Germany security reports

Luna Giro is a regional online platform affiliated with Sparkasse Lüneburg, offering a suite of financial and lifestyle services including banking account models, cashback programs, travel booking, and ticketing services. The website targets consumers in the Lüneburg region, providing localized benefits and incentives. Technically, the site employs modern web technologies such as the Ionic framework, Font Awesome icons, and integrates Google Tag Manager and Usercentrics for analytics and consent management. The hosting includes Amazon S3 for static assets, indicating a hybrid hosting approach. Security posture is solid with HTTPS enforced and consent mechanisms in place, though explicit security headers and detailed security policies are absent. Contact information is clearly presented, and the site maintains a professional design with good mobile optimization. Overall, the website is trustworthy and well-positioned within its regional banking and service niche.

W

Westsächsische Hochschule Zwickau

whz.de

68

The Westsächsische Hochschule Zwickau is a regional university of applied sciences in Germany offering a broad range of study programs in technology, economics, and quality of life disciplines. The website serves students, prospective students, alumni, and international visitors with detailed information about study offerings, research, and campus life. The institution positions itself as a practical and accessible higher education provider with a strong regional and international profile. Technically, the website is built on the TYPO3 CMS platform, utilizing modern JavaScript libraries such as jQuery and Swiper, and integrates Matomo for analytics. The site demonstrates good mobile optimization, accessibility features including visual aids, and a comprehensive navigation structure. Hosting appears to be managed by academic or regional providers, consistent with the institution's profile. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security policies and incident response contacts are not publicly detailed, and security headers are not evident. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving its educational mission effectively. Strategic improvements in security transparency and header implementation could further enhance its posture.

W

Westsächsische Hochschule Zwickau

techniknacht-zwickau.de

63

The website www.techniknacht-zwickau.de serves as an informational platform for the 'Lange Nacht der Technik' event organized by the Westsächsische Hochschule Zwickau. It targets technology enthusiasts, students, and the general public interested in science and technology events. The site provides event details, images, and partner information, positioning itself as a regional educational event organizer with strong academic and community ties. Technically, the website is built on the TYPO3 CMS platform, utilizing modern JavaScript libraries such as jQuery, Swiper.js, and Magnific Popup for interactive content. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit security headers and publicly available security or incident response policies. No vulnerabilities or exposed sensitive data were found. The WHOIS data aligns well with the institution, indicating high legitimacy. Overall, the website presents a low-risk profile with good content quality and privacy compliance. Strategic improvements in security headers, incident response transparency, and accessibility could further enhance its posture and trustworthiness.

WireHeadZ is an eSports association linked to the Westsächsische Hochschule Zwickau, focusing on integrating gaming, academic research, corporate cooperation, and community building. The organization targets students, eSports enthusiasts, and companies interested in innovative event management and talent networking. The website reflects a professional and modern digital presence, leveraging Next.js and Prismic CMS, hosted on Vercel, ensuring fast performance and mobile optimization. Security posture is solid with HTTPS and secure forms, though improvements are recommended in security headers and privacy compliance mechanisms. Overall, the site is trustworthy and well-positioned within its niche, supported by multiple corporate partners and sponsors.

W

WHZ Racing Team

whz-racingteam.de

56

The WHZ Racing Team website represents a student-led Formula Student racing team affiliated with the Westsächsische Hochschule Zwickau in Germany. The team focuses on designing, building, and competing with innovative racing vehicles in international Formula Student competitions. The site targets students, motorsport enthusiasts, and potential sponsors, providing detailed information about the team, vehicles, events, and contact points. The business model is non-commercial, centered on education, technical development, and motorsport passion. Technically, the website is built on TYPO3 CMS with standard web technologies including jQuery and Magnific Popup. It uses HTTPS and integrates Piwik analytics for visitor tracking. The site is moderately optimized for performance and mobile devices, with a clear navigation structure and professional design. However, accessibility and SEO optimizations are basic, and some modern security headers are missing. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security policies, incident response contacts, and cookie consent mechanisms, which are important for GDPR compliance. No vulnerabilities or malicious content were detected. The WHOIS data aligns well with the university infrastructure, supporting legitimacy. Overall, the website is trustworthy and professional but could improve privacy compliance and security posture by adding cookie consent, security headers, and clear privacy/security policies.

E

EUROPE DIRECT Bayerischer Wald - Böhmerwald - Unterer Inn

europe-direct.de

43

EUROPE DIRECT Bayerischer Wald - Böhmerwald - Unterer Inn operates as a regional EU information and cultural engagement center serving the Bavarian-Bohemian border region. It provides citizens, students, and local communities with educational events, workshops, and cross-border cooperation initiatives to promote understanding of the European Union and its policies. The organization is part of the EUREGIO network and collaborates with universities, government bodies, and cultural institutions. The website is built on TYPO3 CMS and uses standard web technologies including jQuery and Bootstrap. It features event announcements, educational content, and contact information prominently, targeting a general audience interested in EU affairs.

P

Pfarrbriefservice.de

pfarrbriefservice.de

47

Pfarrbriefservice.de is a specialized website serving the German-speaking church community by providing resources for church newsletters and public relations. The site offers images, texts, advice, and a newsletter subscription service, positioning itself as a trusted non-profit resource in this niche. The business operates with clear contact information and maintains a consistent brand presence, targeting church public relations professionals and volunteers. Technically, the website is built on Drupal 10, leveraging modern libraries such as Matomo for privacy-conscious analytics and Bootstrap for responsive design. Hosting is provided by webhosting-franken.de, and the site demonstrates good mobile optimization and basic accessibility features. Performance is moderate, with room for improvement in SEO and accessibility. From a security perspective, the site enforces HTTPS and disables cookies in Matomo to enhance privacy. However, it lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with a comprehensive privacy policy and GDPR adherence, though a cookie consent mechanism is absent. Overall, the website is trustworthy, professionally maintained, and well-aligned with its mission. It poses low risk but could benefit from enhanced security practices and transparency regarding incident response and terms of service.

B

Butzon & Bercker GmbH

dbk-shop.de

49

The website www.dbk-shop.de serves as the official online shop for the Deutsche Bischofskonferenz, the assembly of Catholic bishops in Germany. It primarily offers publications related to the Catholic Church, including official documents, pastoral letters, and scholarly works. The business operates in a niche non-profit sector focused on religious and ecclesiastical literature, targeting a general audience interested in Catholic Church materials. The site is professionally designed with clear navigation and consistent branding, reflecting its authoritative position in this domain. Technically, the website is built on the xt:Commerce platform version 6.6.11, utilizing modern web technologies such as jQuery, Bootstrap, OwlCarousel, and others to provide a responsive and accessible user experience. The site includes accessibility features and a cookie consent mechanism, indicating attention to user privacy and compliance. Performance is moderate with good mobile optimization. From a security perspective, the site enforces HTTPS and uses secure forms for user login and shopping cart operations. However, no explicit security headers were detected in the provided data, and there is no visible security or incident response policy. No vulnerabilities or suspicious activities were identified. Privacy compliance is strong with a comprehensive privacy policy and cookie consent. Overall, the website presents a low-risk profile with a solid business credibility and good technical implementation. Strategic improvements could include enhancing security headers and publishing an incident response policy to further strengthen trust and security posture.

C

ClipMyHorse.TV

clipmyhorse.tv

66

ClipMyHorse.TV is a leading European online streaming platform specializing in live broadcasts of equestrian sports and breeding events. The website targets horse sport enthusiasts and breeders, offering live event coverage and video-on-demand services. The platform holds a strong market position in its niche, supported by professional branding and consistent content quality. Technically, the site employs modern analytics and marketing technologies including Google Analytics 4, Customer.io, Segment, and Cookiebot for consent management, hosted likely behind Cloudflare for performance and security. Security posture is solid with HTTPS enforced and bot detection cookies in use, though explicit security headers could be better documented. Privacy compliance is robust with a comprehensive GDPR-compliant privacy policy and granular cookie consent mechanisms. However, WHOIS data is unavailable, indicating privacy protection, which slightly reduces transparency but is common for media platforms. Overall, the site is professional, secure, and trustworthy with good user experience and SEO.

R

Romero & Sons- The best rum from Ecuador

romerosons.com

58

Romero & Sons is a small business specializing in the production and sale of premium rum from Ecuador, targeting mature consumers interested in high-quality spirits. The website is professionally designed using the Wix platform, featuring structured data that provides basic contact information including a German phone number and postal address. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. Technically, the site uses modern web technologies and is mobile-optimized, but lacks advanced SEO and accessibility features. Security posture is adequate with HTTPS enabled, but missing important security headers and policies. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the business appears legitimate but would benefit from improved transparency and compliance documentation.

I

ITS mobility GmbH

its-mobility.de

48

ITS mobility GmbH operates as one of the largest competence clusters for intelligent mobility in Germany, headquartered at the Forschungsflughafen in Braunschweig. The organization serves a broad audience including businesses, scientific institutions, associations, and municipalities, with over 200 members collaborating to advance intelligent mobility solutions. The website reflects a professional and well-structured digital presence, leveraging WordPress CMS with modern plugins such as Elementor and All in One SEO to optimize content delivery and search engine visibility. Social media integration includes Instagram, YouTube, and LinkedIn, enhancing outreach and engagement. From a technical perspective, the website employs a contemporary technology stack with WordPress 6.8.3, Astra theme, and various plugins for SEO and user experience enhancements. The site is mobile-optimized and demonstrates moderate performance. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure; however, the absence of security headers and explicit security policies suggests room for improvement. Analytics are implemented via Google Tag Manager, indicating moderate user tracking. Security-wise, the site lacks explicit privacy and cookie policies, as well as incident response or vulnerability disclosure mechanisms, which are critical for GDPR compliance and user trust. No WAF or blocking mechanisms were detected, and the WHOIS data, while minimal, does not raise immediate concerns but lacks detailed registrant information. Overall, the site is safe, professional, and trustworthy but would benefit from enhanced privacy compliance and security best practices. Strategic recommendations include implementing comprehensive privacy and cookie policies with consent mechanisms, adding security headers, publishing incident response and vulnerability disclosure information, and improving contact information visibility to bolster user trust and regulatory compliance.

ITS Germany e.V. is a well-established German industry association focused on intelligent transportation systems (ITS). Founded in 2007, it represents the interests of the German ITS industry, facilitating collaboration between industry players, policymakers, and administration. The organization is active in national and international committees and organizes key events such as the Deutscher Tunnelkongress and C-ITS Kongress. The website reflects a professional and consistent brand image targeting industry professionals and stakeholders in the transportation sector. Technically, the website is built on a modern stack including HTML5, CSS3, JavaScript, Bootstrap, and Turbolinks, likely powered by a Ruby on Rails backend with a custom CMS. The site is mobile-optimized with good navigation and moderate performance. Hosting is provided by Vautron Rechenzentrum AG, a reputable registrar and hosting provider. No blocking or WAF mechanisms were detected, and the domain registration is consistent and long-standing. From a security perspective, the site uses HTTPS (implied by domain and modern standards though SSL details are not explicitly provided), but lacks visible security headers and cookie consent mechanisms. No incident response or vulnerability disclosure information is publicly available. The site does not expose sensitive data and does not use tracking or advertising scripts, indicating a privacy-conscious approach. GDPR compliance is partially demonstrated by a privacy policy page, but cookie consent is missing. Overall, the website is trustworthy and professional with a solid business credibility score. Security posture is moderate with room for improvement in headers and incident response transparency. Privacy compliance could be enhanced by implementing cookie consent. The site content is safe for general audiences and focused on industry advocacy and information.

N

Nds. Busines-Map-API - Nds. Business Map

nds-business-map.de

7

The website 'Nds. Busines-Map-API - Nds. Business Map' presents itself as a platform focused on innovations in technology, economy, and science within the Niedersachsen (Lower Saxony) region of Germany. The content is minimal but professional, with metadata indicating a focus on regional innovation. The site is powered by TYPO3 CMS and uses compressed CSS and JavaScript assets, indicating a modern but basic technical infrastructure. No advanced analytics or marketing tools are detected, and no contact or legal policy pages are present on the homepage. Security posture is moderate with HTTPS enabled but lacking visible security headers and privacy compliance documentation. The WHOIS data is limited but does not raise immediate concerns, though registrant details are minimal. Overall, the site is functional but lacks comprehensive business and compliance information, which impacts trust and privacy scores.

T

TGO Besitz GmbH & Co. KG

tgo-online.de

57

TGO Besitz GmbH & Co. KG operates a technology and startup center in Oldenburg, Germany, providing office spaces, coworking, seminars, and networking opportunities tailored for startups and technology companies. The website reflects a solid regional market position as a hub for innovation and business development. Technically, the site uses the Limz CMS framework with jQuery and integrates Google Analytics with a GDPR-compliant cookie consent mechanism. The site is well-structured, mobile-optimized, and professionally designed, supporting a positive user experience. Security posture is good with HTTPS enforced and privacy policies in place, though there is room for improvement in security headers and incident response transparency. Overall, the website is trustworthy, business-focused, and safe for general audiences.

B

Bistum Aachen

gottesdienste-im-bistum-aachen.de

57

The website 'Gottesdienste im Bistum Aachen' serves as an official platform for the Diocese of Aachen, Germany, providing comprehensive information about church services within the diocese. It offers users the ability to search for services by location and date, focusing on the upcoming two weeks, and includes additional information about parishes and church buildings. The site is clearly targeted at residents and visitors interested in religious services in the region, positioning itself as a trusted community resource within the non-profit religious sector. Technically, the website is built on the OpenCms content management system and employs modern JavaScript libraries such as Slick Slider for UI elements and Matomo for privacy-conscious analytics. The site is hosted on domains associated with the Diocese of Aachen, ensuring alignment between hosting and organizational identity. Performance is moderate with good mobile optimization and basic accessibility features. SEO practices are adequately implemented with proper meta tags and structured data. From a security perspective, the site enforces HTTPS and includes a GDPR-compliant cookie consent banner. However, it lacks explicit security headers and does not provide visible security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website's claims, showing consistent registration and no privacy protection, which is appropriate for this type of organization. Overall, the website demonstrates a solid security posture and good privacy compliance, with a trustworthy and professional presentation. Strategic improvements could include adding security headers, publishing a security policy, and providing incident response contacts to enhance transparency and security readiness.

E

einhard verlagsbuchhandlung gmbh

domshop-aachen.de

50

DomShop Aachen, operated by einhard verlagsbuchhandlung gmbh, is a specialized retail bookstore and gift shop located in Aachen, Germany. It focuses on religious literature, religious art, and related gift items, serving both local residents and visitors interested in faith-based products. The company has a longstanding presence of nearly 30 years, positioning itself as a trusted local business with a niche market. The website supports online shopping and provides rich content including book recommendations and thematic product lists. Technically, the site is built on Drupal 10 with modern frontend libraries, offering good mobile optimization and accessibility features. Security posture is adequate with HTTPS usage and spam protection on forms, though explicit security headers and policies are not evident. Privacy compliance is mostly met with a comprehensive privacy policy, but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-aligned with its business goals.

E

einhard verlag gmbh

einhardverlag.de

46

Einhard Verlag GmbH is a small regional publishing company based in Aachen, Germany, specializing in religious and cultural publications including a church newspaper (KirchenZeitung), book publishing, and retail through a partner DomShop. The website is built on Drupal 10 and uses modern web technologies, providing a good user experience with clear navigation and mobile optimization. Security posture is adequate with HTTPS enabled but lacks some security headers and cookie consent mechanisms. The WHOIS data is limited but does not raise significant concerns. Overall, the site is professional and trustworthy within its niche.

P

Pax-Bank für Kirche und Caritas eG

pax-bank.de

63

Pax-Bank für Kirche und Caritas eG is a specialized financial institution serving church and charitable organizations primarily in Germany. The website reflects a professional banking service provider with a clear niche market focus. The digital infrastructure is built on modern web technologies such as Angular and Material Design, with integration of analytics tools like eTracker. The website is mobile optimized and presents a good user experience with consistent branding. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit privacy documentation. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

Kindermissionswerk "Die Sternsinger" is a well-established German non-profit organization dedicated to supporting children worldwide through development aid and advocacy. The website serves as an information and donation platform targeting donors, volunteers, and partners interested in child welfare. It maintains a professional and consistent brand presence with multilingual support and clear navigation. The organization operates primarily in the non-profit sector with a large operational size in Germany.

M

MEIN EINE WELT JAHR

mein-eine-welt-jahr.de

54

The Sternsinger-Freiwilligendienst website represents a medium-sized non-profit organization based in Germany, focused on providing international voluntary service opportunities for youth and adults aged 18-28. The organization partners with over 100 global entities to facilitate a Freiwilliges Internationales Jahr (FIJ), offering educational seminars, crisis support, and personalized placement services. The website is professionally designed using WordPress with the Avada theme, featuring comprehensive content, SEO optimization, and a clear navigation structure. Cookie consent is implemented via Borlabs Cookie, and multiple analytics and tracking tools such as Microsoft Clarity, Google Tag Manager, and Facebook Pixel are in use. However, explicit privacy and terms of service policies are not found, which is a compliance gap. The WHOIS data is minimal but consistent with the website's non-profit nature, and no blocking or WAF mechanisms are detected, allowing full content access.

E

endboss

stadtlabor-wittenberg.de

44

Stadtlabor Wittenberg is a community-focused non-profit initiative aimed at fostering participatory urban development and cultural engagement in the Lutherstadt Wittenberg area. The project provides a physical space for collaboration, events, and workshops, managed by the interdisciplinary studio endboss. The website effectively communicates its mission, event calendar, and contact information, targeting local residents and community members interested in shaping their city's future. Technically, the site is built on WordPress with modern plugins and frameworks, offering good mobile responsiveness and SEO optimization. Security posture is solid with HTTPS and no exposed sensitive data, though it lacks some security headers and formal privacy and cookie policies. Overall, the site is trustworthy and professionally maintained but could improve privacy compliance and security best practices.

L

Landkreis Wittenberg

landkreis-wittenberg.de

57

Landkreis Wittenberg operates a regional government website providing citizens and businesses with access to public administration information, online services, and local news. The site is well-structured, uses modern WordPress technologies including Elementor and Yoast SEO, and integrates a service portal for digital applications. The technical infrastructure is solid, hosted on Schlund Technologies with HTTPS and cookie consent mechanisms in place. Security posture is good with no visible vulnerabilities, though explicit security headers and policies could be improved. Privacy compliance is moderate due to lack of explicit privacy and terms pages in the provided content. Overall, the website is trustworthy, professional, and serves its public sector role effectively.

B

Begegnungszentrum Wittenberg West e.V.

nachbarschaftstreff.net

49

The website represents the Begegnungszentrum Wittenberg West e.V., a small non-profit organization operating the Nachbarschaftstreff in Wittenberg West, Germany. The organization focuses on fostering community engagement, social support, and intergenerational cooperation through various events and volunteer projects. The website provides comprehensive contact information, event details, and encourages community participation. Technically, the site is built on the CIDEMOS CMS platform, uses modern web technologies including SVG graphics and a Swiper.js slider, and integrates Google Analytics for visitor tracking. The site is mobile-optimized and accessible, with a cookie consent mechanism in place. Security-wise, HTTPS is enabled, but there is a lack of security headers and no published incident response or vulnerability disclosure policies. The absence of WHOIS data for the domain reduces trust in domain legitimacy, although the website content and contact details appear authentic and consistent with a local community organization. Overall, the site is functional, informative, and serves its target audience effectively, but could improve security posture and domain transparency.

L

Leben in Wittenberg

leben-in-wittenberg.de

46

Leben in Wittenberg is a professionally maintained city marketing website promoting the Lutherstadt Wittenberg region as a vibrant place to live, work, and visit. It targets residents, students, and prospective movers with comprehensive information on housing, culture, events, and local businesses. The site leverages modern web technologies including Craft CMS, Splide.js, and Alpine.js, ensuring a responsive and accessible user experience. Security posture is solid with HTTPS, CSRF protections, and cookie consent mechanisms, though explicit security policies are not published. Overall, the website demonstrates strong business credibility and compliance with GDPR, supported by clear contact information and partner endorsements.

Dialogversand.de is an established German e-commerce platform specializing in the sale of books, particularly those published by the in-house dialogverlag as well as other publishers. The website targets German-speaking customers interested in religious, regional, and thematic literature. The business operates as a small-sized retailer with a focused niche market. Technically, the website is built on WordPress with WooCommerce, leveraging modern plugins and a professional theme to deliver a good user experience. The site is mobile-optimized and includes SEO best practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and explicit security policies. The WHOIS data aligns well with the business, indicating a legitimate and consistent domain registration. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

K

Kirchliche Zusatzversorgungskasse des VDD (KZVK Köln)

kzvk.de

54

The Kirchliche Zusatzversorgungskasse des VDD (KZVK Köln) operates as a national partner providing supplementary pension services for church-related employers and insured persons in Germany. The website clearly targets employers, insured individuals, and pensioners, offering detailed information on pension schemes, customer portals, seminars, and support services. The organization positions itself as a trusted, established entity within the government/non-profit sector, focusing on pension and social security benefits. Technically, the website is built on TYPO3 CMS with modern frontend technologies including Bootstrap and jQuery, supported by Google Tag Manager and Cookiebot for analytics and privacy compliance. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and anti-CSRF measures, though some security headers could be improved. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent mechanism in place. No critical vulnerabilities or suspicious content were detected, and WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the website reflects a mature digital presence suitable for a medium-sized government/non-profit pension fund.

D

DKM Darlehnskasse Münster eG

dkm.de

68

DKM Darlehnskasse Münster eG is a cooperative financial institution specializing in providing loan and banking services primarily to church organizations and Caritas partners in Germany. The website reflects a professional and consistent brand presence, targeting a niche audience within the non-profit and religious sectors. The business model centers on financial partnership and support for these organizations, positioning itself as a trusted regional financial partner. Technically, the website employs modern JavaScript frameworks, notably Angular, and integrates advanced analytics and monitoring tools such as Adobe Launch and Dynatrace Ruxit. The presence of a cookie consent mechanism via OneTrust indicates awareness of privacy compliance requirements, although explicit privacy and terms of service documents are not found in the provided content. The site is mobile-optimized with good SEO and accessibility basics, though some improvements could be made. From a security perspective, the website enforces HTTPS and uses security best practices like cookie consent and monitoring. However, the absence of published security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for maturity improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced transparency in privacy, terms, and security policies to improve compliance and user trust. Strategic recommendations include publishing comprehensive privacy and terms documents, adding incident response contacts, and enhancing accessibility and security disclosures.

L

Lyra Network

lyra.com

61

Lyra Network is a technology-driven payment service provider specializing in online and POS payment solutions. The company develops its own payment technologies, offering a comprehensive platform called Lyra Collect that enables businesses to manage payments efficiently and reduce administrative overhead. The website targets online merchants, marketplaces, and enterprises seeking flexible and secure payment options. Lyra positions itself as an innovative player with international reach and a strong partner ecosystem. Technically, the website is built on WordPress with modern JavaScript frameworks and SEO optimizations, providing a good user experience and mobile responsiveness. Security-wise, the site enforces HTTPS, holds PCI DSS certification, and implements anti-fraud tools, although explicit security policies and incident response information are not publicly detailed. The absence of WHOIS registration data suggests domain privacy protection, which is reasonable given the business type but slightly impacts trust. Overall, Lyra Network presents a professional and trustworthy online presence with room for improvement in privacy transparency and security disclosures.

S

Socomec Gruppe

socomec.de

56

Socomec Gruppe is a German-based manufacturer specializing in electrical installation goods with a focus on energy efficiency in low-voltage networks. The company offers a broad range of products including switching and protection solutions, UPS systems, energy measurement, management, and analysis tools. The website reflects a well-established business with a professional digital presence targeting industrial and commercial customers in the energy sector. Technically, the site is built on Drupal CMS, uses modern libraries like Font Awesome 6, and integrates analytics and marketing tools such as Piwik PRO and Abtasty. While the site is secure with HTTPS and deferred script loading, it lacks explicit privacy and cookie policies, as well as clear security and incident response documentation. Contact is primarily via forms rather than direct email or phone numbers. WHOIS data indicates a consistent and legitimate domain registration aligned with the business's German market focus. Overall, the website is professional and trustworthy but could improve privacy compliance and security transparency.

Nutricia is a well-established leader in the medical enteral nutrition sector, operating under the Danone umbrella. The website targets patients, healthcare professionals, and midwives primarily in the German-speaking DACH region. It offers a comprehensive portfolio of specialized nutrition products and services, including personalized nutrition teams and risk assessment tools. Technically, the site is built on Adobe Experience Manager, leveraging modern analytics and privacy tools, and is hosted on a reliable cloud platform. Security posture is solid with HTTPS and privacy consent mechanisms, though improvements in security headers and explicit security policies are recommended. Overall, the site demonstrates strong business credibility and digital maturity with good content quality and user experience.

D

Danone

danone.de

77

Danone.de is the German-language corporate website for Danone, a large multinational enterprise specializing in food and beverage products including dairy, plant-based foods, mineral water, and medical nutrition. The site emphasizes sustainability, health, and corporate responsibility, reflecting Danone's global mission. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency. Technically, it leverages Adobe Experience Manager CMS, uses modern tracking and analytics tools, and is hosted on a professional DNS provider. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and explicit security policies are not publicly visible. No critical vulnerabilities or privacy issues were detected. Overall, the site is trustworthy and well-aligned with Danone's corporate identity.

V

VWI Verband Deutscher Wirtschaftsingenieure e.V.

vwi.org

48

The VWI Verband Deutscher Wirtschaftsingenieure e.V. is a well-established professional association representing Wirtschaftsingenieure (industrial engineers) in the German-speaking region. With over 6,000 members, 20 regional groups, and 40 university groups, the association focuses on personal networking, quality education, and political advocacy for its members. The website serves as an information hub for members and interested parties, presenting a professional and consistent brand image. Technically, the website is built on WordPress, utilizing popular plugins such as LayerSlider and WPBakery Page Builder. It employs Matomo for analytics and Cookiebot for cookie consent management, reflecting a moderate level of digital maturity and compliance with privacy regulations. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. From a security perspective, the site uses HTTPS and implements cookie consent with granular user controls. However, it lacks DNSSEC and security headers, which are recommended for enhanced protection. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms a long-standing domain registration consistent with the association's history, enhancing trustworthiness. Overall, the website presents a low-risk profile with good business credibility and privacy compliance. Strategic improvements in security headers, explicit privacy and security policies, and clearer contact information would further strengthen its posture.

B

big. bechtold-gruppe

big-gruppe.com

63

big. bechtold-gruppe is a well-established German family-owned service provider specializing in integrated facility, engineering, and security services. Founded in 1981 and employing over 3,000 people, the company offers a broad portfolio including engineering services, facility management, security services, and smart services. Their market position is strong within Germany, targeting businesses and organizations requiring comprehensive building-related services. The website reflects a professional and consistent brand image with clear navigation and detailed service descriptions. Technically, the website is built on WordPress with Elementor, leveraging modern web technologies and privacy-conscious analytics tools like Matomo. The site is mobile-optimized, accessible, and SEO-friendly, indicating a mature digital presence. Security posture is good with HTTPS enforced and no obvious vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. However, the WHOIS data for the domain is missing, which raises concerns about domain registration transparency and legitimacy. This discrepancy between the professional website and missing domain registration data suggests a need for further verification. Overall, the site presents a low risk but would benefit from improved domain registration transparency and enhanced security headers. Strategic recommendations include implementing comprehensive security headers, publishing a security policy and incident response contacts, and verifying domain registration details to enhance trust.

D

Dialog Medien Verwaltungsgesellschaft mbH

dialog-medien.eu

45

Dialog Medien Verwaltungsgesellschaft mbH is a medium-sized company affiliated with the Bistum Münster, specializing in church-related media services including publishing, media agency work, travel organization, and book shipping. The company targets religious institutions, schools, and community organizations with a niche focus on Christian and regional content. The website is built on TYPO3 CMS, reflecting a mature technical infrastructure with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS usage and no exposed sensitive data, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and trustworthy, with clear contact information and relevant partner links.

D

Dialog Medien Verwaltungsgesellschaft mbH

dialog-medien.org

46

Dialog Medien Verwaltungsgesellschaft mbH is a medium-sized media company affiliated with the Bistum Münster, focusing on church-related media, publishing, travel, and communication services. Their offerings include a media agency (kampanile), a travel organizer (Emmaus Reisen), an online magazine and newspaper (Kirche+Leben), a specialized publisher (dialogverlag), and a book shipping service (dialogversand). The website is built on TYPO3 CMS, reflecting a mature technical infrastructure with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information is clearly provided, enhancing business credibility.

N

NewDefinition GmbH

nd-politik.de

52

NewDefinition GmbH operates ND-Politik, a specialized politics management system tailored for politicians and political parties primarily in Germany. The platform offers a comprehensive suite of tools including website content management, online communication via newsletters, member and supporter community features, event and ticket management, CRM, and campaign management. The company targets political organizations from local to federal levels, with a SaaS subscription business model that includes hosting, maintenance, and support. The website demonstrates a consistent brand presence and strong trust signals through references and ISO-certified hosting. Technically, the platform is web-based with a proprietary CMS, leveraging standard web technologies (HTML, CSS, JavaScript). The site is mobile-optimized and SEO-friendly, though some accessibility features are basic. Hosting is performed on ISO-certified German servers with secure data storage and daily backups. While HTTPS is implemented with strong SSL encryption, the site lacks visible security headers and a cookie consent mechanism, which are recommended for enhanced security and compliance. From a security perspective, ND-Politik shows a mature posture with GDPR and BDSG compliance, secure data handling, and ISO-certified hosting. However, incident response and vulnerability disclosure policies are not publicly documented, and no security.txt file is present. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site is trustworthy and professionally maintained, with room for improvement in security headers and privacy consent mechanisms. The overall risk assessment is low, with the platform well-suited for its political clientele. Strategic recommendations include implementing cookie consent, enhancing security headers, and publishing incident response policies to further strengthen compliance and trust.

R

RWE

rwe.com

69

RWE is a major global energy company with a strong focus on renewable energy and sustainability. With over 125 years of history, it has transformed into a leading supplier of clean, safe, and affordable electricity. The company operates a diversified portfolio including renewable energies such as solar, wind (onshore and offshore), hydrogen, battery storage, and bioenergy, alongside conventional energy sources. RWE also invests in energy transition projects and provides related services including energy trading and procurement portals. The website reflects a mature corporate presence with comprehensive information for investors, partners, and job seekers. Technically, the website employs modern web technologies including jQuery, UIkit framework, Google Tag Manager, and Usercentrics for consent management. The site is mobile-optimized, accessible, and SEO-friendly, with fast loading times and structured navigation. The CMS appears to be Progress Sitefinity, supporting a robust content management environment. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements standard security headers. Consent management and privacy policies are comprehensive and GDPR compliant. However, explicit incident response contacts and vulnerability disclosure policies are not publicly visible, representing an area for improvement. No vulnerabilities or exposed sensitive data were detected. Overall, the site is professional, trustworthy, and well-maintained, supporting RWE's market position as a leading energy supplier. The absence of WHOIS data for the domain is unusual but does not detract significantly from the site's credibility given the corporate branding and content quality.

D

Digitalwerk

digital-werk.org

53

Digitalwerk is a regional initiative based in Brandenburg, Germany, focused on supporting the digital transformation of small and medium-sized enterprises (SMEs). The organization offers free workshops, events, and experience stations to help businesses in the crafts and mid-sized sectors adopt digital technologies. The website is professionally designed using WordPress and the Divi theme, incorporating modern SEO and event management plugins. The technical infrastructure is solid, with HTTPS enabled and reputable hosting and domain registration through IONOS SE. However, the absence of DNSSEC and missing privacy and cookie policies indicate areas for improvement in security and compliance. Tracking is minimal and primarily conducted via etracker, with no aggressive user profiling detected. Overall, the site presents a trustworthy and professional image aligned with its business mission.

V

Volkswagen Belegschaftsstiftung

volkswagen-belegschaftsstiftung.de

55

Volkswagen Belegschaftsstiftung is a non-profit foundation established in 2011 by Volkswagen AG to support disadvantaged children, youth, and young adults around the global Volkswagen locations through sustainable aid projects. The website serves as an informational and navigational platform presenting the foundation's goals, projects, and a dedicated Förderportal for funding applications. Technically, the site is built on TYPO3 CMS with a moderate performance profile and good mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though it lacks advanced security headers and published incident response policies. The domain registration data aligns well with the foundation's identity, indicating a trustworthy and legitimate online presence.

W

Wittener Transport Kontor – Heinrich Stratmann GmbH

logistikeria.de

55

Wittener Transport Kontor – Heinrich Stratmann GmbH (WTK Stratmann) is a well-established, family-run logistics and special transport company based in Germany with a history dating back to 1953. The company operates multiple locations across Germany and has subsidiaries and joint ventures in the Czech Republic and Poland, offering comprehensive transport, warehousing, and distribution services. Their business model focuses on specialized transport solutions with a strong emphasis on safety, quality, and sustainability, supported by multiple certifications including ISO 9001, SQAS, HACCP, GMP+B4, and ISO 14001. The website reflects a professional and consistent brand image targeting business clients requiring specialized logistics services.

H

Hastra-Service GmbH

hastra-service.de

56

Hastra-Service GmbH is a medium-sized, owner-managed construction and service company based in Halle (Saale), Germany, specializing in asphalt and road construction, traffic safety, and winter services. With approximately 100 employees, the company serves regional clients in Halle and Magdeburg, offering a broad range of services including Tief-, Kanal- und Rohrleitungsbau and specialized Gussasphalt applications. The company holds multiple certifications such as ISO 9001 and AVPQ, underscoring its commitment to quality and professionalism. The website reflects a solid market position with clear service offerings and ongoing recruitment efforts. Technically, the website is built on WordPress 6.8.3 using the OnePress theme, leveraging modern libraries like jQuery and Bootstrap. The site is mobile-optimized with good design quality and navigation clarity, although some accessibility features could be improved. Performance is moderate, and SEO is basic but functional. No advanced analytics or tracking tools are detected, indicating a minimal user tracking approach. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data or vulnerable libraries. However, it lacks explicit security headers and a cookie consent mechanism, which are important for GDPR compliance and enhanced security posture. No incident response or vulnerability disclosure information is provided, which could be improved to strengthen trust and readiness. Overall, Hastra-Service GmbH presents a trustworthy and professional online presence consistent with its business operations. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance its security posture and regulatory adherence.

R

Rheingas Halle-Saalegas GmbH

gasmann.de

59

Rheingas Halle-Saalegas GmbH, operating under the brand 'Der Gasmann', is a regional energy supplier specializing in liquefied gas and gas bottles serving Mitteldeutschland, Germany. The company offers a range of services including sales, rental, and maintenance of gas tanks and bottles, targeting residential and commercial customers in the region. Their market position is that of a trusted local energy provider with a focus on sustainable and modern energy solutions. The website is built on TYPO3 CMS, integrates Google services for analytics and maps, and demonstrates a moderate to good level of digital maturity with responsive design and clear navigation. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and no visible vulnerabilities. Privacy compliance is well addressed with comprehensive policies and GDPR adherence. Overall, the website reflects a professional and trustworthy business presence with good customer engagement features.

N

Nice Ltd.

incontact.com

72

NiCE is a leading enterprise technology company specializing in AI-driven customer service automation solutions. Their offerings focus on enhancing customer experience and operational efficiency for businesses globally. The company demonstrates a strong market position with comprehensive services tailored for enterprise clients. The website reflects a mature digital infrastructure leveraging modern web technologies such as Next.js, React, and advanced marketing and analytics tools including Marketo and Google Tag Manager. Security posture is robust with HTTPS enforcement, multiple security headers, and adherence to recognized standards like ISO 27001 and SOC 2. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, NiCE presents a professional, secure, and trustworthy online presence suitable for its enterprise audience.

B

buff.rocks GmbH

weihnachtsmarkt-magdeburg.de

45

The website www.weihnachtsmarkt-magdeburg.de serves as the official online presence for the Magdeburger Weihnachtsmarkt, a prominent seasonal Christmas market event in Magdeburg, Germany. It provides visitors with detailed information about the event dates, attractions, and highlights such as the Riesenrad and the Magdeburger Lichterwelt. The site targets a broad audience including families and tourists interested in cultural and festive experiences. The business model centers on event promotion and tourism enhancement within the hospitality sector. Technically, the site is built on TYPO3 CMS, leveraging modern JavaScript libraries and Matomo for analytics, with GDPR-compliant cookie consent implemented via Klaro. The site is mobile-optimized and well-structured, offering a good user experience with clear navigation and relevant content.

L

Lutherstadt Wittenberg Marketing GmbH

wittenberg-marketing.de

49

Lutherstadt Wittenberg Marketing GmbH operates as a regional city marketing organization promoting the cultural, tourism, and business opportunities of Lutherstadt Wittenberg, Germany. The website serves as an information hub for visitors, businesses, and event organizers, highlighting the city's historical significance and current economic vitality. The company positions itself as a key facilitator for tourism, cultural events, and congresses in the region. Technically, the website is built on Craft CMS with modern web technologies including ES modules and CSS3. It employs Matomo analytics with a GDPR-compliant cookie consent mechanism, ensuring privacy-conscious data collection. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security posture is solid with HTTPS enforced, CSRF protection, and no visible vulnerabilities or sensitive data exposure. However, security headers could be improved and formal security policies or incident response information are not publicly available. The WHOIS data aligns with the website content, indicating a legitimate and consistent registration. Overall, the website is professional, trustworthy, and compliant with privacy regulations, supporting the organization's mission effectively. Strategic improvements in security transparency and terms of service publication could further enhance trust and compliance.

L

Luthers Hochzeit

lutherhochzeit.de

48

Luthers Hochzeit is a cultural event website dedicated to promoting a historic city festival in Lutherstadt Wittenberg, Germany. The festival celebrates the medieval heritage and the Reformation anniversary, targeting tourists and history enthusiasts. The website is well-branded and consistent with its regional cultural focus, providing relevant event information and engaging visitors with multimedia content. Technically, the site is built on Craft CMS and uses modern JavaScript libraries such as Splide.js for sliders, with Matomo analytics for visitor tracking. The site is mobile-optimized and includes accessibility features, though some improvements could be made. Security-wise, the website enforces HTTPS, uses security headers, and implements CSRF protection in forms. Cookie consent is properly managed, reflecting GDPR compliance. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are absent, which could be improved to enhance trust and compliance. Overall, the website is professional, secure, and trustworthy for its purpose, with a moderate to good digital maturity level.

L

Lutherstadt Wittenberg: Urlaub zwischen Kultur und Natur

lutherstadt-wittenberg.de

45

The website lutherstadt-wittenberg.de serves as the official regional tourism portal for Lutherstadt Wittenberg, Germany, promoting cultural and natural attractions with a focus on family-friendly tourism. It provides information on events, accommodations, sightseeing, and local services, positioning itself as a key resource for visitors to the region. The site targets a general audience interested in cultural heritage and nature tourism. Technically, the site is built on TYPO3 CMS, uses modern web technologies, and includes multimedia content such as videos and images. The site is mobile-optimized and offers multilingual support including German and English. Security posture is moderate; HTTPS is implied but no explicit security headers or incident response contacts are visible. Privacy and cookie policies are not found in the provided content, indicating a compliance gap. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy transparency.

S

Stadt Wittenberg

wittenberg.de

9

The website www.wittenberg.de serves as the official digital presence of the city of Lutherstadt Wittenberg, Germany. It provides comprehensive information about city life, administration, culture, tourism, and public services. The site targets residents, tourists, and local businesses, offering structured navigation and links to partner organizations. The business model is that of a government municipal portal, focusing on information dissemination and citizen engagement. The website is well-branded and consistent with its municipal identity. Technically, the site uses a proprietary CMS (NOLIS) with standard web technologies such as HTML5, CSS, and JavaScript. It is mobile-optimized and accessible, with moderate performance. SEO practices are good, with proper meta tags and structured navigation. However, no advanced frameworks or analytics services were detected. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism, but lacks visible security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were found in the analyzed content. The WHOIS data is minimal but consistent with the municipal nature of the domain. Overall, the site is trustworthy and professional but would benefit from enhanced privacy compliance documentation, security headers, and incident response transparency to improve its security posture and user trust.

O

otris systems GmbH

bytemine.net

10

The otris systems GmbH is a German-based certified cloud service provider specializing in tailored IT infrastructure solutions including Platform as a Service (PaaS) for SaaS, hosting, virtualization, and Proxmox-related products and services. Established in 2008, the company targets software manufacturers and businesses requiring reliable cloud and on-premises IT infrastructure. Their market position is that of a trusted regional provider with over a decade of experience and recognized ISO 27001 certification. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, indicating a mature digital presence. The site is mobile-optimized, SEO-friendly, and uses HTTPS with good security practices. Analytics are implemented via WP Statistics, though no cookie consent mechanism is present. Security posture is strong with HTTPS, no exposed sensitive data, and ISO 27001 certification displayed. However, the absence of a cookie consent banner and explicit terms of service page are areas for improvement. WHOIS data is privacy-protected, which is common and justified for this business type, but limits external verification. Overall, the website and business present a professional and trustworthy image with solid technical and security foundations. Strategic improvements in privacy compliance and transparency would further enhance trust and regulatory adherence.

Z

Zeller + Gmelin

zeller-gmelin.de

48

Zeller+Gmelin is a well-established German family-owned manufacturing company specializing in high-quality lubricants, printing inks, and process chemicals. Founded in 1866, it holds a strong market position as a leader in industrial lubricants and related chemical products, emphasizing sustainability and innovation. The website reflects a mature digital presence with comprehensive content, clear navigation, and multilingual support. Technically, it is built on WordPress with modern JavaScript frameworks and SEO tools, ensuring good performance and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the site demonstrates high professionalism and trustworthiness, supporting the company's credibility and business operations.