoglobal.de

60

Enovis, represented by ORMED GmbH, is a leading global provider specializing in orthopedic aids and physical therapy solutions in orthopedics, traumatology, and sports medicine. The company targets both healthcare professionals and patients, offering a comprehensive range of products, digital therapy applications, and educational services. Their market position is strong, supported by a professional and well-structured website that reflects their expertise and commitment to quality healthcare solutions. The website is primarily in German and serves the German and Austrian markets.

Billybets is a newly registered website (April 2024) with a focus on betting or gambling services, as suggested by the site title and domain name. The site uses modern web fonts and Google Tag Manager for analytics, hosted with DNS services via Cloudflare and registered through GoDaddy. However, the website lacks critical business and compliance information such as privacy policies, cookie consent mechanisms, terms of service, and contact details, which are essential for trust and regulatory compliance in the gambling sector. The absence of these elements and the very recent domain registration suggest the business is in an early stage or possibly not fully established. The technical infrastructure is moderate with basic mobile optimization and performance, but security headers and SSL configuration details are not evident from the provided data, indicating room for improvement in security posture.

G

Gelnhäuser Neue Zeitung

gnz.de

58

Gelnhäuser Neue Zeitung operates as a regional news media outlet serving Gelnhausen, the Main-Kinzig-Kreis, and surrounding areas in Germany. The website offers current news, podcasts, newsletters, and subscription-based e-paper services, positioning itself as a trusted regional information source. It is partnered with the RedaktionsNetzwerk Deutschland, enhancing its content network and credibility. Technically, the site employs modern web technologies such as React, a consent management platform for GDPR compliance, and integrates advertising and paywall services like Google Adsense and Piano (Tinypass). The site is hosted on infrastructure likely provided by Deutsche Telekom, ensuring reliable connectivity and performance. Security-wise, the website enforces HTTPS and uses cookie consent mechanisms, but lacks explicit published security policies or vulnerability disclosures. Overall, the site is professionally designed, mobile-optimized, and SEO-friendly, with a good security posture and moderate user tracking. No adult or questionable content is present, making it suitable for general audiences.

F

Förderdata

fe-bis.de

63

Förderdata operates a specialized online platform focused on providing funding information and application support for energy efficiency and renovation programs in Germany. Their service, branded as 'febis', targets individuals and professionals seeking to navigate complex funding landscapes such as BEG and heating system subsidies. The website is well-structured, professionally designed, and optimized for SEO and mobile use, reflecting a mature digital presence for a small-sized energy sector service provider. Technically, the site leverages WordPress with the Avada theme, integrates trusted third-party tools like HubSpot, Google Analytics, and Cookiebot for marketing, analytics, and privacy compliance. Security posture is strong with HTTPS enforcement and appropriate cookie consent mechanisms, though formal security and incident response policies are not publicly documented. Overall, the platform demonstrates a solid balance of usability, compliance, and technical soundness, suitable for its niche market.

D

Dessauer Zukunftskreis

dessauer-zukunftskreis.de

47

Dessauer Zukunftskreis is a small, independent interdisciplinary working group primarily composed of veterinary professionals focused on analyzing opportunities and risks in veterinary medicine and developing future perspectives. The website serves as an informational platform offering brochures, studies, and educational resources targeted at veterinarians and veterinary students in Germany. Technically, the site is built on an older TYPO3 CMS version 4.5 with jQuery 1.5, indicating some technical debt but remains functional and moderately optimized for mobile devices. Security posture is adequate with HTTPS enforced and privacy-conscious Google Analytics configuration, though lacking modern security headers and updated libraries. Privacy and cookie policies are present with consent mechanisms, but no Terms of Service or incident response policies are found. Overall, the domain registration data aligns with the website's German veterinary focus, supporting legitimacy. The site is safe for general audiences and does not contain any adult or questionable content.

R

REWE Group

rewe-group.com

63

REWE Group is a large German retail and tourism conglomerate serving approximately 12 million customers daily across supermarkets, discount stores, DIY stores, and travel services. The company has a strong market position in Germany and Europe with a history dating back to 1927. Their website reflects a mature digital presence with comprehensive content focused on corporate governance, sustainability, investor relations, and career opportunities. Technically, the site is built on WordPress with modern performance and SEO optimizations, leveraging Google Tag Manager, Adobe Launch, and a consent management platform to ensure privacy compliance. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though the WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is understandable for a large enterprise. Overall, the site is professional, secure, and compliant with GDPR, providing a trustworthy digital experience.

C

corporate benefits Germany GmbH

corporate-benefits.de

62

corporate benefits Germany GmbH operates as the European market leader in employee benefit portals, providing attractive discounts and offers from strong brands to over 40,000 companies and more than 15.6 million registered users. Their business model focuses on B2B services, enabling companies to enhance employee satisfaction through customized benefit portals without administrative burden. The company has a strong market position supported by over 20 years of experience and a broad European presence with multiple country-specific domains. Technically, the website is built on TYPO3 CMS, integrating modern marketing and analytics tools such as Google Tag Manager and Hotjar. The site is well-optimized for mobile devices, SEO, and accessibility, reflecting a mature digital infrastructure. Cookie consent mechanisms and GDPR compliance are clearly implemented, enhancing user privacy and regulatory adherence. From a security perspective, the site enforces HTTPS and uses cookie consent opt-in mechanisms, but lacks explicit security headers and publicly available security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The presence of TÜV IT certification adds to the trustworthiness. Overall, the website presents a low-risk profile with strong business credibility and compliance. Strategic improvements could include adding security headers, publishing a security policy, and implementing a vulnerability disclosure process to further enhance security posture and transparency.

K

KÜHN Sicherheit GmbH

shop-fuer-sicherheit.de

52

Shop für Sicherheit - KÜHN Sicherheit GmbH operates a specialized e-commerce platform focused on security products such as door locks, locking cylinders, and related safety technology. The company holds reputable certifications including VdS and DIN EN 9001 and is a member of recognized industry associations, positioning it as a trusted player in the German security retail market. The website targets both private and business customers seeking high-quality security solutions. Technically, the site is built on the Shopware platform, utilizing modern web technologies like jQuery and FontAwesome, and integrates analytics tools such as Google Tag Manager and Matomo for user tracking and marketing insights. The site is mobile-optimized with good navigation and content quality, supporting a positive user experience. Security posture is strong with HTTPS enforced, CSRF protection on forms, and a comprehensive cookie consent mechanism, although some HTTP security headers could be improved. Overall, the domain registration data aligns with the business claims, supporting legitimacy and trustworthiness.

H

Heinken Elektrotechnik GmbH

heinken.de

57

Heinken Elektrotechnik GmbH is a medium-sized German company specializing in electrical engineering, data network technology, and building automation with over 40 years of experience. The company operates primarily in the energy sector, serving both business and private clients with a comprehensive range of services from consultation to maintenance. Their website reflects a professional and consistent brand image, supported by active social media channels and clear contact information. Technically, the site is built on WordPress using the Avada theme, enhanced with SEO and analytics tools like Yoast SEO and Google Tag Manager, ensuring good digital maturity and SEO optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and explicit security policies. Overall, the website is trustworthy, well-maintained, and compliant with GDPR requirements.

A

ACCONSIS - Wirtschaftsprüfung, Steuerberatung, Rechtsberatung, Unternehmensberatung, Finanzierungsberatung

acconsis.de

65

ACCONSIS is a well-established professional services firm based in Munich, Germany, offering tax consultancy, legal advice, auditing, management consulting, and financial consulting. With over 60 years of experience, the company targets both corporate clients and private individuals, positioning itself as a trusted and comprehensive consulting partner. The website reflects a mature market presence with strong branding and trust indicators such as industry certifications and awards. Technically, the site is built on WordPress with modern SEO and analytics tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS, security headers, and form protections, though dedicated security and incident response policies are not publicly disclosed. Overall, the domain and website present a credible and professional digital footprint consistent with the company's business claims.

M

MLI Leadership Institut GmbH

leadership-munich.org

52

MLI Leadership Institut GmbH is a specialized consulting firm based in Germany, focusing on leadership development, strategic consulting, and organizational development services. Founded in 2013, the company targets businesses seeking to enhance leadership capabilities and activate corporate strategies. Their market position is that of a niche provider within the Munich metropolitan region, offering coaching, leadership programs, and strategy activation services. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to corporate clients. Technically, the site is built on October CMS, leveraging Bootstrap and jQuery, with modern tracking and consent management tools integrated. The site is mobile optimized and performs moderately well.