Security Directory

H

HERING Gruppe

heringinternational.com

10

HERING Gruppe is a well-established German company specializing in innovative construction solutions and infrastructure products, particularly for public spaces and transportation sectors. With a history dating back to 1892 and a workforce of approximately 700 employees, the company offers a broad portfolio including architectural concrete facades, public sanitary facilities, railway construction, noise protection, and photovoltaic technologies. The website reflects a professional and comprehensive digital presence, leveraging TYPO3 CMS and modern frontend technologies to deliver a user-friendly experience. Security posture is generally good with HTTPS and no visible vulnerabilities, though improvements in security headers and cookie consent mechanisms are recommended. The absence of WHOIS data for the domain is a notable anomaly that warrants further investigation to confirm domain legitimacy. Overall, HERING presents as a credible and mature business with strong market positioning in the transportation and construction industries.

H

HBS Elektrobau GmbH

hbs-elektrobau.de

10

HBS Elektrobau GmbH is a German company specializing in electrical installation services, training, and maintenance, operating under the umbrella of the HBS Gruppe. The company positions itself as a quality and reliable provider in the energy and transportation sectors, offering a broad range of services including Anlagenbau, Bahntechnik, Elektrotechnik, and Sicherheitstechnik. The website is professionally designed using TYPO3 CMS and modern frontend technologies, providing good user experience and mobile optimization. Social media integration is strong, enhancing brand presence. Security posture is adequate with HTTPS enabled, but lacks explicit security headers and detailed privacy or incident response policies. No blocking or WAF challenges were detected, allowing full content access. Overall, the site reflects a medium-sized, established business with consistent branding and good technical implementation.

Transport-Logistik Oberhessen GmbH (TLO) is a German logistics and transport company specializing in modern, flexible, and punctual transport solutions, including special transports such as oversized and heavy loads. With over 20 years of experience, TLO serves a growing customer base, including notable clients in the rail construction sector, offering comprehensive logistics and vehicle services supported by an in-house fleet and workshops. The website reflects a professional and consistent brand presence with clear service descriptions and contact channels. Technically, the site is built on WordPress with modern plugins for performance and cookie consent, hosted on Strato servers, and secured with HTTPS. Security posture is solid with room for improvement in security headers and incident response transparency. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site demonstrates a mature digital presence aligned with business operations and regulatory requirements.

S

Seduco digital

seduco.sk

47

Seduco digital is a Slovak-based digital marketing agency specializing in WordPress web development, WooCommerce e-commerce solutions, branding, and online marketing services. The company positions itself as a regional player focused on delivering high-quality websites, effective marketing campaigns, and unique visual identities to businesses. Their website demonstrates a mature digital infrastructure with modern technologies such as WordPress, Bootstrap, and integrated analytics tools like Microsoft Clarity and Google Tag Manager. The site is well-optimized for SEO and mobile devices, reflecting a strong digital maturity. Security posture is solid with HTTPS enforced, security headers present, and GDPR-compliant cookie consent mechanisms. However, there is no publicly available security policy or incident response information, which could be improved to enhance trust and preparedness. Overall, the website is professional, trustworthy, and compliant with privacy regulations, making it a reliable digital presence for the company.

B

Bezecný s.r.o.

bezecny.cz

43

Bezecný s.r.o. is a small Czech company specializing in comprehensive engineering geodesy services including surveying, building measurements, and project documentation. Established since 1990, the company serves clients involved in construction and industrial projects, with a portfolio including major industrial zones and commercial centers. The website presents a professional image with clear service descriptions and contact information, targeting local businesses and construction professionals. Technically, the website uses a modern frontend stack with Bootstrap, jQuery, and various UI libraries, providing a responsive and user-friendly experience. However, there is no evidence of a CMS or advanced backend technologies. Performance is moderate with good mobile optimization but basic accessibility and SEO features. Security posture is moderate; the site uses CAPTCHA and GDPR consent on its contact form but lacks visible HTTPS confirmation and security headers in the provided data. The absence of WHOIS registration data is a concern for domain legitimacy, although the website content and contact details appear consistent and professional. Overall, the site is functional and business-appropriate but would benefit from improved security practices, clear privacy and cookie policies, and verified domain registration information to enhance trust and compliance.

F

floorING - Stavebná spoločnosť

flooring.sk

45

floorING is a Slovak construction company specializing in industrial flooring and parking area construction, with over 10 years of experience. The company positions itself as a professional and reliable partner offering comprehensive services from substrate preparation to final concrete layers. Their market presence is supported by a portfolio of significant projects and positive customer testimonials. Technically, the website is built on a modern WordPress platform using Elementor and related plugins, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks some security headers and a published privacy policy, which are recommended for compliance and trust. Overall, the business appears legitimate and well-established with clear contact information and consistent branding.

P

PRUNIWERK a.s.

pruniwerk.cz

48

PRUNIWERK a.s. is a Czech manufacturing and trading company specializing in aluminum construction products including windows, doors, facades, skylights, and fire ventilation systems. Established in 2012 and with over 25 years of industry experience, the company serves construction professionals and investors primarily in the Czech Republic and Slovakia. It is a member of the Purposia group since 2023, enhancing its market position and collaboration capabilities. The website reflects a professional business with detailed product offerings, references, and a clear focus on quality and certifications. Technically, the site uses modern JavaScript libraries and frameworks, is hosted with a reputable Czech provider, and implements GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS enforced and no visible vulnerabilities, though formal security policies and incident response contacts are not published. Overall, the website is well-designed, trustworthy, and compliant with privacy regulations.

A

Antracitproperty

antracit.eu

50

Antracitproperty operates as an international real estate development group focusing on comprehensive development services tailored to client needs in the Czech and Slovak Republics. Their portfolio includes residential, logistics, industrial, and administrative buildings. The website is professionally designed, multilingual, and integrates modern technologies such as WordPress CMS, Google Maps API, and SEO plugins, reflecting a mature digital presence. Security posture is solid with HTTPS and cookie consent mechanisms, though improvements are recommended in security headers and explicit privacy and terms policies. Overall, the domain registration and website content align well, indicating a legitimate and credible business.

H

HSF System SK s.r.o.

hsfsystem.sk

44

HSF System SK s.r.o. is a Slovak construction company specializing in the design and delivery of industrial halls, commercial buildings, and steel constructions. The company operates primarily in the B2B sector, serving construction investors and commercial clients. It holds ISO certifications (9001, 14001, 45001) and is part of the PURPOSIA Group, indicating a solid market position and professional business model. The website reflects a medium-sized enterprise with a consistent brand and good content quality. Technically, the website is built on WordPress with modern JavaScript libraries and integrates Google Analytics and Tag Manager for tracking. The site is mobile-optimized and performs moderately well, though some accessibility features are basic. Security posture is good with enforced HTTPS and no exposed sensitive data, but lacks some security headers and cookie consent mechanisms. Security-wise, the company demonstrates compliance with international standards and holds relevant certifications. However, the absence of an incident response contact and cookie consent banner indicates room for improvement in compliance and transparency. No vulnerabilities or suspicious content were detected. Overall, the website is trustworthy, professional, and secure with minor gaps in privacy compliance and security best practices. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance the security posture and user trust.

T

Tappx

tappx.com

72

Tappx is a technology-driven AdTech company specializing in app monetization, user acquisition, and programmatic advertising across multiple platforms including mobile, web, and OTT/CTV. The company targets publishers, app developers, advertisers, and demand partners, positioning itself as a medium-sized player with a significant footprint evidenced by over 500 publishers and 160 billion monthly ad requests. The website is professionally designed with excellent SEO and mobile optimization, reflecting a mature digital presence. Technically, the site leverages WordPress with advanced performance optimizations such as lazy loading and integrates Google Analytics and Tag Manager for data collection. Security posture is solid with HTTPS and some security best practices, though it lacks explicit security headers and published policies. The absence of WHOIS data and domain registration details is a concern, slightly reducing trustworthiness. Overall, the site is credible and business-focused but would benefit from enhanced transparency in privacy, terms, and security disclosures.

F

Frankfurter Goethe-Haus

frankfurter-goethe-haus.de

55

The Frankfurter Goethe-Haus website represents a cultural institution focused on the legacy of Goethe in Frankfurt, Germany. The site is modest in content with minimal descriptive information about the business or institution. It employs modern cookie consent management via Cookiebot and uses Matomo Analytics for visitor tracking with respect for privacy settings. However, the site lacks explicit privacy policies, terms of service, and contact information, which limits transparency and user trust. The technical infrastructure is adequate with HTTPS and consent mechanisms but could benefit from enhanced security headers and clearer business information.

F

Freies Deutsches Hochstift

freies-deutsches-hochstift.de

59

Freies Deutsches Hochstift is a German cultural and educational institution dedicated to German literature and history, operating museums and archives. The website presents a professional and consistent brand image with good content quality targeted at the general public interested in German culture. Technically, the site uses modern tools such as Matomo for analytics and Cookiebot for GDPR-compliant cookie consent management, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, though security headers and explicit security policies are missing. Privacy compliance is supported by a comprehensive cookie consent mechanism but lacks a visible privacy policy page. Overall, the site is trustworthy and safe with no adult or questionable content detected.

B

Beckerbillett

ticketfritz.de

57

The website ticketfritz.de is an e-commerce platform operated by the company Beckerbillett, specializing in online ticket sales. The site targets a general audience primarily in Germany and offers multi-language support. The business model revolves around providing online shops for ticketing services, with a medium-sized operational scale. The website content is professionally presented with consistent branding and includes essential business information and contact details.

O

OceanWP

oceanwp.org

71

OceanWP is a well-established WordPress theme provider founded in 2016, offering a flexible and feature-rich multi-purpose theme that integrates seamlessly with popular page builders like Elementor and WooCommerce. The company has a strong market position with over 8.9 million downloads and a large user base, supported by a comprehensive suite of premium extensions and optimization tools such as Site Booster. The website demonstrates a mature digital infrastructure leveraging WordPress CMS, modern JavaScript libraries, and integrations with marketing and analytics platforms including Facebook Pixel, Google Tag Manager, and Mailerlite. Security posture is solid with HTTPS enabled and domain registration protections, though there is room for improvement in publishing explicit privacy and security policies. Overall, the site is professional, user-friendly, and trustworthy, targeting WordPress users from beginners to professionals seeking customizable and performance-optimized themes.

F

Fondation Hindemith

fondation-hindemith.org

47

Fondation Hindemith is a small, specialized cultural foundation dedicated to preserving and promoting the legacy of composer Paul Hindemith. The website provides rich content about the foundation's activities, including music promotion, research, publications, and cultural events. The foundation targets musicians, scholars, and classical music enthusiasts primarily in German-speaking regions, with multilingual support for English and French. The domain is recently registered but hosted by a reputable provider, consistent with a small non-profit organization. Technically, the website is built on WordPress with Elementor and SEO plugins, offering good design and navigation but lacking explicit privacy and cookie policies. Security posture is adequate with HTTPS but could be improved by enabling DNSSEC and security headers.

S

Schott Music

schott-music.com

68

Schott Music is a historic and leading publisher specializing in classical and contemporary music, offering a wide range of sheet music, books, and digital products. The company targets musicians, educators, and music enthusiasts globally, operating a professional e-commerce platform built on Magento. The website demonstrates a mature digital infrastructure with modern technologies, including Google Analytics, Tag Manager, and Usercentrics for privacy compliance. Security posture is strong with HTTPS, security headers, and CAPTCHA implementations, though explicit security policies and incident response contacts are absent. The lack of WHOIS data for the domain is a notable anomaly that impacts trustworthiness despite the professional presentation and comprehensive privacy compliance. Overall, the site is well-structured, user-friendly, and compliant with GDPR, serving a broad audience with high-quality content and services.

The website www.hanau.de is the official digital presence of the city of Hanau, Germany, serving as a comprehensive municipal portal. It provides residents, visitors, and businesses with access to a wide range of city services, political information, cultural events, environmental initiatives, and citizen engagement programs. The site targets a broad audience including local citizens, tourists, and stakeholders interested in the city's offerings. The business model is that of a government entity providing public information and services, positioning itself as the authoritative source for Hanau-related municipal content. Technically, the website is built on the IMPERIA CMS platform, leveraging modern web technologies such as Bootstrap and FontAwesome for UI/UX. It employs Matomo analytics with pseudonymized IP tracking, demonstrating a commitment to privacy. The site is mobile-optimized and includes accessibility features, with a cookie consent mechanism compliant with GDPR requirements. Hosting appears professional with multiple authoritative nameservers. From a security perspective, the site uses HTTPS and implements cookie consent controls. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not evident. No critical vulnerabilities or exposed sensitive data were detected in the analyzed content. The WHOIS data aligns with the website's governmental nature, showing consistent registration and no privacy protection, which is appropriate for a public entity. Overall, the website presents a trustworthy, well-maintained, and privacy-conscious digital platform for the city of Hanau. Strategic improvements could include publishing a dedicated security policy, incident response information, and a vulnerability disclosure page to enhance transparency and security posture.

G

GraphThemes & Casino LTD

graphthemes.com

55

GraphThemes & Casino LTD operates Graphthemes.com, a Swedish-language website specializing in providing information and guidance about casinos without Swedish licenses, targeting Swedish players seeking alternatives to licensed gambling platforms. The company positions itself as a trusted expert in gaming regulation and offers curated lists and advice on playing without spelpaus, a Swedish self-exclusion system. The business model appears to be affiliate and informational, focusing on niche gambling content. Technically, the website is built on WordPress with Elementor, leveraging modern fonts and icon libraries, and is hosted with Cloudflare DNS services. The site demonstrates good SEO practices and mobile optimization, though accessibility is basic. Security posture is adequate with HTTPS and domain transfer protections, but lacks DNSSEC and advanced security headers. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy or terms policies. Overall, the site is professional and trustworthy within its niche but could improve transparency and security documentation. Recommendations include enabling DNSSEC, publishing privacy and security policies, and adding incident response contacts to enhance trust and compliance.

K

Kulturkurier

kulturkurier.info

44

Kulturkurier is a German-based company specializing in online marketing and public relations services tailored for the culture and media sectors. Established since 2001, it offers a secure, decentralized marketing cloud solution that facilitates collaboration among employees managing press contacts and materials. The company positions itself as a leading media service provider in the cultural domain with a strong emphasis on GDPR compliance and data hosting within Germany. Technically, the website is built on WordPress using Elementor and integrates Google Analytics for user tracking. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and incident response details are absent. Overall, the site is professional, accessible, and trustworthy, supporting a medium-sized business model focused on B2B SaaS for cultural marketing.

C

Diese Webseite befindet sich im Aufbau

commonworks.de

35

The website commonworks.de is currently under construction and presents only a placeholder page with minimal content. There is no business description, contact information, or legal policies available, which limits the ability to assess the company's market position or services. The site uses basic HTML, CSS, and JavaScript with custom fonts and canvas effects, hosted on cloudpit servers. No CMS or advanced frameworks are detected. Security posture is weak due to lack of HTTPS information, security headers, and privacy compliance indicators. No forms or data collection mechanisms are present, and no analytics or tracking scripts are detected. Overall, the site is in an early development stage with low trust and credibility indicators.

S

Stadt Frankfurt am Main Kulturamt

kultur-frankfurt.de

46

The KulturPortal Frankfurt is the official cultural information portal of the city of Frankfurt am Main, Germany. It provides comprehensive information on various cultural sectors including architecture, theater, design, film, museums, music, literature, and city history. The portal targets residents and visitors interested in cultural events and institutions, serving as a government-operated platform to promote cultural engagement and events in the city. The website is well-branded with consistent use of official city logos and links to related municipal sites, reinforcing its authoritative position. Technically, the site is built on ASP.NET WebForms with a modern JavaScript stack including jQuery and accessibility enhancements via Eye-Able scripts. It uses Matomo for analytics with a GDPR-compliant cookie consent mechanism. The site is hosted on city-controlled nameservers, ensuring control and security. Performance is moderate with basic mobile optimization and good SEO practices. From a security perspective, the site enforces HTTPS and implements cookie consent but lacks explicit HTTP security headers and a public security policy or vulnerability disclosure. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the official city domain and hosting, confirming legitimacy. Overall, the site demonstrates a solid security posture appropriate for a government cultural portal. The risk assessment is low with no signs of malicious content or suspicious activity. Strategic recommendations include enhancing HTTP security headers, publishing a security policy, and considering a security.txt file to improve transparency and incident response readiness.

R

Rundschau Online

rundschau-online.de

63

Rundschau Online is a regional news website delivering current news content focused on Cologne and its surrounding region, covering sports, politics, celebrities, and other local interests. The site positions itself as a key regional media outlet with a broad target audience of general news consumers. The business model appears to be advertising-supported, leveraging ad networks such as Taboola for monetization. Technically, the website employs modern web technologies including Nuxt.js (a Vue.js framework) and Tailwind CSS for styling, indicating a contemporary and modular front-end architecture. The site is mobile-optimized and includes cookie consent mechanisms compliant with GDPR requirements, although explicit privacy and terms of service documents are not clearly found in the provided content. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie security best practices. However, it lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analysis. The domain registration appears legitimate and consistent with the business claims, with no privacy protection or suspicious WHOIS patterns. Overall, the website presents a professional and trustworthy regional news platform with moderate technical maturity and security posture. Improvements in privacy documentation, security headers, and incident response transparency would enhance compliance and trustworthiness.

D

DuMont Mediengruppe GmbH

dumont.de

59

DuMont Mediengruppe GmbH is a well-established German media and technology company with a rich history spanning over 400 years. The company operates multiple subsidiaries and brands in the media sector, offering digital content, marketing technologies, and publishing services. Their website reflects a mature digital presence with professional design, multilingual support, and comprehensive privacy and cookie policies, targeting a general audience interested in media and technology. Technically, the site is built on WordPress with Elementor and optimized for performance and SEO, demonstrating modern web standards and mobile responsiveness. Security posture is strong with HTTPS enforcement and security best practices, though formal security policies and incident response information are not publicly disclosed. Overall, the website is trustworthy, professional, and compliant with GDPR requirements.

D

DbjE WEB EFFECTIVE Digitalagentur

dbje.de

44

DbjE WEB EFFECTIVE Digitalagentur is a small technology-focused digital agency based in Hannover, Germany. They specialize in web design, marketing, TYPO3 CMS development, digital strategy, and AI consulting services. The company targets businesses seeking comprehensive digital agency solutions with a regional focus. Their website is professionally designed, consistent in branding, and provides clear contact information and service descriptions. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and includes privacy-conscious analytics and cookie consent mechanisms. Security posture is adequate but could be improved with explicit security policies and headers. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy.

N

Sign in - Matomo

netpiloten.de

46

The website netpiloten.de hosts a Matomo analytics platform login page, indicating it is used for web analytics data collection and reporting. The platform is open-source and free/libre, targeting users who require detailed visitor tracking and analytics. The site itself is primarily a login portal without public-facing business content, policies, or contact information. Technically, the site uses Matomo's standard JavaScript and PHP backend, served over HTTPS, ensuring encrypted communication. However, the absence of security headers and limited visible security controls suggest room for improvement in hardening the platform. Privacy compliance is minimal, with no visible privacy or cookie policies, which is a significant gap given the nature of data analytics services. The WHOIS data is sparse, showing only domain status and name servers, with no registrant details, which limits trust assessment. Overall, the site appears functional for its purpose but lacks transparency and comprehensive compliance documentation.

The website airserbia.com is currently inaccessible due to a Cloudflare security challenge page employing Turnstile captcha, which prevents access to actual website content. This limits the ability to analyze the site's privacy policies, contact information, business descriptions, and other critical data. The domain is registered with NameCheap, Inc. since 2004, indicating a long-standing presence consistent with an established airline business. The use of Cloudflare as a security and performance provider is standard for high-profile websites. Due to the blocking, no direct evidence of privacy compliance, security policies, or business details could be extracted. The site appears to be well-protected but inaccessible for detailed analysis.

H

Hannover Airport

haj-azubi.de

52

The website haj-azubi.de serves as the official platform for apprenticeship and vocational training opportunities at Hannover Airport. It targets young individuals seeking career paths in various airport-related trades such as logistics, office management, and fire services. The site is well-branded with Hannover Airport's identity and provides detailed information on available programs, benefits, and contact persons. Technically, the site is built on WordPress with a modern theme and uses reputable plugins for cookie consent and analytics. Hosting is provided by Hetzner, a reliable German hosting provider. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

H

HAJ Reisen

haj.de

51

HAJ Reisen operates as a regional travel agency closely affiliated with Hannover Airport, offering a broad range of travel services including flight tickets, package tours, cruises, and city trips. The website targets travelers primarily from the Hannover region, providing curated travel offers with partner agencies and reputable travel brands. The business model leverages the airport's infrastructure and regional presence to serve customers seeking convenient travel options. Technically, the website is built on TYPO3 CMS, hosted on Hetzner servers, and demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is moderate with HTTPS usage but lacks visible security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is comprehensive with numerous partner agency addresses and phone numbers. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

S

Sozialverband Deutschland e.V.

sovd.de

54

Sozialverband Deutschland e.V. (SoVD) is a large, well-established non-profit social association in Germany with approximately 600,000 members. The organization focuses on social law counseling, advocacy, and community support through a network of 2,000 local branches and nationwide counseling centers. Their website provides comprehensive information about their services, campaigns, publications, and membership benefits, targeting individuals seeking social support and legal advice in Germany. The business model centers on membership and social advocacy, positioning SoVD as a key player in the German social non-profit sector. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies including jQuery, Klaro for cookie consent, Matomo for privacy-conscious analytics, and eyeAble for accessibility enhancements. The site is mobile-optimized, well-structured, and demonstrates good SEO and accessibility practices. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism, reflecting good privacy compliance aligned with GDPR. However, there is a lack of visible security headers and no published security or incident response policies, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is minimal but consistent with the organization's online presence, supporting legitimacy. Overall, the website is professional, trustworthy, and well-suited to its audience. Strategic recommendations include enhancing security headers, publishing formal security and incident response policies, and providing clearer contact information for data protection officers. These steps would strengthen the security posture and compliance transparency, further boosting user trust and organizational credibility.

G

Gehrmeyer Orthopädie- und Rehatechnik GmbH

gehrmeyer.com

61

Gehrmeyer Orthopädie- und Rehatechnik GmbH is a medium-sized healthcare company based in Osnabrück, Germany, specializing in orthopedics, rehabilitation technology, and home care services. The company offers a broad range of services including modern rehabilitation technology, pediatric care, mobility aids for the elderly, compression therapy, and pregnancy care. Their website reflects a professional and consistent brand presence targeting patients, healthcare providers, and elderly or disabled individuals. The business model focuses on providing specialized medical devices and support services regionally, supported by partnerships with recognized suppliers. Technically, the website is built on the Umbraco CMS platform and employs modern web technologies such as JavaScript, jQuery, FontAwesome, and integrates Google Analytics and FriendlyCaptcha for analytics and bot protection. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. From a security perspective, the site enforces HTTPS, uses CSRF tokens in forms, and implements captcha protection to mitigate automated abuse. However, the absence of explicit security headers and a visible security policy or incident response contact reduces the overall security maturity. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is missing, which is unusual and slightly reduces trust, but the active and professional website presence supports legitimacy. Overall, Gehrmeyer demonstrates a solid digital presence with good privacy and security practices, though improvements in security header implementation and transparency around incident response would enhance their security posture. The missing WHOIS data warrants monitoring but does not currently indicate malicious intent.

The website deine-karriere-plattform.de is currently inaccessible, returning a 403 Forbidden error page that blocks access to any meaningful content. Due to this, no business information, contact details, or policy documents are available for analysis. The site appears to be hosted on SiteGround servers, but no further technical or business infrastructure details can be confirmed. The lack of accessible content and absence of security headers or privacy compliance information indicates a low digital maturity and security posture. This severely limits the ability to assess the website's trustworthiness or compliance status.

M

MagicLine GmbH

magicline.com

74

MagicLine GmbH operates a comprehensive SaaS platform tailored for gym and fitness studio management, offering a wide range of features including lead management, training scheduling, payment processing, and integrations with industry partners. The company is positioned as a significant player in the fitness technology sector with over 8,000 customers worldwide and is a subsidiary of Sport Alliance GmbH. The website demonstrates a high level of professionalism, with excellent content quality, clear navigation, and strong branding consistency. Technically, the website employs modern JavaScript libraries and tracking tools such as Google Tag Manager and StatusPal for status monitoring. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced, cookie consent mechanisms, and a dedicated security problem reporting page, although some security headers could be improved. The absence of WHOIS data limits transparency but does not detract from the overall legitimacy of the business, which is supported by consistent business information, social media presence, and customer testimonials. Privacy compliance is well addressed with GDPR-aligned policies and cookie management. Overall, MagicLine GmbH presents a mature digital presence with a strong market position in gym management software, supported by a robust technical infrastructure and a proactive approach to security and privacy.

D

DEKRA

dekra.de

73

DEKRA is a globally recognized expert organization specializing in vehicle inspection, expert reports, and various technical services related to transportation. With over 47,000 employees operating in more than 50 countries, DEKRA holds a strong market position as a leading service provider in the transportation sector. The website reflects a professional and consistent brand image targeting both private and business customers. Technically, the site employs modern JavaScript frameworks such as Vue.js and Nuxt.js, ensuring a responsive and user-friendly experience. Analytics are handled via Matomo, indicating a moderate level of user tracking. Security posture is adequate with HTTPS enabled and strict referrer policies, but lacks explicit security headers and published security policies. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the website is trustworthy and professionally maintained, suitable for its enterprise scale and industry.

G

Gesamtverband Verkehrsgewerbe Niedersachsen (GVN) e. V.

gvn.de

46

Gesamtverband Verkehrsgewerbe Niedersachsen (GVN) e. V. is a regional non-profit association serving the transport and logistics industry in Niedersachsen, Germany. The website acts as a service and information portal for its members, offering legal advice, training, news, and networking opportunities. The organization targets transport companies and professionals within the region, positioning itself as a key industry representative with a focus on member services and sector-specific expertise. The site is professionally designed, with consistent branding and clear navigation, supporting a positive user experience.

A

Acción Episcopal Adveniat

adveniat.org

48

Acción Episcopal Adveniat is a German Catholic charitable organization dedicated to supporting impoverished communities in Latin America and the Caribbean. The organization operates primarily through donations and campaigns within the Catholic community in Germany, focusing on sustainable development projects initiated by local church counterparts. Their key services include project funding, scholarship programs, and environmental initiatives such as solar energy support. The website is well-branded and consistent with the organization's mission, targeting donors and supporters interested in Latin American aid.

The website marketingplanung.org is currently inaccessible due to an HTTP 403 Forbidden error, indicating that access to the content is blocked or restricted. As a result, no meaningful content, metadata, or business information can be extracted or analyzed. The domain is registered with InterNetX GmbH since 2016 and is set to expire in early 2026. The domain status clientTransferProhibited suggests some level of domain security, but DNSSEC is not enabled, which is a recommended security enhancement. The hosting environment is Apache 2.4.59 on Debian, a common and stable server setup. Due to the lack of accessible content, no privacy, cookie, or terms of service policies are found, and no contact or social media information is available. This severely limits the ability to assess the business model, market position, or technical maturity of the website.

P

Pulary Group s.r.o.

pulary.cz

43

Pulary Group s.r.o. is a Czech-based marketing and communication agency with a long-standing tradition of over 30 years, offering professional services in communication, marketing, advertising, and public relations. The company focuses on activating marketing tools to enhance client effectiveness and strengthen brand performance in performance marketing. The website is professionally designed, mobile-optimized, and built on WordPress, hosted by WEDOS, a Czech hosting provider. Social media presence on Facebook and Instagram supports their digital footprint. However, the site lacks explicit privacy and cookie policies, security headers, and incident response information, which are important for compliance and security transparency. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and stability.

F

Fresh radio - DAB+ celoplošně, Ostrava 88.6FM a 103.6FM, Třinec 106.5FM

freshradio.cz

46

Fresh radio is a Czech regional radio broadcaster offering DAB+ and FM radio services primarily targeting listeners interested in pop, dance, and electro music. The station operates an online streaming platform and an e-commerce merchandise shop, positioning itself as a modern media outlet with a digital presence. The website is built on WordPress with Elementor, leveraging common web technologies such as jQuery and Facebook SDK for social integration. Hosting is provided by Nethost, consistent with the Czech Republic location. Security posture is moderate with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies, indicating areas for compliance improvement. Contact channels are mainly via social media and contact forms, with no direct emails or phone numbers publicly listed. Overall, the site is professionally designed, mobile-optimized, and SEO-friendly, serving a general audience with safe content.

P

Priority Magazín

prioritymagazin.cz

54

Priority Magazín is a Czech media publication focused on sharing priorities related to business, government, European Union, regions, lifestyle, and recommendations. The website offers regularly updated articles and downloadable e-magazines, targeting a general audience interested in these sectors. The business operates primarily as a niche media outlet with a small organizational size, founded in 2020. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, FontAwesome, and Google Fonts. It uses Yoast SEO and Complianz GDPR plugins to enhance SEO and privacy compliance. The site demonstrates good mobile optimization and moderate performance, with a clean and professional design. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website presents a trustworthy and professional media platform with good privacy compliance and business credibility. Strategic recommendations include enhancing security headers, publishing security policies, and providing direct contact information to improve transparency and trust.

V

VYSPLAN s.r.o

vysplan.cz

41

VYSPLAN s.r.o is a Czech consulting and project company specializing in technical supervision of builders, safety coordination (BOZP), engineering activities, and comprehensive processing of all stages of construction project documentation. Established in 2006, the company serves primarily the construction and transportation sectors with a focus on technical oversight and engineering consulting. Their market position is that of a specialized small business with a stable presence in the Czech Republic. The website is professionally designed using WordPress and Elementor, with multilingual support and structured data for SEO. The technical infrastructure is modern and well-maintained, hosted likely by WEDOS, a Czech hosting provider. Security posture is adequate with HTTPS enforced, but lacks visible security headers and formal privacy or cookie policies, which are compliance gaps. Contact information is clearly provided, including physical addresses and a company email, but no phone numbers are explicitly listed. Overall, the website is trustworthy and business credible but would benefit from enhanced privacy compliance and security best practices.

C

CHVÁLEK ATELIÉR s.r.o.

chvalekatelier.cz

47

CHVÁLEK ATELIÉR s.r.o. is a Czech Republic based architectural and engineering firm specializing in 3D architecture, urbanism, engineering preparation, and interior design services. The company targets clients seeking comprehensive and individualized architectural solutions, positioning itself as a professional and reliable service provider in the regional real estate and construction sector. The website reflects a well-structured and professionally designed digital presence, leveraging modern web technologies and CMS platforms to deliver a good user experience across devices. From a technical perspective, the site uses a variety of contemporary JavaScript libraries and frameworks such as jQuery, Swiper.js, and Google Tag Manager, integrated with analytics and social media SDKs. The site is hosted securely with HTTPS and includes cookie consent mechanisms, though it lacks some advanced security headers and explicit privacy policy documentation. Security posture is moderate with HTTPS enforced and no visible sensitive data exposure, but the absence of security headers and incident response information suggests room for improvement. The lack of WHOIS data is a notable gap, limiting the ability to fully verify domain legitimacy and ownership, which slightly reduces overall trustworthiness. Overall, the website is a credible and professional representation of the business with good content quality and user experience. Strategic improvements in security policies, privacy documentation, and domain registration transparency would enhance trust and compliance.

Č

ČECH-ENGINEERING, a.s.

cech-eng.cz

42

ČECH-ENGINEERING, a.s. is a Czech Republic-based company providing comprehensive construction and engineering services including investor activities, project management, and technical supervision. The company targets clients in the construction and real estate sectors, offering a broad range of services from project preparation to realization. The website reflects a medium-sized enterprise with a consistent brand presence and professional content tailored for local clients. Technically, the site is built on Joomla CMS using modern libraries such as jQuery, UIkit, and Bootstrap, with Google Analytics integrated for visitor tracking. The site is mobile-optimized and performs moderately well, though some accessibility and SEO enhancements are possible. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and published security policies. WHOIS data is unavailable, which reduces trust but the presence of official business registration details on the site supports legitimacy. Overall, the site is professional and functional but could improve privacy compliance and security transparency.

P

PURPOSIA Group a.s.

purposia.eu

47

PURPOSIA Group a.s. is a well-established European investment holding company with Czech origins, managing a diversified portfolio of 42 companies primarily in the construction and real estate sectors. The group offers comprehensive services covering the entire lifecycle of construction projects, including design, property management, industrial flooring, aluminium systems, and manufacturing of concrete prefabricates. Their operations span multiple European countries, reflecting a strong regional presence and market leadership. The website presents a professional and consistent brand image with clear business information and subsidiary links. Technically, the website employs modern web technologies such as Swiper.js for interactive content and Bootstrap components for responsive design. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, there is a lack of visible privacy and cookie policies, which is a compliance gap. Security headers are not evident, and no explicit vulnerability disclosure or incident response information is provided. The security posture is moderate with HTTPS usage implied but no detailed security headers or policies visible. No forms collect sensitive data, reducing immediate risk, but improvements in security best practices and compliance documentation are recommended. The WHOIS data is not publicly available due to EURid privacy policies for .eu domains, which is typical and does not raise suspicion. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional and trustworthy from a business perspective but would benefit from enhanced privacy compliance and security transparency to improve its risk profile and user trust.

H

HOMOLA holding s.r.o.

hholding.cz

49

HOMOLA holding s.r.o. is a stable and dynamic real estate company based in the Czech Republic, specializing in rental of residential and commercial spaces, sale of serviced building plots, and execution of construction investment projects. The company emphasizes quality services and professional client approach, targeting investors, tenants, and property buyers. The website reflects a mature digital presence built on WordPress with modern front-end technologies and SEO optimization. Security posture is adequate with HTTPS and cookie consent mechanisms, though lacking advanced security headers and incident response disclosures. WHOIS data is unavailable, which slightly reduces trust but the website content and contact details appear legitimate and professional. Overall, the site demonstrates good business credibility and privacy compliance.

The website www.cprsz.pl represents the Centrum polubownego rozwiązywania sporów dotyczących żywności, a Polish center dedicated to amicable dispute resolution related to food. The service is positioned as a government or non-profit entity providing free and efficient dispute resolution for consumers and businesses in Poland. The website content is professional, clear, and targeted at Polish consumers and entities involved in food disputes. The technical infrastructure relies on older but stable technologies such as Bootstrap 3 and jQuery 3.3.1, with no detected CMS or advanced frameworks. Security posture is moderate but lacks visible HTTPS confirmation and security headers, which are recommended for improvement. Privacy and cookie policies are absent, indicating a compliance gap. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and trustworthy but would benefit from modern security and privacy enhancements.

F

FoodDrinkEurope

fooddrinkeurope.eu

72

FoodDrinkEurope is a prominent industry association representing the European food and drink manufacturing sector, the largest manufacturing sector in the EU by turnover and employment. The organization focuses on advocacy, policy influence, and providing resources related to food safety, nutrition, environmental sustainability, and competitiveness. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to industry stakeholders and policymakers. Technically, the website is built on WordPress with modern performance optimizations including WP Rocket, Google Analytics, and Cookiebot for privacy compliance. The site is well-optimized for mobile and accessibility, with strong SEO practices evident from meta tags and structured data. Security posture is solid with HTTPS enforced, cookie consent mechanisms, and no visible vulnerabilities or exposed sensitive data. While the WHOIS data is privacy protected, which limits transparency on domain registration details, the website's professional content and consistent branding support its legitimacy. No security policy or incident response information is published, representing an area for improvement. Overall, the site demonstrates a strong balance of business credibility, technical maturity, and privacy compliance, with room to enhance explicit security disclosures and vulnerability reporting. Strategic recommendations include publishing a formal security policy and incident response plan, implementing a vulnerability disclosure program, and providing clear contact details for data protection and security inquiries to further strengthen trust and compliance.

S

Specialised Nutrition Europe

specialisednutritioneurope.eu

51

Specialised Nutrition Europe operates as an information and advocacy platform focused on specialised nutrition within the European region. The website serves professionals and stakeholders by providing relevant content and engagement opportunities. The business model centers on information dissemination and sector advocacy, positioning itself as a niche player in the specialised nutrition market. The website was first published in 2019 and maintains consistent branding and professional content quality. Technically, the website is built on WordPress using the Divi theme and Yoast SEO plugin, indicating a modern and flexible CMS infrastructure. It employs standard web technologies including jQuery and integrates Google Analytics for visitor tracking, with Cookiebot managing cookie consent to comply with privacy regulations. The site demonstrates good mobile optimization and moderate performance, though some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism, which are positive indicators. However, it lacks visible security headers and does not provide explicit privacy policy or terms of service pages, which are important for compliance and trust. No WHOIS registrant data is available due to EURid privacy policies, but the domain appears legitimate and consistent with the business's stated purpose. Overall, the website presents a moderate risk profile with room for improvement in privacy compliance, security best practices, and transparency. Strategic recommendations include publishing comprehensive privacy and terms policies, implementing security headers, and providing clear contact information for incident response. These steps will enhance trustworthiness and regulatory compliance.

F

Fonds citoyen franco-allemand

fondscitoyen.eu

54

The Fonds citoyen franco-allemand is a non-profit organization dedicated to advising, networking, and financing projects that highlight Franco-German friendship and European cooperation. The website is professionally designed using Drupal CMS and modern front-end technologies, providing a good user experience and mobile optimization. The presence of Cookiebot for cookie consent and Google Tag Manager for analytics indicates a mature digital infrastructure. Security posture is solid with HTTPS and Cloudflare protection, although some security headers and policies could be improved. The lack of explicit privacy policy and contact information slightly reduces trust but overall the site appears legitimate and compliant with GDPR. Strategic recommendations include publishing clear privacy and security policies, adding contact details, and enhancing security headers.

Y

YES Forum

yes-forum.eu

46

YES Forum is a European non-profit network dedicated to empowering young people with fewer opportunities by promoting social inclusion and professional skill development. The organization operates primarily in Germany and targets youth organizations, social workers, and policymakers across Europe. Their services include advocacy, project coordination, publications, and membership networking. The website reflects a professional and consistent brand image with clear contact information and social media presence, supporting their legitimacy and trustworthiness. Technically, the website uses standard web technologies (HTML5, CSS3, JavaScript) with no explicit CMS detected. It is mobile-optimized and performs moderately well, though accessibility features are basic. The site uses HTTPS with no visible security vulnerabilities but lacks some security headers and a cookie consent mechanism, which are recommended for enhanced security and GDPR compliance. From a security perspective, the site shows a good posture with encrypted connections and no exposed sensitive data. However, the absence of published security policies, incident response contacts, and vulnerability disclosure mechanisms indicates room for improvement. The WHOIS data is unavailable due to privacy protection, which is common for non-profits but slightly reduces trust signals. Overall, YES Forum's website is a credible and professional platform supporting its mission, with moderate technical maturity and a solid security baseline. Strategic improvements in privacy compliance and security transparency would further enhance trust and compliance.

P

Pressenetzwerk für Jugendthemen – PNJ

pressenetzwerk.de

53

Pressenetzwerk für Jugendthemen – PNJ is a German non-profit association dedicated to professional media makers and press officers focusing on youth topics. The organization offers services including informational travels, workshops, and member support, aiming to connect and educate professionals in youth media. The website is built on WordPress using the Divi theme and several plugins to manage portfolios, events, and team information. It supports German and English languages and implements cookie consent mechanisms. The technical infrastructure is modern and adequate for the organization's needs, hosted likely by 1&1 IONOS based on nameservers. Security posture is good with HTTPS enabled and no visible vulnerabilities, though some security headers and policies could be improved. Privacy compliance is basic, with cookie consent but no visible privacy policy or terms of service pages. Contact information is not explicitly found in the provided content, which could be improved for transparency. Overall, the website is professional, trustworthy, and serves its niche audience effectively.