Security Directory

B

BHE Bundesverband Sicherheitstechnik e.V.

bhe.de

63

BHE Bundesverband Sicherheitstechnik e.V. is a leading German non-profit industry association specializing in security technology. The organization provides certifications, training programs, publications, and advocacy services to security professionals, companies, and planners. Their market position is strong within Germany, supported by multiple certification schemes and a broad network of industry partners. The website reflects a professional and consistent brand image targeting security technology stakeholders. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, hosted by punkt.de GmbH. It employs modern web technologies with a moderate performance profile and good mobile optimization. The site uses Matomo analytics with cookies disabled, indicating a privacy-conscious approach. However, some security best practices such as security headers and cookie consent mechanisms are missing. From a security perspective, the site enforces HTTPS and uses privacy-friendly analytics but lacks explicit incident response contacts and vulnerability disclosure policies. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent and supports the legitimacy of the domain and business. Overall, the site demonstrates a solid security posture with room for improvement in security headers and privacy compliance. The overall risk assessment is low, with recommendations to enhance security headers, implement cookie consent, and publish incident response information to further strengthen trust and compliance.

E

EWS Schönau

ews-schoenau.de

49

EWS Schönau is a German renewable energy provider focused on delivering 100% green electricity, biogas, and related energy services to both private and commercial customers. The company emphasizes citizen-owned energy generation and active participation in the energy transition. Their website reflects a mature digital presence with modern technologies such as Vue.js and client-side form validation, offering calculators for various energy tariffs and detailed service information. Multiple certifications and awards underscore their credibility and commitment to sustainability. However, the site lacks explicit privacy and cookie policies, and no direct contact emails or phone numbers are visible in the provided content. Security posture is moderate with HTTPS implied but no visible security headers or vulnerability disclosures. Overall, the website is professional, trustworthy, and well-structured, serving its target audience effectively.

F

Flori Radlherr / Gerhard Keuschnig

foto-webcam.eu

43

Foto-Webcam.eu is a specialized website offering a comprehensive overview of live webcams primarily focused on Alpine and European regions including Austria, Germany, Italy, Switzerland, and Greenland. The site provides high-quality webcam images for tourism, nature observation, and general public interest. The business operates as a niche service provider with a small-scale footprint, focusing on delivering reliable live image feeds and related product information. Technically, the website employs modern web technologies including responsive design, JavaScript, CSS, and Bootstrap framework, ensuring good user experience across devices. The site supports dark mode and uses manifest files indicating progressive web app capabilities. Security posture is moderate with HTTPS usage but lacks visible security headers and cookie consent mechanisms. WHOIS data is privacy protected by EURid, which is typical for .eu domains, but limits transparency regarding domain registration details. Overall, the website is professional, content-rich, and trustworthy for its intended audience.

R

Rowohlt Verlag

rowohlt.de

66

Rowohlt Verlag is a well-established German publishing company specializing in a wide range of books including literature, crime, thrillers, and non-fiction. The website serves as a digital storefront and information portal for their catalog, authors, and new releases, targeting German-speaking readers and book buyers. The business model revolves around publishing and direct online sales, supported by a professional and consistent brand presence. Technically, the website leverages modern web technologies including Drupal CMS, Astro framework, Cloudflare DNS, and integrates consent management via Usercentrics, ensuring GDPR compliance mechanisms are in place. The site is mobile-optimized and features good SEO practices, although accessibility could be improved. Security posture is strong with HTTPS enforced and Cloudflare protection, but lacks explicit security headers and published security policies. No privacy policy or terms of service pages were detected in the provided content, which is a compliance gap. Overall, the domain and website appear legitimate and trustworthy with active social media engagement and e-commerce capabilities.

Linksnet.de is a German-language digital platform operated by the Rosa-Luxemburg-Stiftung, serving as a hub for over 50 left-wing political and scientific magazines. It provides curated access to articles on politics, society, culture, and related themes, targeting politically engaged readers and academics interested in leftist discourse. The platform is built on Drupal 9 and integrates Matomo analytics with privacy-conscious settings. The website demonstrates good content quality, clear navigation, and mobile optimization, reflecting a mature digital presence for a non-profit media entity. Security posture is adequate with HTTPS and privacy-aware analytics, though improvements in security headers and explicit cookie consent are recommended. The absence of direct contact information and formal security policies suggests areas for enhancement in transparency and compliance. Overall, the domain and website appear legitimate and consistent with the stated organizational affiliation.

E

EGT Energievertrieb GmbH

egt-energievertrieb.de

71

EGT Energievertrieb GmbH is a well-established German energy company with over 120 years of history, specializing in providing comprehensive energy solutions for business customers including industry, commerce, and medium-sized enterprises. Their services encompass energy purchasing, visualization, and generation, supported by a professional and user-friendly website built on TYPO3 CMS. The company maintains a strong market position within the regional energy sector and operates under the parent company EGT AG with several related subsidiaries. Technically, the website leverages modern technologies such as TYPO3 CMS, Google Tag Manager, and Cookiebot for consent management, hosted on AWS infrastructure. The site demonstrates good performance, mobile optimization, and accessibility, with a clear navigation structure and professional design. Privacy compliance is well addressed through detailed cookie consent mechanisms and GDPR-aligned policies. From a security perspective, the website enforces HTTPS and employs cookie consent blocking for tracking scripts, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the company's business claims, indicating a legitimate and consistent domain registration. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic improvements could include publishing explicit security policies and enhancing HTTP security headers to further strengthen the security posture.

E

EE Infratec GmbH

ee-infratec.de

68

EE Infratec GmbH is a medium-sized joint venture company specializing in the installation and operation of intelligent metering technology and communication infrastructure for renewable energy supply in Germany. The company benefits from strong partnerships with EGT Energie GmbH and Elektrizitätswerke Schönau eG, positioning it well in the regional energy market. Their website reflects a professional business model focused on smart meter operation, market communication, and comprehensive customer service. Technically, the site is built on TYPO3 CMS, hosted on AWS infrastructure, and employs modern consent management tools like Cookiebot and Google Tag Manager, indicating a mature digital presence. Security-wise, the website enforces HTTPS, uses cookie consent mechanisms, and displays certifications such as ISO 27001 and BSI affiliations, though it lacks explicit security headers and an incident response contact. Overall, the site is secure, compliant with GDPR, and trustworthy, with room for improvement in security header implementation and incident response transparency.

D

Dynamic Lines GmbH

sicherheitsexpo.de

48

SicherheitsExpo.de is the official website for the SicherheitsExpo trade fair held in Munich, Germany, focusing on security technology for various sectors including industry, banking, healthcare, transportation, and public authorities. The site serves as an information and promotional platform for exhibitors, visitors, and partners, showcasing the event's offerings and associated programs. The business positions itself as an innovator in security technology with a strong emphasis on economic benefits and practical applications. Technically, the website is built on TYPO3 CMS, hosted via SchlundTech, and employs Cookiebot for GDPR-compliant cookie management. The site is accessible, mobile-optimized, and uses HTTPS, reflecting a moderate to good level of digital maturity. Security-wise, the site enforces HTTPS and cookie consent but lacks explicit security policies, incident response contacts, or vulnerability disclosure mechanisms, indicating room for improvement in transparency and security posture. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving its business purpose effectively.

S

Swiss Medtech Expo

medtech-expo.ch

68

Swiss Medtech Expo is a professional event and content platform focused on the medical technology industry in Switzerland. It offers a trade fair, symposium, and year-round digital engagement for medtech providers, suppliers, and professionals. The platform provides news, networking opportunities, and educational content, positioning itself as a leading Swiss medtech event. Technically, the website employs modern web technologies including Bootstrap, FontAwesome, and Google Tag Manager, with good mobile optimization and accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security policies and vulnerability disclosure channels. Overall, the site is well-designed, professional, and trustworthy, with strong GDPR compliance and a clear business focus.

K

Kreissparkasse Rottweil

sparkasse-rottweil.de

69

Kreissparkasse Rottweil is a regional German savings bank providing a broad range of financial services including retail banking, online banking, investment products, insurance, and financing solutions. The website targets both private and corporate customers, offering modern digital banking tools such as the Sparkassen-App and online banking with secure TAN procedures. The bank maintains a strong local presence and positions itself as a reliable financial partner in the Rottweil region. Technically, the website is built on a modern web framework likely based on Adobe Experience Manager, with responsive design and good accessibility features. It uses HTTPS and includes cookie consent mechanisms compliant with GDPR. The site integrates tracking and analytics tools such as Google Analytics and employs marketing tools including PAYBACK affiliate programs. From a security perspective, the site enforces HTTPS and session management best practices but lacks explicit security headers and a public security policy or incident response contact. No vulnerabilities or suspicious content were detected. The WHOIS data aligns with the business claims, indicating a legitimate domain registration consistent with a regional bank. Overall, the website demonstrates a good balance of business credibility, technical implementation, privacy compliance, and security posture, suitable for a financial institution serving a regional market.

W

WERMA

werma.com

65

WERMA is a medium-sized manufacturing company specializing in industrial signaling products such as signal towers, stack lights, and integrated signaling solutions. The company targets industrial and manufacturing sectors with a B2B business model. The website is professionally designed, multilingual, and built on the Shopware 6 platform, indicating a moderate level of digital maturity. Technical infrastructure includes modern analytics tools like Matomo and Google Tag Manager, and a cookie consent mechanism via Cookiebot, reflecting awareness of privacy compliance requirements. Security posture is generally good with HTTPS enforced and no exposed sensitive data, though explicit security headers are missing and privacy policy pages are not found in the provided content. The domain WHOIS data is unavailable, which limits the ability to fully verify domain legitimacy. Overall, the website presents a trustworthy and professional front for the business but would benefit from enhanced transparency in privacy and security policies.

V

Volksbank Schwarzwald-Donau-Neckar eG

vbsdn.de

63

Volksbank Schwarzwald-Donau-Neckar eG operates as a regional cooperative bank in Germany, providing a range of retail banking and financial services to its customers. The website is professionally designed with a focus on banking services and customer engagement. The technical infrastructure leverages modern web technologies including Angular Material and Dynatrace for performance monitoring, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and monitoring scripts in place; however, the absence of explicit security headers and privacy policies suggests room for improvement in compliance and security best practices. Overall, the website presents a trustworthy and professional front for the bank, though enhancements in privacy compliance and security transparency are recommended.

H

Hamburger Triathlonverband

triathlonhamburg.de

54

The Hamburger Triathlonverband website serves as the official digital presence of the regional triathlon association in Hamburg, Germany. It provides comprehensive information about triathlon events, youth programs, training, and organizational matters. The site targets athletes, clubs, and sports enthusiasts within the Hamburg region, offering event calendars, news updates, and resources for members. The business model is that of a non-profit sports federation focused on community engagement and sport promotion. Technically, the website is built on Drupal 10, leveraging modern web standards and technologies. It is hosted on servers associated with rzone.de, indicating a professional hosting environment. The site is mobile-optimized, accessible, and SEO-friendly, with structured navigation and rich content. Google Analytics is used for anonymized statistical tracking, integrated with a GDPR-compliant cookie consent mechanism. From a security perspective, the site enforces HTTPS and includes a Content-Security-Policy nonce, indicating attention to security best practices. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not present, representing areas for improvement. No vulnerabilities or suspicious content were detected, and the domain registration appears consistent with the organization's profile. Overall, the website is professional, trustworthy, and well-maintained, with strong compliance to privacy regulations. Strategic recommendations include publishing security and incident response policies, adding terms of service, and enhancing security headers to further strengthen the security posture.

S

Slowenischer Kulturverein Lipa München e.V.

skdlipa.de

56

Slowenischer Kulturverein Lipa München e.V. is a small non-profit cultural association based in Munich, Germany, serving the Slovenian community and cultural enthusiasts. The organization focuses on cultural events, Slovenian language education, folklore activities, and community engagement. The website reflects these activities with event announcements, contact information, and cultural content primarily in German and Slovenian. Technically, the site is built on the IONOS MyWebsite CMS platform, using standard web technologies such as HTML, CSS, JavaScript, and jQuery. The site is hosted by IONOS and uses HTTPS, but lacks advanced security headers and privacy compliance documentation. Security posture is basic with room for improvement in policy publication and technical safeguards. Overall, the site is functional and professional but would benefit from enhanced privacy, security, and compliance measures.

B

Bundesministerium für Arbeit und Soziales

csr-in-deutschland.de

60

The website www.csr-in-deutschland.de is an official German government portal dedicated to Corporate Social Responsibility (CSR) initiatives, policies, and practices in Germany. It is managed by the Bundesministerium für Arbeit und Soziales (Federal Ministry of Labour and Social Affairs) and serves as a comprehensive resource for businesses, policymakers, and stakeholders interested in CSR. The site offers detailed navigation covering CSR basics, policy frameworks, sector-specific information, reporting standards, and CSR awards. It supports multiple language options including easy language and sign language, enhancing accessibility. Technically, the website is built using a government-specific CMS called Government Site Builder, employing modern HTML5, CSS, and JavaScript modules. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. No advanced analytics or tracking scripts were detected, indicating a privacy-conscious approach. However, explicit privacy and cookie policies were not found in the provided HTML content, which is a compliance gap. From a security perspective, the site uses HTTPS (implied by canonical URLs) but lacks visible security headers and explicit security or incident response policies. No vulnerability disclosure or security.txt files were found. WHOIS data is minimal and lacks detailed registrant information, but the presence of official government branding and partner domains supports legitimacy. No WAF or blocking mechanisms were detected, and the content is fully accessible. Overall, the website is a trustworthy, professional government resource with good content quality and business credibility. Improvements are recommended in privacy policy transparency, cookie consent mechanisms, and security header implementation to enhance compliance and security posture.

nuLiga is a specialized platform operated by nu Datenautomaten GmbH, focused on providing automated internet-based network solutions for tennis associations and leagues primarily in Germany and Austria. The website serves as a portal for various regional tennis associations, offering both public and administrative access. The business targets tennis clubs and associations, providing league and club management services through a network of regional subdomains. The company has been established since 2003, indicating a mature presence in its niche market. Technically, the website uses basic HTML, CSS, and JavaScript without modern frameworks or CMS detected. The site performance and mobile optimization are basic, with no advanced SEO or accessibility features evident. The error page analyzed is minimalistic, with no forms or tracking scripts, and no evidence of advanced security headers or HTTPS enforcement from the provided data. From a security perspective, the site lacks visible security headers and privacy or cookie policies, which are important for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided. The domain registration data is consistent with the business claims, showing a legitimate and stable domain age. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the website is functional but basic, with room for improvement in security posture, privacy compliance, and technical modernization. The risk level is moderate due to missing security best practices but no critical vulnerabilities were found in the analyzed content.

C

codecentric AG

codecentric.de

66

codecentric AG is a prominent IT consulting and agile software development company based in Germany, positioning itself as a leader in the German IT consulting market. The company offers IT management and consulting services with a focus on modern technologies and agile methodologies, targeting IT professionals and businesses seeking digital transformation. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on modern frameworks such as Next.js and React, hosted on AWS infrastructure, indicating a mature digital infrastructure. Security-wise, the site uses HTTPS and Google reCAPTCHA v3, but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. Overall, the website is accessible without WAF or blocking mechanisms, and no suspicious content or vulnerabilities were detected in the provided data.

R

Ratisbona Compliance

ratisbona-compliance.de

48

Ratisbona Compliance is a specialized compliance service provider based in Regensburg, Germany, focusing on helping medium-sized companies fulfill their legal obligations efficiently and reliably. Their services include whistleblower protection systems, supply chain due diligence, youth protection officer services, and legal consulting tailored to the needs of the German Mittelstand. The website presents a professional image with clear service offerings and a quality seal, positioning the company as a trusted partner in legal compliance. Technically, the site is built on WordPress using Elementor and Astra theme, with modern features such as Lottie animations enhancing user experience. However, the site lacks visible privacy and cookie policies, security headers, and incident response information, which are important for compliance and security transparency. Overall, the security posture is moderate with HTTPS enabled but missing some best practices. The domain WHOIS data is minimal but consistent with the website's German business focus. No WAF or blocking mechanisms were detected, allowing full content access.

M

Ministerium für Kultus, Jugend und Sport Baden-Württemberg

sportministerkonferenz.de

67

The website represents the official online presence of the Ministry for Education, Youth and Sports of Baden-Württemberg, Germany. It serves as a comprehensive information portal for the Sportministerkonferenz and related youth and sports initiatives. The site targets residents of Baden-Württemberg, educators, youth organizations, and government stakeholders, providing news, organizational details, and resources. The business model is that of a government public service entity, focusing on transparency and public engagement. Technically, the site is built on TYPO3 CMS, a robust open-source content management system widely used in government and enterprise environments. It employs modern web technologies including responsive design, accessibility features, and Matomo analytics with user consent mechanisms, indicating a mature digital infrastructure. Hosting appears to be managed by regional or state-affiliated providers, ensuring reliability and compliance. From a security perspective, the site enforces HTTPS, uses cookie consent banners, and avoids exposing sensitive data. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not published, representing areas for improvement. The domain WHOIS data aligns with the official nature of the site, with no suspicious indicators. Overall, the website demonstrates a strong security posture and high content quality, suitable for its government function. Strategic enhancements in transparency around security policies and incident handling would further strengthen trust and compliance.

S

Survser

survser.com

63

Survser is a technology company specializing in customer feedback solutions through microsurveys tailored for E-Commerce and SaaS businesses. Their platform offers popup surveys, insightful reporting, sentiment tracking, and integrations to help businesses collect actionable customer insights in real-time. The website is professionally designed using modern web technologies such as React and Next.js, providing a responsive and user-friendly experience. The business model appears to be SaaS with a free trial to attract users. Technically, the site is well-implemented with good performance, mobile optimization, and SEO practices. Security posture is strong with HTTPS and standard security headers, though there is room for improvement in privacy compliance, particularly regarding cookie consent mechanisms. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, but the website content and structure suggest a legitimate business operation. Overall, Survser presents a solid digital presence with a focus on customer feedback solutions. Security and privacy practices are adequate but could be enhanced with explicit policies and disclosures. The lack of domain registration data should be investigated further to confirm legitimacy and reduce risk.

F

Fashy GmbH

fashy.de

54

Fashy GmbH is a well-established German company specializing in thermal products such as heat bottles and cushions, as well as swimwear and sportswear under the Aquafeel brand. Founded in 1948, the company maintains a strong market presence with a family business heritage and a focus on innovation and quality. Their business model combines manufacturing with e-commerce and a dealer network, targeting general consumers interested in thermal comfort and swimwear products. The website reflects a consistent brand image and provides comprehensive product information and online shopping options. Technically, the website is built on the Dynamic Commerce CMS platform, hosted via SchlundTech, and incorporates modern web technologies including JavaScript, CSS, and HTML5. It integrates Google Tag Manager and Usercentrics for analytics and consent management, indicating a mature digital infrastructure. The site is mobile-optimized with good SEO and accessibility basics, though some improvements in accessibility and security headers could enhance the technical posture. From a security perspective, the site enforces HTTPS and uses consent management for GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security policies and incident response contacts suggests room for improvement in transparency and preparedness. The WHOIS data is consistent with the business claims, showing no privacy protection and a domain age that aligns with the company's history, supporting legitimacy. Overall, Fashy GmbH's website demonstrates a solid digital presence with good content quality, technical implementation, and privacy compliance. Strategic enhancements in security policies and accessibility would further strengthen their security posture and user trust.

B

Bundesministerium der Verteidigung

bmvg.de

74

The Bundesministerium der Verteidigung (Federal Ministry of Defense) website serves as the official digital presence of the German federal government ministry responsible for defense and security policy. It provides comprehensive information on current security topics, ministry structure, history, and organizational details. The site targets citizens, media, and stakeholders interested in defense matters, positioning itself as a trusted government information source. The content is professionally presented in German with English alternatives, featuring a modern, responsive design and clear navigation.

The website congralpy.de currently serves as a placeholder page indicating that a new homepage is under construction. There is no substantive business information, contact details, or service descriptions available. The site is hosted on German infrastructure (t-online.de) and uses minimal technical components including basic HTML, JavaScript, and CSS. The presence of advertising and tracking scripts from RefinedAds and Xiti indicates some level of user tracking, but no privacy or cookie policies are provided to inform users or comply with GDPR. Security posture is weak due to lack of HTTPS, absence of security headers, and loading of external scripts over unsecured HTTP. Overall, the site appears inactive or in early development stages with low trustworthiness and minimal business credibility.

M

Ministerie van Buitenlandse Zaken

niederlandeweltweit.nl

64

The website www.netherlandsworldwide.nl is an official Dutch government portal managed by the Ministry of Foreign Affairs (Ministerie van Buitenlandse Zaken). It provides comprehensive information for Dutch citizens and residents who travel, live, work, or study abroad. The site covers a wide range of topics including visas, passports, social security, healthcare, education, and travel advice, positioning itself as an authoritative and trusted source for government-related information internationally. The target audience primarily includes Dutch nationals abroad, expatriates, and travelers seeking official guidance. Technically, the website is built using modern web technologies such as React and Next.js, with content managed via Hippo CMS (Bloomreach). It employs Piwik Pro for analytics and Pastease for user surveys, indicating a mature digital infrastructure focused on performance, user experience, and data-driven insights. The site is mobile-optimized, accessible, and SEO-friendly, with structured metadata and schema.org markup enhancing search visibility. From a security perspective, the site enforces HTTPS and uses nonce attributes in scripts to mitigate injection risks. While explicit security headers like X-Frame-Options and X-Content-Type-Options are not visible in the provided data, the overall SSL configuration is excellent. No vulnerabilities or exposed sensitive data were detected. However, the site lacks visible privacy and cookie policies on this page, as well as a security policy or incident response contact, which are recommended for compliance and transparency. Overall, the website demonstrates a high level of professionalism, trustworthiness, and technical maturity appropriate for a government entity. Strategic improvements include publishing explicit privacy and cookie policies with consent mechanisms, adding security policy documentation, and providing clear incident response contacts to enhance user trust and regulatory compliance.

T

Top10 Service

top10-service.de

43

Top10 Service is a small, established German web agency specializing in professional homepage creation, web design, and SEO services since 2005. The company targets small to medium-sized businesses seeking affordable and reliable internet presence solutions. Their website is built on TYPO3 CMS with responsive design and demonstrates good content quality and clear navigation. Technically, the site uses modern frameworks and is hosted on kasserver.com, with good SSL configuration but lacks some advanced security headers and cookie consent mechanisms. Security posture is solid but could be improved with explicit policies and headers. Overall, the business appears credible with transparent pricing and contact information, though some compliance aspects like cookie consent could be enhanced.

P

PAAL AI | Create and Integrate Advanced Crypto & AI Bots

paal.ai

62

PAAL AI is a technology company focused on creating and integrating advanced AI and crypto bots. Their ecosystem offers a variety of AI-powered products including community bots, enterprise agents, autonomous trading agents, and creative meme tools. The platform targets crypto investors, developers, and communities seeking AI-enhanced crypto experiences. Technically, the website is built using modern frameworks such as Next.js and React, supporting multiple platforms including popular messaging apps and web channels. The site demonstrates good design quality, mobile optimization, and SEO practices. Security posture is adequate with HTTPS enabled, but lacks some security headers and formal privacy or cookie policies. WHOIS data is unavailable or malformed, which limits domain trust assessment. Overall, PAAL AI presents a professional and functional platform with room for improvement in privacy compliance and security transparency.

G

Günzel & Kreuzer Werbetechnik

guenzel-kreuzer.com

61

Günzel & Kreuzer Werbetechnik is a well-established German family-owned business specializing in custom advertising technology solutions including light and outdoor advertising. With a domain age dating back to 2003, the company positions itself as a 360° service provider offering planning, visualization, production, installation, and maintenance services. Their clientele includes local and national businesses, agencies, architects, and startups. The website reflects a professional and consistent brand image with comprehensive service descriptions and client references. Technically, the website is built on WordPress with modern web technologies such as Contact Form 7 and CookieMonkey for cookie consent management. The site is mobile-optimized, SEO-friendly, and performs moderately well. Hosting is likely provided by IONOS SE, consistent with the registrar data. The website employs HTTPS with a good SSL configuration but lacks DNSSEC and some advanced security headers. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure information. No critical vulnerabilities or suspicious content were detected. The WHOIS data aligns well with the website's business claims, enhancing trustworthiness. Overall, the website is professional, secure, and compliant with privacy regulations, making it a trustworthy digital presence for the company. Strategic improvements in DNS security and publishing security policies could further enhance their security posture.

T

Tillmann Verpackungen GmbH

tillmann-verpackungen.de

55

Tillmann Verpackungen GmbH is a well-established packaging solutions provider based in Mühlheim am Main, Germany, with over 70 years of experience. The company specializes in manufacturing and distributing a wide range of packaging products including wellpappe, vollpappe, and innovative solutions like LiFe-Multibox and TICO Aluliner. Positioned as the market leader in the Rhein-Main region, Tillmann Verpackungen serves diverse industries such as automotive, e-commerce, pharma, electronics, and medical technology. Their business model focuses on B2B sales, packaging consulting, development, and logistics support including warehousing and assembly services. Technically, the website is built on WordPress with modern SEO and multilingual support via WPML. It employs various third-party services for analytics (eTracker), anti-spam (CleanTalk), and cookie consent management (CookieMonkey). The site is mobile-optimized with good performance and accessibility features, although some improvements could be made in accessibility and security headers. The hosting is professional with domain control nameservers and SSL encryption ensuring secure communications. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. It holds ISO 9001 certification and displays trust signals such as Kununu ratings. However, it lacks a published security policy, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced trust and compliance. No critical vulnerabilities or suspicious content were detected. Overall, the website and business present a high level of professionalism, trustworthiness, and compliance with privacy regulations. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility to further strengthen the security posture and user trust.

G

GONSO ®

gonso.de

63

GONSO® operates a professional e-commerce website specializing in cycling apparel for men and women, emphasizing perfect fit and quality. The company targets cycling enthusiasts seeking high-performance and well-fitting cycling clothing. The website is well-branded, with consistent design and clear navigation, supporting multiple languages and featuring a modern tech stack including Shopware CMS, Google Tag Manager, and UserCentrics for consent management. Social media presence on Instagram, Facebook, and YouTube supports brand engagement. Security posture is strong with HTTPS and CAPTCHA protections, though security headers and explicit privacy policies are missing. No blocking or WAF challenges were detected, allowing full content access.

C

California Cowboy

californiacowboy.com

68

California Cowboy is a niche e-commerce retailer specializing in vintage-inspired casual apparel for men and women, designed in California. The company offers a variety of products including Hawaiian print shirts, flannels, t-shirts, sweatshirts, and accessories, emphasizing functional features such as bottle pockets. The website is built on the Shopify platform using the Pipeline theme, integrating multiple marketing and analytics tools to support customer engagement and sales. The brand targets casual apparel consumers seeking unique and functional clothing with a vintage aesthetic. Technically, the site is well-implemented with modern web technologies, fast performance, and good mobile optimization. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response information are not publicly disclosed. Privacy compliance is addressed with accessible privacy and cookie policies, including consent mechanisms. Overall, the site presents a professional and trustworthy e-commerce experience with room for improvement in transparency around security and contact information.

B

Björn Borg Retail AB

bjornborg.com

62

Björn Borg Retail AB operates an official e-commerce platform specializing in underwear, sports clothing, shoes, and accessories targeting men, women, and kids. The company maintains a strong brand presence with consistent branding and active social media channels, positioning itself as a reputable player in the retail sportswear market. The website is built on modern technologies including React and Gatsby, ensuring fast performance and excellent mobile optimization. Privacy compliance is well addressed with comprehensive privacy and cookie policies and active consent mechanisms. Security posture is robust with HTTPS enforcement and standard security best practices, although explicit security policies and incident response information are not publicly available. The WHOIS data for the domain is missing, which is unusual for an established brand and warrants further verification, but overall the website and business indicators suggest legitimacy and professionalism.

Bik Bok is a well-established Nordic fashion retail company, founded in 1997, offering trendy clothing primarily targeting women interested in the latest fashion trends. The company operates both online and physical stores, positioning itself as a leading fashion destination in the Nordic region. The website reflects a modern e-commerce platform built with React and integrates various marketing and analytics tools such as Google Analytics, Google Tag Manager, Cookiebot for consent management, and New Relic for performance monitoring. The technical infrastructure is solid, with good mobile optimization and SEO practices, although some accessibility features could be improved. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks visible security headers and published security policies. Privacy compliance is partially addressed through cookie consent but lacks explicit privacy and terms of service documentation in the analyzed content. Overall, the website is professional, trustworthy, and serves its target audience effectively.

I

INNOVATIONSRAUM

innovationsraum.de

64

Innovationsraum is a small, owner-managed advertising agency based in Hanau, Germany, specializing in branding, design, web development, strategy, and consulting services. The agency serves a diverse client base across multiple industries including media, technology, and other sectors, delivering tailored and agile solutions to meet business goals. Their market position is that of a reputable local agency with a strong portfolio and client trust. Technically, the website is built on WordPress with modern optimizations, including performance enhancements and GDPR-compliant cookie management. Security posture is solid with HTTPS, anti-spam measures, and cookie consent mechanisms, though explicit security headers could be improved. Overall, the site is professional, well-structured, and trustworthy, with comprehensive contact options and clear business information.

P

Papoo Software & Media GmbH

cookiemonkey.de

44

The website cookiemonkey.de hosts a login portal for CCM19, a cookie consent management software developed by Papoo Software & Media GmbH. The platform targets businesses and organizations needing to manage cookie consents with multi-language support, positioning itself as a niche SaaS provider in the technology sector. The site is professionally designed with good user experience and clear navigation, focusing on secure user authentication. Technically, the site uses jQuery and custom JavaScript with a moderate performance profile and good mobile optimization. However, it lacks visible security headers and explicit SSL verification, which are critical for secure operations. Privacy and cookie policies are absent on the login page, reducing compliance confidence. No contact or incident response information is provided, limiting transparency and trust. WHOIS data shows standard hosting nameservers but lacks detailed registrant information, slightly reducing domain trustworthiness. Overall, the site is functional and professional but requires improvements in security posture and privacy compliance to enhance trust and regulatory adherence.

A

abrdn plc

aberdeenplc.com

66

abrdn plc is a leading global investment company headquartered in the United Kingdom, specializing in asset management and investment services. The company targets institutional investors, financial advisers, and retail clients, offering a broad range of financial products and advisory services. With a strong market position and a history dating back to 1983, abrdn plc operates through well-known subsidiaries such as Aberdeen Standard Investments and Standard Life. The website reflects a professional and enterprise-grade digital presence, supporting its global business operations. Technically, the website is built on modern frameworks including React and Next.js, ensuring fast performance, mobile responsiveness, and good accessibility. The site employs HTTPS with strong security headers, indicating a mature security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with clear consent mechanisms. However, the absence of publicly available WHOIS data for the domain introduces some uncertainty regarding domain registration transparency. Security-wise, the site demonstrates good practices such as enforcing HTTPS, implementing security headers, and securing forms. There are no visible vulnerabilities or exposed sensitive data. The lack of a public vulnerability disclosure policy and incident response contact details suggests areas for improvement in transparency and readiness. Overall, the site is secure and trustworthy, supporting the company's professional image. The overall risk assessment is moderate to low, with the main concern being the missing WHOIS data which could be due to privacy protection or registry restrictions. Strategic recommendations include publishing a vulnerability disclosure policy, enhancing incident response transparency, and considering formal security certifications to further boost trust. The website quality, business credibility, and security posture collectively support abrdn plc's reputation as a reliable financial services provider.

E

EmailOctopus

eocampaign1.com

59

EmailOctopus operates as an email marketing platform serving thousands of organizations globally. The website content is minimal, primarily a landing page introducing the service with no direct contact information or detailed policies. The domain is well established since 2016, registered with Porkbun LLC, and uses Cloudflare DNS services, indicating a stable technical foundation. However, the website lacks critical compliance documents such as privacy and cookie policies, and no forms or data collection mechanisms are present on the page analyzed. Technically, the site uses basic CSS and SVG graphics with moderate performance and basic mobile optimization. Security posture is limited with no visible security headers or DNSSEC enabled, though the domain status flags provide some protection against unauthorized changes. Overall, the site is functional but lacks comprehensive security and privacy features.

P

Parameter Research

depinpulse.app

54

DePIN Pulse is a specialized analytics platform focused on Decentralized Physical Infrastructure Networks (DePIN). It aggregates and presents data such as revenue, market capitalization, and ecosystem metrics for DePIN projects, targeting blockchain enthusiasts, investors, and project stakeholders. The platform is operated by Parameter Research and leverages multiple reputable blockchain data providers to deliver comprehensive insights. Technically, the website is built using modern web technologies including React and Next.js, providing a responsive and user-friendly experience. The site is well-structured with good SEO and mobile optimization, though accessibility features are basic. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks explicit security policies and incident response information. Privacy compliance is partial with privacy and terms policies present but no cookie consent mechanism. Overall, the platform presents a professional and trustworthy presence in the niche DePIN analytics market.

D

Deutsche Diabetes Gesellschaft e.V.

deutsche-diabetes-gesellschaft.de

63

The Deutsche Diabetes Gesellschaft e.V. (DDG) is a prominent medical-scientific society in Germany focused on diabetes research, therapy, and prevention. The organization provides education, certification, and advisory services to medical professionals and stakeholders in healthcare and policy. The website is professionally designed, well-structured, and targets healthcare professionals and policy actors. Technically, the site is built on TYPO3 CMS and uses Matomo analytics configured with privacy in mind. Security posture is good with HTTPS and security headers, though explicit security policies and incident response contacts are not found. WHOIS data is unavailable due to privacy or query issues but the website content and external links indicate legitimacy. Overall, the site demonstrates a mature digital presence with strong privacy compliance and professional credibility.

The website trib.al is a minimal landing page representing a link shortening and advanced analytics service. It appears to be associated with SocialFlow, as indicated by the external link and branding. The site provides very limited content, focusing primarily on branding and a brief description of services without detailed business or contact information. Technically, the site uses basic HTML and CSS with no detected advanced frameworks or CMS. There is no evidence of HTTPS or security headers, which is a significant security concern. No privacy, cookie, or terms of service policies are present, indicating poor compliance with privacy regulations. The security posture is weak due to missing HTTPS and lack of security best practices. Overall, the site is safe with no adult or questionable content but lacks professionalism and completeness in business and security aspects.

P

Parameter Research

unleashingdepin.com

51

Unleashing DePIN is a small, focused research and development collective specializing in the DePIN sector of blockchain technology. The organization produces podcasts, articles, and maintains a project directory to support the adoption and understanding of decentralized physical infrastructure networks. Their market position is niche but growing, targeting blockchain developers, researchers, and enthusiasts interested in DePIN. Technically, the website is built on a modern React and Next.js stack, offering a good user experience with mobile optimization and moderate performance. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced security headers and formal policies such as privacy and cookie policies. Overall, the site is trustworthy but could improve compliance and security transparency.

C

claro

claro.at

50

claro is an Austrian e-commerce company specializing in sustainable and eco-friendly cleaning products. The company positions itself as a niche leader in the Austrian market, targeting environmentally conscious consumers. Their website is built on WordPress with WooCommerce, providing a modern and user-friendly shopping experience. The site is well-optimized for mobile devices and includes comprehensive privacy and cookie policies compliant with GDPR. Security measures such as HTTPS and security headers are properly implemented, although no explicit security policy or incident response information is publicly available. The absence of WHOIS data due to privacy protection slightly impacts trust but is common for commercial entities. Overall, claro demonstrates a solid digital presence with good business credibility and technical implementation.

Brauerei C. & A. Veltins GmbH & Co. KG operates a supplier-focused website emphasizing sustainable procurement and strong partnerships. The company is a historic and modern private brewery based in Germany, with a well-established market position in premium beer manufacturing. The website serves as a portal for suppliers, providing downloadable compliance documents and contact information primarily via email. Technically, the site uses basic modern web technologies such as Modernizr and CSS, with no advanced frameworks detected. The site is moderately optimized for mobile and accessibility but lacks cookie consent mechanisms and visible security headers. Security posture is adequate with no visible vulnerabilities, but improvements are recommended in security headers and incident response transparency. Overall, the website is professional, trustworthy, and compliant with GDPR, though it lacks some advanced privacy and security features.

D

DSV-Shop

dsv-shop.de

57

DSV-Shop is an official e-commerce platform offering branded merchandise related to the Deutscher Skiverband, targeting winter sports enthusiasts and fans in Germany. The website is built on the Shopify platform, leveraging modern web technologies and security features such as HTTPS and hCaptcha to protect user interactions. While the site demonstrates good technical maturity and a professional design, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance and user trust. The absence of clear contact information and security incident response details also represents an area for improvement. Overall, the site is safe, trustworthy, and well-positioned within its niche market but would benefit from enhanced privacy and security transparency.

BAUHAUS is a large, established German retail company specializing in home improvement, garden, and DIY products. The website serves as an online shop with features such as product browsing, click & collect, and customer service support. The company maintains a strong market position in Germany with a professional and consistent brand presence. Technically, the website is built on modern frameworks like Next.js and React, optimized for mobile and desktop with good SEO and accessibility features. Security posture is adequate with HTTPS enforced and no visible sensitive data exposure, though security headers are not explicitly detected in the HTML. Privacy compliance is moderate due to the absence of explicit privacy and cookie policies in the provided content. Overall, the website is professional, trustworthy, and well-maintained, with room for improvement in privacy transparency and security header implementation.

D

DePIN Association

depinassociation.com

57

DePIN Association is a small, technology-focused non-profit organization dedicated to expanding and accelerating the adoption of Decentralized Physical Infrastructure Networks (DePIN) through education, advocacy, and industry transformation. The website presents a professional and consistent brand image, highlighting partnerships with various decentralized infrastructure projects and platforms. The technical infrastructure is based on Squarespace, providing a modern and mobile-optimized experience with good SEO and accessibility features. Security posture is solid with HTTPS and HSTS enabled, though additional security headers and privacy policies are recommended. The absence of WHOIS registration data raises concerns about domain legitimacy, but the active website and partner ecosystem suggest a legitimate operation. Overall, the site is safe, professional, and targeted at industry stakeholders interested in decentralized infrastructure.

P

PORR Construct S.R.L.

porr.ro

55

PORR Construct S.R.L. is a Romanian subsidiary of the PORR Group, a leading European construction company with over 150 years of experience. The company specializes in building construction and civil engineering, delivering a wide range of infrastructure projects including roads, bridges, and public facilities. The website reflects a professional and well-established business with clear market positioning and a comprehensive service portfolio. Technically, the site is built on TYPO3 CMS with modern web technologies, offering good mobile optimization and accessibility. Security posture is adequate with HTTPS and cookie consent mechanisms, though security headers and incident response information are lacking. Overall, the site demonstrates strong business credibility and compliance with GDPR.

P

PORR GmbH & Co. KGaA

porr.de

54

PORR GmbH & Co. KGaA operates a professional and comprehensive website focused on construction and engineering services in Germany. The company positions itself as a technology leader offering a wide range of services including government services, building construction, infrastructure, and environmental technology. The website is well-structured, multilingual, and targets business clients in the construction and infrastructure sectors. The digital infrastructure is based on TYPO3 CMS with modern web technologies and includes a detailed cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS and cookie management, though explicit security policies and incident response contacts are not published. Overall, the site reflects a mature enterprise-level business with strong branding and trust indicators.

P

PORR

worldofporr.com

55

The website worldofporr.com serves as a professional construction industry magazine for PORR, a well-established construction and infrastructure company. It provides blog articles and technical insights on various construction projects, targeting professionals and stakeholders in the construction and engineering sectors. The site uses TYPO3 CMS and modern web technologies, with a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. No direct contact information or incident response details are provided, which limits user trust and compliance. Overall, the site is professional and trustworthy but requires improvements in privacy and security transparency.

P

PORR AG

porr-group.com

52

PORR AG is a leading European construction company with over 150 years of history, offering full-service construction and engineering solutions. The website reflects a mature digital presence with comprehensive investor relations, sustainability, and career information. The technical infrastructure is based on TYPO3 CMS with modern web technologies and GDPR-compliant cookie management. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and some security headers could be improved. No critical vulnerabilities or suspicious activities were detected. Overall, the site demonstrates professionalism, compliance, and strong business credibility.

I

igus

igus.ee

61

igus is a well-established manufacturer and direct retailer specializing in motion plastics, including energy chains, plain bearings, and linear technology. The company targets industrial and manufacturing sectors, offering a broad range of products to improve technology with motion plastics. The website reflects a professional and consistent brand presence with multiple international domains, indicating a global market reach. Technically, the site is built on modern frameworks such as Next.js and React, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enabled and no exposed sensitive data, though there is room for improvement in security headers and privacy compliance. The absence of visible privacy and cookie policies, as well as explicit contact information, slightly reduces the privacy compliance score. Overall, the website is trustworthy and professional, with a moderate to good technical and security maturity level.