Security Directory

C

Chor der Sankt Hedwigs-Kathedrale Berlin

hedwigschor-berlin.de

49

The website represents the Chor der Sankt Hedwigs-Kathedrale Berlin, the main choir of the Roman Catholic cathedral in Berlin. It serves as a cultural and religious platform promoting choir performances, organ music, and youth choir activities. The site is well-structured, with clear navigation and relevant content targeting music enthusiasts and churchgoers. Technically, it is built on TYPO3 CMS with standard JavaScript libraries and includes a GDPR-compliant cookie consent mechanism. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the site is trustworthy and professionally maintained, reflecting its non-profit cultural mission.

H

Hülskens Holding GmbH & Co. KG

huelskens.de

51

Hülskens Holding GmbH & Co. KG is a well-established German company specializing in the supply of mineral resources such as Kies and Sand, production of transport concrete and precast concrete elements, water construction, logistics, and insurance brokerage. With a history dating back to the early 20th century and a workforce exceeding 900 employees, the company holds a strong regional market position serving construction, energy, and logistics sectors. Their business model focuses on B2B services with multiple subsidiaries and specialized business units, supported by a professional and content-rich website. Technically, the website is built on the Contao CMS platform, utilizing modern JavaScript libraries and frameworks, and hosted by agenturserver. The site is mobile-optimized and SEO-friendly, though some improvements in accessibility and security headers could be made. Security posture is moderate with HTTPS usage and cookie consent mechanisms in place, but lacks explicit security policies or incident response information. Overall, the domain registration and WHOIS data align well with the company's claims, supporting legitimacy and trustworthiness.

H

Hülskens Sediments GmbH

huelskens-sediments.de

49

Hülskens Sediments GmbH is a specialized technology company focused on sustainable sediment management solutions for reservoirs and impoundments. Their patented ConSedTrans® system enables continuous, automated sediment removal without disrupting water storage functions such as drinking water supply and energy generation. The company positions itself as an innovative niche player with recognized technology and strong environmental compliance. Technically, the website is built on the Contao CMS platform, uses modern JavaScript libraries like jQuery and Swipe.js, and is hosted on agenturserver infrastructure. The site is well-structured, mobile-optimized, and GDPR compliant with a clear cookie consent mechanism. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some HTTP security headers could be improved. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy and trustworthiness.

D

Dynamo design s.r.o.

dynamodesign.cz

42

Dynamo design s.r.o. is a Czech creative agency specializing in branding, design, and effective communication services. The website showcases a professional portfolio of projects and news updates, targeting businesses and organizations seeking high-quality design solutions. The company presents clear contact information and maintains an active social media presence, reinforcing its market position as a reputable small-sized design firm in the Czech Republic. Technically, the website employs modern web technologies including jQuery, Modernizr, Vimeo Player API, Hotjar, and Google Tag Manager. The site is mobile-optimized with good SEO practices and moderate performance. However, it lacks some advanced accessibility features and explicit CMS identification. Security-wise, HTTPS is enforced, but security headers are missing, and no vulnerability disclosure or privacy policies are present, indicating room for improvement in compliance and security posture. The security posture is moderate with no visible vulnerabilities or exposed sensitive data, but the absence of privacy and cookie policies and missing WHOIS data reduce trust. The domain WHOIS query returned no data, which is unusual and warrants further investigation to confirm domain legitimacy. Overall, the website is professional and trustworthy from a business perspective but requires enhancements in privacy compliance and security best practices. Strategic recommendations include implementing comprehensive privacy and cookie policies with consent mechanisms, adding security headers, publishing a vulnerability disclosure or security.txt file, improving accessibility compliance, and verifying domain registration details to strengthen trust and compliance.

C

CREE GmbH

creebuildings.com

51

CREE GmbH operates as an international construction collective specializing in regenerative building solutions. Their website presents a professional image with a clear focus on sustainable construction methodologies and a global network of partners. The company targets construction professionals and clients interested in sustainable building practices. The business model revolves around providing proven systems and methodologies to facilitate regenerative construction projects internationally. Technically, the website is built on WordPress using Elementor and Astra theme, supported by modern tools such as Google Tag Manager, HubSpot, and CookieHub for analytics and privacy compliance. The site is well-optimized for performance and mobile devices, with good SEO practices and structured data enhancing search visibility. Security-wise, the site benefits from HTTPS encryption and Cloudflare protection, with a comprehensive cookie consent mechanism categorizing cookies by purpose. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are absent, which could be improved to enhance trust and compliance. The WHOIS data for the domain is missing, indicating either a recent registration or privacy protection, which slightly reduces the domain trustworthiness despite the professional website content. Overall, the site is secure, professional, and compliant with privacy regulations, but could benefit from enhanced transparency in security and legal policies.

G

Gameplan s.r.o.

gameplan.cz

43

Gameplan s.r.o. operates as a creative digital agency based in Liberec, Czech Republic, specializing in web development, e-commerce solutions, and comprehensive online marketing services including SEO, PPC, Facebook Ads, and content production. The company targets businesses seeking to enhance their digital presence and marketing effectiveness. Their market position is that of a regional digital agency with a diverse service portfolio and a professional online presence. Technically, the website is built on WordPress with Elementor and integrates modern analytics and marketing tools such as Google Analytics, Google Tag Manager, and Facebook Pixel. The site is mobile optimized and SEO friendly, reflecting a moderate to good digital maturity. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, though security headers and explicit policies are lacking. Overall, the website is professional and trustworthy, but could improve privacy and security disclosures to enhance compliance and user trust.

S

SYNER, s.r.o.

posunoutsedal.cz

54

SYNER, s.r.o. is a well-established construction engineering company based in the Czech Republic with over 33 years of market presence. The website 'Posunout se dál' serves as a recruitment campaign platform highlighting the company's stability, certifications, and attractive employee benefits. The company targets professionals and students in the construction and engineering sectors, offering various job positions and emphasizing a family-like corporate culture. Technically, the website is built on WordPress with modern technologies such as Contact Form 7, Google Analytics, and reCAPTCHA integration, ensuring a secure and user-friendly experience. Security posture is solid with HTTPS enforcement, partial security headers, and GDPR-compliant privacy and cookie policies. No critical vulnerabilities or suspicious content were detected, and the domain registration data aligns with the company's profile, although the domain is relatively new, likely dedicated to recruitment efforts. Overall, the website reflects a professional and trustworthy digital presence supporting SYNER's business objectives.

N

NaZemi

pracebudoucnosti.cz

42

The website 'Práce (bez) budoucnosti' is a Czech non-profit educational platform operated by the organization NaZemi. It focuses on the societal challenges and transformations related to the future of work, particularly in the context of automation, digitalization, and robotization. The site offers educational content, exhibitions, and workshops aimed at raising awareness about labor market changes and technological impacts. The target audience is the general public interested in these topics, with a clear focus on Czech society. Technically, the website is built on WordPress using the Divi theme and standard plugins such as Contact Form 7. It integrates Google Tag Manager and Matomo for analytics and tracking. The site is hosted under a Czech registrar and uses HTTPS with a good SSL configuration. Mobile optimization and SEO practices are good, though accessibility is basic. No advanced security headers were detected, and privacy and cookie policies are not present, which is a compliance gap. From a security perspective, the site enforces HTTPS and uses reCAPTCHA on forms, but lacks explicit security headers like CSP or HSTS. There is no visible vulnerability disclosure or incident response information. The domain registration data is consistent with the website's claims and organization, indicating legitimacy. No WAF or blocking mechanisms are detected, and the content is safe for general audiences. Overall, the website is professionally presented with good content quality and business credibility. However, it should improve privacy compliance by adding privacy and cookie policies and enhance security posture by implementing security headers and formal vulnerability disclosure mechanisms.

B

Bc. Tomáš Paulus

tomaspaulus.com

61

Tomáš Paulus operates a professional UX design education and consulting business based in Prague, Czech Republic. The website offers online courses, mentoring, portfolio feedback, and corporate workshops focused on UX storytelling and design adoption of AI. The business targets UX designers and companies seeking to improve their user experience maturity. The site is well-branded, content-rich, and professionally designed, reflecting a niche market position in UX education and consulting within the Czech/Slovak region. Technically, the website is built on Webflow, leveraging modern web technologies including Google Tag Manager and Analytics, with good mobile optimization and performance. Security posture is adequate with HTTPS and cookie consent implemented, but lacks explicit security headers and published security policies. WHOIS data is missing, which raises legitimacy concerns, but the professional presence and active business mitigate some risk. Overall, the site scores well on content quality and technical implementation but should improve security transparency and domain registration clarity.

G

Grizly Solutions s.r.o.

grizly.solutions

46

Grizly Solutions s.r.o. is a small Czech Republic-based company specializing in secure application development for business owners and e-commerce clients primarily in Slovakia and the Czech Republic. The company has been operating since 2010 and offers services including custom CMS, web and mobile app development, and two-step authentication solutions. Their market position is that of a niche regional provider focused on security-centric software solutions. Technically, the website uses a modern tech stack including Bootstrap, jQuery, and various analytics tools such as Google Analytics and Smartlook, indicating a moderate level of digital maturity. The site is mobile optimized and well-structured, though accessibility features are basic. Security posture is moderate with HTTPS assumed but lacking visible security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies and no visible consent mechanisms. Overall, the business credibility is supported by clear company registration details and contact information, but the lack of formal policies and security disclosures limits trust. Strategic improvements in privacy compliance and security best practices are recommended to enhance trust and regulatory adherence.

Partners for Democratic Change Slovakia (PDCS) organizes an international conference titled 'Civic Actors in War and Peace' focusing on strategies to address hate, polarization, and extremism in communities during times of conflict and peace. The conference attracts international experts, civic actors, and policymakers, positioning PDCS as a recognized non-profit entity in the civic engagement and conflict prevention sector. The website provides comprehensive event details, speaker profiles, and multimedia content, reflecting a well-established event with a history dating back to at least 2014. Technically, the site uses modern web technologies including Bootstrap, Font Awesome, Flickity, and integrates privacy-conscious analytics via Plausible. Hosting is managed by Websupport with DNSSEC enabled, and HTTPS is enforced, indicating a secure infrastructure. However, some security best practices such as explicit security headers and cookie consent mechanisms are missing. Overall, the site is professional, trustworthy, and compliant with GDPR through a linked privacy policy, though improvements in privacy and security disclosures are recommended.

N

Naučmese

naucmese.cz

58

Naučmese is a Czech online educational platform offering a wide range of thematic courses, workshops, webinars, and video courses aimed at personal and professional development. The platform connects learners with instructors and provides additional services such as gift vouchers. It has a strong market presence in the Czech Republic with a medium-sized operation and a focus on community and skill sharing. Technically, the website uses modern web technologies including HTTPS, Google Analytics, Facebook Pixel, and Cloudflare Turnstile captcha for security. The platform implements a comprehensive cookie consent mechanism and complies with GDPR regulations. Security posture is good with HTTPS and bot mitigation, but lacks some advanced security headers and explicit incident response information. Overall, the website is professional, trustworthy, and user-friendly, with no adult or questionable content detected.

Z

ZERA - Zemědělská a ekologická regionální agentura, z.s.

zeraagency.eu

54

ZERA - Zemědělská a ekologická regionální agentura, z.s. is a Czech regional non-profit agency focused on agricultural and ecological initiatives, particularly compost certification, education, and sustainable farming practices. The organization targets farmers, compost operators, and environmental stakeholders, providing workshops, seminars, and consulting services. The website reflects a well-established presence with content spanning from 2016 to 2025 and partnerships with reputable governmental and European bodies. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript libraries such as jQuery and Slick Carousel, and integrates Google Tag Manager, Google Analytics, and Facebook Pixel for analytics and marketing. The site is mobile-optimized with good navigation and content quality, though some SEO and accessibility features could be improved. From a security perspective, the site uses HTTPS and has implemented a cookie consent mechanism, but lacks visible security headers and a published privacy policy or terms of service. No vulnerabilities or exposed sensitive data were detected. WHOIS data is privacy-protected, which is justified for this type of organization, though it limits external verification of domain legitimacy. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic improvements in privacy documentation, security headers, and WHOIS transparency could enhance compliance and trust further.

The Pax-BKC Spendenportal is a German-language online donation platform operated by Pax-Bank für Kirche und Caritas eG, focused on connecting donors with charitable projects and organizations primarily related to church and Caritas sectors. The platform offers project listings, organization registrations, and facilitates online donations, targeting donors and non-profit institutions in Germany. The website is professionally designed with clear navigation and mobile optimization, built on the Contao CMS with modern JavaScript libraries enhancing user experience. Security posture is adequate with HTTPS enforced and cookie consent implemented, though formal security policies and incident response contacts are absent. No suspicious or malicious content is detected, and privacy compliance is well addressed with GDPR-aligned cookie consent and privacy policy. Overall, the site presents a trustworthy and professional presence in the non-profit donation space.

T

The Berlin Center for Intellectual Diaspora

intellectualdiaspora.org

50

The Berlin Center for Intellectual Diaspora operates as a small non-profit public forum based in Germany, focusing on Jewish-Catholic inspired discussions around contemporary politics, religion, society, and culture. The website serves as a platform for debates and encounters, targeting a general audience interested in intellectual and cultural discourse. The business model is centered on providing a niche cultural and religious discussion space without commercial intent. Technically, the website is built on WordPress using the Kadence theme and several plugins including Rank Math SEO and TranslatePress for multilingual support. The infrastructure is modern and moderately optimized for performance and mobile responsiveness. Hosting is associated with IONOS SE, a reputable registrar and hosting provider. SEO practices are good, but accessibility features are basic. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protections enabled. However, DNSSEC is not enabled, and no security headers were detected in the provided content. There is no visible privacy policy, cookie consent mechanism, or incident response information, which are gaps in compliance and security posture. No vulnerabilities or suspicious patterns were identified. Overall, the website presents a moderate risk profile with good technical foundations but lacks important privacy and security compliance elements. Strategic improvements in policy publication, security headers, and DNS security would enhance trust and compliance.

Anstand digital is a German non-profit educational project focused on promoting respectful and ethical behavior on the internet, particularly addressing issues like hatespeech and digital civility. It is a collaboration between the Katholische Akademie in Berlin and the Evangelische Kirche Deutschlands, funded by the German Federal Government's cultural office. The project provides educational materials, podcasts, and public discussions aimed primarily at youth and educators. Technically, the website is built on Akira CMS with modern frontend technologies including jQuery, Bootstrap, and Fancybox, delivering a responsive and accessible user experience. Security posture is adequate with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies could be improved. The site is free of advertising and tracking, reflecting a privacy-conscious approach. Overall, the domain and WHOIS data align with the project's legitimacy and non-profit nature.

A

Arbeitsgemeinschaft Katholischer Büchereien Erzbistum Berlin

katholische-buechereien.de

45

The website www.katholische-buechereien.de represents the Arbeitsgemeinschaft Katholischer Büchereien Erzbistum Berlin, a small non-profit organization coordinating volunteer-run Catholic public libraries in the Berlin archdiocese. It provides free lending services of books and media, supported by approximately 80 volunteers across 12 libraries. The site is well-branded with consistent use of the Erzbistum Berlin identity and targets the general public interested in Catholic community services. Technically, the site is built on TYPO3 CMS with legacy jQuery libraries and uses Matomo for analytics, indicating moderate digital maturity. The site is mobile-optimized and includes a GDPR-compliant cookie consent mechanism. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information are absent. Overall, the site is trustworthy, safe, and professionally maintained, serving a niche community audience effectively.

S

Sozialdienst katholischer Frauen e.V. Berlin

skf-berlin.de

54

Sozialdienst katholischer Frauen e.V. Berlin is a well-established non-profit organization dedicated to supporting women, youth, and families in challenging life situations within Berlin. The organization offers a broad range of social services including youth assistance, family support, workshops for people with disabilities, and open social work initiatives. Their market position is that of a trusted regional social service provider with a medium organizational size and a clear focus on community welfare. The website reflects a professional and consistent brand image with comprehensive service descriptions and clear contact information. Technically, the website is built on a modern WordPress platform utilizing popular plugins such as WPBakery Page Builder, Slider Revolution, and CleanTalk Anti-Spam. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security measures include HTTPS enforcement, anti-spam tools, and cookie consent management, although some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. The security posture is solid for a non-profit, with room for enhancement in formal security policies and incident response disclosures. Privacy compliance is adequate, with GDPR-aligned cookie and privacy policies present. The domain registration is consistent with the organization's location and business history, supporting legitimacy. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms to further strengthen trust and compliance.

S

SANCTA MARIA Schule der hl. Hedwig gGmbH

sancta-maria-schule.de

53

SANCTA MARIA Schule der hl. Hedwig gGmbH is a specialized educational institution in Berlin, Germany, focusing on students with special needs in learning and intellectual development. The school operates under the Catholic Hedwigschwestern organization and collaborates with related pedagogical and social service partners. The website reflects a well-maintained digital presence using WordPress with Elementor and Astra theme, providing clear information about the school, its programs, and contact options. Privacy and security measures such as GDPR-compliant consent and Google reCAPTCHA are implemented, indicating awareness of data protection requirements. However, explicit security policies and incident response contacts are not present, which could be improved. Overall, the site is professional, trustworthy, and serves its target audience effectively.

K

Kath. Schulzentrum Edith Stein - Fachschule für Sozialpädagogik und Berufsfachschule für Sozialassistenz

schulzentrum-edithstein.de

58

Katholisches Schulzentrum Edith Stein is a medium-sized educational institution based in Berlin, specializing in social pedagogy and social assistance training. It operates under the Catholic Archdiocese of Berlin and offers state-recognized programs for aspiring educators and social assistants. The website reflects a professional and consistent brand image, targeting students seeking vocational education in social fields. Technically, the site is built on Joomla CMS with modern JavaScript libraries and analytics tools, providing a responsive and user-friendly experience. Security posture is solid with HTTPS and GDPR-compliant cookie consent, though some security headers and policies could be improved. Overall, the domain and hosting align well with the institution's profile, indicating legitimacy and trustworthiness.

S

SANCTA MARIA - Institut der hl. Hedwig gGmbH

sancta-maria-berlin.de

44

SANCTA MARIA - Institut der hl. Hedwig gGmbH is a non-profit organization based in Berlin, Germany, providing specialized child and youth welfare services including therapeutic support and special education. The organization operates two main locations and offers a range of social and educational services aimed at supporting children and young people in need. Their market position is regional and focused on social care within the Berlin area. The website reflects a professional and consistent brand image with clear service descriptions and contact information. Technically, the site is built on WordPress with modern SEO and performance optimizations, including lazy loading and image compression. Security posture is adequate with HTTPS and cookie consent mechanisms, though security headers and explicit policies are lacking. WHOIS data is minimal but consistent with a small non-profit entity. Overall, the site is trustworthy, safe, and well-suited for its target audience.

C

Canisius-Kolleg

canisius.de

53

Canisius-Kolleg is a well-established Jesuit educational institution located in Berlin, offering Gymnasium education from grade 5 and an integrated secondary school from grade 9. The school emphasizes a Christian-humanist educational philosophy, fostering comprehensive development and responsibility among young people. It serves a diverse student body with over 900 students from 60 nationalities. The website reflects a mature digital presence built on WordPress with modern plugins and a responsive design, providing clear navigation and rich content. Privacy and cookie policies are comprehensive and GDPR compliant, with an active consent mechanism. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the site projects professionalism, trustworthiness, and a strong educational brand in the Berlin region.

V

VM

vm.com

53

VM operates as a pioneering domain NFT marketplace, leveraging blockchain technology to facilitate seamless domain trading, transfers, lending, and escrow services. Registered as an ICANN-accredited registrar in Hong Kong since 2022, VM positions itself as a trusted platform for Web3 domain asset management. The website demonstrates a modern technical infrastructure built on Vue.js and integrates with popular blockchain wallets such as MetaMask, indicating a mature digital presence. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and incident response details are not publicly available. The absence of WHOIS data for the domain raises some concerns about registration transparency, but the presence of recognized partners and clear privacy policies mitigates some risk. Overall, VM presents a credible and innovative business with room for improvement in transparency and security disclosures.

W

Weber Betonwerk

weber-betonwerk.de

54

Weber Betonwerk is a German-based manufacturer specializing in high-quality concrete prefabricated and semi-finished elements for the construction industry. The company emphasizes precision, in-house formwork construction, and just-in-time delivery supported by a modern fleet and digital customer portal. Their website reflects a mature digital presence built on WordPress with professional design and GDPR-compliant privacy and cookie policies. The technical infrastructure includes modern plugins and Cloudflare DNS, ensuring good performance and security. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy and well-positioned to serve its target audience of construction professionals.

F

Foca Gruppe

foca-gmbh.de

45

The website 'Foca Gruppe' appears to be a small business entity based in Germany, as indicated by the domain and language usage. The site uses modern web technologies such as Font Awesome Pro for icons and Google reCAPTCHA for bot protection, hosted behind Cloudflare DNS services. However, the content is minimal with no explicit business description, contact information, or legal policies such as privacy or cookie policies. The technical infrastructure shows moderate digital maturity but lacks comprehensive SEO, accessibility, and security headers. Security posture is basic with some best practices like reCAPTCHA but missing critical security headers and policies. Overall, the site is accessible without WAF or blocking mechanisms but requires significant improvements in privacy compliance, contact transparency, and security hardening to enhance trust and compliance.

M

Masterpages

masterpages.com

62

Masterpages is a German-based SaaS platform specializing in creating optimized marketing websites and landing pages designed to generate leads and customers efficiently. The platform leverages AI technologies to assist users in generating sales copy and images, making it accessible even to those without technical expertise. It targets a diverse audience including local businesses, online entrepreneurs, coaches, affiliate marketers, and agencies. The business model is subscription-based with additional live workshops and marketing support. Technically, the website employs modern frameworks such as Bootstrap and integrates multiple third-party services including Stripe for payments, Facebook SDK, and analytics tools like Yandex Metrika and Google Tag Manager. The hosting and DNS are managed via Cloudflare, ensuring good performance and security. Security posture is solid with HTTPS enforced and domain locks in place, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is addressed with a comprehensive GDPR-aligned privacy policy, but lacks a visible cookie consent mechanism. No direct contact or incident response information is provided, which could be improved. Overall, the website is professional, well-designed, and trustworthy with extensive marketing and lead generation capabilities.

B

Bildungsstätte Anne Frank

hfg-jetzt.de

56

HfG.jetzt is an informational website dedicated to prospective students applying to Hochschule für Gestaltung (HfG) Offenbach, focusing on art and design study programs. The site provides application timelines, program details, and links to related university resources. It targets applicants primarily in Germany but offers an English version for international users. The business model centers on educational information dissemination without direct commercial transactions. Technically, the website is built on WordPress, utilizing modern JavaScript libraries such as Swiper.js for UI components and jQuery for scripting. The site is hosted with domain control services consistent with GoDaddy infrastructure. It employs HTTPS with good SSL configuration and includes a GDPR-compliant cookie consent mechanism that restricts cookies to necessary ones only, reflecting a strong privacy posture. Security-wise, the site enforces HTTPS and cookie consent but lacks explicit security headers and documented security policies or incident response contacts. No vulnerabilities or tracking scripts were detected, indicating a low-risk profile. The WHOIS data aligns with the website's educational purpose, showing no suspicious registration patterns. Overall, the website is professional, trustworthy, and well-suited for its educational audience. Strategic improvements could include enhancing security headers, publishing security policies, and providing clearer contact information to strengthen trust and compliance.

I

ImmoGarten GmbH

immogarten.de

63

ImmoGarten GmbH operates as a specialized garden nursery and plant provider based in Frankfurt am Main, Germany. The company offers a broad range of plants including garden trees, shrubs, hedges, and garden accessories, complemented by services such as garden consultation, delivery, and planting. Their market position is that of a regional specialist with a strong presence in the Rhein-Main area, supported by partnerships with related brands and an online shop for magnolias. The website is built on Silverstripe CMS and employs modern web technologies, providing a good user experience with mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and cookie consent implemented, though the absence of a privacy policy and terms of service pages indicates compliance gaps. Contact information is clearly presented, enhancing business credibility. Overall, the website is professional, trustworthy, and well-structured, serving its target audience effectively.

I

Immo Herbst GmbH

karriere-immo-herbst.de

55

Immo Herbst GmbH operates a career portal focused on recruitment for gardening and landscaping roles in Frankfurt am Main, Germany. The website provides job listings and information about employee benefits, targeting job seekers in the landscaping sector. The company appears to be a small regional player in the real estate and landscaping industry. Technically, the website uses a proprietary or site builder framework (OneKit), integrates Facebook Pixel for marketing and tracking, and is hosted on servers associated with kasserver.com. The site is mobile-optimized and has good SEO practices but lacks some advanced accessibility features. Security-wise, HTTPS is enabled and cookie consent mechanisms are in place; however, the absence of security headers and explicit privacy and terms of service pages indicates room for improvement. No blocking or WAF mechanisms were detected, and the content is safe for general audiences. WHOIS data is limited but consistent with the business profile. Overall, the website is functional and professional but would benefit from enhanced privacy, security, and contact transparency.

D

Deutsche Anwaltauskunft

anwaltauskunft.de

55

Deutsche Anwaltauskunft operates a German-language online legal information magazine and lawyer referral platform. It provides comprehensive legal content across multiple categories such as life, work, housing, mobility, society, economy, and finance. The platform targets the general public seeking legal advice and lawyer contacts in Germany. Technically, the website is built on the Contao CMS, uses modern JavaScript libraries including jQuery and Usercentrics for consent management, and integrates Matomo for analytics. The site is mobile-optimized with good navigation and SEO practices. Security-wise, HTTPS is enforced, and consent mechanisms are in place, but explicit security headers and formal security policies are absent. Overall, the site demonstrates a mature digital presence with moderate to good security posture and privacy compliance.

team tietge is a small full service advertising agency based in Offenburg, Germany, specializing in digital and analog corporate communication. The website presents a professional business profile targeting companies seeking comprehensive advertising and communication services. Technically, the site is built on Silverstripe CMS with Bootstrap framework, offering a modern and responsive design with good SEO practices. However, the absence of WHOIS registration data raises concerns about domain legitimacy. Security posture is moderate with no detected security headers or explicit SSL configuration details. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is functional and professional but lacks critical trust and security indicators.

E

EDP Group

edpr.com

71

EDP Group is a well-established global energy company with a strong focus on renewable energy and sustainability. The website serves as a centralized hub for information about the group and its subsidiaries, including EDP Renewables. The site is professionally designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content for investors, clients, and partners. Technically, the site is built on Drupal CMS and integrates modern analytics and monitoring tools such as Google Tag Manager, HubSpot, and Dynatrace. Security posture is solid with HTTPS enforced and domain transfer protection enabled, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy compliance is partially demonstrated through cookie consent mechanisms, but a dedicated privacy policy page was not found on the analyzed URL. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy and trustworthiness of the site.

H

HÖHNE MEDIA

hoehne-media.de

47

HÖHNE MEDIA is a creative digital agency based in Südwestfalen, Germany, specializing in branding, strategy, design, web development, and marketing services tailored primarily for medium-sized industrial and B2B clients. The agency emphasizes local expertise and a collaborative coworking environment to deliver comprehensive communication solutions from concept to execution. Their website reflects a professional and consistent brand image with clear service offerings and client references. Technically, the website is built on WordPress using the Elementor page builder, incorporating modern web technologies such as Google reCAPTCHA v3 for form security and Borlabs Cookie for GDPR-compliant cookie management. Hosting is provided by a regional hosting provider, and the site uses HTTPS with a good SSL configuration. Performance and mobile optimization are adequate, though there is room for improvement in accessibility and security headers. From a security perspective, the site demonstrates good practices including encrypted connections, spam protection on forms, and cookie consent mechanisms. However, it lacks explicit security policies, incident response information, and vulnerability disclosure mechanisms. No critical vulnerabilities or suspicious content were detected. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving accessibility features to further strengthen trust and compliance.

A

Agile Store Locator WordPress Plugin

agilestorelocator.com

49

Agile Store Locator is a specialized WordPress plugin provider offering a premium store locator solution integrated with Google Maps API. The company has established a strong market presence since 2016, with over 10,000 sales and hundreds of positive reviews, positioning itself as a niche leader in the WordPress plugin ecosystem. Their product suite includes multiple templates, analytics, and premium addons for WooCommerce and data synchronization, targeting WordPress site owners and e-commerce businesses seeking enhanced store location capabilities. Technically, the website is built on WordPress with Bootstrap and integrates modern marketing and analytics tools such as Google Analytics and Sender.net. The site demonstrates good mobile responsiveness, accessibility, and SEO optimization, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS and domain transfer restrictions but lacks DNSSEC and explicit security headers, indicating room for improvement in hardening. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite tracking scripts. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy practices.

C

CORTEX media GmbH

cortex-media.de

60

CORTEX media GmbH is a small technology company based in Ulm, Germany, specializing in professional internet applications including cloud software, web development, AI integration, mobile apps, and server hosting. The company positions itself as an innovation hub offering tailored digital solutions for businesses, ranging from small mobile apps to large internet portals and cloud infrastructures. Their website reflects a high level of professionalism with consistent branding and comprehensive service offerings. Technically, the site is built on WordPress with modern web technologies, optimized for mobile devices, and includes structured data for SEO benefits. Security posture is solid with HTTPS and no visible vulnerabilities, though there is room for improvement in security policy transparency and cookie consent mechanisms. Overall, the website is trustworthy and well-maintained, supporting the company's market position as a competent digital solutions provider.

A

Axians Infoma GmbH

axians-infoma.com

64

Axians Infoma GmbH is a German software and consulting company specializing in cloud-capable software solutions for municipalities and public administration. With over 30 years of experience and more than 1,500 municipal clients, the company offers integrated solutions for financial management, property and building management, business intelligence, eGovernment, and digital transformation. The website is professionally designed, well-structured, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, the site runs on WordPress with modern plugins and tracking tools such as Google Analytics and Tag Manager, and employs cookie consent mechanisms to comply with GDPR. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the domain registration and website content align with a legitimate, established business in the German public sector software market.

A

Axians eWaste

eavalportal.de

66

Axians eWaste operates a specialized login portal for its e-waste management services, targeting business and enterprise clients primarily in Germany. The website is part of the Axians brand ecosystem, focusing on technology and environmental services. The portal uses modern authentication protocols such as OpenID Connect with PKCE, indicating a secure approach to user authentication. However, the website content is minimal and currently displays an error related to an invalid redirect URI, which may impact user experience and trust. Technically, the site uses jQuery and Keycloak for authentication, but lacks visible security headers and advanced SEO or accessibility features. The cookie consent mechanism and privacy policy presence demonstrate basic compliance with GDPR requirements. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency, although the linkage to known Axians domains suggests it is a legitimate corporate asset. Security posture is moderate with good authentication practices but missing security headers and error handling improvements needed. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. Overall, the site requires improvements in content quality, error handling, and security hardening to enhance trust and user experience.

A

Axians eWaste GmbH

enature.cloud

70

Axians eWaste GmbH operates the eNATUREcloud portal, a specialized platform designed to assist large companies in the EU with environmental and energy reporting, particularly compliance with the European Energy Efficiency Directive. The company positions itself as a niche provider in the energy and waste management sector, offering integrated tools for waste management, environmental reporting, and audit databases. The website reflects a professional B2B service model targeting enterprises with significant operational scale. Technically, the website leverages a modern but standard technology stack including jQuery, Bootstrap, FontAwesome, and Slick Carousel, running on a WordPress CMS platform. Authentication is managed via OpenID Connect through Keycloak, indicating a secure and modern identity management approach. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS and uses secure authentication protocols. However, there is a lack of visible security headers and no public security or incident response policies, which could be improved. Cookie consent mechanisms and privacy policies are well implemented, supporting GDPR compliance. The absence of WHOIS data for the domain suggests it is a subdomain or internally managed domain, which is consistent with the professional nature of the site. Overall, the website demonstrates a solid security posture and business credibility with minor areas for improvement in security best practices and transparency. The risk level is low, and the site is suitable for its intended professional audience.

Axians eWaste GmbH operates a specialized online service portal focused on waste management solutions, providing centralized software architecture to streamline processes for businesses in the environmental sector. The website serves as a gateway to multiple related portals and services under the Axians brand, targeting primarily German-speaking business customers. The technical infrastructure is based on modern JavaScript libraries and ASP.NET MVC framework, with a moderate level of mobile optimization and accessibility. Security measures include CSRF protection and cookie consent mechanisms, though explicit security headers and incident response information are lacking. Overall, the website presents a professional and trustworthy digital presence consistent with a medium-sized enterprise in the energy and environmental services sector.

Axians eWaste GmbH operates the eTFSportal, a specialized cloud-based software solution designed to facilitate compliance with EU regulations on cross-border waste shipments. The portal supports electronic notification and transport management processes, targeting companies involved in waste transport and disposal. The business is positioned as a niche provider within the energy and transportation sectors, leveraging its parent company Axians' expertise and infrastructure. The website demonstrates a professional and consistent brand presence with clear business information and multilingual support. Technically, the website employs a modern technology stack including jQuery, Bootstrap, FontAwesome, and Google reCAPTCHA v3 for security. The portal integrates various UI components and validation mechanisms to ensure usability and security. Hosting appears professional and GDPR compliant, though some security enhancements such as DNSSEC and security headers could be improved. Security posture is solid with HTTPS enforced and bot protection via reCAPTCHA, but lacks explicit security policies and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website and business present a trustworthy and professional image with moderate technical sophistication and good compliance practices. Strategic improvements in security headers and incident response transparency would further enhance trust and resilience.

E

Log-In :: eNATURE portal

enatureportal.de

58

The eNATURE portal website serves as a login interface for registered users, likely providing access to specialized services or data. The site is built on ASP.NET WebForms technology with EO.Web controls, indicating a legacy or enterprise-focused platform. The technical infrastructure is moderate with HTTPS enforced, but lacks modern security headers and comprehensive privacy or cookie policies. The content is minimal and primarily functional, targeting internal or registered users rather than the general public. No contact or business information is publicly available, limiting transparency and trust signals. Security posture is basic with room for improvement in headers and form protections. Overall, the site is functional but lacks comprehensive compliance and user-facing information.

A

Axians eWaste GmbH

eanvportal.de

55

Axians eWaste GmbH operates the eANVportal, a specialized web-based platform for managing electronic waste disposal and compliance in Germany. The portal supports waste producers, disposers, and authorities by providing transparent, legally compliant waste tracking and documentation services. The company positions itself as a key player in the German waste management software market, offering additional portals and services such as eNATUREportal and eTFSportal, targeting B2B customers in the environmental and energy sectors. Technically, the website employs a modern JavaScript stack including jQuery, Bootstrap, and various UI libraries, with Spring Security handling authentication. The site is mobile-optimized and provides a professional user experience, although some accessibility and SEO aspects are basic. Security practices include HTTPS enforcement and client-side password encoding, but improvements are recommended in password handling and HTTP security headers. The security posture is solid but not exemplary, with no visible incident response or vulnerability disclosure mechanisms. Privacy compliance is strong, with clear cookie consent and privacy policies aligned with GDPR. Contact information is complete and transparent, enhancing business credibility. Overall, the website is trustworthy and professionally maintained, suitable for its business audience. Strategic security enhancements and transparency improvements would further strengthen its position and user trust.

A

Axians Deutschland

axians.de

80

Axians Deutschland is a prominent ICT solutions provider and digital transformation partner operating as part of the global VINCI Energies network. The company focuses on delivering industry-specific digitalization services, primarily targeting business customers in Germany's energy and technology sectors. The website reflects a professional and consistent brand presence, emphasizing Axians' role as a pioneer in digital transformation. Technically, the site is built on WordPress with modern libraries and includes SEO and analytics tools such as Yoast SEO Premium and Matomo Analytics. Security measures include HTTPS usage and Google reCAPTCHA integration, alongside a cookie consent mechanism, although explicit security policies and headers are not evident. The WHOIS data is partially consistent with the website's claims but lacks detailed registrant information, slightly impacting trust. Overall, the site is well-structured, secure, and compliant with basic privacy standards, suitable for its business audience.

A

Autoline Deutschland

autoline.de

56

Autoline Deutschland operates a leading online marketplace specializing in commercial vehicles, including trucks, buses, trailers, and spare parts. With a strong market presence in Germany and international reach across 80 countries, the platform serves over 6,700 business customers and millions of monthly buyers. The website offers extensive listings, dealer directories, and marketing services, supporting both buyers and sellers with a user-friendly interface and advanced search capabilities. Technically, the site employs modern web technologies, integrates multiple analytics and advertising tools, and maintains good mobile optimization and SEO practices. Security posture is solid with HTTPS and basic security headers, though improvements in cookie consent and security policy transparency are recommended. Overall, Autoline presents a professional, trustworthy, and mature digital presence in the transportation sector.

T

TruckScout24 GmbH

truckscout24.de

62

TruckScout24 GmbH operates a leading European online marketplace specializing in commercial and leisure vehicles including trucks, transporters, construction machinery, and caravans. The platform offers extensive vehicle listings with advanced filtering options, catering to both professional and private buyers and sellers. The company maintains a strong market position supported by official sponsorships and a professional digital presence. Technically, the website employs modern frameworks such as Yii2, Bootstrap, and jQuery, with integrations for Google Tag Manager and reCAPTCHA, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforcement and CSRF protections, though explicit security policies and incident response contacts are absent. Privacy compliance is robust, featuring a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the website is professional, trustworthy, and well-optimized for user experience and mobile devices.

Zukunftsinitiative Rheinland-Pfalz (ZIRP) e.V. operates as a regional non-profit network connecting politics, economy, science, and culture in Rheinland-Pfalz, Germany. The organization acts as a think tank providing impulses for future-oriented topics, strengthening the region as an attractive location for business and living. Their website showcases events, publications, and projects aimed at fostering sustainable development and innovation. The target audience includes government entities, businesses, academia, and the general public interested in regional development. Technically, the website is built on TYPO3 CMS with Bootstrap and FontAwesome, delivering a professional, mobile-optimized, and accessible user experience.

M

MacQueen

macqueeneq.com

63

MacQueen is a regional leader in providing environmental and emergency equipment solutions across multiple Midwestern states in the United States. Their business model focuses on B2B sales and service of specialized equipment for municipalities, emergency responders, and environmental service providers. The website reflects a professional and consistent brand presence with clear navigation and detailed product offerings. Technically, the site is built on the HubSpot CMS platform, leveraging modern marketing and analytics tools such as Google Analytics, Facebook Pixel, and Hotjar, indicating a mature digital marketing infrastructure. Security posture is generally strong with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and explicit privacy policies suggests room for improvement. The lack of WHOIS registration data is a notable concern, potentially impacting trust from a domain legitimacy perspective. Overall, the site is safe for general audiences and demonstrates good business credibility and technical implementation.

Stummer Hungária Kft. is a small Hungarian company founded in 2017, serving as the official representative and exclusive distributor of Stummer, Zöller, and Faun communal vehicle equipment in Hungary. The company focuses on sales, manufacturing, spare parts, and after-sales service for municipal vehicles and related equipment. Their market position is well established as the exclusive domestic distributor, targeting municipalities and waste management service providers. The website reflects a professional business presence with clear contact information and relevant content describing their services and history. Technically, the website uses a modern frontend stack including Bootstrap 4.3.1, jQuery, and Google Analytics for tracking. The site is mobile responsive and well structured but lacks advanced SEO and accessibility features. No CMS or hosting provider details are evident. Performance is moderate with no critical technical issues detected. From a security perspective, the site uses HTTPS (implied by external scripts loaded over HTTPS) but lacks visible security headers and does not provide privacy or cookie policies, indicating compliance gaps with GDPR. No forms or sensitive data collection mechanisms are present, reducing risk exposure. Google Analytics is used without a visible cookie consent mechanism, which may pose privacy compliance concerns. No incident response or security policy information is provided. Overall, the website is safe, professional, and business-focused with moderate technical maturity and some compliance gaps. Strategic improvements in privacy compliance, security headers, and transparency would enhance trust and security posture.

G

GORICA Group

goricagroup.com

44

GORICA Group is a Dubai-based manufacturer specializing in trailers, semitrailers, concrete mixers, and related heavy vehicle equipment serving the MENA region. The company positions itself as a leading manufacturer in the Middle East and North Africa, with a business model focused on manufacturing and after-sales services. The website reflects a medium-sized enterprise with subsidiaries and a consistent brand presence. Technically, the website is built on Joomla CMS with Bootstrap and jQuery, offering moderate performance and good mobile optimization. However, the site lacks comprehensive privacy and cookie policies, and no incident response or security contact information is provided, indicating compliance and security posture gaps. The domain is well-established since 2001, consistent with the company's claimed history, and no blocking or WAF mechanisms interfere with content access.