Security Directory

G

Gemeinde St. Hedwig Buckow-Müncheberg

katholisch-muencheberg.de

46

The website www.katholisch-muencheberg.de represents the Catholic parish community of St. Hedwig Buckow-Müncheberg, part of the Archdiocese of Berlin. It serves as an informational and community hub for local parishioners, offering details about religious services, community events, and social support activities. The site is clearly targeted at local residents and visitors interested in Catholic community life, operating as a non-profit religious organization. The content is well-structured, relevant, and professionally presented with consistent branding and trust signals such as official contact details and GDPR-compliant cookie consent mechanisms. Technically, the website is built on TYPO3 CMS, utilizing legacy jQuery libraries and modern privacy-respecting analytics via Matomo. The site is mobile-optimized with basic accessibility features and moderate performance. While HTTPS is enforced, the site lacks some advanced security headers and explicit security policies, which could be improved. The cookie consent banner is comprehensive and allows granular user control, reflecting good privacy compliance. From a security perspective, the site shows a solid posture with no visible vulnerabilities or exposed sensitive data. However, updating legacy JavaScript libraries and implementing security headers would enhance protection. The WHOIS data confirms domain legitimacy and consistency with the website's organizational claims. No signs of malicious activity or suspicious registrations were found. Overall, the website is a trustworthy, well-maintained community portal with good privacy and security practices, suitable for its non-profit religious mission. Strategic improvements in security headers and modernization of technical components would further strengthen its posture.

C

Charlottenburger Baugenossenschaft eG

charlottenburger-baugenossenschaft.de

46

Charlottenburger Baugenossenschaft eG is a well-established housing cooperative based in Berlin, Germany, founded in 1907. The organization manages approximately 6,700 residential units across multiple Berlin districts, offering affordable housing and fostering community engagement through various social and cultural events. Their website serves as a comprehensive portal for tenants and prospective members, providing detailed information on housing offers, community activities, and tenant services. The cooperative maintains a strong local presence and brand consistency, supported by active social media engagement and a tenant login portal.

P

PEIX Health GmbH

peix.de

58

PEIX Health GmbH is a well-established creative agency specializing in healthcare marketing, particularly serving the pharmaceutical industry. With a market presence spanning over 30 years, the company positions itself as a leading agency in Germany, offering creative and strategic marketing services tailored to healthcare clients. Their website reflects a professional and consistent brand image, targeting healthcare companies and pharmaceutical clients. Technically, the website is built on modern platforms such as Webflow, enhanced with translation services (Weglot), and integrates analytics and marketing tools like Google Tag Manager and HubSpot, indicating a mature digital infrastructure. Security-wise, the site enforces HTTPS and implements GDPR-compliant cookie consent mechanisms, though it lacks a dedicated public security policy or incident response contacts. Overall, the website is trustworthy, well-maintained, and compliant with privacy regulations, supporting the company's credibility in its sector.

V

Vonovia SE

vonovia.de

73

Vonovia SE is a leading real estate company in Germany, providing housing solutions nationwide with a focus on fair pricing and social responsibility. The company operates multiple subsidiary domains and maintains a strong market position in the German real estate sector. The website is professionally designed, mobile-optimized, and provides comprehensive information about the business and its services. Technically, the site uses modern technologies including Cookiebot for GDPR-compliant cookie management and Azure DNS for hosting, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and incident response contacts are not publicly detailed. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

E

Evangelische Kirche von Kurhessen-Waldeck

ekkw.de

56

The Evangelische Kirche von Kurhessen-Waldeck (EKKW) is a large, established religious organization in Germany, serving as one of the 20 member churches of the Evangelische Kirche in Deutschland. The website provides comprehensive information about the church's structure, activities, and community services, targeting a general audience interested in religious and community matters. The site is built on the TYPO3 CMS platform, indicating a mature and professional digital infrastructure. Social media integration with Facebook, Instagram, YouTube, and an RSS feed enhances outreach and engagement. From a technical perspective, the website demonstrates moderate performance and good mobile optimization, though accessibility features are basic. Security posture is moderate with HTTPS likely enabled but lacking explicit security headers and formal security policies. Privacy compliance is minimal, with no explicit privacy or cookie policies detected in the provided content. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

E

EKM GmbH

ekm.de

46

EKM GmbH is a German IT solutions provider specializing in integrating Artificial Intelligence (KI) into medium-sized enterprises' business processes. With over 30 years of experience, the company offers tailored ERP and logistics software solutions alongside a proprietary AI platform designed to enhance operational efficiency and decision-making. The website reflects a professional and modern digital presence built on WordPress with Elementor, optimized for SEO and GDPR compliance. Security posture is strong with HTTPS and cookie consent mechanisms, though formal security policies and incident response details are not publicly disclosed. Overall, EKM GmbH presents as a credible and established technology partner for the Mittelstand segment in Germany.

S

Schornsteinfeger Verlag GmbH

schornsteinfegerverlag.de

65

Schornsteinfeger Verlag GmbH operates a specialized e-commerce platform focused on providing professional literature, gifts, calendars, software, and merchandise tailored to the chimney sweep trade and related audiences. The company positions itself as a niche market leader within this sector, offering a curated selection of products and subscription services. The website is professionally designed with clear navigation and is primarily targeted at German-speaking chimney sweep professionals and enthusiasts. Technically, the website is built on the Shopware platform, leveraging modern web technologies including responsive design and JavaScript enhancements. The site demonstrates moderate performance and basic accessibility features. It employs HTTPS for secure communications and includes cookie consent mechanisms, indicating a reasonable level of digital maturity. From a security perspective, the site enforces HTTPS and implements cookie consent but lacks explicit security headers and a published security policy or incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is minimal but does not raise concerns, supporting the legitimacy of the domain. Overall, the website presents a low-risk profile with good business credibility and privacy compliance. Strategic improvements in security headers, incident response transparency, and accessibility could enhance the security posture and user trust further.

H

Digitaler Meldekanal Hinweisgeberschutz

hinweisgeberschutzsystem.de

42

The website www.hinweisgeberschutzsystem.de serves as a digital reporting channel for whistleblower protection in Germany. It is a password-protected portal designed to securely receive whistleblower reports, indicating a focus on compliance and secure communication. The site is built on WordPress and uses standard CSS and PHP technologies. However, the public content is minimal due to password protection, limiting visibility into detailed business information or policies. The target audience appears to be organizations or individuals in Germany seeking secure whistleblower reporting mechanisms. From a technical perspective, the site uses WordPress CMS with standard admin CSS files and no visible advanced frameworks or analytics. The performance and mobile optimization are basic, and SEO optimization is poor due to lack of metadata and structured data. Security posture shows some basic best practices such as password protection but lacks critical security headers and visible HTTPS enforcement details. No privacy or cookie policies are present, and no contact information is publicly available, which limits transparency and compliance indicators. Security evaluation reveals moderate security measures but also gaps such as missing security headers, no CSRF tokens on forms, and absence of incident response or vulnerability disclosure information. The domain WHOIS data is limited but does not show suspicious patterns. Overall, the site is functional for its purpose but lacks comprehensive security and privacy transparency. The overall risk is moderate due to limited public information and security best practices. Strategic improvements in security headers, privacy policies, and contact transparency are recommended to enhance trust and compliance.

B

Bingenheimer Saatgut AG

bingenheimersaatgut.de

61

Bingenheimer Saatgut AG operates a professional e-commerce platform specializing in organic seeds certified by Demeter, Bioland, and EU-Bio. The company targets hobby gardeners, professional growers, and retail partners, offering over 500 seed varieties and related gardening products. The website is well-structured, multilingual, and provides comprehensive information and services tailored to different user types. Technically, the site is built on Magento, leveraging modern web technologies, analytics tools like Matomo and Hotjar, and bot protection via hCaptcha. The hosting infrastructure is stable and uses CDN services to optimize performance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers and incident response policies are not clearly published. Privacy compliance is strong, with a comprehensive privacy policy and granular cookie consent. Overall, the domain registration and hosting details align well with the business claims, indicating a trustworthy and legitimate online presence.

P

Parzival Schulen

parzival-zentrum.de

42

Parzival Schulen is a medium-sized educational institution based in Germany, specializing in Waldorf pedagogy and special education. The organization offers a range of schooling options, including vocational preparation and childcare, targeting students and families seeking holistic educational approaches. The website reflects a well-maintained digital presence with clear navigation and relevant content for its audience. Technically, the site is built on WordPress with common plugins for SEO, events, and contact forms, hosted on a provider associated with the domain's nameservers. Security posture is adequate with HTTPS enabled and basic spam protection, though it lacks advanced security headers and explicit incident response policies. Privacy compliance is partially addressed with a privacy policy page but no visible cookie consent mechanism. Overall, the site is trustworthy, professional, and safe for general audiences.

L

Lebensfarben | Hilfen für Kinder und Jugendliche e.V.

lebensfarben-oberberg.de

45

Lebensfarben | Hilfen für Kinder und Jugendliche e.V. is a German non-profit organization dedicated to supporting children and youth whose parents suffer from psychological or addiction-related illnesses. The organization provides free counseling, accompaniment, and support services, including individual advice, parent assistance, and volunteer mentorship programs. Their market position is regional within the Oberbergischer Kreis area, focusing on vulnerable youth and families. The website reflects a professional and consistent brand with clear navigation and relevant content. Technically, the site uses standard web technologies such as jQuery and fancyBox, hosted under domaincontrol.com DNS services. While the site is functional and moderately optimized, it lacks advanced security headers and cookie consent mechanisms, which are important for GDPR compliance. Security posture is moderate with no visible vulnerabilities but could be improved with better HTTPS enforcement and security policies. Overall, the site is trustworthy and serves its non-profit mission effectively.

V

Verein Stiftungen für Bildung e.V.

netzwerk-stiftungen-bildung.de

58

Netzwerk Stiftungen und Bildung is a German non-profit organization that facilitates collaboration and knowledge sharing among educational foundations and actors. The website serves as a platform offering a directory of members (Netties), news, events, and educational resources. It targets foundations, educational institutions, and stakeholders interested in local educational development. The organization appears well-established with a medium-sized network and a professional online presence. Technically, the website is built on Drupal 10, leveraging modern JavaScript libraries such as jQuery UI and Klaro for cookie consent management. The site is mobile-optimized, accessible, and implements good SEO practices. Google Analytics is used for visitor statistics with user consent. The site uses HTTPS and shows good security hygiene, although some security headers could be improved. From a security perspective, the site enforces HTTPS and uses a consent manager for privacy compliance. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not present, which could be enhanced to improve trust and compliance. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. It provides clear contact information and a comprehensive cookie consent mechanism. The domain WHOIS data is limited but does not raise immediate concerns. Strategic improvements in security headers and incident response transparency are recommended to further strengthen the security posture.

F

FREUDENBERG Gesellschaft Natur & Kunst gemeinnütziger e.V.

schlossfreudenberg.de

50

Schloss Freudenberg is a well-established non-profit cultural and educational institution located in Wiesbaden, Germany. It offers a unique experiential field for senses and thinking, hosting concerts, theater performances, seminars, and special exhibitions. The organization also provides gastronomy services including a café and dark gastronomy experiences. The website reflects a strong community and educational focus, targeting families, schools, seniors, and cultural visitors. The business model centers on cultural enrichment and experiential learning, supported by event hosting and ticket sales. Technically, the website is built on the TYPO3 CMS platform, utilizing modern frontend libraries such as Leaflet.js and Mapbox for interactive maps, and is hosted via domaincontrol.com nameservers. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and implements cookie consent mechanisms compliant with GDPR, but lacks explicit security policy and incident response information. No critical vulnerabilities or suspicious elements were detected, indicating a solid security posture for a non-profit cultural website. Overall, the website is professional, trustworthy, and well-aligned with its mission and audience.

Freier Waldorfkindergarten Magdeburg operates as a small, local educational institution focused on providing Waldorf-based kindergarten services in Magdeburg, Germany. The website presents a clear structure with detailed information about their pedagogical approach, facilities, and family engagement programs. The business model is non-profit and community-oriented, targeting parents seeking alternative education for their children. Technically, the website is built on WordPress using Elementor and related plugins, hosted by Estugo Webhosting, and demonstrates moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced but lacks advanced security headers and cookie consent mechanisms, indicating room for improvement in compliance and security best practices. Overall, the website is trustworthy and professional but could enhance privacy compliance and security measures.

Technické služby Lanškroun, s.r.o. is a municipal service provider based in the Czech Republic, offering a range of public services including waste management, maintenance of green areas, public lighting, transport and construction works, sports facility management, and cemetery services. The company primarily serves the town of Lanškroun and its residents, positioning itself as a local essential service provider. The website content is well-structured and relevant to its audience, with clear navigation and consistent branding. However, the absence of WHOIS data and lack of explicit contact information on the site limits external verification of legitimacy. From a technical perspective, the website employs standard web technologies such as jQuery and custom JavaScript, with basic mobile optimization and accessibility features. The site includes a cookie consent mechanism indicating some level of privacy awareness, but lacks comprehensive privacy and security policies. No evidence of modern CMS or advanced frameworks was found, and performance is moderate. Security posture is weak due to missing HTTPS confirmation, absence of security headers, and no visible incident response or vulnerability disclosure information. The lack of WHOIS data further reduces trustworthiness. There are no signs of malicious content or adult material, and the site appears safe for general audiences. Overall, while the business appears legitimate and focused on municipal services, the website would benefit from improved security measures, transparency in privacy practices, and clearer contact information to enhance trust and compliance.

M

Městský bytový podnik Lanškroun, s.r.o.

mbplan.cz

44

Městský bytový podnik Lanškroun, s.r.o. is a municipal company founded in 2000 and fully owned by the city of Lanškroun. It provides housing management and energy supply services, including heat and hot water delivery to residential areas. The company manages accounting for multiple homeowners associations and offers rental apartments. The website serves local residents and stakeholders with relevant information and contact details. Technically, the site is built on Joomla CMS using common JavaScript libraries such as jQuery and Bootstrap, with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled and CSRF tokens in forms, but lacks advanced security headers and cookie consent mechanisms. WHOIS data is missing, which reduces domain trustworthiness, but official registration numbers and consistent business information support legitimacy. Overall, the website is professional and trustworthy but could improve privacy compliance and security practices.

J

Ještě Jednu

jestejednu.cz

56

Ještě Jednu is a Czech artisanal ice cream retailer offering a variety of handcrafted ice cream products and desserts through an e-commerce platform powered by WordPress and WooCommerce. The website is professionally designed with good content quality, clear navigation, and mobile optimization. It includes GDPR-compliant privacy and cookie policies and integrates Google Tag Manager for analytics. Security posture is strong with HTTPS and security headers, though no explicit incident response or security policies are publicly disclosed. The absence of WHOIS data suggests privacy protection, which is typical for small businesses. Overall, the site presents a trustworthy and professional online presence for a niche retail business.

Z

Ze Stodoly

zestodoly.cz

10

Ze Stodoly is a small family-owned business based in the Czech Republic specializing in the production and sale of cold-pressed virgin oils such as flaxseed, poppy seed, and rapeseed oils. The company emphasizes traditional farming values and family involvement since its founding in 2018. Their market position is that of a local artisanal producer targeting health-conscious consumers interested in natural and fresh oils. The website is professionally designed with good content quality and clear navigation, supporting their business model of direct sales through an online shop and farmer markets. Technically, the website uses modern web technologies including HTML5, CSS3, JavaScript, jQuery, and popular libraries like Swiper.js and AOS for animations. Google Analytics and Google Tag Manager are used for visitor tracking, with IP anonymization enabled. The site is mobile optimized and performs moderately well. However, no CMS or hosting provider details were identified. Security best practices such as HTTPS and cookie consent are implemented, but security headers are missing and no formal security or privacy policies are published. From a security perspective, the site has a good SSL configuration and cookie consent mechanism, but lacks published security policies, incident response contacts, and vulnerability disclosure information. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact information appear legitimate. No WAF or blocking mechanisms were detected, and no vulnerabilities were found in the visible content. Overall, the website presents a trustworthy and professional front for a small family business with room for improvement in privacy transparency and security hardening. Strategic recommendations include publishing privacy and security policies, implementing security headers, and improving WHOIS transparency to enhance trust and compliance.

F

Farma Markových - Na způsobu hospodaření záleží

farmamarkovych.cz

10

Farma Markových is a small family-owned farm based in Únanov, Czech Republic, specializing in sustainable agriculture with a focus on cultivating blue poppy seeds, producing cold-pressed oils, animal feed, and natural cosmetics. The farm emphasizes environmental stewardship, biodiversity, and traditional farming methods dating back to 1696. Their market position is strengthened by the award 'Farma roku 2024' and a professional online presence including an e-commerce platform. Technically, the website is built on Joomla CMS with modern frontend frameworks like UIkit and Leaflet.js, offering good mobile optimization and user experience. Security posture is adequate with HTTPS and CSRF protections, but lacks some security headers and explicit privacy/cookie policies. WHOIS data is missing, which raises concerns about domain legitimacy, though the website content and contact information suggest a legitimate business. Overall, the site scores well in content quality and business credibility but should improve privacy compliance and domain registration transparency.

The website at monkey.com/lander is a minimal parking or placeholder page with very limited content and no identifiable business information. It primarily serves ads via Google Adsense and includes a hidden iframe for ad traffic quality tracking. The domain is very old, registered since 1994 with GoDaddy.com, LLC, but lacks any public registrant details or business identity on the site. Technically, the site uses basic JavaScript and CSS but lacks modern SEO, accessibility, or security features. There are no privacy, cookie, or terms of service policies, nor any contact or security incident response information, indicating a low maturity level in compliance and security posture. Overall, the site appears to be a non-operational or placeholder domain with minimal business presence or trust signals.

S

SVGBox | API for Web Icons

svgbox.net

10

SVGBox is a small technology-focused service providing a free API for web developers and designers to easily integrate over 4,600 SVG icons into their projects. The service leverages Cloudflare CDN for fast and reliable icon delivery and uses modern frontend technologies such as Alpine.js and Tailwind CSS to provide a responsive and user-friendly interface. The website includes a search feature, icon exploration, and a contact form for user feedback. Google Analytics is used for visitor tracking, but no privacy or cookie policies are published, indicating a compliance gap. Security posture is moderate with HTTPS enforced and domain transfer protection, but lacks explicit security headers and published security policies. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the service.

B

Blank Paper

blankpaper.eu

50

Blank Paper is a Polish business consulting firm specializing in securing grants, loans, and financial services for entrepreneurs and startups. The company offers comprehensive support including business plan writing, market research, and assistance with preferential loans and credit products. Their website reflects a professional and focused approach to serving small and medium enterprises in Poland, with clear service descriptions and client testimonials enhancing credibility. Technically, the site is built on WordPress with modern tools like Oxygen Builder and uses Matomo for privacy-conscious analytics. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site is well-structured, mobile-optimized, and compliant with GDPR requirements, making it a trustworthy digital presence for the business.

M

MASURIA WILD

masuriawild.com

68

MASURIA WILD operates an e-commerce website hosted on the Shopify platform, targeting a general retail audience with multilingual support, primarily in German. The site leverages Shopify's robust infrastructure, including Shopify Payments and integrated customer review systems such as Judge.me, indicating a mature e-commerce setup. The website demonstrates good design quality, mobile optimization, and user experience, with clear privacy and cookie policies that comply with GDPR standards. However, the absence of visible contact information and security incident response details slightly detracts from its overall business credibility. The WHOIS data is unavailable or indicates a lack of public registration information, which raises some concerns about domain legitimacy but is partially offset by the professional site presentation and Shopify hosting.

M

Masuria Industry

masuriaindustry.com

51

Masuria Industry is a medium-sized manufacturing company based in Poland, specializing in OEM manufacturing services including metal, wood, and plastic processing. With 25 years of experience and a presence in 23 countries, the company offers precision manufacturing solutions such as powder coating, laser cutting, CNC metal spinning, and CAD design. The website reflects a professional digital presence built on WordPress with modern plugins and technologies. The company maintains active social media profiles and provides clear contact information. Technically, the website is well-structured and mobile-optimized, though some security best practices like DNSSEC and security headers could be improved. Privacy compliance is partially addressed with a cookie consent mechanism, but lacks a visible privacy policy or terms of service. Overall, the security posture is good but could benefit from enhanced transparency and formal policies.

RFL Fuar is a Turkish event organization company specializing in fairs and exhibitions, serving the Turkish foreign trade and industry sectors since 2006. The website presents the company as a leader in providing quality fair services and market access. The business targets professional and corporate clients involved in trade and industry within Turkey. The domain age and WHOIS data support the legitimacy and stability of the business. Technically, the website uses a range of common front-end libraries and frameworks such as Bootstrap, jQuery, and Owl Carousel, hosted on Bluehost. The site shows basic mobile responsiveness and moderate performance but lacks advanced SEO and accessibility features. No CMS or advanced platform is detected, indicating a custom or static site. From a security perspective, the site lacks visible HTTPS confirmation and security headers, and DNSSEC is not enabled. No privacy or cookie policies are published, indicating compliance gaps with GDPR and other privacy regulations. Contact information is clearly provided, but no incident response or security policies are visible. The security posture is moderate but requires improvements to meet best practices. Overall, the website is functional and moderately professional but requires enhancements in security, privacy compliance, and technical modernization to improve trust and user experience. Strategic recommendations include enabling HTTPS, publishing privacy and cookie policies, adding security headers, and improving accessibility and SEO.

S

SCHWING Stetter Ostrava s.r.o.

schwing.sk

41

SCHWING Stetter Ostrava s.r.o. is a medium-sized manufacturing company specializing in concrete pumps, mixers, and related machinery, serving primarily the construction and industrial sectors in the Czech Republic and Slovakia. The company offers a comprehensive product range, including auto pumps, mixers, stationary pumps, and recycling equipment, supported by after-sales services such as spare parts, consulting, and training. Their market position is that of an established regional player with a strong brand presence and certifications. The website is built on WordPress using the Enfold theme and Avia framework, incorporating modern web technologies such as jQuery and Google reCAPTCHA for security. The site is mobile-optimized, SEO-friendly, and provides clear navigation and professional content. Security posture is good with HTTPS enforced, security headers present, and secure forms, though it lacks explicit vulnerability disclosure and incident response information. Overall, the website is trustworthy, professional, and compliant with GDPR and cookie regulations, making it a reliable digital presence for the company.

W

wbv Kommunikation

wbv-kommunikation.de

59

wbv Kommunikation is a specialized communications and media service provider focused on supporting public sector clients, associations, and church administrations in Germany. Their offerings include agency services, educational media production, and digital solutions for church administration. The company operates as a business unit under wbv Media, leveraging a strong reputation supported by testimonials from notable clients such as DAAD, OECD, and various government bodies. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their target audience. Technically, the site uses modern frameworks like UIkit and jQuery, hosted on Schlundtech infrastructure, and employs Matomo analytics with a privacy-conscious cookie consent mechanism.

Marchex, Inc. operates in the technology sector, providing call analytics and marketing edge solutions primarily targeting businesses that require call tracking and marketing analytics. The company has an established market presence since 2007 and is currently transitioning legacy products to a new platform called Marketing Edge. The website analyzed is a login portal for existing customers, indicating a B2B SaaS business model focused on marketing analytics services. The technical infrastructure is based on AngularJS, with hosting DNS managed via Amazon AWS nameservers. The site uses Google Analytics for tracking and includes a TRUSTe privacy seal, indicating some level of privacy awareness. However, the technology stack is somewhat dated, and the site lacks modern security headers and DNSSEC, which could be improved to enhance security posture. Security evaluation shows the presence of HTTPS and form validation but lacks advanced security headers and DNSSEC. No incident response or vulnerability disclosure information is publicly available. Privacy compliance is basic, with a privacy policy linked but no cookie consent mechanism detected. Overall, the site is functional but could benefit from enhanced security and privacy features. The overall risk is moderate with no critical vulnerabilities detected but room for improvement in security best practices and privacy compliance. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent, and publishing security policies to improve trust and compliance.

A

Alliai Ltd

alliai.com

61

Alliai Ltd operates a sophisticated AI-driven SEO automation platform targeting marketing agencies, enterprises, ecommerce, SaaS, and other sectors. The company offers a comprehensive suite of AI SEO tools including onpage automation, schema markup generation, internal linking automation, and SEO A/B testing. The website is professionally designed, mobile-optimized, and integrates multiple modern analytics and marketing technologies such as Google Tag Manager, Segment, HubSpot, Facebook Pixel, and Microsoft Clarity. Security posture is strong with HTTPS enforced and standard security headers present, though no dedicated security or incident response policies are published. The absence of WHOIS domain registration data is a notable concern, impacting domain legitimacy trust. Overall, the site demonstrates a mature digital presence with extensive SEO and marketing capabilities but would benefit from enhanced transparency in domain registration and security policies.

F

Foxtrot Marketing Group

foxtrotmarketing.com

74

Foxtrot Marketing Group is a woman-owned and led business specializing in branded merchandise and custom e-commerce platform solutions. With a legacy of 50 years, they provide in-house design, production, and fulfillment services tailored to businesses seeking to enhance their brand presence through custom merchandise. Their market position is strengthened by a focus on customization, seamless e-commerce experiences, and strong client partnerships. Technically, the website is built on WordPress with Elementor and Gravity Forms, integrating modern analytics tools like Google Analytics and Microsoft Clarity. The site is well-optimized for SEO and mobile devices, offering a professional user experience. Security posture is good with HTTPS enforced, though explicit security headers and policies are lacking. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. WHOIS data is missing, which raises some concerns about domain legitimacy, but the website content and branding are consistent and professional. Overall, the site presents a trustworthy business front with room for improvement in security transparency and privacy compliance.

S

SCHWING CPR

concretepumps.com

56

SCHWING CPR operates as a specialized service provider in the concrete pump repair and refurbishment industry, offering new, used, and rebuilt concrete pumps primarily targeting construction and pumping operations. The company positions itself as a leader with a strong reputation for quality and mastery in pump technology, supported by a long-established domain and parent company affiliation with SCHWING America Inc. The website reflects a medium-sized business with consistent branding and a clear focus on customer service and product quality. Technically, the site is built on WordPress with modern SEO and analytics tools, hosted on WP Engine, and demonstrates moderate performance and mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA usage but lacks advanced security headers and DNSSEC, indicating room for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced security and compliance measures.

E

Evangelische Kirchengemeinde Ingersheim

kirchengemeinde-ingersheim.de

56

Evangelische Kirchengemeinde Ingersheim operates as a small non-profit Protestant church community in Germany, affiliated with the Evangelische Landeskirche in Württemberg. The website serves as an informational and community engagement platform, offering details on church services, events, youth and adult education, and pastoral care. It targets local community members and churchgoers, providing a trusted source for religious and community activities. Technically, the site is built on TYPO3 CMS, employs Matomo analytics configured for privacy, and includes accessibility features enhancing user experience. The site is mobile-optimized and well-structured, reflecting good digital maturity for a small non-profit entity. Security posture is solid with HTTPS enforced and privacy compliance evident through consent management, though improvements are recommended in security headers and incident response transparency. Overall, the website is professional, trustworthy, and compliant with GDPR, supporting the church's mission effectively.

A

Alpha Group

alpha.co.uk

74

Alpha Group is a UK-based financial solutions provider specializing in services for corporates and institutions operating internationally. The company uniquely combines fintech innovation with consultancy expertise to deliver comprehensive cash and risk management solutions. Positioned as a leading player in its sector, Alpha Group is publicly listed on the FTSE 250 and backed by prominent institutional investors, underscoring its market credibility and financial strength. Key services include currency management, interest rate hedging, global accounts, and multi-bank connectivity, catering to a diverse international clientele. From a technical perspective, the website is built on WordPress with modern integrations such as Yoast SEO, OneTrust for cookie consent, and Google Tag Manager for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience and digital maturity. Performance is moderate, with room for optimization. Security posture is strong, featuring HTTPS enforcement, appropriate security headers, and no visible vulnerabilities or exposed sensitive data. The presence of ISO 27001 certification and a dedicated regulatory information page further reinforce the company's commitment to security and compliance. However, the absence of a public vulnerability disclosure policy and explicit incident response contact details are areas for improvement. Overall, Alpha Group presents a professional, trustworthy online presence aligned with its business stature. The main risk factor is the lack of publicly available WHOIS registration data, which slightly diminishes domain trustworthiness but does not outweigh the strong business and security indicators. Strategic recommendations include enhancing transparency around security disclosures and verifying domain registration details.

D

Deutsche Gesellschaft zur Rettung Schiffbrüchiger (DGzRS)

seenotretter.de

53

The Deutsche Gesellschaft zur Rettung Schiffbrüchiger (DGzRS) operates the website www.seenotretter.de as a leading non-profit maritime rescue organization dedicated to saving lives on the North and Baltic Seas. The organization is volunteer-driven, independent, and fully funded by donations, with no reliance on public funds. The website provides extensive information about their mission, fleet, volunteer opportunities, news, and donation options, targeting maritime users, donors, and volunteers primarily in Germany. Technically, the site is built on TYPO3 CMS with modern web technologies including jQuery, Bootstrap, and user consent management via Usercentrics. It is hosted on Plutex nameservers and uses HTTPS with good security practices. Privacy and cookie policies are present and GDPR compliant, with minimal user tracking via Google Tag Manager. No critical security vulnerabilities or suspicious content were detected. The WHOIS data confirms domain legitimacy and consistency with the organization's identity. Overall, the website demonstrates a high level of professionalism, security, and compliance suitable for a large non-profit entity.

M

Maritimes Cluster Norddeutschland e.V.

maritimes-cluster.de

57

Maritimes Cluster Norddeutschland e.V. is a non-profit organization fostering collaboration and networking within the maritime industry across five northern German states. With over 350 members, it serves as a key platform for dialogue, project cooperation, and knowledge exchange among maritime companies and institutions. The website reflects a professional and well-established entity with a clear focus on maritime innovation, events, and member services. Technically, the site is built on TYPO3 CMS, employs Cookiebot for GDPR-compliant cookie management, and uses Matomo analytics configured to respect user privacy. Security posture is solid with HTTPS enforced and secure login forms, though formal security policies and incident response contacts are not published. Overall, the site is trustworthy, well-maintained, and compliant with relevant privacy regulations.

W

Wild Media GmbH

wildmedia.eu

56

Wild Media GmbH is a German-based full-service marketing and advertising agency located in Bad Kissingen. The company offers a wide range of services including marketing, web design, print, film production, audio, photography, and event entertainment. Their website is professionally designed using Joomla CMS and incorporates modern web technologies and frameworks such as Bootstrap, Font Awesome, and LayerSlider. The site is mobile optimized and includes GDPR-compliant cookie consent via Usercentrics. Contact information is clearly provided, enhancing business credibility. Security posture is adequate with HTTPS enabled, though some security headers and policies could be improved. Overall, the website reflects a legitimate and professional small business with a solid digital presence.

F

FREUDENBERGER - Agentur für Kommunikation

agentur-freudenberger.de

45

FREUDENBERGER - Agentur für Kommunikation is a specialized communication agency serving the energy sector, including energy suppliers, municipal utilities, and companies. The agency offers tailored services such as sales communication, marketing, press relations, internet, and social media solutions. The company positions itself as a niche player with a solid client base of over 40 municipal utilities, indicating a focused market presence. The website is professionally designed, consistent in branding, and provides clear contact information and service descriptions. Technically, the site is built on WordPress using modern plugins and frameworks like Elementor and Qi Addons, ensuring a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though it lacks some security headers and incident response information. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site reflects a credible small agency with room for improvement in security and privacy practices.

E

ebsygon GmbH

netzanschluss-digital.de

47

The website netzanschluss-digital.de serves as a digital network connection portal targeted at distribution network operators in Germany. It is operated by ebsygon GmbH, a small company specializing in providing flexible and cost-effective digital solutions for energy distribution networks. The site acts primarily as an informational landing page linking to the parent company's main website for more detailed information. Technically, the site uses modern frontend technologies such as SvelteKit and integrates Cloudflare Turnstile for bot protection, indicating a moderate level of digital maturity. However, the site lacks visible security headers and cookie consent mechanisms, which are important for compliance and security best practices. The security posture is adequate but could be improved by implementing additional security policies and transparency measures. Overall, the site is professional and trustworthy but minimalistic in content and features, reflecting a focused B2B service offering.

S

Saaletalbad Hammelburg

saaletalbad.de

53

Saaletalbad Hammelburg operates as a local leisure and wellness facility in Germany, offering indoor and outdoor swimming pools, sauna services, a bistro, and various courses and offers. The website targets local residents and visitors seeking recreational swimming and wellness experiences. The business model is centered on paid access to these facilities and related services. The website is built on Joomla CMS with a professional design and clear navigation, supporting a good user experience and mobile optimization. Security posture is solid with HTTPS and GDPR-compliant cookie consent, though explicit security policies and incident response information are absent. Overall, the site is trustworthy and well-maintained, suitable for its audience and business purpose.

E

Energieversorgung Lohr-Karlstadt und Umgebung GmbH & Co. KG

die-energie.de

48

Energieversorgung Lohr-Karlstadt und Umgebung GmbH & Co. KG is a regional municipal energy provider based in Karlstadt, Germany, serving over 90,000 customers with electricity, natural gas, water, and heating services. The company emphasizes sustainability and innovation, actively promoting renewable energy solutions such as photovoltaic systems and electric mobility infrastructure. Their market position is that of a trusted regional supplier with a strong community focus and comprehensive service offerings for both private and business customers. Technically, the website is built on TYPO3 CMS with modern frameworks and integrates multiple analytics and marketing tools while maintaining GDPR compliance through Usercentrics consent management. Security posture is solid with HTTPS, reCAPTCHA, and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the website is professional, well-structured, and trustworthy, reflecting a mature digital presence aligned with the company's business goals.

The website at vgem-zellingen.info currently presents no accessible content, metadata, or business information, indicating it may be blocked, under construction, or abandoned. The lack of WHOIS data due to unsupported TLD and privacy protection further complicates trust and legitimacy assessments. The absence of HTTPS and security headers exposes the site to potential risks if content were to be added. Overall, the digital maturity is very low with no visible compliance or security measures in place.

G

Grundschule Thüngen

grundschule-thuengen.de

39

Grundschule Thüngen is a local primary school in Germany focused on providing foundational education with a bilingual emphasis. The website serves as an information portal for parents and the community, highlighting the school's values, services, and contact details. Technically, the site is built on WordPress using the Avada theme and several popular plugins, indicating a moderate level of digital maturity. The presence of a PWA plugin suggests some modern web capabilities. Security posture is adequate with HTTPS enforced and GDPR compliance evident, though minor issues such as visible debug notices and lack of security headers reduce the overall security score. No WAF or blocking mechanisms interfere with content access. Overall, the site is professional, trustworthy, and well-suited for its educational purpose.

The website ffw-thuengen.de currently serves as a placeholder page with a simple message in German indicating that a new website is under construction. There is no substantive business information, services, or contact details provided. The domain is hosted with netcup as indicated by the nameservers, suggesting a German hosting provider. The digital maturity of the site is minimal, lacking any modern web technologies, SEO, or accessibility features. Security posture is weak or unknown due to absence of HTTPS confirmation and security headers. No privacy or cookie policies are present, indicating non-compliance with GDPR requirements. Overall, the site presents a low trust profile and minimal business credibility.

The website somas.lv currently hosts an extremely minimal web page with only a simple heading 'It's Jason' and a page title referencing 'Jason Davis - Buffalo, New York'. There is no substantive business information, contact details, or service descriptions available. The domain is active and uses Cloudflare nameservers, but no SSL or security headers are detected from the provided data. The lack of privacy, cookie, or terms of service policies, combined with no contact or legal information, indicates the site is either a placeholder or under development. This severely limits the ability to assess the business or security posture meaningfully. From a technical perspective, the site lacks modern SEO, accessibility, and performance optimizations. No analytics, tracking, or advertising technologies are detected. Security posture is weak due to missing HTTPS and security headers, and no incident response or vulnerability disclosure mechanisms are present. Overall, the site presents a low trust profile with minimal content and no compliance indicators. The domain registration appears consistent but provides no additional legitimacy signals. Strategic recommendations include implementing HTTPS, publishing privacy and cookie policies, adding contact and business information, and improving content quality to enhance trust and security. Given the current state, the risk is moderate due to lack of information and security controls, but no explicit vulnerabilities or malicious indicators are found.

O

OFFICE & FRIENDS

office-and-friends.de

10

OFFICE & FRIENDS is a regional coworking space provider based in Germany, offering a variety of services including workspaces, meeting rooms, event spaces, and podcast studios. The company targets freelancers, startups, and entrepreneurs primarily in the Südwestfalen region. They maintain a partnership with CoWorkLand to support coworking initiatives in rural areas. The website is built on WordPress using Elementor and includes modern cookie consent mechanisms compliant with GDPR. Social media presence is active on Instagram and Facebook. The company appears well-established since 2017 with a clear regional focus. Technically, the website uses a standard WordPress CMS with Borlabs Cookie for privacy compliance and WP Statistics for analytics. Hosting is provided by agenturserver, indicated by the nameservers. The site is mobile optimized and performs moderately well. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy policies and cookie consent are comprehensive and transparent. Overall, the security posture is solid with no critical vulnerabilities detected. The site lacks explicit security or incident response policies but maintains good privacy compliance. The domain WHOIS data is consistent with the website content and business claims, indicating legitimacy. No WAF or blocking mechanisms interfere with content access. Strategically, OFFICE & FRIENDS should consider publishing explicit security policies and incident response contacts to enhance trust. Improving security headers and ongoing plugin updates will further strengthen security. The company’s regional niche and partnership ecosystem position it well for growth in the coworking market.