Security Directory

O

OFFLINE GmbH

offline.ch

0

OFFLINE GmbH is a Swiss technology company based in Luzern specializing in modern web application development, legacy software modernization, and CTO-as-a-Service offerings. With approximately 14 years of experience, they serve a diverse clientele ranging from startups to established enterprises, emphasizing quality and sustainable technical solutions. The website reflects a professional and modern digital presence, built using the Hugo static site generator, optimized for performance and mobile devices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the site lacks explicit security headers and a cookie consent mechanism, which are recommended for enhanced compliance and protection. Overall, the company demonstrates strong business credibility and technical maturity with room for improvement in privacy and security transparency.

The website www.bananenflanker-legenden.de is currently inaccessible beyond a Cloudflare Turnstile security challenge page, which blocks access to any substantive content. Due to this, no business information, contact details, or policy documents are available for review. The site appears to be protected by Cloudflare's security mechanisms, indicating an intent to prevent automated access or abuse. The technical infrastructure includes Cloudflare services and standard web technologies such as HTML5, CSS3, and JavaScript, but no CMS or backend platform is identifiable from the accessible content. Security posture cannot be fully assessed due to lack of content and headers visibility. Overall, the site is currently not analyzable for business or compliance insights, and the risk assessment is limited by the access restrictions.

E

expeero

expeero.com

0

Expeero is a German-based technology company offering a SaaS platform focused on reputation management with a unique ecological angle by planting trees for each customer review. The company targets businesses seeking to improve their online reputation while demonstrating environmental responsibility. The website is professionally designed, mobile-optimized, and integrates modern technologies such as Matomo analytics and Bootstrap framework. Security posture is solid with HTTPS and CSRF protections, though some security headers are missing and no explicit cookie consent mechanism is present. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, but the active and comprehensive website content supports business credibility. Overall, Expeero presents a trustworthy and innovative service with room for improvement in transparency and security practices.

The website certipedia.com currently returns a 503 Service Unavailable error indicating that no server is available to handle requests. This results in a complete lack of accessible content, metadata, or interactive elements. The domain registration data is consistent and legitimate, registered since 2012 with a reputable registrar and name servers aligned with the TÜV Rheinland brand. However, the absence of website content prevents any meaningful analysis of business operations, services, or user engagement. The technical infrastructure cannot be assessed beyond the domain registration data. Security posture is unknown due to lack of accessible content and no security headers or HTTPS information provided. Overall, the site is inaccessible, resulting in a low AI score and inability to evaluate compliance or trustworthiness beyond domain legitimacy.

The website www.saturn.de currently presents a Cloudflare Turnstile captcha challenge page blocking direct access to its content. This indicates a security mechanism to prevent automated access or abuse. Due to this, no substantive business content, policies, or contact information is accessible for analysis. The domain uses Akamai nameservers, suggesting professional hosting and a legitimate commercial presence. However, the lack of accessible content limits the ability to assess the company's business model, services, or compliance posture. Technically, the site employs modern WAF technology but does not expose further technical or security details on this page. Security posture is difficult to evaluate fully due to content blocking, but the presence of a WAF is a positive indicator. Overall, the site is currently inaccessible for full analysis, resulting in a low AI score and unknown compliance or business credibility status.

C

Connect Center

connectcenter.hu

0

Connect Center is a Hungarian technology company specializing in e-commerce integration solutions, providing a platform that bridges ERP, inventory, invoicing, wholesale price lists, and webshop systems. The company targets e-commerce businesses seeking seamless synchronization between backend systems and online stores. The website is built on WordPress using the Divi theme and incorporates modern marketing and analytics tools such as Google Analytics, Facebook Pixel, and reCAPTCHA for security. While the technical infrastructure is solid with HTTPS and standard plugins, the site lacks published privacy and cookie policies, which impacts GDPR compliance. No explicit contact information or security policies are visible, which may affect user trust and compliance transparency. Overall, the site presents a professional business presence with moderate digital maturity but requires improvements in privacy and security disclosures.

D

Dr. Heike Kreymborg & Kristian Grimm GbR

32reasons.de

0

32 Reasons is a specialized dental practice located in Hamburg, Germany, offering a comprehensive range of dental services including aesthetic dentistry, implantology, endodontology, and orthodontics such as Invisalign. The practice emphasizes modern technology and patient-centered care, supported by an inhouse dental laboratory for customized prosthetics. The website is professionally designed, content-rich, and targets local patients seeking high-quality dental care. Technically, the site uses modern web standards with embedded video and SVG graphics, and includes a browser update notification script to encourage security hygiene. Security posture is good with HTTPS enforced, but lacks advanced security headers and cookie consent mechanisms. Contact information is clearly presented, enhancing business credibility. No blocking or WAF mechanisms were detected, allowing full content access. Overall, the website reflects a trustworthy, professional healthcare provider with room for improvement in privacy compliance and security best practices.

W

WorkSafe Saskatchewan

worksafesask.ca

0

WorkSafe Saskatchewan is a government agency dedicated to promoting workplace health and safety within the province of Saskatchewan, Canada. The organization provides regulatory oversight, educational resources, and support services to employers and workers to foster safe working environments. The website serves as a comprehensive portal for information, incident reporting, and access to safety programs, positioning WorkSafe Saskatchewan as the authoritative body in its sector. Technically, the website is built on WordPress using the Avada theme and incorporates modern web technologies including jQuery, Google Analytics, Facebook Pixel, and LinkedIn Insight Tag for analytics and marketing. The site demonstrates good mobile optimization and accessibility features, though there is room for improvement in accessibility compliance. Performance is moderate, with a well-structured layout and clear navigation enhancing user experience. From a security perspective, the site enforces HTTPS, employs multiple security headers, and avoids exposing sensitive data. However, it lacks a publicly available security policy and vulnerability disclosure mechanism, which are recommended for transparency and incident management. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place, reflecting adherence to GDPR principles. Overall, the website is professional, trustworthy, and well-maintained, serving its government mandate effectively. The absence of WHOIS data is noted but likely due to registry policies rather than malicious intent. Strategic recommendations include publishing a formal security policy, implementing a vulnerability disclosure program, and enhancing accessibility to further strengthen the site's security posture and user inclusivity.

S

Solar Sister

solarsister.org

0

Solar Sister is a non-profit organization dedicated to empowering local women entrepreneurs in Africa to create and sustain clean energy businesses. The organization leverages a social enterprise model to address energy poverty and gender inequality by supporting women as clean energy distributors in last-mile communities. Their market position is strong within the niche of women-led clean energy initiatives, supported by a clear mission and donor engagement. The website reflects a professional and consistent brand with good content quality and clear calls to action for donations and involvement. Technically, the website is built on WordPress with modern plugins such as Gravity Forms and Google Tag Manager, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly, though accessibility features are basic. Performance is moderate with lazy loading implemented for images. Hosting and domain registration are consistent with the organization's history and legitimacy. From a security perspective, the site uses HTTPS and has domain transfer protections in place, but lacks DNSSEC and explicit security headers, which are recommended for enhanced security. No privacy or cookie consent mechanisms were detected, which may pose compliance risks under GDPR or similar regulations. Contact information is clearly provided, but no dedicated security or incident response policies are published. Overall, Solar Sister's website is trustworthy and professional, supporting its mission effectively. Strategic improvements in security headers, privacy compliance, and explicit policy disclosures would enhance its security posture and regulatory compliance.

G

Government of Canada

canada.ca

0

Canada.ca is the official Government of Canada website serving as a centralized portal for all federal programs, services, departments, ministries, and organizations. It targets Canadian residents and citizens seeking government information and services. The site is authoritative, enterprise-scale, and bilingual, reflecting Canada's official languages. The business model is a government service portal, providing comprehensive access to public resources and information. The website is well-branded with consistent government identity and offers excellent content quality and user experience.

The website at unio.no is currently inaccessible, returning a 403 Forbidden error page that blocks access to any substantive content. The domain is mature, having been registered in 2005, which suggests an established entity behind it. However, the lack of accessible content, absence of privacy, cookie, or terms of service policies, and no visible contact or business information severely limit the ability to assess the business or security posture. Technically, the site uses Google Fonts but no other detectable technologies or analytics. Security best practices such as HTTPS enforcement, security headers, and incident response contacts are not observable. Overall, the site appears to be either restricted intentionally or misconfigured, resulting in a poor user experience and low trustworthiness.

A

Aerial Sports South Africa

poleart.capetown

0

The website poleart.capetown serves as the official platform for the World Pole Art Championship 2025, a prestigious international event in pole dance and aerial arts hosted in Cape Town, South Africa. It targets athletes, enthusiasts, and spectators globally, providing event information, gallery content, sponsorship opportunities, and upcoming ticket sales. The business model is event-driven, relying on sponsorship and donations to fund the championship. Technically, the site is built on WordPress with a standard theme and uses Cloudflare DNS services. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are absent, representing compliance gaps. Contact information is limited to email addresses, with no phone or physical address provided. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security hardening.

W

Wyldata, Ltd.

wyldata.com

0

Wyldata, Ltd. operates a specialized action sports data platform focused on providing accurate, relevant, and actionable sports data to federations, athletes, fans, and brands. The company offers core services including database management, ranking algorithms, and custom data products, positioning itself as a trusted technology partner within the action sports ecosystem. Their partnerships with recognized federations such as World Skate and FIS underscore their market credibility and industry integration. Technically, the website is built on modern frameworks like Nuxt.js and Vue.js, hosted on AWS infrastructure, and employs best practices in design, responsiveness, and performance. Security posture is solid with HTTPS enabled and error monitoring via Sentry; however, there is room for improvement in security headers and published security policies. Privacy compliance is basic with presence of privacy and cookie policies and consent mechanisms, though GDPR compliance is not explicitly confirmed. Overall, the website demonstrates a high level of professionalism and trustworthiness, with minor gaps in direct contact information and advanced security disclosures.

The website at esefunds.com is currently inaccessible to the public, returning a 403 Forbidden error page. This indicates that access is restricted or blocked, preventing any meaningful content or business information from being displayed. The domain is registered with GoDaddy.com, LLC since January 2022 and is active until 2026, but no registrant details or privacy protection are provided. The lack of accessible content, contact information, or policies severely limits the ability to assess the business or its services. Technically, the site lacks DNSSEC and security headers, and no analytics or tracking technologies are detected. Overall, the website's digital maturity and security posture are poor due to the access restriction and minimal technical safeguards.

V

Verlag Freies Geistesleben

geistesleben.de

0

Verlag Freies Geistesleben operates as a specialized publishing house and online retailer focusing on books and eBooks related to Waldorf pedagogy, anthroposophy, and related educational and cultural topics. The website serves a niche audience interested in these areas, offering a curated selection of literature and educational materials. The business model centers on direct online sales complemented by a partner bookstore network and digital content offerings. Market positioning is that of a trusted medium-sized publisher within its specialized domain in Germany. Technically, the website is built on the OXID eShop Enterprise Edition platform, utilizing common web technologies such as jQuery, Font Awesome, and Cookiebot for cookie consent management. The site is mobile-optimized with a responsive design and includes standard ecommerce features like user login and shopping cart functionality. SEO and accessibility are implemented at a basic to good level, with room for improvement in accessibility. From a security perspective, the site enforces HTTPS and employs a comprehensive cookie consent mechanism with granular user controls, reflecting good privacy practices. However, there is a lack of explicit security headers and no publicly available security or incident response policies. No critical vulnerabilities or exposed sensitive data were detected in the analysis. The absence of a privacy policy page and terms of service is a notable gap in compliance documentation. Overall, the website presents a professional and trustworthy front for its business, with moderate technical maturity and a solid privacy posture. Strategic improvements in security headers, compliance documentation, and accessibility would enhance its security and user trust further.

Game Days is a specialized gaming conference based in Košice, Slovakia, organized by Grindstone s.r.o. The event focuses on connecting industry experts, indie developers, and creatives in a collaborative environment. The website reflects a professional and consistent brand image, targeting gaming professionals and enthusiasts in the region. The business model centers on event organization supported by sponsorships and partnerships with notable industry players and local organizations. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, hosted likely by Websupport, with good mobile optimization and moderate performance. The site uses Google Tag Manager for analytics and tracking but lacks a cookie consent mechanism and some security headers. The SSL configuration is excellent, and DNSSEC is enabled, indicating good domain security practices. From a security perspective, the site enforces HTTPS and DNSSEC but could improve by adding security headers, a cookie consent banner, and publishing security and incident response policies. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a privacy policy present but no cookie policy or GDPR explicit indicators. Overall, the website is trustworthy and professional with a good security posture but would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

M

MES PHARIS

pharis.cz

0

MES PHARIS operates as a provider of Manufacturing Execution System (MES) software aimed at optimizing and managing production processes in real-time. The company targets manufacturing businesses seeking to improve efficiency and profitability through innovative digital solutions. The website presents a professional and focused business offering with clear messaging about its MES system capabilities. Technically, the website is built on WordPress with Elementor, incorporating modern tracking and security tools such as Google Tag Manager and reCAPTCHA. The site is mobile-optimized and SEO-friendly, though some accessibility features could be enhanced. Security posture is moderate with HTTPS enabled and reCAPTCHA implemented, but lacks visible security headers and explicit security policies. WHOIS data is unavailable, which limits domain trust verification and slightly reduces overall credibility. Privacy compliance is partial, with cookie consent present but no dedicated privacy policy page found. Overall, the website is functional and professional but could improve transparency and security documentation to enhance trust.

B

Bee Web Identity

beestudio.net

0

Bee Web Identity is a small Italian digital agency specializing in web design, SEO, and corporate identity services. Founded in 2011, it targets businesses seeking modern, elegant websites and coordinated branding solutions. The company showcases a portfolio of projects and maintains a professional online presence with multilingual support. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, and jQuery, with Google Fonts for typography. The site is mobile optimized and demonstrates good SEO practices, though accessibility features are basic. Security posture is moderate; HTTPS is used, but DNSSEC is not enabled and security headers are absent. Privacy compliance is basic with a cookie consent banner and a privacy policy present, though GDPR compliance is not explicitly confirmed. Contact information is clearly provided, including email, phone, and physical address. Overall, the website is professional and trustworthy with room for security and compliance improvements.

TSE CB is a Czech manufacturing company specializing in precision tooling and engineering products, continuing the legacy of the TESLA Karlín brand since 2015. The company operates a professional website built on WordPress with WooCommerce, targeting industrial clients in the manufacturing sector. The site provides clear information about their services, including stamping and die tools and pressure casting molds. Technically, the website uses a moderately modern tech stack with SEO and GDPR compliance implemented, though some improvements in security headers and mobile optimization are recommended. The security posture is adequate with HTTPS and cookie consent but lacks explicit security policies or incident response contacts. Overall, the website is trustworthy and professional, but the absence of WHOIS data for the domain reduces domain trustworthiness and should be investigated further.

TSE MOBILIÁŘ is a Czech-based manufacturer specializing in urban furniture and industrial applications, including bus shelters, stop markers, advertising vitrines, and outdoor benches. The company targets municipalities and industrial clients, offering custom production and a range of specialized products. The website is built on WordPress with WooCommerce, indicating a moderate level of digital maturity and e-commerce capability. The presence of GDPR compliance and cookie consent mechanisms reflects awareness of privacy regulations. Security posture is generally good with HTTPS enforced, but lacks some advanced security headers. The absence of WHOIS data is a concern for domain legitimacy, though the website content and business information appear professional and trustworthy. Overall, the site is functional, well-structured, and serves its business purpose effectively.

D

Digitalist d.o.o. & Digitalist consulting d.o.o.

digitalist.si

0

Digitalist d.o.o. & Digitalist consulting d.o.o. is a Slovenian digital agency specializing in web development, digital marketing, and subsidy consulting services. Founded in 2020, the company positions itself as a comprehensive partner for businesses seeking to enhance their online presence and sales performance. The website showcases strong client testimonials and certifications, indicating a reputable market position within the regional digital services sector. Technically, the website is built on WordPress using the Flatsome theme, integrates modern analytics and marketing tools such as Google Analytics, Google Tag Manager, and Facebook Pixel, and employs Cloudflare DNS services. Security posture is solid with HTTPS and reCAPTCHA implemented, though the absence of security headers and explicit privacy and cookie policies represent areas for improvement. Overall, the site is professional, well-branded, and user-friendly, targeting business clients in Slovenia and neighboring regions.

The website at bizequity.com is currently inaccessible to the public, returning a 403 Forbidden error page that blocks access to any meaningful content. This prevents any direct analysis of business offerings, contact information, or compliance documentation. The domain is well-established, created in 2003, and registered through a reputable registrar, indicating legitimacy at the domain registration level. Hosting appears to be on Amazon AWS infrastructure, but DNSSEC is not enabled, which is a security enhancement opportunity. No privacy, cookie, or terms of service policies are present, and no contact information or interactive elements are available on the landing page. Overall, the site lacks visible content and business transparency, resulting in a low content quality and trustworthiness score.

ZUMA Press is a photography agency specializing in assignment, editorial, and archive photography services. Founded in 2016 by Scott Mc Kiernan, it serves media professionals and editorial clients with a broad network of photographers. The website presents a basic but functional interface with search capabilities and a large photographer directory, indicating a medium-sized operation in the media industry. Technically, the site uses standard web technologies including HTML, CSS, JavaScript, and integrates Google Analytics and Google Tag Manager for user tracking. Hosting is provided by DreamHost, a reputable provider. Security posture is basic with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy and cookie policies are absent, indicating compliance gaps. No contact information or incident response channels are visible, which may impact user trust and regulatory compliance. Overall, the domain registration is consistent and legitimate, supporting the business credibility. Strategic improvements in privacy compliance, security headers, and contact transparency are recommended to enhance trust and compliance.

W

WEB-STAR spol. s.r.o.

web-star.sk

0

WEB-STAR spol. s.r.o. is a Slovak-based small technology company specializing in custom web development, e-commerce solutions, branding, and digital marketing services. With over 13 years of market presence and more than 900 clients, the company holds a strong local market position focused on SMEs and entrepreneurs. Their website demonstrates a professional and modern design, leveraging WordPress CMS with Elementor and Yoast SEO plugins, ensuring good SEO and mobile responsiveness. Security posture is solid with HTTPS and Google reCAPTCHA v3 implemented, though improvements in security headers and incident response transparency are recommended. Overall, the website is trustworthy, content-rich, and business credible, supporting a positive user experience and client engagement.

F

FKA Brands

fkabrands.com

0

FKA Brands operates as a multi-brand consumer products company representing well-known brands such as Homedics, Ellia, Obusforme, The House of Marley, JAM, HMDX, and Revamp. The website serves primarily as a portal linking visitors to the individual brand websites, providing brand logos and URLs. The business model focuses on brand management and consumer product distribution across multiple markets. The company appears to be medium-sized with a founding date consistent with the domain registration in 2017. Technically, the website uses a minimal technology stack with jQuery 1.12.4 and is hosted via GoDaddy.com, LLC. The site has basic mobile optimization and SEO practices but lacks advanced frameworks or CMS detection. Performance is moderate, and accessibility features are basic. The website lacks cookie consent mechanisms and uses an outdated JavaScript library, which could pose security risks. From a security perspective, the site does not show evidence of security headers or advanced security policies. The domain registration is transparent and consistent with the business claims, with no privacy protection or suspicious patterns. The absence of contact information and incident response details limits the security posture. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is professional and trustworthy but could improve in security best practices and privacy compliance. Strategic recommendations include enabling DNSSEC, updating JavaScript libraries, implementing security headers, adding cookie consent, and providing clear contact and incident response information to enhance trust and compliance.

The website www.jbl.at is currently inaccessible due to a DataDome CAPTCHA security challenge that blocks direct access to the site's content. This challenge page prevents extraction of meaningful business, contact, or policy information. The domain WHOIS data is unavailable due to NIC.AT restrictions, limiting insights into domain registration details. The site appears to be an e-commerce platform powered by Salesforce Commerce Cloud, employing advanced bot mitigation technology. However, the security posture cannot be fully evaluated given the content blockage. The lack of accessible privacy, cookie, and contact information further limits compliance and trust assessments. Overall, the site demonstrates a high level of security control through CAPTCHA but at the cost of transparency and accessibility for analysis.

S

Slovak-American Foundation

slovakamericanfoundation.org

0

The Slovak-American Foundation was a US 501(c)(3) non-profit organization dedicated to fostering and strengthening relationships between the United States and Slovakia, with a focus on supporting the Slovak startup ecosystem and innovation. Founded in 2010 as the legacy successor to the Slovak American Enterprise Fund, the Foundation ceased operations in 2023 after fulfilling its mission. The website provides detailed information about the Foundation's history, programs, and impact, including a downloadable closing report. Technically, the website uses modern frontend technologies such as Alpine.js and Google Fonts, with a clean, professional design optimized for mobile devices. Security posture is moderate, with HTTPS implied but lacking explicit security headers and policies. No forms or data collection mechanisms are present, reducing attack surface but also limiting user interaction. The absence of WHOIS data reduces domain trustworthiness, but the professional content and contact information support legitimacy. Overall, the site is safe, professional, and informative, though improvements in privacy compliance and security best practices are recommended.

TSE is a Czech manufacturing company with over 25 years of experience specializing in electrical engineering, medical technology, furniture, and tooling. The company operates multiple divisions with dedicated websites and exports products globally. The website is professionally designed using WordPress and WooCommerce, providing clear navigation and multilingual support. GDPR compliance is well implemented with a cookie consent mechanism and a dedicated GDPR page. Contact information is clearly presented, enhancing business credibility. Technically, the site uses modern web technologies but lacks some advanced security headers. The absence of WHOIS data limits domain registration insights, but the overall trustworthiness remains high based on website content and structure.

A

ALPHA Consult

alphacons.eu

0

ALPHA Consult is a European boutique consultancy specializing in strategic management and technology consulting focused on space applications, GNSS, Earth Observation, Intelligent Transport Systems, and UAVs. The company targets businesses, regulators, and European institutions, positioning itself as a leading independent expert in these sectors. The website reflects a professional and consistent brand image with clear service offerings and contact information. Technically, the site uses modern web technologies including jQuery and Google Analytics, hosted by Aruba S.p.A., with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and explicit incident response or security policies. Overall, the site is trustworthy and professionally maintained, with moderate user tracking and basic privacy compliance.

UNIS, a.s. operates the VTP TESTLAB, an accredited testing laboratory in the Czech Republic specializing in electromagnetic compatibility (EMC), mechanical resistance, climatic, and combined vibration/climate testing. The company holds ISO/IEC 17025:2018 accreditation, ensuring high standards in testing services. The website targets manufacturers and businesses requiring certified testing services, positioning itself as a reliable and professional service provider in the technology and manufacturing sectors. The business model focuses on providing specialized laboratory testing services with a medium-sized operational scale and a consistent brand presence. Technically, the website employs modern JavaScript libraries such as jQuery, Google Analytics for traffic analysis, and Google reCAPTCHA v3 for bot mitigation. The site is served over HTTPS, ensuring secure communications, and includes a GDPR-compliant privacy policy. However, some technical improvements are recommended, including the addition of security headers and cookie consent mechanisms to enhance compliance and security posture. Security-wise, the site demonstrates good practices with secure forms and no visible vulnerabilities, but lacks explicit security policies and incident response contacts. Overall, the website is professional, trustworthy, and well-structured, though the absence of WHOIS data limits full domain trust assessment. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing vulnerability disclosure policies to strengthen security and compliance further.

Barcelona Activa's mobile website (barcelonactiva.mobi) is currently non-operational, serving only as a redirect notice to the main Barcelona Activa website. The business behind the domain is CIBERPYME BARCELONA, S.L., a local government or non-profit entity focused on supporting entrepreneurship and business development in Barcelona. The domain is aged since 2014 but has been expired for over 8 months, which poses a risk to trust and continuity. The website itself is minimalistic, with no interactive elements, forms, or contact information, indicating a low level of digital maturity and technical sophistication. Hosting is provided by SiteGround, a reputable provider, but no advanced security or privacy features are implemented.

A

Anthroposophische Gesellschaft in Deutschland e.V.

anthroposophische-gesellschaft.de

0

The Anthroposophische Gesellschaft in Deutschland e.V. is a well-established non-profit organization dedicated to promoting the spiritual and cultural movement of Anthroposophy founded by Rudolf Steiner. The organization operates primarily in Germany and serves a broad audience interested in spiritual science, cultural reform, and social initiatives. Their business model revolves around memberships, events, publications, and fostering community engagement. The website reflects a mature digital presence with a comprehensive content offering, including news, events, and educational resources. Technically, the site is built on TYPO3 CMS, hosted by Infomaniak, and employs modern web technologies to ensure a good user experience across devices.

R

Radio LOTTE Weimar

radiolotte.de

0

Radio LOTTE Weimar is a community radio station serving the city of Weimar, Germany, providing local news, event information, and broadcasting services. The website is primarily in German and targets local residents interested in community radio content. The business operates in the media sector with a small organizational size, focusing on community engagement and information dissemination. Technically, the website uses common web technologies such as jQuery, Bootstrap, and Font Awesome, and is likely powered by TYPO3 CMS hosted by Cloudpit. The site includes a cookie consent mechanism via Usercentrics, indicating some level of privacy compliance, though no explicit privacy policy or terms of service pages were found. Security posture is moderate with HTTPS enabled but lacking visible security headers and detailed security policies. Overall, the website is functional and professional but could improve in privacy transparency and security documentation.

I

idee[x] digitale dienste

idee-x.de

0

idee[x] digitale dienste is a small regional digital service provider specializing in custom web development and digital consulting, primarily serving clients in Baden-Baden and Karlsruhe, Germany. Their offerings include modern web technologies such as Typo3, WordPress, React, and React Native, focusing on responsive, user-friendly, and SEO-optimized websites. The company positions itself as a reliable project partner delivering up-to-date technical solutions. The website is built on WordPress with a custom theme and uses standard web technologies including jQuery and SVG graphics. Hosting is managed via UI-DNS nameservers, indicating a professional hosting environment. The site is mobile optimized and provides a good user experience with clear navigation and relevant content.

H

Hamburgische Schiffbau-Versuchsanstalt GmbH

hsva.de

0

Hamburgische Schiffbau-Versuchsanstalt GmbH (HSVA) is a well-established private and independent maritime service and consulting company based in Hamburg, Germany. Founded in 1913, HSVA specializes in maritime hydrodynamics, aerodynamics, and arctic technology, providing innovative solutions and world-class experimental testing facilities to clients worldwide. The company is recognized for its contributions to greener shipping and sustainable marine environments, holding a strong market position supported by national and international research collaborations. Technically, the HSVA website employs modern frontend technologies including Bootstrap and AOS for animations, alongside a robust cookie consent management system (ConsentFriend/Klaro!). The site is mobile-optimized with good SEO practices and moderate performance. While HTTPS is enforced, security headers are not explicitly detected, suggesting room for improvement in security hardening. From a security perspective, HSVA demonstrates a solid baseline with HTTPS and cookie consent mechanisms. However, the absence of explicit security policies, incident response contacts, and security.txt files indicates potential gaps in transparency and vulnerability management. No critical vulnerabilities or blocking mechanisms were detected, and the domain WHOIS data aligns well with the company’s identity and location, supporting legitimacy. Overall, HSVA presents a professional, trustworthy online presence with strong business credibility and compliance with privacy regulations. Strategic enhancements in security headers, incident response disclosures, and accessibility could further strengthen their security posture and user trust.

SDC Ship Design & Consult GmbH is a specialized consultancy firm focused on the maritime shipping industry, offering ship design, engineering, and consultancy services. Their expertise spans various ship types including tankers, container ships, yachts, and research vessels, with services covering feasibility studies, steel design, mechanical engineering, and consultancy on alternative fuels and efficiency optimization. The company targets shipping industry professionals and ship owners, positioning itself as a niche player in maritime consultancy. Technically, the website is built with basic HTML, CSS, and JavaScript without modern frameworks or CMS. The hosting is provided by kasserver.com, a professional hosting provider. The site lacks mobile optimization and accessibility features, and no analytics or tracking technologies are detected. Performance is moderate with a fixed-width layout and minimal dynamic content. From a security perspective, the site does not show evidence of HTTPS enforcement or security headers, which are critical for protecting user data and ensuring trust. There is no visible privacy or cookie consent mechanism, and no incident response or security policy information is provided. The WHOIS data is consistent and indicates a legitimate domain registration with no privacy protection, appropriate for the business type. Overall, the website is functional but basic, with room for improvement in security posture, privacy compliance, and technical modernization. Strategic enhancements in HTTPS implementation, security headers, mobile responsiveness, and privacy mechanisms would significantly improve trust and compliance.

A

Anti-Phishing Working Group, Inc

apwg.org

0

The Anti-Phishing Working Group (APWG) is a well-established non-profit organization focused on unifying the global response to cybercrime, particularly phishing and smishing attacks. Founded in 2004, APWG provides a collaborative platform for industry, law enforcement, government, and academic researchers to exchange curated cybercrime data, conduct research, and promote public awareness. Their key services include phishing email and smishing text reporting, a global cybercrime data clearinghouse (eCrime Exchange), and research programs. The organization targets cybercrime professionals and stakeholders worldwide, positioning itself as a trusted leader in the anti-phishing domain. Technically, the website is built on a modern React and Next.js framework with Craft CMS as the content management system. The site demonstrates good mobile optimization, clear navigation, and professional design quality. Performance is moderate, and SEO practices are adequately implemented. However, accessibility features are basic, and some security best practices such as DNSSEC and security headers are missing. From a security perspective, the site uses HTTPS with a domain status that prevents unauthorized transfers, indicating stable ownership. However, the absence of DNSSEC and security headers suggests room for improvement. No explicit incident response or vulnerability disclosure policies are published, and cookie consent mechanisms are not evident, which may impact compliance with privacy regulations. No contact emails or phone numbers are publicly listed, with contact primarily via a web form. Overall, APWG's website is professional, trustworthy, and content-rich, serving its niche audience effectively. Security posture is solid but could be enhanced with additional measures. Privacy compliance is basic but present. The domain registration data aligns well with the organization's identity, supporting legitimacy. Strategic improvements in security policies, privacy mechanisms, and transparency would further strengthen the site's credibility and compliance.

The Schiffbautechnische Gesellschaft e.V. (STG) is a professional maritime society based in Germany, focused on advancing shipbuilding technology and efficiency. The website serves as a portal for information on their flagship event, the International Conference on Ship Efficiency, along with other maritime industry events, membership services, and technical committees. The organization targets maritime professionals, engineers, and researchers, providing a platform for knowledge exchange and networking. Technically, the site is built on the onTEAM CMS platform with standard web technologies and includes a secure login area for members. Security posture is moderate with HTTPS usage and session management, but lacks visible advanced security headers and anti-CSRF protections. Privacy compliance is basic with a privacy policy present but no explicit cookie consent mechanism detected. The WHOIS data is incomplete and malformed, limiting domain trust verification, but the professional content and consistent branding support legitimacy. Overall, the site is functional, professional, and trustworthy for its audience, though improvements in security and privacy transparency are recommended.

Rema Trade is a small hospitality equipment company based in Bosnia and Herzegovina, established in 2005. The company specializes in professional equipment for the hospitality industry, offering a wide range of products including kitchen equipment, small inventory, butcher equipment, and laundry equipment. They provide comprehensive services such as consulting, project design, transport, installation, servicing, and staff training. The website reflects a regional leader position with a professional and consistent brand presence. Technically, the site is built on WordPress with modern plugins and frameworks, offering good mobile optimization and SEO. Security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers. Privacy and cookie policies are missing, indicating compliance gaps. Contact information is clearly provided, enhancing business credibility.

The website hgacbuy.org is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, which prevents access to any substantive content. As a result, no business information, contact details, or policy documents are available for analysis. The domain is registered since 2005 with Network Solutions, LLC, indicating a long-standing presence, but the lack of DNSSEC and visible security headers suggests room for improvement in security posture. The site relies on Cloudflare for DNS and security services. Due to the block, the technical infrastructure cannot be fully assessed, and no analytics or marketing technologies are detected. Overall, the site’s security posture is unclear beyond the presence of Cloudflare protection, and the absence of privacy and cookie policies indicates non-compliance with common privacy standards.

N

NorSIS

slettmeg.no

0

Slettmeg.no is a Norwegian website operated by NorSIS, providing free advice and guidance on deleting personal information from internet services and offering privacy and digital rights support. The site targets Norwegian users seeking assistance with online data removal and privacy issues. Technically, the site is built on WordPress with modern plugins such as Yoast SEO, Matomo analytics for privacy-respecting tracking, and Google invisible reCAPTCHA for form security. The website is mobile-optimized and accessible, with good SEO practices. Security posture is moderate with HTTPS enforced and no exposed sensitive data, but lacks explicit security headers and has some technical issues with a Facebook deceased profile deletion form. Privacy compliance is good with clear privacy and cookie policies, though no terms of service or vulnerability disclosure policies are found. Overall, the site is trustworthy, professional, and serves a niche government/non-profit role in Norway.

L

Landesarbeitsgemeinschaft Puppenspiel e.V. Thüringen

puppe-thueringen.de

0

Landesarbeitsgemeinschaft Puppenspiel e.V. Thüringen is a small non-profit cultural association dedicated to puppetry arts in the Thüringen region of Germany. The organization provides puppetry events, educational projects, and supports a community of puppetry artists and enthusiasts. Their website serves as an informational portal with event details, member information, and contact resources. Technically, the site is built on Joomla CMS using Yootheme templates and UIkit framework, delivering a moderately performant and mobile-optimized experience. Security posture is adequate with HTTPS and cookie consent mechanisms, though lacking advanced security headers and incident response information. Overall, the site is trustworthy and professionally presented, targeting cultural audiences and puppetry communities.

L

LAG Spiel und Theater in Thüringen e.V.

lag-thueringen.de

0

LAG Spiel und Theater in Thüringen e.V. is a regional non-profit organization founded in 1992, dedicated to youth culture and theater education in Thüringen, Germany. It coordinates member theater groups, supports educational initiatives, organizes theater events for students, and provides resources such as a specialized library. The website reflects a focused mission with clear content targeting theater professionals, educators, and youth cultural initiatives in the region. Technically, the site is built on the Contao CMS platform, uses jQuery and SVG graphics, and demonstrates moderate performance with good mobile optimization. Security posture is adequate with HTTPS and cookie consent implemented, though additional security headers and policies could enhance protection. Privacy compliance is evident with a GDPR-aligned privacy policy and cookie banner. No contact emails or phone numbers are explicitly provided on the homepage, which may limit direct communication. Overall, the website is professional, trustworthy, and well-aligned with its mission, though it could benefit from enhanced security practices and more visible contact information.

brand ENGINEERING SOLUTIONS GmbH (bES) is a specialized consultancy focused on naval architecture, marine and offshore engineering, and salvage engineering services. The company leverages up-to-date tools and industry experience to deliver reliable reports and simulations, serving clients primarily in the shipping industry. As part of the bMC GROUP, bES benefits from a broader ecosystem of complementary maritime services, positioning itself as a niche expert within the transportation and energy sectors. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to industry professionals. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern web technologies such as Bootstrap 5, jQuery, and FontAwesome. The site is mobile-optimized with good SEO practices and includes a cookie consent mechanism compliant with GDPR. Hosting and domain registration are stable and consistent with the company's German origin, though DNSSEC is not enabled. Analytics are handled via Matomo, indicating a preference for privacy-conscious tracking. From a security perspective, the site enforces HTTPS and uses CSRF tokens to protect forms. However, it lacks advanced security headers and does not publish a formal security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the security posture is solid but could be enhanced with additional headers and transparency. The overall risk assessment is low, with no critical issues identified. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and enhancing security headers. These improvements would further strengthen trust and compliance, supporting the company's professional image and operational resilience.

B

Behinderten- und Rehabilitations-Sportverband Berlin e.V.

sportbildung.berlin

0

The website sportbildung.berlin serves as the official training and licensing portal for the Behinderten- und Rehabilitations-Sportverband Berlin e.V., a regional sports association focused on disabled and rehabilitation sports in Berlin, Germany. It provides educational resources, licensing guides, and online application services for training and continuing education in the rehabilitation sports sector. The portal targets individuals and clubs involved in this niche sports community, offering structured information and digital services to support their certification and training needs. Technically, the site is built on TYPO3 CMS with Bootstrap 5 and jQuery, ensuring a modern and responsive user experience. It integrates Matomo analytics with privacy-conscious settings and uses HTTPS with a valid SSL certificate. However, DNSSEC is not enabled, and some security headers appear to be missing, indicating room for improvement in security hardening. The site is well-structured with clear navigation and good accessibility features, supporting a positive user experience. From a security and compliance perspective, the site demonstrates basic GDPR compliance with a privacy policy and cookie consent banner. However, it lacks visible terms of service, security policies, incident response contacts, and explicit business contact information, which are important for trust and legal completeness. The WHOIS data is consistent and legitimate, with a domain age appropriate for the business. No suspicious or malicious indicators were found. Overall, the website is a credible and professional portal for its niche audience but would benefit from enhanced security practices, clearer contact and legal information, and improved transparency to strengthen trust and compliance.

I

Institut für Auslandsbeziehungen (ifa)

kulturaustausch.de

0

Kulturaustausch is a cultural magazine operated under the Institut für Auslandsbeziehungen (ifa), focusing on international relations, culture, and society with contributions from global authors. The website serves as a platform for in-depth dossiers, articles, and print issues, targeting readers interested in diverse international perspectives. Technically, the site is built on TYPO3 CMS, employs Matomo for analytics, and uses modern web technologies ensuring good performance, accessibility, and SEO. Security posture is solid with HTTPS and some security best practices, though additional headers could enhance protection. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant, reflecting a mature privacy stance. Contact is primarily via a web form, with no direct emails or phone numbers publicly listed. Overall, the site is professional, trustworthy, and well-positioned in the media and non-profit cultural sector.

The website hasznosholmik.hu currently hosts only a default placeholder page indicating a 'Coming Soon' status. There is no business information, contact details, or content describing the nature of the business or services. The only external link points to vestacp.com, suggesting the site is hosted or managed via the VESTA control panel. The domain was registered in 2016, but the lack of content suggests the site is inactive or under development. From a technical perspective, the site is minimal with no detected CMS, scripts, or analytics. There is no evidence of HTTPS or security headers, which indicates a poor security posture. No privacy or cookie policies are present, and no contact or incident response information is available. Security evaluation reveals critical gaps including absence of HTTPS, lack of security headers, and no visible security or privacy compliance measures. The site does not collect user data or have forms, reducing immediate risk but also indicating no active business operations. Overall, the site presents a low trust profile with minimal content and poor security and privacy practices. It is recommended to implement HTTPS, add privacy and cookie policies, provide contact information, and develop actual business content to improve credibility and security posture.

Bubulakovo is a regional e-commerce retailer specializing in fabrics and meter goods, primarily serving the Hungarian market with multiple sister sites targeting other European countries. The website presents a professional and consistent brand image with a good quality user experience and moderate technical maturity, leveraging modern frameworks like Bootstrap 4 and marketing tools such as Google Tag Manager and SalesManago. Security posture is solid with HTTPS enforced and standard security headers, though the absence of explicit privacy and terms of service pages limits compliance maturity. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the site is trustworthy and well-positioned in its niche but would benefit from enhanced privacy and security disclosures.

P

Pfarrei Hl. Edith Stein

heiligeedithstein.de

0

The website represents the Catholic parish 'Hl. Edith Stein' located in Berlin, Germany, serving the local community with religious services, events, and pastoral care. It operates under the Erzbistum Berlin and targets parishioners and interested individuals in the region. The site provides comprehensive information about services, events, and community life, reflecting a small but active religious organization. Technically, the site is built on TYPO3 CMS, utilizing legacy jQuery libraries and Shadowbox.js for media display. The site is moderately optimized for performance and mobile devices, with good accessibility and SEO practices. Cookie consent is implemented with granular user choices, reflecting good privacy compliance. Security posture is moderate; while HTTPS is implied, no explicit security headers were detected, and no published security or incident response policies are available. The site does not expose sensitive data and uses consent-based activation for tracking and media embeds. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the website is trustworthy and professional, with good content quality and privacy compliance. Recommendations include enhancing security headers, publishing security policies, and considering vulnerability disclosure mechanisms to improve security maturity and trust further.