Security Directory

I

Infortrend Technology Inc.

infortrend.com

67

Infortrend Technology Inc. is a global enterprise data storage provider specializing in SAN, NAS, unified storage, hybrid cloud, and AI storage solutions. The company targets enterprise IT customers and offers a broad portfolio of storage products and management software. Their market position is supported by a strong partner ecosystem including major technology companies such as Microsoft, Intel, and Amazon Web Services. The website content is professional, comprehensive, and well-structured, reflecting a mature digital presence. The technical infrastructure of the website leverages modern web technologies including Bootstrap, jQuery, Google Tag Manager, Matomo, and Tawk.to chat integration. The site is mobile optimized and includes privacy and cookie consent mechanisms, indicating a good level of digital maturity and compliance with GDPR. Analytics usage is moderate with multiple tracking services employed responsibly. Security posture is solid with HTTPS enforced and reCAPTCHA implemented on forms. However, the absence of visible HTTP security headers and lack of explicit incident response or vulnerability disclosure information are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable, which slightly reduces trust but the overall website professionalism and partner ecosystem support legitimacy. Overall, Infortrend's website demonstrates a strong business and technical foundation with good security and privacy practices. Strategic improvements in security headers, incident response transparency, and contact information visibility would enhance trust and compliance further.

PROMISE Technology, Inc operates a professional website focused on high-performance storage solutions tailored for IT, cloud, surveillance, and rich media markets. The company positions itself as a leading developer offering scalable SAN, Thunderbolt, NAS, and cloud storage products. The website demonstrates a mature digital presence with comprehensive product catalogs, success stories, and promotional content targeting IT professionals and media production companies. Technically, the site employs modern web technologies including jQuery, Foundation CSS, and Google Analytics, delivering a responsive and user-friendly experience. Security posture is adequate with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not evident. WHOIS data for the domain is unavailable, which introduces some uncertainty about domain registration legitimacy, but the overall branding and content quality support a credible business. Strategic recommendations include enhancing security headers, publishing detailed security and privacy policies, and providing clear contact information for security incidents.

S

Starline Computer GmbH

starline.de

60

Starline Computer GmbH is a well-established German company specializing in secure, scalable, and highly available storage and server solutions tailored for small and medium-sized enterprises (KMU) and enterprise environments. Founded in 1982, the company has built a strong market position with over 40 years of experience, offering a comprehensive range of IT hardware products and services including storage systems, servers, backup solutions, and technical support. Their business model focuses on B2B clients, providing personalized consulting and technical expertise to ensure reliable IT infrastructure solutions. The website reflects a professional and consistent brand image with clear navigation and rich content aimed at their target audience. Technically, the website employs modern web technologies including Matomo for analytics and CookieHub for consent management, ensuring GDPR compliance and user privacy. The site is mobile-optimized, fast-loading, and accessible, hosted likely on LF.net infrastructure. Security posture is strong with HTTPS enforced and secure form handling, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, Starline demonstrates a mature digital presence with good privacy and security practices, though it lacks explicit public security policies or incident response contacts. The domain registration data aligns well with the company's business claims, reinforcing legitimacy and trustworthiness. The company maintains active communication channels and social media presence, further supporting its credibility.

Rema Trade is a small hospitality equipment company based in Bosnia and Herzegovina, established in 2005. The company specializes in professional equipment for the hospitality industry, offering a wide range of products including kitchen equipment, small inventory, butcher equipment, and laundry equipment. They provide comprehensive services such as consulting, project design, transport, installation, servicing, and staff training. The website reflects a regional leader position with a professional and consistent brand presence. Technically, the site is built on WordPress with modern plugins and frameworks, offering good mobile optimization and SEO. Security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers. Privacy and cookie policies are missing, indicating compliance gaps. Contact information is clearly provided, enhancing business credibility.

The Florida Sheriffs Association is a well-established statewide organization supporting law enforcement and corrections communities in Florida. Their primary services include training and advocacy for public safety legislation. The website reflects a professional and consistent brand presence with good SEO and structured data, targeting law enforcement professionals and public safety stakeholders. Technically, the site is built on WordPress with common marketing and analytics tools integrated, hosted behind Cloudflare DNS, and secured with HTTPS. Security posture is solid with domain locking and HTTPS, though DNSSEC is not enabled and no explicit security or incident response policies are publicly available. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Overall, the domain registration is consistent and trustworthy, reflecting a legitimate and mature organization.

T

Texas Association of School Boards, Inc.

buyboard.com

64

BuyBoard Purchasing Cooperative is a well-established purchasing cooperative affiliated with the Texas Association of School Boards, Inc., serving schools, municipalities, counties, and non-profits primarily in Texas and nationally. The cooperative offers streamlined purchasing services with free membership, facilitating public procurement and vendor contracting. The website presents a professional and clear structure with dedicated sections for national and Texas cooperatives, vendors, and industry insights. Technically, the site uses modern web technologies including Bootstrap, jQuery, Google Tag Manager, and Microsoft Application Insights, hosted likely on Microsoft Azure. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is good with HTTPS enforced and monitoring tools in place, but lacks some security headers and a cookie consent mechanism. WHOIS data is unavailable, which reduces transparency but the website content and contact information strongly support legitimacy. Overall, the site is trustworthy and professionally maintained, with room for improvement in privacy compliance and security best practices.

The website hgacbuy.org is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, which prevents access to any substantive content. As a result, no business information, contact details, or policy documents are available for analysis. The domain is registered since 2005 with Network Solutions, LLC, indicating a long-standing presence, but the lack of DNSSEC and visible security headers suggests room for improvement in security posture. The site relies on Cloudflare for DNS and security services. Due to the block, the technical infrastructure cannot be fully assessed, and no analytics or marketing technologies are detected. Overall, the site’s security posture is unclear beyond the presence of Cloudflare protection, and the absence of privacy and cookie policies indicates non-compliance with common privacy standards.

The website at sourcewell-mn.gov is currently inaccessible due to a blocking mechanism, likely a Web Application Firewall (WAF) or other security control, as indicated by the minimal HTML content stating 'The request is blocked.' and absence of any substantive page content. This prevents a full assessment of the business, technical infrastructure, and security posture. The domain is registered since 2018 with privacy protection enabled, hosted on Microsoft Azure DNS servers, which suggests a legitimate and stable infrastructure, but no further business details are available from the site content. Due to the blocking, no privacy, cookie, or security policies, nor contact information, are accessible for review. The security posture cannot be evaluated beyond the presence of blocking controls. Overall, the site appears to be protected by security mechanisms that restrict access, limiting external analysis.

A

Aebi Schmidt Group

aebi-schmidt.com

69

Aebi Schmidt Group is a globally recognized leader specializing in intelligent product systems and services for cleaning and clearing traffic areas as well as maintaining green spaces in challenging terrains. Their business model focuses on B2B engagements, targeting municipalities, industries, and service providers in transportation and green area maintenance sectors. The company maintains a strong market position supported by ISO certifications and a comprehensive digital presence. Technically, the website leverages modern JavaScript frameworks such as Vue.js and integrates marketing and analytics tools including Google Tag Manager, Bing Ads, and Matomo, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, implements cookie consent mechanisms, and includes standard security headers, though it lacks a publicly available security policy or vulnerability disclosure page. Overall, the website is professional, secure, and compliant with GDPR, but the absence of WHOIS data introduces some uncertainty regarding domain registration legitimacy.

P

Portafill International Ltd

portafill.com

58

Portafill International Ltd is an established Irish manufacturer specializing in mobile crushing and screening machinery, serving global markets through a widespread dealer network. The company emphasizes innovative design, durability, and ease of transport for its equipment, targeting construction, demolition, recycling, and mining sectors. The website reflects a professional digital presence built on WordPress with Elementor, hosted via Cloudflare, and demonstrates moderate technical maturity with good mobile optimization and SEO practices. Security posture is solid with HTTPS and domain transfer protections, though improvements are needed in explicit security headers and published policies. Privacy compliance is lacking as no privacy or cookie policies are found. Overall, the site is trustworthy and business credible but would benefit from enhanced compliance and security transparency.

F

Faymonville Semi-Trailers for heavy haulage & special transport

faymonville.com

62

The domain www.faymonville.com appears to be unregistered or its WHOIS data is unavailable, which raises significant concerns about the legitimacy and operational status of the website. The provided HTML content is truncated and incomplete, preventing a thorough analysis of the website's business, technical infrastructure, and security posture. No privacy, cookie, or terms of service policies were detected, nor were any contact details or social media links found. Due to these limitations, the website's security posture cannot be reliably assessed, and no trust indicators are present. The overall risk assessment is high due to the lack of domain registration and inaccessible content, and strategic recommendations include verifying domain registration status and ensuring full website accessibility for proper evaluation.

S

SIA Gandrs

gandrs.lv

56

SIA Gandrs operates a well-established e-commerce platform specializing in outdoor, cycling, climbing, winter, and sports equipment primarily serving the Latvian market and the broader Baltic region. With over 25 years of experience and a catalog exceeding 6000 products from more than 100 recognized brands, Gandrs holds a leading market position in the Baltics for active outdoor retail. The website supports multiple languages and offers additional services such as rentals, wholesale, and workshops, enhancing customer engagement and business diversification. Technically, the website employs modern JavaScript libraries like jQuery 3.6.1, asynchronous script loading, and WebSocket-based chat functionality, hosted likely behind Cloudflare for performance and security. The site is mobile optimized with good navigation and SEO practices, though accessibility features are basic. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data, but lacks explicit security headers and published security policies. Privacy compliance is partial; while a comprehensive privacy policy is present, there is no visible cookie consent mechanism, which is a GDPR compliance gap. Contact information is clearly provided, including phone, email, and social media channels, supporting business credibility. Overall, the website is professional, trustworthy, and safe for general audiences.

The website luna-aboshop.de is currently under maintenance and provides no substantive business information or services. The site uses WordPress with a coming soon plugin and standard frontend libraries such as jQuery, Tailwind CSS, and FontAwesome. The technical infrastructure appears basic with no advanced frameworks or analytics detected. Security posture is minimal with no visible security headers or privacy policies, and no contact or incident response information is provided. The domain WHOIS data shows standard reseller name servers but lacks registrant details, limiting trustworthiness. Overall, the site is low in content quality, security, and compliance, resulting in a low AI score and limited business credibility.

V

VGROUP

vgroup.com

52

VGROUP is a professional brand strategy, design, and communications agency that helps businesses develop their brand identity and market presence. The company showcases a strong portfolio of projects and client testimonials, positioning itself as a trusted partner in brand development. The website is built on WordPress with modern technologies and includes comprehensive privacy and cookie consent mechanisms, reflecting a mature digital presence. Security posture is good with HTTPS and cookie consent, but lacks visible security headers and explicit incident response information. The absence of WHOIS data reduces domain trust slightly, but the professional website content and branding mitigate concerns. Overall, the site is well-designed, user-friendly, and compliant with privacy regulations.

G

Gabler Ocean Group

gabler-ocean.com

10

Gabler Ocean Group is a medium-sized technology group based in Germany, specializing in subsea digital and industrial applications for sectors including energy, science, and defense. The group comprises several subsidiaries such as Gabler Naval Technology, develogic GmbH, north.io GmbH, SubCtech GmbH, and Gabler Korea, offering a broad portfolio of solutions from environmental monitoring to underwater communication and maritime data management. The company has a strong market position with a history dating back to 1962 and is supported by the Possehl Group as its shareholder. Technically, the website is built on WordPress with modern plugins like Slider Revolution and Borlabs Cookie for consent management. The site is well-optimized for mobile and performance, with fast loading times and good SEO practices. Security posture is solid with HTTPS enabled and domain transfer protections, though DNSSEC is not enabled and some security headers are missing. Cookie consent mechanisms are in place, supporting GDPR compliance. Security-wise, the site shows good practices but lacks explicit security policies, incident response information, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is transparent and consistent with the business claims, enhancing trustworthiness. Overall, Gabler Ocean Group presents a professional and trustworthy online presence with strong business credibility and technical maturity. Strategic improvements in security headers, DNSSEC, and published security policies would further enhance their security posture and compliance.

G

Gabler Maschinenbau GmbH

gabler-naval.com

57

Gabler Maschinenbau GmbH is a well-established German company specializing in naval technology solutions, particularly mast systems, submarine components, and tactical gateways. With over 60 years of experience, the company serves sovereign nations and maritime security sectors, positioning itself as a trusted provider of mission-critical technology. The website reflects a professional and modern digital presence, leveraging WordPress CMS and advanced front-end technologies to deliver an excellent user experience. Embedded multimedia content and comprehensive policy disclosures demonstrate digital maturity and compliance awareness. Security posture is strong with HTTPS enforcement, Cloudflare DNS, and cookie consent mechanisms, though some security headers could be improved. Overall, the website is trustworthy, well-maintained, and aligned with the company's business objectives.

G

Gabler Maschinenbau GmbH

gabler-maschinenbau.com

57

Gabler Maschinenbau GmbH is a well-established German company specializing in naval technology solutions, including mast systems, submarine components, and tactical gateways. With over 60 years of experience, the company positions itself as a trusted provider for naval defense and maritime security sectors, offering both products and lifecycle support services. The website reflects a professional and modern digital presence, leveraging WordPress CMS with advanced SEO and multimedia integration. The technical infrastructure includes Cloudflare DNS and uses modern JavaScript libraries to enhance user experience. Security posture is solid with HTTPS enabled and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent banners. Overall, the website and domain data indicate a legitimate and credible business with a strong market position in the naval technology industry.

NHST Holding is a Norwegian holding company owning DN Media Group and NHST Marketing Technology, operating in the media and marketing technology sectors. The company provides independent publications covering shipping, seafood, aquaculture, energy, and business, alongside SaaS products for PR and media monitoring. The website presents professional content targeting business professionals, investors, and media stakeholders, with clear branding and consistent messaging. Technically, the site is built on WordPress with modern SEO practices but lacks some advanced security headers and privacy compliance features. The security posture is moderate with no visible vulnerabilities but missing key policies and incident response information. WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional website presence. Overall, the site is functional and credible but would benefit from improved compliance and security transparency.

GFX-pulse is a Slovak technology company specializing in mobile and TV application development, web design, e-commerce solutions, and enterprise software such as ERP and CRM systems. Established since 2000 with a domain registered in 2003, the company has a solid market presence in Slovakia and serves a diverse client base including businesses and public sector entities. Their portfolio includes notable mobile apps and web projects, demonstrating technical competence and industry experience. Technically, the website uses a broad technology stack including Objective-C, Java, PHP, Python, and modern web standards, supported by Google Analytics for user tracking. However, the site lacks advanced security headers and privacy compliance mechanisms such as privacy and cookie policies. Security posture is moderate with no visible vulnerabilities but room for improvement in SSL configuration and security best practices. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security hardening to align with modern standards.

The website mrodelivery.de is currently inaccessible, returning a 403 Forbidden error page which blocks access to any meaningful content or metadata. Due to this restriction, no business information, contact details, or policy documents are available for review. The domain is hosted on servers associated with kasserver.com, but no registrant details or domain age information is provided. The lack of accessible content and security headers indicates a low digital maturity and security posture. Without HTTPS or visible security best practices, the site presents a risk of poor trustworthiness and compliance. Strategic recommendations include resolving access issues, implementing HTTPS, publishing privacy and cookie policies, and providing clear contact and incident response information to improve transparency and security.

The website booksamillion.com is currently inaccessible due to a Cloudflare Turnstile human verification challenge, which blocks direct access to the site's content. Books-A-Million is a well-known large retail company specializing in books and related merchandise, with a domain age consistent with its long-standing market presence. The technical infrastructure leverages Cloudflare services for security and content delivery. Due to the WAF challenge, no detailed content, contact, or policy information is accessible, limiting the ability to assess privacy compliance, security posture, or business credibility fully. The domain registration data is consistent and legitimate, supporting the authenticity of the business. Overall, the site is protected by modern security mechanisms but currently inaccessible for full analysis.

T

Thüringer Theaterportal

thueringer-theaterportal.de

52

Thüringer Theaterportal is a regional cultural platform dedicated to providing comprehensive schedules and information about theater performances in Thuringia, Germany. It aggregates event details from local theaters such as Schotte e.V. and Kabarett DIE ARCHE, offering users detailed descriptions, images, and direct links to ticket purchasing on partner websites. The portal targets theater enthusiasts and the general public interested in cultural events within the region. Technically, the website is built on the Contao Open Source CMS and employs a variety of JavaScript libraries including jQuery, jQuery UI, Colorbox, and Select2 to enhance user experience. The site is mobile-optimized with a responsive design and includes accessibility features such as skip navigation links. SEO is basic but functional, with meta tags and structured data present. From a security perspective, the site enforces HTTPS and includes essential cookies with CSRF protection. A cookie consent banner is implemented, allowing users to opt-in for external content such as Google Maps. However, the site lacks several recommended security headers and does not provide explicit incident response or vulnerability disclosure information. No critical vulnerabilities or suspicious content were detected. Overall, the website presents a professional and trustworthy front for a small regional cultural information service. It complies with GDPR requirements at a basic level and maintains a good balance between usability and security. Strategic improvements in security headers and transparency would enhance its security posture further.

N

NorSIS

slettmeg.no

47

Slettmeg.no is a Norwegian website operated by NorSIS, providing free advice and guidance on deleting personal information from internet services and offering privacy and digital rights support. The site targets Norwegian users seeking assistance with online data removal and privacy issues. Technically, the site is built on WordPress with modern plugins such as Yoast SEO, Matomo analytics for privacy-respecting tracking, and Google invisible reCAPTCHA for form security. The website is mobile-optimized and accessible, with good SEO practices. Security posture is moderate with HTTPS enforced and no exposed sensitive data, but lacks explicit security headers and has some technical issues with a Facebook deceased profile deletion form. Privacy compliance is good with clear privacy and cookie policies, though no terms of service or vulnerability disclosure policies are found. Overall, the site is trustworthy, professional, and serves a niche government/non-profit role in Norway.

U

Utdanningsdirektoratet and Datatilsynet (collaborative project)

dubestemmer.no

58

DuBestemmer.no is a Norwegian government-backed educational platform collaboratively operated by Utdanningsdirektoratet and Datatilsynet. It provides comprehensive learning resources focused on privacy, internet safety, and critical media literacy targeted at children and youth aged 9 to 18 years, as well as teachers and parents. The site is positioned as an authoritative resource in the Norwegian education sector, emphasizing digital citizenship and responsible online behavior. Technically, the website employs modern JavaScript libraries including jQuery, Microsoft Application Insights, and Matomo Analytics for performance monitoring and user behavior analysis, while respecting user privacy by disabling cookies for tracking. The site appears to be built on the Episerver CMS platform, with good mobile optimization, accessibility, and SEO practices. Hosting details are not explicitly disclosed but analytics are served via udir.matomo.cloud. From a security perspective, the site enforces HTTPS and uses minimal necessary cookies with explicit consent mechanisms. While no advanced security headers were detected, the site avoids collecting sensitive user data on the homepage and demonstrates privacy-conscious analytics usage. The WHOIS data is not publicly available due to Norid privacy policies, which is typical for Norwegian domains. Overall, the domain registration and website content are consistent with a legitimate, government-backed educational service. The overall risk profile is low, with no detected vulnerabilities or suspicious indicators. Strategic recommendations include enhancing security headers, publishing an incident response policy, and adding a vulnerability disclosure mechanism to further strengthen trust and security posture.

N

Netbeat GmbH

netbeat.de

61

Netbeat GmbH is a German-based web hosting provider offering affordable and professional web hosting, domain registration, and server solutions primarily targeting private users and small to medium-sized businesses. The company emphasizes transparency, compliance with GDPR, and security certifications such as ISO 27001, hosting all services in German data centers operated by their partner Vautron Rechenzentrum AG. The website is well-structured, mobile-optimized, and provides clear information about various hosting packages with competitive pricing. Technically, the site uses modern frameworks like Bootstrap and jQuery, with privacy-conscious analytics via Matomo. Security posture is solid with HTTPS and ISO certification, though security headers could be improved. Privacy compliance is strong with explicit cookie consent and a comprehensive privacy policy. Overall, the site projects a trustworthy and professional image suitable for its market segment.

V

Vautron Rechenzentrum AG

vautron.de

56

Vautron Rechenzentrum AG is a well-established German technology company specializing in domain registration, dedicated servers, cloud servers, and managed hosting services. With a strong market position as one of Germany's leading domain registrars and a portfolio exceeding 1.1 million domains, Vautron operates multiple data centers and offers comprehensive IT infrastructure solutions tailored to business clients. Their services include Proxmox virtualization, S3 cloud storage, and managed private cloud offerings, emphasizing flexibility, security, and scalability. Technically, the website employs modern web technologies such as Bootstrap, jQuery, FontAwesome, and Matomo analytics, ensuring a responsive and user-friendly experience. The infrastructure is supported by ISO 27001 certified data centers, reflecting a mature security posture. The company demonstrates GDPR compliance through clear privacy and cookie policies, consent mechanisms, and transparent contact channels. Security-wise, Vautron maintains strong practices including secure managed services, abuse reporting, and encrypted communications. However, there is room for improvement in publicly disclosing vulnerability disclosure policies and enhancing HTTP security headers. No critical vulnerabilities or suspicious activities were detected. Overall, Vautron presents a trustworthy, professional, and technically sound digital presence with a high level of business credibility and compliance. The risk profile is low, supported by consistent WHOIS data and transparent business operations.

L

LAG Soziokultur Thüringen e.V.

soziokultur-thueringen.de

71

LAG Soziokultur Thüringen e.V. is a regional non-profit association dedicated to representing and supporting socio-cultural initiatives in the German state of Thüringen. The organization provides key services including cultural consulting, education, funding support, public relations, and lobbying to strengthen the socio-cultural landscape. Their market position is that of a leading regional advocate and service provider for socio-cultural actors. The website is professionally designed, content-rich, and well-structured, targeting cultural stakeholders and the general public interested in socio-cultural projects. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern JavaScript libraries such as jQuery, Slick Slider, and Google Maps API for enhanced user experience. The site is mobile-optimized and includes accessibility features, though some improvements could be made. Performance is moderate, with no major technical issues detected. From a security perspective, the site enforces HTTPS, uses CSRF tokens in forms, and includes CAPTCHA to prevent spam. Cookie consent is implemented with detailed categories, reflecting GDPR compliance. However, there is no publicly available formal security policy or incident response information, which could be improved to enhance trust and preparedness. Overall, the website is trustworthy, safe, and compliant with privacy regulations. It effectively serves its target audience with relevant content and services. Strategic recommendations include publishing a formal security policy, adding a security.txt file, enhancing security headers, and improving accessibility to further strengthen the site's security posture and user experience.

L

Landesarbeitsgemeinschaft Puppenspiel e.V. Thüringen

puppe-thueringen.de

47

Landesarbeitsgemeinschaft Puppenspiel e.V. Thüringen is a small non-profit cultural association dedicated to puppetry arts in the Thüringen region of Germany. The organization provides puppetry events, educational projects, and supports a community of puppetry artists and enthusiasts. Their website serves as an informational portal with event details, member information, and contact resources. Technically, the site is built on Joomla CMS using Yootheme templates and UIkit framework, delivering a moderately performant and mobile-optimized experience. Security posture is adequate with HTTPS and cookie consent mechanisms, though lacking advanced security headers and incident response information. Overall, the site is trustworthy and professionally presented, targeting cultural audiences and puppetry communities.

L

LAG Spiel und Theater in Thüringen e.V.

lag-thueringen.de

36

LAG Spiel und Theater in Thüringen e.V. is a regional non-profit organization founded in 1992, dedicated to youth culture and theater education in Thüringen, Germany. It coordinates member theater groups, supports educational initiatives, organizes theater events for students, and provides resources such as a specialized library. The website reflects a focused mission with clear content targeting theater professionals, educators, and youth cultural initiatives in the region. Technically, the site is built on the Contao CMS platform, uses jQuery and SVG graphics, and demonstrates moderate performance with good mobile optimization. Security posture is adequate with HTTPS and cookie consent implemented, though additional security headers and policies could enhance protection. Privacy compliance is evident with a GDPR-aligned privacy policy and cookie banner. No contact emails or phone numbers are explicitly provided on the homepage, which may limit direct communication. Overall, the website is professional, trustworthy, and well-aligned with its mission, though it could benefit from enhanced security practices and more visible contact information.

brand ENGINEERING SOLUTIONS GmbH (bES) is a specialized consultancy focused on naval architecture, marine and offshore engineering, and salvage engineering services. The company leverages up-to-date tools and industry experience to deliver reliable reports and simulations, serving clients primarily in the shipping industry. As part of the bMC GROUP, bES benefits from a broader ecosystem of complementary maritime services, positioning itself as a niche expert within the transportation and energy sectors. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to industry professionals. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern web technologies such as Bootstrap 5, jQuery, and FontAwesome. The site is mobile-optimized with good SEO practices and includes a cookie consent mechanism compliant with GDPR. Hosting and domain registration are stable and consistent with the company's German origin, though DNSSEC is not enabled. Analytics are handled via Matomo, indicating a preference for privacy-conscious tracking. From a security perspective, the site enforces HTTPS and uses CSRF tokens to protect forms. However, it lacks advanced security headers and does not publish a formal security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the security posture is solid but could be enhanced with additional headers and transparency. The overall risk assessment is low, with no critical issues identified. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and enhancing security headers. These improvements would further strengthen trust and compliance, supporting the company's professional image and operational resilience.

B

brand MARINE CONSULTANTS GmbH

the-bmc-group.com

52

The bMC GROUP is a medium-sized, Germany-based marine consultancy group established in 2014, offering a broad range of specialized services to the shipping industry including marine consultancy, claims management, vessel design, and behavioral science tools. The group operates globally with multiple international offices and subsidiaries, serving shipowners, law firms, P&I clubs, offshore contractors, and insurance companies. Technically, the website is built on the Contao CMS platform, uses jQuery, Google Maps API, and Matomo analytics, and demonstrates good mobile optimization and user experience. Security posture is solid with HTTPS enforcement and CSRF protections, though DNSSEC is not enabled and security headers could be improved. Privacy compliance is well addressed with a cookie consent mechanism and a privacy policy page. Overall, the website is professional, trustworthy, and business-focused with no signs of malicious or adult content.

N

Nepada Wildlife e.V.

nepadawild.life

51

Nepada Wildlife e.V. is a small non-profit organization dedicated to wildlife conservation and biodiversity preservation, with a strong focus on environmental education. The organization operates primarily in Germany and engages its audience through educational programs, conservation projects, and public outreach. Their website reflects a professional and consistent brand image, supported by active social media channels on Facebook, Instagram, and YouTube. Technically, the website is built on WordPress using modern plugins such as Elementor and Slider Revolution, providing a good user experience with mobile optimization and moderate performance. Security posture is solid with HTTPS and no exposed sensitive data, though security headers could be improved. Privacy compliance is limited due to the absence of explicit privacy and cookie policies on the main site. WHOIS data is unavailable, which slightly reduces domain trust but does not negate the legitimacy of the organization given the quality of content and social presence. Overall, the website is trustworthy and well-positioned for its niche audience.

O

Ocean Summit

ocean-summit.de

54

Ocean Summit is a non-profit organization dedicated to marine conservation education, actions, and networking primarily in Schleswig-Holstein, Germany. The website serves as a platform to engage marine enthusiasts of all ages through educational programs, events, and media content such as podcasts and magazines. It positions itself as a regional leader in marine protection advocacy and education. Technically, the website is built on WordPress using the Enfold theme and several plugins including EventON and Toolset Blocks. It employs modern web technologies such as jQuery and Google Maps API, and is hosted with domain control services likely provided by GoDaddy. The site is mobile-optimized and SEO-friendly with structured data markup and social media integration. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, indicating good privacy compliance. However, explicit security headers are not detected, and no formal security policy or incident response information is published. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, the website is professional, trustworthy, and safe for general audiences. It demonstrates good privacy compliance and technical maturity but could improve its security posture by adding security headers and incident response details.

S

Stiftung Chancen für Kinder

stiftung-chancenfuerkinder.de

60

Stiftung Chancen für Kinder is a German non-profit foundation established in 2004, dedicated to improving the lives of children worldwide through projects in education, culture, and medical care. The foundation has a solid market position supported by reputable partners and a clear mission to provide children in poverty with better opportunities. The website is professionally designed using WordPress, featuring modern plugins for marketing and cookie management, and offers content in German with an English version available. Technically, the site is well-structured, mobile-optimized, and implements GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the site reflects a trustworthy and credible organization with transparent domain registration and consistent business information.

S

SubCtech - Ocean Power & Monitoring

subctech.com

65

SubCtech GmbH is a German-based company specializing in advanced ocean engineering technologies, focusing on high-performance Li-Ion batteries for subsea applications and autonomous ocean monitoring systems. With over 15 years of industry experience and a strong market position, SubCtech serves scientific and industrial clients globally, offering certified and customized solutions. The company is part of the Gabler Maschinenbau GmbH under the Possehl Group, enhancing its market credibility and resources. Technically, the website is built on a modern WordPress platform with robust SEO and user experience features, though some security enhancements like DNSSEC and CSP headers could be implemented. Security posture is solid with HTTPS and clientTransferProhibited domain status, but lacks explicit incident response contacts and vulnerability disclosure mechanisms. Overall, the website reflects a professional, trustworthy, and compliant business entity with clear contact channels and privacy practices.

U

Universal Music Group Deutschland

santiano.de

64

Universal Music Group Deutschland operates the official artist website for Santiano, a prominent German shanty-rock band. The website serves as a comprehensive platform for fans to access music, videos, news, tour dates, and merchandise. It integrates multiple streaming and purchasing options from major providers such as Apple Music, Spotify, Amazon Music, and others, reflecting a mature digital music distribution model. The site is well-branded, consistent with Universal Music Group's corporate identity, and targets a broad audience of music enthusiasts. Technically, the site leverages modern web technologies including React and JavaScript frameworks, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforcement, security headers, and consent management for cookies, aligning with GDPR requirements. No critical vulnerabilities or suspicious elements were detected. Overall, the website reflects a professional, secure, and user-friendly digital presence for a major music label and its artist.

G

GLYNT

glynt.com

72

GLYNT operates an e-commerce platform specializing in professional hair care and styling products for home use, targeting consumers seeking salon-quality products. The website is built on the Contao CMS and employs modern JavaScript libraries such as jQuery and Isotope, with integrations for Google Tag Manager and Cookiebot for analytics and cookie consent management. The site demonstrates good design quality, clear navigation, and mobile optimization, providing a professional user experience. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks visible security headers and explicit privacy or security policies. The absence of WHOIS data raises concerns about domain registration legitimacy, though the website content and HTTPS usage suggest a legitimate business presence. Overall, the site scores moderately well but would benefit from enhanced transparency and security practices.

B

Briese Schiffahrts GmbH & Co. KG

briese-research.de

25

BRIESE Research, a division of Briese Schiffahrts GmbH & Co. KG, specializes in the management and chartering of German research vessels, serving scientific institutions and maritime research communities. The company manages a fleet of notable research vessels and collaborates with prominent scientific organizations such as AWI, GEOMAR, and Senckenberg. Their business model focuses on providing comprehensive vessel management, crew recruitment, and logistical support tailored to research needs. The website reflects a niche market position with a medium-sized enterprise footprint in Germany.

H

HASYTEC - Ultrasonic Antifouling Technology

hasytec.com

10

HASYTEC is a German-based company specializing in AI-controlled ultrasound antifouling technology, primarily serving the shipping and industrial sectors. Positioned as a world leader in this niche, HASYTEC offers innovative ultrasound solutions designed to prevent biofouling on vessels and industrial equipment. The company’s website reflects a professional B2B technology provider with a clear market focus and a medium-sized operational scale, founded in 2016. Technically, the website is built on WordPress using the Divi theme, enhanced with SEO tools like Rank Math and a cookie consent mechanism via Borlabs Cookie. The infrastructure is modern and supports mobile optimization, though performance is moderate. Hosting and DNS services are consistent with the company’s German location, though DNSSEC is not enabled, representing a minor security gap. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent, but lacks advanced security headers and explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected, but enabling DNSSEC and security headers would strengthen the security posture. Overall, HASYTEC’s website is trustworthy and professional, with good business credibility and technical implementation. However, the absence of a privacy policy and terms of service pages slightly reduces privacy compliance scores. Strategic improvements in security and compliance documentation are recommended to enhance trust and regulatory adherence.

N

NIBE

nibe.eu

72

NIBE is a global group specializing in energy-efficient and sustainable indoor climate solutions, including heat pumps, heating, ventilation, and cooling products. The company emphasizes sustainability and renewable energy, targeting homeowners and professional installers worldwide. The website reflects a mature digital presence with a modern tech stack including SiteVision CMS, React, and integration of analytics and consent management tools. Security posture is strong with HTTPS enforcement and GDPR-compliant cookie consent mechanisms, although explicit security headers and incident response information are not publicly available. Overall, the domain and website appear legitimate and professionally maintained, with a strong focus on sustainability and energy efficiency.

W

Web-Betreiber

web-betreiber.de

10

Web-Betreiber is a German network of developers, designers, content creators, and SEO experts offering comprehensive digital marketing, web development, and software tool services. The website presents a professional image with detailed team member profiles and client references, targeting businesses seeking expert web and marketing solutions in Germany. Technically, the site is built on WordPress with modern plugins such as Gravity Forms, Yoast SEO, and WP Rocket, hosted behind Cloudflare for performance and security. The security posture is solid with HTTPS enforced and GDPR-compliant privacy and cookie policies including consent mechanisms. No critical vulnerabilities or blocking mechanisms were detected, indicating a trustworthy and accessible platform.

B

Behinderten- und Rehabilitations-Sportverband Berlin e.V.

sportbildung.berlin

36

The website sportbildung.berlin serves as the official training and licensing portal for the Behinderten- und Rehabilitations-Sportverband Berlin e.V., a regional sports association focused on disabled and rehabilitation sports in Berlin, Germany. It provides educational resources, licensing guides, and online application services for training and continuing education in the rehabilitation sports sector. The portal targets individuals and clubs involved in this niche sports community, offering structured information and digital services to support their certification and training needs. Technically, the site is built on TYPO3 CMS with Bootstrap 5 and jQuery, ensuring a modern and responsive user experience. It integrates Matomo analytics with privacy-conscious settings and uses HTTPS with a valid SSL certificate. However, DNSSEC is not enabled, and some security headers appear to be missing, indicating room for improvement in security hardening. The site is well-structured with clear navigation and good accessibility features, supporting a positive user experience. From a security and compliance perspective, the site demonstrates basic GDPR compliance with a privacy policy and cookie consent banner. However, it lacks visible terms of service, security policies, incident response contacts, and explicit business contact information, which are important for trust and legal completeness. The WHOIS data is consistent and legitimate, with a domain age appropriate for the business. No suspicious or malicious indicators were found. Overall, the website is a credible and professional portal for its niche audience but would benefit from enhanced security practices, clearer contact and legal information, and improved transparency to strengthen trust and compliance.

F

FUSSBALL.DE - Die Heimat des Amateurfußballs

fussball.de

10

FUSSBALL.DE is a prominent German online portal dedicated to amateur football, providing comprehensive match schedules, results, league tables, and club information across Germany. The platform serves amateur players, clubs, fans, and regional football associations, positioning itself as a key media resource in the German amateur football ecosystem. It offers additional services such as training resources, news, and an integrated shop for fans and participants. Technically, the website leverages modern JavaScript frameworks like AngularJS, integrates advanced cookie consent management via Usercentrics, and employs analytics tools including Adobe Analytics and Google Tag Manager. Hosting is managed through Amazon AWS, ensuring reliable infrastructure. Security posture is strong with HTTPS enforced and consent-based tracking, though explicit privacy and security policies are not found in the provided content. Overall, the site is well-structured, accessible, and professionally branded, with strong trust signals from official football association partnerships.

The website starbuckscardb2b.com serves as a corporate B2B platform for Starbucks gift cards, targeting business customers who want to reward employees or clients. It is built on Salesforce Experience Cloud, leveraging Salesforce's commerce and community technologies, and integrates multiple payment and analytics services. The site presents a professional and branded experience consistent with Starbucks' global retail presence. Technically, the site uses modern frameworks and security practices including HTTPS and Content Security Policy, but lacks visible privacy and cookie policies, which is a compliance gap. The absence of WHOIS data for the domain raises questions about domain registration transparency, although the site appears legitimate and well-maintained. Overall, the site is functional and secure but could improve privacy compliance and domain transparency.

Nestlé Coffee Partners operates as a business-to-business provider of coffee and tea solutions, offering curated foodservice products and equipment. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content targeting foodservice businesses and hospitality sectors. The technical infrastructure is built on Magento with integrations for analytics and performance monitoring, indicating a commitment to digital maturity and user experience. Security posture is strong with HTTPS enforcement and security headers, although the absence of a public security policy and incident response contact is noted. The WHOIS data is unavailable, which limits domain trust verification but the overall branding and content strongly suggest a legitimate enterprise operation under Nestlé's corporate umbrella. Strategic recommendations include publishing security policies, enhancing transparency, and maintaining compliance with evolving privacy regulations.

I

INTERSOS

intersos.org

10

INTERSOS is a well-established humanitarian non-profit organization focused on providing frontline aid during emergencies worldwide. The website presents a professional and comprehensive digital presence, targeting donors, humanitarian workers, and partners. It offers detailed information about its activities, news updates, and donation options, supporting its mission effectively. Technically, the site is built on WordPress with modern plugins for SEO, donations, and cookie consent, ensuring a good user experience and compliance with privacy regulations. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although formal security policies and incident response contacts are not published. Overall, the domain appears legitimate despite the lack of WHOIS registrant data, likely due to privacy protection common in NGOs. The site is safe, trustworthy, and well-optimized for its audience.

A

Amala Education

amalaeducation.org

9

Amala Education is a UK-based non-profit organization dedicated to educational programs and community impact. Their website reflects a professional and consistent brand focused on education, safeguarding, and partnership development. The organization targets donors, partners, and communities interested in educational advancement. Technically, the website is built on the Squarespace platform, leveraging modern web technologies and Google Tag Manager for analytics. The site is mobile-optimized and provides a good user experience with clear navigation and branding consistency. Security-wise, the site uses HTTPS but lacks important security headers and explicit privacy or cookie policies, which are areas for improvement. The absence of WHOIS data is due to privacy protection, common for non-profits, and does not detract from the site's legitimacy. Overall, the website is safe, professional, and trustworthy but would benefit from enhanced privacy compliance and security hardening.

D

Društvo Ujedinjenih Građanskih Akcija

dugabih.ba

10

Društvo Ujedinjenih Građanskih Akcija (Duga BiH) is a non-profit organization based in Bosnia and Herzegovina dedicated to supporting children, youth, parents, and professionals through educational and psychosocial programs. The organization positions itself as a leading entity in social inclusion and community support, offering training, counseling, and project-based services. Their website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their target audience. Technically, the site is built on WordPress using modern frameworks and plugins, ensuring good performance and mobile optimization. Security measures such as HTTPS and security headers are properly implemented, although explicit privacy and cookie policies are missing, representing a compliance gap. Overall, the domain registration data aligns well with the organization's claims, supporting the legitimacy of the site.

I

Institut für Auslandsbeziehungen (ifa)

kulturaustausch.de

49

Kulturaustausch is a cultural magazine operated under the Institut für Auslandsbeziehungen (ifa), focusing on international relations, culture, and society with contributions from global authors. The website serves as a platform for in-depth dossiers, articles, and print issues, targeting readers interested in diverse international perspectives. Technically, the site is built on TYPO3 CMS, employs Matomo for analytics, and uses modern web technologies ensuring good performance, accessibility, and SEO. Security posture is solid with HTTPS and some security best practices, though additional headers could enhance protection. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant, reflecting a mature privacy stance. Contact is primarily via a web form, with no direct emails or phone numbers publicly listed. Overall, the site is professional, trustworthy, and well-positioned in the media and non-profit cultural sector.

H

HOMA lakástextil

homahu.hu

50

The website homahu.hu operates as an online retail platform specializing in home textiles such as bedding, towels, and household fabrics, targeting primarily the Hungarian market. It is part of a regional network with sister sites in Slovakia, Czech Republic, and Austria, indicating a focused Central European presence. The business model is e-commerce retail with a clear emphasis on product variety and customer convenience, supported by visible contact information and promotional offers. The site demonstrates consistent branding and a professional online presence.