Security Directory

L

Landratsamt Reutlingen

kreis-reutlingen.de

0

Landratsamt Reutlingen is the official district authority for the Landkreis Reutlingen region in Germany, providing a wide range of public services including citizen services, administrative functions, and regional planning. The website serves as a comprehensive portal for residents and stakeholders, offering detailed organizational information and service access. Technically, the site employs modern JavaScript libraries such as GSAP and Lottie for animations, Matomo for privacy-conscious analytics, and integrates accessibility tools like ReadSpeaker and contrast settings, reflecting a mature digital infrastructure. Security posture is adequate with HTTPS enforced and cookie-less analytics, but lacks visible security headers and publicly available privacy or cookie policies, indicating room for improvement in compliance and transparency. Overall, the site is professional, trustworthy, and well-structured, serving its government function effectively.

L

Landratsamt Bodenseekreis

bodenseekreis.de

0

The website www.bodenseekreis.de is the official online presence of the Bodenseekreis district administration in Germany. It serves as a comprehensive information portal for residents and businesses, covering a wide range of public services including social welfare, health, transport, environment, public safety, tourism, education, culture, and local government administration. The site is built on the TYPO3 CMS platform, indicating a mature and stable technical infrastructure suitable for government use. Accessibility features such as sign language and easy language options enhance inclusivity. The presence of a chatbot named LARA further improves user engagement and service delivery. From a security perspective, the website employs HTTPS and basic security headers but lacks advanced security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy and cookie policies are present and appear to comply with GDPR requirements, reflecting a responsible approach to user data protection. The site does not employ advertising or tracking technologies, minimizing privacy risks. Overall, the website demonstrates a good balance of content quality, technical implementation, and privacy compliance, positioning it as a trustworthy and professional government resource. Recommendations include enhancing security headers, publishing incident response contacts, and adding a security.txt file to improve transparency and security posture.

S

Seyfor

profiuctenka.cz

0

Profi Účtenka is a Czech Republic based software solution specializing in electronic sales record (EET) applications for mobile devices including Android, iOS, and Windows. The company, Seyfor, offers a trusted and widely used product with over 27,000 downloads, positioning itself as a reliable provider in the local market. Their business model combines software distribution with hardware sales through a partner network, targeting small to medium businesses requiring compliance with Czech EET regulations. The website is professionally designed using WordPress and Elementor, featuring clear navigation, mobile optimization, and integration with app stores for easy access to their applications. Privacy and cookie policies are implemented with GDPR compliance, and contact information is comprehensive, including phone, email, physical addresses, and a contact form.

The website www.kit22.com currently hosts only minimal content consisting of a single line referencing a request for tools, data, and machine learning predictions related to Stay22's products. There is no metadata, structured data, or business information available on the site. WHOIS data indicates that the domain is not registered or has expired, with no registrar or registrant information found. This suggests the domain is inactive or unclaimed, which severely limits the credibility and trustworthiness of the site. Technically, the site lacks HTTPS, security headers, and any modern web technologies, indicating a very low digital maturity level. No privacy, cookie, or terms of service policies are present, and no contact or security incident response information is available. Overall, the site is not operational as a business or service platform at this time.

A

Altrex

modularstepsystems-altrex.com

0

Altrex operates a specialized industrial platform stepladder configurator website designed to serve commercial and industrial customers seeking tailored stepladder solutions. The site offers a multi-step configuration process with options for product specifications and downloadable CAD/BIM models, supporting professional use cases. The business appears to be a medium-sized manufacturing entity focused on product customization and digital integration, with regional sister sites in multiple languages. Technically, the website employs a moderately modern tech stack including Bootstrap 3, jQuery, WebGL, and Google Analytics, hosted via a registrar in the Netherlands. While the site is functional and professionally designed, it lacks visible privacy and cookie policies, and security headers are absent, indicating room for improvement in security posture and privacy compliance. The domain is relatively new but consistent with the business scope and shows no suspicious WHOIS patterns. Overall, the website is moderately mature with good business credibility but requires enhancements in privacy and security to meet higher compliance standards.

A

Altrex

hoopladder-altrex.com

0

Altrex operates a specialized product configurator website for their Everest hoop ladder product line, targeting construction professionals and building managers. The site enables users to configure custom ladder solutions with CAD and BIM model downloads and request quotes, positioning Altrex as a focused manufacturer in the industrial safety ladder market. The website is relatively new, consistent with the domain registration date in 2023, and presents a professional and functional user experience with moderate technical sophistication including WebGL 3D visualization and integration with BIM tools. However, the site lacks explicit privacy and cookie policies, and no security headers are detected, indicating gaps in compliance and security best practices. The use of Google Analytics and Tag Manager suggests moderate user tracking without visible consent mechanisms. Overall, the security posture is moderate but could be improved by implementing DNSSEC, security headers, and privacy compliance measures. The domain registration is transparent and consistent with the business, with no suspicious indicators. Strategic recommendations include enhancing privacy compliance, improving security headers, and adding incident response information to strengthen trust and security culture.

V

Voskamp Toegangstechniek

voskamptoegangstechniek.nl

0

Voskamp Toegangstechniek is a Dutch company specializing in the supply, installation, and maintenance of automatic door systems. As part of the Voskamp Groep, it has over 30 years of experience and serves business clients requiring customized door automation solutions. The website reflects a professional B2B service provider with a clear market position in manufacturing and technical services related to door systems. The company emphasizes customer service and technical expertise, supported by detailed project showcases and contact options. Technically, the website is built on WordPress with modern libraries and SEO tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and vulnerability disclosures are absent. Overall, the domain registration and website content are consistent and trustworthy, supporting a medium-sized enterprise operating in the Netherlands.

B

Baseline

baseline.is

0

Baseline is a technology company founded in 2020 that offers an all-in-one brand platform SaaS solution designed to automate content creation and streamline brand management. The platform targets agencies, small businesses, non-profits, marketing teams, and franchises, providing tools such as brand guides, on-brand templates, and a design editor to help users maintain consistent branding effortlessly. The company has established a credible market presence with over 16,000 brands created and features customer testimonials and case studies that reinforce its trustworthiness. Technically, the website leverages modern JavaScript frameworks like Vue.js, integrates analytics tools such as PostHog and Google Tag Manager, and uses third-party services including AnyChat and Reditus affiliate scripts. Hosting is provided by Hetzner, a reputable provider, and the site employs SSL/TLS encryption with good configuration. The website is well-designed, mobile-optimized, and SEO-friendly, though some accessibility features are basic. From a security perspective, Baseline enforces HTTPS and uses nonce attributes for stylesheets, but lacks explicit security headers and a vulnerability disclosure policy. DNSSEC is not enabled, representing a minor security gap. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but no cookie consent mechanism is evident. Contact information is limited to forms and newsletter subscription, with no direct emails or phone numbers published. Overall, Baseline presents a professional and trustworthy online presence with a solid technical foundation and good business credibility. Strategic improvements in security headers, cookie consent, and direct contact information would enhance its security posture and privacy compliance, further strengthening user trust.

M

MILEX SIA

bastioni.lv

0

MILEX SIA operates the Bastioni.lv website, specializing in the wholesale and retail of bastions for military, civil defense, household, and entertainment applications. The company represents well-known brands such as HESCO and offers certified products with an engineering team to support custom solutions. The website is built on the Tilda CMS platform, leveraging modern web technologies and CDN hosting for performance and availability. The site is mobile-optimized and provides clear navigation and professional content relevant to its target audience. Security posture is adequate with HTTPS enabled and secure form handling, but lacks advanced security headers and formal security policies. Privacy compliance is minimal, with no visible privacy or cookie policies. Overall, the website presents a trustworthy business presence with room for improvement in privacy and security transparency.

L

Lewiatan Holding S.A.

urodzeniprzedsiebiorcy.pl

0

Urodzeni Przedsiębiorcy is a Polish initiative focused on supporting and educating small and medium-sized entrepreneurs. It is operated under the umbrella of Lewiatan Holding S.A., a well-established entity in the Polish retail and franchise sector. The website offers educational materials, news, and resources aimed at fostering entrepreneurship and business growth in Poland. The target audience includes aspiring and current entrepreneurs seeking knowledge and community support. Technically, the website is built on WordPress, leveraging modern JavaScript libraries and optimization tools, with integrations for analytics and marketing such as Google Analytics, Google Tag Manager, Facebook Pixel, and Cookiebot for cookie consent management. The site is hosted by home.pl S.A., a reputable Polish hosting provider.

G

Gastvrij Overijssel

gastvrijoverijssel.nl

0

Gastvrij Overijssel is a regional network organization dedicated to the leisure economy in the Overijssel province of the Netherlands. It collaborates with various tourism stakeholders, government entities, and businesses to coordinate regional agendas, promote innovation, and enhance the vitality of the local tourism sector. The organization positions itself as a key regional player facilitating sustainable development and knowledge sharing within the leisure economy. The website reflects this mission with clear navigation, relevant content, and a professional design tailored to its target audience of tourism professionals and government partners. Technically, the website is built on WordPress and leverages modern web technologies such as Swiper.js for interactive elements, Google Analytics and Tag Manager for tracking, and Google reCAPTCHA for form security. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. Performance is moderate, with no major technical issues detected. However, the site lacks some advanced security headers and a cookie consent mechanism, which are important for full GDPR compliance. From a security perspective, the site uses HTTPS with a strong SSL configuration and employs reCAPTCHA to protect forms from abuse. There are no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies, incident response contacts, and cookie consent mechanisms indicates room for improvement in compliance and transparency. The WHOIS data aligns well with the website's claims, showing consistent registration details and domain age appropriate for the organization's founding date. Overall, Gastvrij Overijssel's website is a trustworthy and professional platform supporting its business goals. Strategic improvements in privacy compliance and security policy transparency would enhance its security posture and regulatory adherence.

KreisVolkshochschule Neuwied e.V. is a well-established regional non-profit adult education provider in the Landkreis Neuwied, Germany, offering a broad range of courses, lectures, and excursions aimed at personal and professional development. The organization targets a diverse audience including adults, seniors, youth, migrants, and local institutions. Their business model focuses on accessible, affordable, and community-oriented education with strong regional government support and partnerships. Technically, the website is built on a custom CMX CMS platform, hosted by agenturserver, and demonstrates moderate performance with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit incident response policies. Privacy compliance is supported by a comprehensive privacy policy but lacks an explicit cookie consent mechanism. Overall, the website is professional, trustworthy, and content-rich, serving its educational mission effectively.

The Kreismusikschule Westerwald is a regional music school based in Montabaur, Germany, offering a broad range of music education services including instrumental lessons, ensembles, and special programs for all ages. The institution targets a wide audience from infants to seniors, emphasizing quality education and community engagement. The website reflects a well-structured educational business model focused on regional outreach and musical development. Technically, the site is built on the Contao CMS platform, utilizing modern JavaScript libraries such as jQuery and Swiper.js for interactive elements. Hosting is managed via netclusive.de, a German hosting provider, ensuring reliable infrastructure. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS but lacks advanced security headers and cookie consent mechanisms, which are recommended for enhanced compliance and protection. No signs of WAF or blocking mechanisms were detected, and no vulnerabilities were apparent from the content. Overall, the website is professional, trustworthy, and serves its educational purpose effectively.

The website at jsrdn.com is currently inaccessible due to an Access Denied error, likely caused by a Web Application Firewall or other security mechanism. This prevents any meaningful extraction of business, technical, or security content from the site. The domain is registered since 2013 with NameCheap and uses AWS DNS servers, indicating a potentially stable hosting environment. However, the lack of accessible content and metadata severely limits the ability to assess the company's business model, services, or compliance posture. Security posture cannot be evaluated due to missing HTTPS and security headers information. Overall, the site appears to be either restricted or misconfigured, resulting in a very low AI score and high risk for users seeking information or services.

S

Stichting het Gehandicapte Kind

gehandicaptekind.nl

0

Stichting het Gehandicapte Kind is a well-established Dutch non-profit organization dedicated to supporting children with disabilities by promoting inclusion in education, play, and sports. The website effectively communicates its mission, engages donors and volunteers, and provides clear calls to action. The organization holds recognized certifications such as ANBI and CBF, enhancing its trustworthiness and legitimacy. The domain age and WHOIS data align with the organization's claims, supporting a strong business credibility profile. Technically, the website is built on Drupal 9 and integrates modern tools including Google Tag Manager, reCAPTCHA, Cookiebot for consent management, and analytics platforms like SpotEffects and Leadinfo. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Security practices include HTTPS enforcement and CAPTCHA protection on forms, though some security headers could be improved for enhanced protection. The security posture is solid with no detected vulnerabilities or exposed sensitive data. Privacy compliance is robust with clear privacy and cookie policies and GDPR adherence. However, the site lacks a published security policy or incident response contact, which could be areas for improvement. Overall, the website presents a professional, trustworthy, and secure platform for its charitable activities, with recommendations to enhance DNS security and security headers to further strengthen its security posture.

A

Asociace poskytovatelů nebankovních úvěrů

apnu.cz

0

Asociace poskytovatelů nebankovních úvěrů (APNÚ) is a Czech Republic-based association representing non-bank loan providers. The organization focuses on promoting responsible lending practices and consumer protection within the non-bank credit sector. The website serves as an informational platform showcasing member companies, ethical codes, and press releases, positioning APNÚ as a credible industry association. Technically, the site is built on WordPress with the Astra theme and Elementor page builder, indicating a modern and maintainable infrastructure. The site is mobile-optimized and uses HTTPS, but lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is generally good with no visible vulnerabilities or exposed sensitive data. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and contact transparency.

I

InterSites | WordPress | Webdesign

intersites.nl

0

InterSites is a Dutch web design and hosting company established in 2005, specializing in WordPress websites and webshops tailored for starters, freelancers, and small to medium enterprises. The company emphasizes personal contact, clear communication, and delivering modern, responsive, and SEO-optimized websites. Their market position is that of a trusted local player with two decades of experience serving the Zwolle region. Technically, the website is built on WordPress using popular plugins like Yoast SEO and Beaver Builder, with integrations for Google Tag Manager and Facebook Pixel for marketing and analytics. Hosting is provided by Hostnet B.V., a reputable Dutch registrar with DNSSEC enabled and HTTPS enforced, indicating good security practices. However, explicit security policies and incident response mechanisms are not publicly documented. Overall, the website is professional, user-friendly, and compliant with GDPR through clear privacy and cookie policies.

S

Stichting Hart voor Zwolle

stichtinghartvoorzwolle.nl

0

Stichting Hart voor Zwolle is a Dutch non-profit organization dedicated to combating loneliness among vulnerable populations in Zwolle, including elderly, refugees, disabled individuals, and youth. The organization mobilizes young volunteers aged 18-35 to engage in meaningful social activities and support, fostering community connections. The website reflects a well-established local presence with a clear mission, active community engagement, and a focus on volunteerism and social inclusion. Technically, the site is built on WordPress with modern plugins and SEO optimizations, hosted by a reputable Dutch provider. Security posture is good with HTTPS and DNSSEC enabled, though additional security headers and formal policies could enhance protection. Privacy compliance is strong with clear cookie consent and privacy policies. Overall, the site is professional, trustworthy, and well-aligned with its non-profit mission.

wietzker media is a small media-related business with a website offering content in German and English. The site is minimalistic, providing language selection but lacking detailed business descriptions or contact information. The domain is well-established, created in 2001, and registered with a reputable German registrar, indicating a legitimate presence. Technically, the website is simple, built with basic HTML and CSS, hosted by Cronon GmbH, and lacks modern web technologies or CMS platforms. Security posture is minimal, with no DNSSEC, security headers, or HTTPS status provided, and no privacy or cookie policies published. Overall, the site is accessible and safe but lacks many modern security and compliance features.

B

Bravo Tours

bravotours.dk

0

Bravo Tours is a well-established Danish travel agency specializing in package holidays, charter flights, and hotel bookings primarily targeting Danish travelers. The website presents a professional and user-friendly interface with clear navigation and a broad range of travel destinations, including popular European and exotic locations. The business model focuses on online travel bookings with additional services such as safari tours and golf holidays, positioning Bravo Tours as a leading player in the Danish travel market. Technically, the website employs modern JavaScript frameworks, integrates Cookiebot for GDPR-compliant cookie consent, and uses Google Tag Manager and New Relic for analytics and performance monitoring. The site is mobile-optimized and demonstrates good SEO practices. Security-wise, the site uses HTTPS with a valid SSL certificate and implements cookie consent mechanisms; however, it lacks explicit security headers like Content-Security-Policy and does not provide a public security policy or vulnerability disclosure. Overall, the website is safe, professional, and trustworthy, with moderate tracking and advertising practices typical for the industry.

I

ICAS

icas.global

0

The International Council for Advertising Self-Regulation (ICAS) operates as a global non-profit platform dedicated to promoting responsible advertising through self-regulatory standards. Established in 2017 and based in Belgium, ICAS serves advertising industry professionals, self-regulatory organizations, and policy makers worldwide. The website effectively communicates its mission, member organizations, and key services including global standards, knowledge resources, and events such as the ICAS Global Awards. The organization positions itself as a leader in the advertising self-regulation sector with a consistent and professional brand presence.

M

MarketingOost

marketingoost.nl

0

MarketingOost is a regional organization focused on developing the leisure economy in Overijssel, Netherlands. They provide services including branding, data analytics, destination development, and route marketing to governments and entrepreneurs. The website reflects a professional and consistent brand presence with clear communication of their mission and services. Technically, the site is built on WordPress with modern plugins such as Gravity Forms and Yoast SEO, and integrates Google Analytics and Tag Manager for tracking. Security posture is good with HTTPS and reCAPTCHA implemented, though some security headers and explicit policies could be improved. Overall, the site is trustworthy, well-structured, and serves its target audience effectively.

S

Stichting Hart voor Zwolle

hartvoorzwolle.nl

0

Stichting Hart voor Zwolle is a Dutch non-profit organization dedicated to combating loneliness in the Zwolle community by connecting enthusiastic young volunteers (aged 18-35) with vulnerable groups including elderly, refugees, people with disabilities, and homeless individuals. The organization facilitates meaningful social interactions and activities, impacting over 800 residents. The website is built on WordPress with modern plugins and SEO tools, hosted by Hostnet B.V., and employs HTTPS with DNSSEC for security. While the site demonstrates good content quality, mobile optimization, and basic privacy compliance, explicit security policies and incident response information are absent. Overall, the site reflects a trustworthy and community-focused organization with room for enhanced security transparency.

R

RecruitNow

recruitnow.nl

0

RecruitNow is a Netherlands-based technology company specializing in AI-driven recruitment solutions, including ATS and CRM platforms branded as Cockpit and Cockpit X. The company targets recruitment agencies and HR professionals, positioning itself as a leading AI-powered recruitment SaaS provider in Europe with over 450 flex bureaus as clients. The website is built on WordPress with a modern tech stack, optimized for performance, mobile responsiveness, and SEO. Security posture is good with HTTPS and cookie consent mechanisms, though explicit privacy and security policies are missing. The site integrates multiple analytics and marketing tools, indicating a mature digital marketing approach. Overall, the website is professional, trustworthy, and business-focused.

H

home.pl S.A.

gotujezlewiatanem.pl

0

Gotujezlewiatanem.pl is a Polish culinary blog focused on providing recipes, cooking inspiration, and related content primarily targeting general consumers interested in cooking and food preparation. The website is built on WordPress CMS with WooCommerce and Elementor plugins, indicating a mature digital infrastructure suitable for content management and e-commerce capabilities. The site integrates Google Analytics and Tag Manager for user tracking and Cookiebot for cookie consent management, reflecting a moderate level of digital maturity and privacy awareness. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and DNSSEC, which are recommended for enhanced protection. The domain is registered with home.pl S.A., a reputable Polish registrar and hosting provider, consistent with the website's Polish language and market focus. Overall, the website presents a professional and trustworthy front with room for improvement in privacy policy transparency and security hardening.

L

Lewiatan Holding S.A.

wybieramlokalne.pl

0

Lewiatan Holding S.A. operates wybieramlokalne.pl as a blog platform promoting local food products sourced from nearby producers in Poland. The website emphasizes supporting local communities and producers by providing fresh, quality products with short transport distances. The business targets consumers interested in local and sustainable food choices, leveraging its established market position in the Polish retail sector. Technically, the site is built on WordPress 6.7.2, uses Google Analytics and Tag Manager for tracking, and loads Google Fonts and SVG icons for UI. The site is mobile-optimized with a good user experience and clear navigation. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanisms. Contact information is clearly provided, enhancing business credibility.

N

NovoChat

novochat.co

0

NovoChat is a SaaS platform specializing in chat marketing solutions tailored for e-commerce businesses. It offers services such as WhatsApp automation, broadcast messaging, multi-channel inbox, and integrations with popular e-commerce platforms like Shopify and EasyStore. The company positions itself as a leading provider in the chat marketing niche, targeting e-commerce merchants seeking to enhance customer communication and drive sales through messaging apps. The website demonstrates a professional and modern design with excellent SEO and structured data implementation, indicating a mature digital presence. Technically, the site is built on WordPress with Elementor, leveraging modern web technologies and third-party analytics and marketing tools such as Google Analytics, Facebook Pixel, and Microsoft Clarity. Security posture is good with HTTPS enforced and domain transfer protections, though some security headers are not explicitly detected and DNSSEC is not enabled. Privacy compliance is limited as no explicit privacy or cookie policies were found in the analyzed content. Overall, the site is trustworthy and well-positioned but could improve transparency on privacy and security policies.

Office Planning Solutions is a small, specialized service provider focused on creative office space and facility planning primarily for real estate brokerages, corporate offices, and banking facilities. The company has a long-standing presence since 2004 and is nationally recognized for its personalized approach to office space design and strategic facility planning. The website reflects a professional business with clear contact information and relevant service descriptions, targeting businesses seeking to optimize their office environments. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, and integrates Google Analytics and Google Tag Manager for user tracking. Hosting is provided by DreamHost with domain registration through NameCheap. The site is mobile optimized and offers good navigation and user experience, though SEO and accessibility features are basic. No CMS or advanced frameworks were detected. From a security perspective, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and security headers, which are recommended for enhanced security. There are no visible forms or input fields on the homepage, reducing immediate attack surface, but the absence of privacy and cookie policies indicates compliance gaps, especially regarding GDPR. No incident response or vulnerability disclosure information is provided. Overall, the website is safe, professional, and trustworthy but would benefit from improved privacy compliance and enhanced security headers. The domain registration data supports legitimacy with consistent business history and transparent registration details.

D

DiNatale Water Consultants

dinatalewater.com

0

DiNatale Water Consultants is a specialized small consulting firm based in Boulder, Colorado, focusing on water resources planning and engineering. Founded in 2009, the company offers expert services in water rights, reservoir management, permitting, and utility planning, targeting municipal and regional water stakeholders. Their market position is that of a niche expert with strong client endorsements and a pragmatic approach rooted in regional water challenges. The website reflects a professional and consistent brand image with clear contact channels and social media presence. Technically, the website is built on WordPress with common plugins like Yoast SEO and jQuery, hosted by Bluehost. The site is moderately performant, mobile-optimized, and SEO-friendly but lacks advanced accessibility features. Security posture is adequate with HTTPS enabled and domain transfer protection, but it lacks DNSSEC and important security headers. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanisms. Analytics tools are present but not actively configured. Security-wise, the site shows no signs of active vulnerabilities or malware but could improve by enabling DNSSEC, adding security headers, and implementing privacy policies to meet GDPR and other regulations. The WHOIS data is consistent and supports the legitimacy of the domain and business. Overall, the site is trustworthy and professional but has room for improvement in privacy and security compliance. The risk assessment is moderate with no critical issues detected but some compliance gaps. Strategic recommendations include implementing privacy and cookie policies, enabling DNSSEC, adding security headers, and properly configuring analytics to enhance user privacy and security posture.

O

Ortsgemeinde Windhagen

windhagen.de

0

Ortsgemeinde Windhagen operates as a local government entity serving the municipality of Windhagen in Germany. The website provides community information, local news, contact details, and municipal services. It targets residents, local businesses, and visitors interested in the region. The business model is public sector administration focused on local governance and community engagement. The site is positioned as an official municipal portal with a small local audience and a focus on transparency and service. Technically, the website uses a standard modern stack including Bootstrap, jQuery, FontAwesome, and Ionicons. It is mobile responsive and well structured but lacks advanced CMS or analytics integrations. Performance is moderate with basic SEO and accessibility features. No CMS or hosting provider details are evident, suggesting a custom or static site deployment. From a security perspective, the site uses HTTPS (assumed from URL), but no explicit security headers or policies are visible. There are no forms collecting sensitive data on the main page, reducing attack surface. However, cookie consent mechanisms and incident response contacts are missing, indicating room for compliance improvement. No vulnerabilities or suspicious elements were detected. Overall, the website is a trustworthy and professional municipal portal with good content quality and business credibility. Security posture and privacy compliance can be enhanced with additional policies and technical controls. The domain WHOIS data aligns well with the website content, supporting legitimacy. No blocking or WAF mechanisms interfere with content access.

O

Ortsgemeinde Buchholz

buchholz-westerwald.de

0

Ortsgemeinde Buchholz operates as a local government entity serving the municipality of Buchholz in Rheinland-Pfalz, Germany. The website provides residents and visitors with information about local administration, cultural activities, youth and education, citizen services, and church-related content. The site is positioned as an official municipal portal with a clear focus on community engagement and public service. Technically, the website is built on TYPO3 CMS with Bootstrap for responsive design, ensuring good mobile optimization and user experience. The use of Google Analytics and Google Tag Manager with IP anonymization indicates a moderate level of digital maturity and privacy awareness. However, there is room for improvement in security headers and explicit incident response documentation. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or vulnerability disclosure mechanism suggests an opportunity to enhance transparency and security posture. Overall, the website is professional, trustworthy, and well-suited for its target audience. Strategic improvements in security headers, incident response communication, and accessibility could further strengthen its security and compliance stance.

gs-it.biz is a small German-language blog focused on philosophy, branded as Mindblown. The website provides basic blog content with minimal pages and no advanced business or e-commerce features. The technical infrastructure is based on WordPress 6.8.2, hosted with a registrar in Germany, and uses standard web technologies such as HTML5, CSS, and JavaScript. The site is mobile-optimized and moderately performant but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but no DNSSEC or security headers implemented. No privacy or cookie policies are present, indicating non-compliance with GDPR requirements. Contact information and incident response details are absent, reducing business credibility and trust. Overall, the site is safe for general audiences but requires improvements in privacy, security, and business transparency to enhance trust and compliance.

L

Lewiatan Holding S.A.

lewiatan.pl

0

Lewiatan Holding S.A. operates a well-established retail grocery franchise network in Poland, offering a wide range of products including local specialties and branded items. The company targets Polish consumers and franchisees, maintaining a strong national presence with a focus on local community engagement and customer loyalty programs. The website reflects a mature digital presence with comprehensive content, including promotions, product catalogs, franchise information, and customer engagement tools such as a mobile app and newsletter subscription. Technically, the site is built on Drupal 8, integrating modern analytics and marketing tools like Google Analytics, Facebook Pixel, and Hotjar, ensuring good performance and mobile optimization. Security posture is adequate with HTTPS enforced and cookie consent implemented, though some security headers are missing and no explicit security policy or incident response contacts are published. The domain registration is consistent and long-standing, supporting the legitimacy of the business. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, serving its retail audience effectively.

The website ics.fr appears to be protected behind a security challenge page, likely a Web Application Firewall (WAF) or similar security mechanism, which blocks direct access to content. The visible content is minimal and primarily consists of a redirect page with a browser integrity check script. The site references outdated CMS technologies such as Joomla 1.5 and WordPress 2.5, which are no longer supported and pose significant security risks. No privacy, cookie, or terms of service policies are present, and no contact or business information is visible. The domain is registered with GANDI since 1997, indicating a long-standing presence, and the WHOIS data is consistent and legitimate. Overall, the site’s technical infrastructure appears outdated, and the security posture is weak, relying on external security services like BitNinja.IO for protection.

S

Stichting het Gehandicapte Kind

nsgk.nl

0

Stichting het Gehandicapte Kind is a well-established Dutch non-profit organization dedicated to supporting children with disabilities by promoting inclusion in education, play, and sports. The website effectively communicates its mission, projects, and ways to support through donations and volunteering, targeting donors, families, and the general public. The organization holds recognized certifications such as ANBI and CBF, enhancing its credibility. Technically, the site is built on Drupal 9 with modern tracking and consent management tools, ensuring a good digital maturity level. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent, though some security headers and policies could be improved. Overall, the site is professional, trustworthy, and compliant with privacy regulations.