Security Directory

W

wikonect GmbH

pneumo-industrieforum.de

51

The website represents the Industrieforum Pneumologie, an event organized by wikonect GmbH in Germany, targeting medical professionals in pneumology and related healthcare fields. It serves as an information portal for the event held alongside the 66th Congress of the German Society for Pneumology and Respiratory Medicine. The site provides event details, contact information, and compliance with GDPR and cookie regulations. Technically, the site is built on WordPress with common plugins and uses Matomo for analytics, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS and cookie consent mechanisms but lacks explicit security policies or incident response details. Overall, the site is professional, trustworthy, and compliant with relevant privacy laws.

D

Dekod d.o.o.

ulaznice.hr

11

Ulaznice.hr is a well-established Croatian online ticketing platform operated by Dekod d.o.o., founded in 2011. The website offers ticket sales for a wide range of cultural, sports, and entertainment events primarily in Croatia, serving a general audience interested in these activities. The platform integrates modern web technologies and analytics tools, including Google Analytics, Facebook Pixel, and Matomo, and provides a cookie consent mechanism compliant with GDPR. The site is hosted with Cloudflare DNS and CDN services, ensuring good performance and security. Security posture is solid with HTTPS enforced and secure login mechanisms, though explicit security headers could be improved. The presence of ISO 9001:2015 certification and partnerships with reputable organizations such as Oracle and Erste Bank enhance trust and credibility.

U

University of Hohenheim

uni-hohenheim.de

11

The University of Hohenheim is a well-established German higher education institution specializing in agricultural sciences, natural sciences, business, economics, and social sciences. The website serves as a comprehensive portal for prospective students, staff, alumni, and other stakeholders, offering detailed information on degree programs, research, events, and university news. The institution positions itself as a leading university with a strong emphasis on research and international collaboration. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies such as Bootstrap and Matomo for analytics. The site demonstrates good performance, mobile optimization, and accessibility features, reflecting a mature digital infrastructure. Hosting is managed via academic network nameservers (belwue.de), indicating reliable and specialized hosting. From a security perspective, the site enforces HTTPS, disables cookies in analytics, and respects Do Not Track settings, showcasing a privacy-conscious approach. However, there is room for improvement in implementing security headers and explicit cookie consent mechanisms. No vulnerabilities or exposed sensitive data were detected, and the login form appears secure. Overall, the website reflects a high level of professionalism, trustworthiness, and compliance with GDPR. The risk profile is low, with recommendations focusing on enhancing security headers and privacy transparency to further strengthen the security posture.

L

Leibniz-Institut für Troposphärenforschung e.V. (TROPOS)

tropos.de

10

The Leibniz-Institut für Troposphärenforschung e.V. (TROPOS) is a German non-profit research institute specializing in atmospheric sciences, focusing on aerosols and clouds. It holds a strong position within the scientific community as a member of the Leibniz Association, offering research, publications, educational programs, and public outreach. The website reflects a professional and consistent brand image with comprehensive scientific content primarily in German, also offering English alternatives. The target audience includes researchers, students, and the general public interested in atmospheric research. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and integrating Matomo analytics with privacy-conscious configurations such as cookie disabling. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. Security posture is solid with HTTPS enforced, but lacks some security headers and explicit incident response or security policies. Privacy compliance is good with a comprehensive privacy policy, but no cookie consent mechanism is present. Overall, the security posture is sound with no detected vulnerabilities or suspicious content. The domain registration aligns with the institution's German research identity, using DNS servers from the German research network. Contact information is clearly provided, enhancing business credibility. Recommendations include adding security headers, cookie consent, and publishing security policies to further strengthen trust and compliance.

G

GFZ Helmholtz-Zentrum für Geoforschung

gfz-potsdam.de

58

GFZ Helmholtz-Zentrum für Geoforschung is Germany's national center for solid earth research, focusing on geoscientific studies of the Earth's geosphere and related systems. The website serves a broad audience including researchers, students, policymakers, and the public, providing scientific publications, research data, and educational resources. It operates under the Helmholtz Association umbrella, indicating a strong institutional backing and national significance. Technically, the website is built on TYPO3 CMS, a robust open-source content management system, and employs Matomo for privacy-conscious analytics. The site is well-structured, mobile-optimized, and accessible, with clear navigation and professional design. It uses HTTPS with good SSL configuration and respects user privacy through cookie consent mechanisms. Security posture is solid with no detected vulnerabilities or exposed sensitive data, though explicit security policies and incident response contacts are not published. Privacy compliance is strong, with GDPR-aligned policies and consent banners. The domain WHOIS data aligns well with the organization's identity, supporting legitimacy. Overall, the website is a trustworthy, professional platform for geoscientific research dissemination, with recommendations to enhance security transparency and incident response readiness.

F

Forschungszentrum Jülich GmbH

fz-juelich.de

58

Forschungszentrum Jülich GmbH is a prominent German research institution specializing in digital transformation, climate protection, energy transition, and sustainable bioeconomy. It operates as a large-scale public research center and is a founding member of the Helmholtz Association, positioning itself as a leader in scientific innovation and high-performance computing in Europe. The website reflects a professional and comprehensive digital presence, targeting researchers, industry partners, students, and the general public interested in advanced scientific research and technology transfer. Technically, the site leverages modern frameworks such as React and Plone CMS, with a focus on accessibility, mobile optimization, and SEO best practices. Security posture is strong with HTTPS enforcement, security headers, and privacy-conscious analytics via Matomo. However, explicit incident response and vulnerability disclosure information are not prominently available, representing an area for improvement. Overall, the site is trustworthy, well-branded, and aligned with the organization's mission and sector.

F

Forschungsinstitut für Nachhaltigkeit (RIFS)

rifs-potsdam.de

60

The Forschungsinstitut für Nachhaltigkeit (RIFS) is a medium-sized research institute affiliated with the GFZ Helmholtz Zentrum Potsdam, focusing on sustainability and societal transformation research. The website is professionally designed using Drupal 10 and incorporates modern web technologies such as Bootstrap 5, Matomo analytics, and lazy loading for performance optimization. It offers comprehensive content including news, dossiers, and research results targeted at academics, policymakers, and sustainability stakeholders. Privacy and cookie policies are well implemented with GDPR compliance and user consent mechanisms. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the website presents a trustworthy and authoritative digital presence for the institute.

D

Deutsches Klimarechenzentrum GmbH

dkrz.de

65

The Deutsches Klimarechenzentrum GmbH (DKRZ) operates as a national service center providing high-performance computing and data management infrastructure to support climate research in Germany. The website reflects a well-established organization focused on delivering computational resources, data storage, and expert services to the scientific community engaged in climate modeling and simulations. Their market position is strong within the German and international climate research ecosystem, emphasizing collaboration and advanced technological support. Technically, the website is built on the Plone CMS platform, leveraging Bootstrap for responsive design and Matomo for privacy-conscious analytics. The site demonstrates good mobile optimization, clear navigation, and professional content presentation. However, some improvements could be made in accessibility and the implementation of security headers. From a security perspective, the site enforces HTTPS and uses script integrity attributes, but lacks explicit security headers and a published security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the website is trustworthy, professional, and serves its target audience effectively. Strategic enhancements in security headers, cookie consent, and incident response transparency would further strengthen its security posture and compliance.

E

ENERCON

enercon.de

63

ENERCON is a leading manufacturer and service provider specializing in onshore wind turbines and integrated green energy solutions. The company positions itself as a pioneer in wind energy, offering a comprehensive portfolio that spans turbine manufacturing, service and maintenance, SCADA remote monitoring, training, and energy marketing and financing. Their website reflects a mature digital presence with professional design, multilingual support, and clear navigation aimed at business customers and stakeholders in the renewable energy sector. Technically, the website leverages modern technologies including Webflow CMS, Cookiebot for consent management, and Matomo for privacy-focused analytics. Hosting is managed via Netlify for staging and Azure DNS for domain services, indicating a robust infrastructure. Performance and mobile optimization are good, with accessibility and SEO practices well implemented. From a security perspective, the site enforces HTTPS and uses Cookiebot to manage cookie consent, enhancing privacy compliance. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident, and no public security or incident response policies are published. There is no vulnerability disclosure or security.txt file, which could improve transparency and trust. Overall, the website is professional, trustworthy, and compliant with GDPR, with a strong business credibility score. Recommendations include enhancing security headers, publishing security policies, and providing clearer incident response contacts to further strengthen the security posture and user trust.

R

Renewable Hydrogen Coalition

renewableh2.eu

56

The Renewable Hydrogen Coalition is a European-focused advocacy group promoting renewable electricity as the optimal strategy for hydrogen production. The coalition engages industry stakeholders, policymakers, and the public to advance renewable hydrogen adoption, emphasizing direct electrification, grid infrastructure, and industrial leadership. The website reflects a professional and consistent brand with strong industry support and collaboration. Technically, the site is built on WordPress with modern JavaScript libraries and integrates analytics tools such as Matomo and Microsoft Clarity, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements are recommended in cookie consent and security policy transparency. Overall, the site is trustworthy and well-positioned within its niche, though it lacks some compliance elements like cookie banners and explicit incident response information.

R

RE-Source Platform

resource-platform.eu

63

The RE-Source Platform is a leading European forum dedicated to corporate renewable energy sourcing. It provides policy advocacy, a comprehensive Renewable Energy Buyers Toolkit, and hosts annual events to facilitate renewable energy procurement by corporates. The platform is well-positioned in the energy sector, supported by a strong network of reputable corporate partners and advisory board members. The website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the website is built on WordPress using modern tools such as Elementor and Astra theme, integrating multiple analytics platforms including Google Analytics, Matomo, and Microsoft Clarity. Privacy and cookie compliance are managed via Iubenda, indicating a mature approach to data protection. The site is mobile-optimized and SEO-friendly, though some security headers could be improved. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy, incident response contacts, or vulnerability disclosure mechanisms suggests room for improvement in transparency and readiness. Overall, the domain registration and WHOIS data align well with the business claims, supporting the legitimacy and trustworthiness of the platform. The overall risk is low, with recommendations focusing on enhancing security headers, publishing security policies, and adding vulnerability disclosure information to further strengthen trust and compliance.

W

Wikimedia Foundation

wikimediafoundation.org

69

The Wikimedia Foundation is a well-established nonprofit organization founded in 2003, best known for hosting Wikipedia and supporting free knowledge dissemination globally. The website reflects a mature digital presence with comprehensive content supporting its mission, targeting a broad audience including volunteers, students, and the general public. The organization leverages WordPress CMS with modern technologies such as Mapbox for mapping and Matomo for privacy-conscious analytics. The site is well optimized for SEO, mobile, and accessibility, demonstrating high digital maturity. Security posture is strong with HTTPS and domain protections, though improvements like DNSSEC and explicit security headers could enhance defenses. Privacy compliance is partial, with a clear privacy policy but lacking cookie consent mechanisms. Overall, the site is trustworthy, professional, and aligns well with the Wikimedia Foundation's global nonprofit mission.

U

Unie komunitní energetiky

uken.cz

59

Unie komunitní energetiky (UKEN) is a Czech non-profit organization focused on promoting decentralized, renewable, and community-based energy solutions. The organization advocates for legislative changes, provides informational services, and supports the development of local clean energy sources. UKEN has a strong network of partners and members including municipalities, companies, and investors, positioning itself as a key player in the Czech energy transition landscape. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the site leverages modern web technologies including Webflow CMS, Google Analytics, Matomo, and security features like reCAPTCHA and Cloudflare Turnstile. Security posture is strong with HTTPS enforced and multiple security headers present, although explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with a comprehensive GDPR policy and cookie consent mechanisms. The absence of WHOIS data is a notable gap, reducing domain trustworthiness, but the overall business credibility remains high due to transparent contact information, partner endorsements, and professional content.

W

W.E.B. Windenergie CZ

vetrna-energie.cz

56

W.E.B. Windenergie CZ is a Czech renewable energy company specializing in the development, realization, and operation of wind and solar power plants. With over 23 years of experience, the company positions itself as an established player in the Czech renewable energy market, targeting both business clients and consumers interested in sustainable energy solutions. The website is professionally designed, localized in Czech, and provides clear navigation and relevant business information. Technically, the site is built on TYPO3 CMS, employs modern web technologies including Google reCAPTCHA for bot protection, and uses Matomo analytics for user tracking. The cookie consent mechanism is comprehensive and GDPR compliant, reflecting a good privacy posture. Security-wise, HTTPS is enforced, but some security headers are missing, and no explicit security policy or incident response information is published. The WHOIS data is unavailable or privacy protected, which limits transparency but is not uncommon. Overall, the website is safe, professional, and trustworthy, with moderate technical and privacy compliance maturity.

W

WindEurope

windeurope.org

58

WindEurope is a well-established European industry association advocating for wind energy policies and representing over 450 member companies. It operates as a key voice in the European renewable energy sector, providing policy advocacy, organizing industry events, and offering data and career resources. The organization is headquartered in Brussels, Belgium, and has a domain age consistent with its founding date in 2014, reinforcing its legitimacy and market presence. The website is professionally designed with excellent content quality, targeting industry stakeholders, policymakers, and professionals in the wind energy sector. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses multiple analytics platforms including Google Analytics, Matomo, and Microsoft Clarity. It is hosted behind Cloudflare, ensuring good performance and security. The site is mobile-optimized, accessible, and SEO-friendly, leveraging Yoast SEO Premium for enhanced search engine visibility. The technical infrastructure supports a positive user experience with fast loading and clear navigation. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. However, DNSSEC is not enabled, and security headers are not explicitly detected, suggesting room for improvement. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism, aligned with GDPR requirements. Contact information is clearly provided, enhancing trust and transparency. Overall, WindEurope's website demonstrates a high level of professionalism, security, and compliance suitable for an essential industry association. Strategic recommendations include enabling DNSSEC, adding security headers, publishing a security policy, and establishing a vulnerability disclosure program to further strengthen security posture and stakeholder trust.

K

Kombiverkehr GmbH & Co. KG

kombiverkehr.de

55

Kombiverkehr GmbH & Co. KG operates as a leading intermodal transport network provider in Germany and Europe, specializing in flexible terminal-to-terminal rail connections and offering over 170 trains per night. The company targets logistics businesses seeking sustainable and efficient rail freight solutions, positioning itself as a key player in environmentally friendly logistics. Their website reflects a mature digital presence with comprehensive service descriptions and customer engagement portals. Technically, the site is built on the Neos CMS platform using the Flow PHP framework, integrating modern JavaScript libraries and Matomo analytics for privacy-conscious tracking. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though formal security policies and incident response contacts are not publicly disclosed. Overall, Kombiverkehr demonstrates a professional and trustworthy online presence aligned with its business operations.

K

KORADO

korado.cz

61

KORADO is a leading global manufacturer specializing in steel heating bodies, including panel radiators, tubular radiators, design radiators, convectors, and ventilation units. The company targets both end customers and professionals, offering comprehensive heating solutions with a focus on modern, energy-efficient products. Their market position is strong, supported by a presence in 23 countries and a large customer base. The website reflects a mature digital presence with multilingual support and detailed product guides. Technically, the website employs modern analytics and marketing technologies such as Google Tag Manager, Google Analytics, Matomo, and reCAPTCHA v3, ensuring good tracking and security against bots. The site is mobile-optimized and well-structured, though some improvements in accessibility and security headers could be made. The cookie consent mechanism and privacy policy indicate good GDPR compliance. Security posture is solid with HTTPS enforced and secure form handling, but lacks visible security headers and incident response information. The absence of WHOIS data reduces transparency and trust slightly, though the professional presentation and business information mitigate this concern. Overall, the website is professional, secure, and compliant, with minor areas for improvement in security policy visibility and WHOIS transparency. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding terms of service documentation.

M

Medizinisch Wissenschaftliche Verlagsgesellschaft mbH & Co. KG

mwv-berlin.de

10

Medizinisch Wissenschaftliche Verlagsgesellschaft mbH & Co. KG is a specialized German publishing company focusing on healthcare, medicine, psychiatry, and psychology. The company offers a broad range of publishing products including books, e-books, apps, open access content, and organizes healthcare-related events and congresses. Their target audience includes healthcare professionals, researchers, and academic institutions. The website is professionally designed with consistent branding and clear navigation, supporting a medium-sized business presence in the healthcare publishing sector. Technically, the website employs a mature technology stack including AngularJS, Bootstrap, Magento for e-commerce, and a Content Builder CMS. It uses Matomo analytics for privacy-conscious visitor tracking and implements a comprehensive cookie consent mechanism compliant with GDPR. The site is mobile optimized and performs moderately well, though some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and uses cookie consent best practices. However, it lacks visible security headers and does not publish a dedicated security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. WHOIS data confirms domain registration consistency and legitimacy, supporting trustworthiness. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic improvements in security headers, incident response transparency, and accessibility would further strengthen its posture.

D

Deutsche Atemwegsliga e.V.

lungentag.de

10

Deutscher Lungentag is a German non-profit initiative operated by Deutsche Atemwegsliga e.V., focused on lung health awareness, prevention, and education. The website serves as a platform for disseminating information about respiratory diseases, organizing events, and providing educational materials to patients, healthcare professionals, and the general public. The organization positions itself as a reputable source within the German healthcare sector, leveraging expert contributions and up-to-date event information to engage its audience. Technically, the website is built on the Contao CMS platform and employs modern web technologies such as jQuery, Materialize CSS, and Matomo analytics for user tracking. The site is mobile-optimized with a clear navigation structure and professional design, although some SEO and accessibility features could be enhanced. The presence of HTTPS ensures secure communication, but the absence of security headers and cookie consent mechanisms indicates room for improvement in security and privacy compliance. From a security perspective, the website demonstrates a moderate security posture with no visible vulnerabilities or exposed sensitive data. However, the lack of explicit security policies, incident response contacts, and cookie consent banners suggests gaps in compliance with GDPR and best practices. The WHOIS data is minimal but consistent with the website's German healthcare focus, supporting the legitimacy of the domain. Overall, Deutscher Lungentag presents a trustworthy and professional online presence with solid business credibility. Strategic improvements in security headers, privacy compliance, and incident response readiness would further strengthen its security posture and regulatory adherence.

N

NNPC Marine Insurance

nnpc-marine.com

68

NNPC Marine Insurance is a specialized marine insurance provider positioned as the only Dutch P&I club offering global marine insurance and risk solutions. The company targets marine industry clients such as ship owners and charterers, providing services including P&I Mutual, Fixed Premium, FD&D, Crew Insurance, Charterers Liability, and Inland Shipping Insurance. The website is professionally designed, multilingual, and uses a modern WordPress infrastructure with plugins for SEO, analytics, and marketing. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and explicit incident response information. The domain WHOIS data shows an inconsistency with a future creation date, which raises some trust concerns. Overall, the website is functional, compliant with GDPR, and presents a credible business presence with room for security and transparency improvements.

D

Deutsche Gesellschaft für Pneumologie und Beatmungsmedizin e.V.

pneumologie-kongress.de

51

The website pneumologie.de/kongress is the official portal for the 66th Congress of the German Society for Pneumology and Respiratory Medicine (DGP). It serves as an information hub for healthcare professionals specializing in pneumology, providing details about the congress program, registration, practical information, and press resources. The site is professionally designed, consistent in branding, and targets a specialized medical audience primarily in Germany. The business model is that of a non-profit professional society organizing educational and networking events in healthcare. Technically, the site uses the Snowboard CMS framework, Bootstrap icons, and Matomo analytics, indicating a modern and privacy-conscious infrastructure. The site is mobile optimized and performs moderately well with good SEO and accessibility basics. Security posture is solid with HTTPS and cookie consent implemented, though it lacks explicit security headers and published security policies. WHOIS data confirms domain legitimacy and consistency with the organization's profile. Overall, the site is trustworthy, professional, and well-maintained with no detected vulnerabilities or suspicious content.

A

Aktionsbündnis Nichtrauchen e.V. (ABNR)

abnr.de

39

Aktionsbündnis Nichtrauchen e.V. (ABNR) is a German non-profit coalition of 22 nationwide health organizations focused on tobacco and nicotine prevention advocacy. The website serves as an information hub for political lobbying, public awareness, and dissemination of publications and newsletters related to tobacco control. The organization targets health professionals, policymakers, and the general public in Germany. Technically, the website is built on the REDAXO CMS platform, uses jQuery and skrollr for UI effects, and integrates Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized with a clear navigation structure and consistent branding. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security headers and published security policies. No contact emails or phone numbers are directly exposed, relying on a contact form instead. WHOIS data shows the domain is active with domaincontrol.com nameservers, typical for GoDaddy hosting, with no privacy protection but limited registrant info. Overall, the site is professional, trustworthy, and safe, with room for improvement in security policy transparency and technical security headers.

G

Gesellschaft für Pädiatrische Pneumologie e.V.

paediatrische-pneumologie.eu

64

The Gesellschaft für Pädiatrische Pneumologie e.V. (GPP) is a scientific society dedicated to pediatric pulmonology in the German-speaking region. The website serves as an information hub for medical professionals and researchers, providing educational resources and facilitating professional networking. The organization positions itself as a reputable and established entity within the healthcare sector focused on children's lung health. Technically, the website is built on WordPress with Elementor and employs Matomo for analytics, complemented by a robust cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and standard security headers present, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

D

diagnose:media

diagnose-media.org

9

diagnose:media is a German non-profit initiative focused on promoting competent and self-determined use of digital media by children and adolescents. The organization supports parents, schools, and affected individuals while networking experts and specialized institutions. Their core mission is to highlight the negative side effects of digital media and recommend measures to avoid or mitigate risks, especially concerning psychosocial aspects, communication behavior, addiction potential, privacy protection, and health impacts from mobile radiation. The website offers educational articles, publications, events, and expert lectures targeted primarily at families and educational institutions. Technically, the website employs a range of JavaScript libraries including jQuery, Slick Slider, Fancybox, and Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized with a responsive design and clear navigation. However, some technologies like jQuery are outdated, and no explicit CMS or hosting provider information is available. Performance is moderate, and SEO and accessibility are basic but functional. From a security perspective, the site uses HTTPS (assumed but not explicitly confirmed), but lacks visible security headers and cookie consent mechanisms despite using tracking scripts. No vulnerabilities or exposed sensitive data were detected in the HTML content. WHOIS data is unavailable or protected, which limits domain trust verification and reduces the overall legitimacy score. The site does not publish security policies or incident response information. Overall, diagnose:media presents a professional and trustworthy educational resource with good content quality and user experience. The main risks relate to incomplete WHOIS transparency and minor security best practice gaps. Strategic improvements in security headers, updated libraries, and privacy compliance would enhance trust and resilience.

E

En Garde Basic

puespoek.at

52

PÜSPÖK, operating under the company name En Garde Basic, is a medium-sized Austrian company specializing in the realization and operation of renewable energy installations, including wind power, photovoltaic systems, and battery storage. Positioned as one of the largest operators of renewable energy in Austria, the company focuses on contributing to the energy transition towards a fossil-free future. Their website reflects a professional and consistent brand image, targeting Austrian households and businesses interested in sustainable energy solutions. Technically, the website is built on WordPress with Elementor and uses Matomo for privacy-conscious analytics. The site is mobile-optimized and SEO-friendly, though some accessibility features are basic. Security posture is good with HTTPS enforced, but lacks some security headers and incident response information. The absence of WHOIS data reduces transparency but does not significantly detract from the overall legitimacy given the professional presentation and clear contact information.

D

Deutscher Berufsverband der Hals-Nasen-Ohrenärzte

hno-wartezimmer.de

48

The website www.hno-wartezimmer.de serves as an informational portal focused on ear, nose, and throat (ENT) health topics, primarily targeting patients and the general public interested in medical education. It is affiliated with the Deutscher Berufsverband der Hals-Nasen-Ohrenärzte, a professional medical association in Germany, which lends credibility and trust to the content. The site offers a range of articles, news updates, and patient education materials related to ENT health. Technically, the site is built on TYPO3 CMS, hosted by agenturserver, and uses Matomo for analytics with a GDPR-compliant cookie consent mechanism. The site is mobile-optimized and demonstrates good SEO and accessibility practices, though some improvements in accessibility could be made. Security-wise, the site enforces HTTPS and uses cookie consent for tracking but lacks explicit security headers and published security policies or incident response contacts. Overall, the site is professional, trustworthy, and compliant with privacy regulations, with a moderate to good security posture.

F

FRAUENARZT

frauenarzt.de

41

FRAUENARZT is a leading German-language professional medical journal targeting gynecologists in Germany. It serves as the official publication for major professional societies in gynecology and obstetrics, providing monthly updates on clinical and practice-relevant topics. The website offers access to current and archival issues for members, along with news, event information, and newsletters. The business model revolves around subscriptions and memberships, supported by a reputable publishing house, mgo fachverlage. The site demonstrates strong branding consistency and trust signals through partnerships and certifications.

The FortbildungsAkademie-im-Netz website is a professional platform offering free certified online continuing education modules primarily targeting healthcare professionals such as doctors, pharmacists, and pharmaceutical technical assistants. The platform emphasizes specialized modules for pediatricians, gynecologists, and occupational medicine practitioners, with a structured system for awarding and tracking continuing education points. The business is positioned as a niche educational provider in the German healthcare sector, supported by reputable partners and sponsors, and operated by Monks Vertriebsgesellschaft mbH. Technically, the website employs a modern tech stack including Ruby on Rails, Foundation CSS framework, and Matomo analytics configured with privacy-conscious settings. The site is mobile-optimized and features interactive elements such as carousels and login forms. While performance is moderate, the technical implementation is solid with room for enhancements in accessibility and security headers. From a security perspective, the site uses HTTPS with good SSL configuration and includes CSRF tokens in forms. However, it lacks explicit security headers and a public security policy or incident response contact information. Privacy compliance is generally good, with a clear privacy policy and terms of service, but no visible cookie consent mechanism. No vulnerabilities or suspicious patterns were detected. Overall, the website presents a trustworthy, professional, and secure platform for medical continuing education with a strong business credibility score. Strategic improvements in security headers, cookie consent, and incident response transparency would further enhance its security posture and compliance.

A

Avkastningsportalen

avkastningsportalen.no

64

Avkastningsportalen is a Norwegian financial information portal specializing in providing historical return data for pension savings. It serves both corporate and private market segments, offering transparency and data to support pension-related decision-making. The portal is associated with Finans Norge Forsikringsdrift, indicating a credible and established backing within the Norwegian financial sector. The website is built on WordPress with modern SEO and analytics tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers and policies could be improved. Privacy compliance is partially addressed with a privacy policy but lacks cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-positioned within its niche.

M

Min Pensjon

minpensjon.no

65

Min Pensjon is a Norwegian pension advisory and information platform supported by Norsk Pensjon and several official pension organizations. It provides comprehensive guidance on the Norwegian pension system, including public pensions, occupational pensions, and personal savings. The website targets the Norwegian working population and pension savers, offering tools and educational content to help users understand and influence their pension outcomes. Technically, the site is built on WordPress with React components and uses Matomo for privacy-conscious analytics. It demonstrates good SEO, accessibility, and mobile optimization. Security posture is solid with HTTPS and no exposed sensitive data, though explicit security headers and cookie consent mechanisms are missing. The domain is well-established since 2007, consistent with the business's maturity and legitimacy. Overall, the site is professional, trustworthy, and serves as an authoritative resource for pension information in Norway.

Deutsche Atemwegsliga e.V. is a German non-profit organization dedicated to providing comprehensive information, education, and support related to respiratory diseases such as COPD, asthma, and chronic bronchitis. The website serves primarily healthcare professionals and patients by offering patient training, lung sports, seminars, and extensive informational materials. The organization maintains a strong market position within the German healthcare non-profit sector, supported by partnerships with recognized entities like Alpha-1-Center and Deutscher Lungentag e.V. Technically, the website is built on the Contao CMS platform, utilizing modern JavaScript libraries such as jQuery and Matomo for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some improvements in security headers and explicit security policies could enhance its posture. The presence of a cookie consent banner and a detailed privacy policy indicates good privacy compliance aligned with GDPR. Security-wise, the site enforces HTTPS and avoids exposing sensitive data, but lacks published incident response contacts or vulnerability disclosure mechanisms. No WAF or blocking mechanisms were detected, and no vulnerabilities or suspicious patterns were found in the WHOIS data, which aligns well with the organization's identity. Overall, the website is professional, trustworthy, and content-rich, with a strong focus on medical education and patient support. Strategic improvements in security policy transparency and technical security headers would further strengthen its security posture and trustworthiness.

G

German Central Committee against Tuberculosis (DZK)

dzk-tuberkulose.de

65

The German Central Committee against Tuberculosis (DZK) operates a professional, well-structured website dedicated to tuberculosis education, research, and prevention. With over 100 years of history, the organization serves patients, relatives, doctors, and health authorities primarily in Germany. The website offers comprehensive resources including guidelines, case reporting, dosage calculators, and an interactive MDR-TB coverage map. The content is high quality, relevant, and presented with clear navigation and consistent branding. Technically, the site leverages modern web technologies such as Webflow CMS, Google Fonts, Matomo Analytics with privacy-conscious configurations, Weglot for multilingual support, and Klaro for cookie consent management. The site is hosted on Webflow’s CDN, ensuring fast performance and excellent mobile optimization. Accessibility and SEO practices are well implemented. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms. While explicit security headers are not visible in the HTML, they may be set at the server level. No vulnerabilities or exposed sensitive data were detected. However, the site lacks a publicly visible security policy or incident response contact information, which could enhance trust. Overall, the website is trustworthy, professional, and compliant with GDPR requirements. It effectively supports its mission to combat tuberculosis through education and collaboration. Strategic recommendations include adding explicit security headers, publishing a security policy, and considering incident response contact details to further strengthen security posture and user trust.

B

Bundesverband der Pneumologen, Schlaf- und Beatmungsmediziner e. V.

pneumologenverband.de

42

The Bundesverband der Pneumologen website serves as the official online presence of the German professional association for pulmonologists, sleep, and ventilation medicine specialists. It provides information relevant to healthcare professionals in the respiratory medicine field and acts as a hub for professional networking and representation. The website is positioned as a national-level association with a medium organizational size and a clear focus on the healthcare sector in Germany. Technically, the site employs privacy-conscious analytics (Matomo) and a consent management platform (Usercentrics), indicating a moderate level of digital maturity. However, the absence of explicit privacy policies and terms of service pages suggests room for improvement in compliance and transparency. Security posture is moderate, with no visible security headers or incident response information, but no critical vulnerabilities or blocking mechanisms detected. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security documentation to strengthen user trust and regulatory compliance.

D

Deutsche Gesellschaft für Pneumologie und Beatmungsmedizin e.V. (DGP)

pneumologie.de

51

The Deutsche Gesellschaft für Pneumologie und Beatmungsmedizin e.V. (DGP) operates pneumologie.de as a professional society website focused on respiratory medicine in Germany. It provides comprehensive resources including medical guidelines, research funding opportunities, educational programs, and membership services targeting healthcare professionals and patients. The site is well-branded, professionally designed, and offers clear navigation and relevant content in German. Technically, the site uses modern web technologies such as Bootstrap, Popper.js, Tippy.js, and Matomo analytics, hosted on a CMS platform named Snowboard. The website is mobile-optimized and implements GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS enforced and secure form validation, though it lacks explicit security headers and published security policies. WHOIS data indicates a consistent and legitimate domain registration aligned with the organization's identity. Overall, the site is trustworthy, professional, and compliant with privacy regulations.

K

Konsortium Deutsche Meeresforschung

deutsche-meeresforschung.de

59

The Konsortium Deutsche Meeresforschung (KDM) is a German non-profit consortium dedicated to coordinating and promoting marine research. The website serves as an information hub for current news, strategic groups, cooperation projects, events, and publications related to ocean science. It targets scientists, research institutions, policymakers, and the interested public. The organization holds a significant position in the German marine research landscape, facilitating national and international collaborations. Technically, the website is built on WordPress and employs modern web technologies including Matomo for privacy-focused analytics, Mapbox for interactive maps, and jQuery. The site is well-structured, mobile-optimized, and SEO-friendly, with a clear navigation system and multilingual support (German and English). Consent mechanisms for cookies and external media are implemented, reflecting good privacy practices. From a security perspective, the site uses HTTPS with a strong SSL configuration and disables cookies in Matomo to enhance privacy. However, it lacks explicit security headers and does not provide visible security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. The domain WHOIS data is minimal but consistent with the organization's identity, supporting legitimacy. Overall, the website presents a professional, trustworthy, and privacy-conscious digital presence for the KDM. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving accessibility features to further strengthen the site's security posture and compliance.

S

Sindicato Unión General de Trabajadoras y Trabajadores de España

ugt.es

61

The Sindicato Unión General de Trabajadoras y Trabajadores de España (UGT) is a prominent Spanish trade union organization dedicated to representing workers and providing labor-related services. The website serves as a comprehensive platform offering information about the union's structure, services, news, and communication channels. It targets workers, union members, and affiliates, positioning itself as a leading labor organization in Spain. The business model is non-profit, focusing on advocacy, social dialogue, and member services. Technically, the website is built on Drupal 10, leveraging modern web technologies including Font Awesome for icons, Google Tag Manager, and Matomo for analytics. The site demonstrates good mobile optimization, accessibility features, and SEO practices, contributing to a positive user experience. The presence of cookie consent mechanisms and privacy policies indicates compliance with GDPR and related privacy regulations. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response information are not publicly available, suggesting room for improvement in transparency and security communication. Overall, the website is professional, trustworthy, and well-maintained, reflecting the organization's credibility and commitment to its audience. Strategic recommendations include publishing detailed security policies, establishing a vulnerability disclosure program, and providing clear contact information for data protection and security matters to enhance trust and compliance further.

W

Wiegmann Dialog GmbH

wiegmann-online.de

64

Wiegmann Dialog GmbH is a well-established German company specializing in direct marketing, fulfillment, digital printing, and document management services. With over 30 years of experience and ISO 9001 and ISO 27001 certifications, the company positions itself as a reliable partner for businesses requiring complex document output and logistics solutions. Their service portfolio includes mailing, hybrid post, invoice dispatch, and fulfillment logistics, targeting B2B clients. The website reflects a mature digital presence built on WordPress, enhanced with SEO and analytics tools, and hosted behind Cloudflare for performance and security. Security posture is strong, supported by certifications and HTTPS, though some security headers could be improved. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the site is professional, trustworthy, and business-focused, with no signs of malicious or adult content.

A

ART-KON-TOR Digital GmbH

art-kon-tor-digital.de

65

ART-KON-TOR Digital GmbH is a small-sized, technology-focused full-service digital agency based in Jena, Germany. The company offers integrated services including web development, IT infrastructure, online marketing, cloud hosting, and AI automation, targeting businesses seeking digital transformation and enhanced online presence. It operates as part of the ART-KON-TOR agency group, leveraging a strong partner ecosystem and subsidiaries to deliver comprehensive solutions. The website reflects a professional and modern digital presence with clear branding and consistent messaging. Technically, the website is built on WordPress with popular plugins for SEO, analytics, accessibility, and cookie compliance. It uses Cloudflare for DNS and security, Matomo and Google Tag Manager for analytics, and Hotjar for user behavior insights. The site is mobile-optimized, accessible, and performs moderately well. Security posture is good with HTTPS enforced and cookie consent implemented, though additional HTTP security headers could enhance protection. No critical vulnerabilities or suspicious content were detected. Privacy compliance is strong with a comprehensive GDPR-aligned privacy policy and cookie consent mechanism. Contact information is transparent and complete, supporting business credibility. Overall, the site demonstrates a mature digital infrastructure and sound security practices appropriate for its business scale. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and continuous monitoring of third-party scripts to maintain privacy compliance and security posture.

G

Gesellschaft für Versicherungswissenschaft und -gestaltung e.V. (GVG)

gesundheitsziele.de

50

Gesellschaft für Versicherungswissenschaft und -gestaltung e.V. (GVG) is a German non-profit organization focused on social and health insurance sciences and policy. It serves as a platform uniting various stakeholders from social insurance carriers, healthcare providers, government bodies, and scientific communities to discuss and shape the future of social security and public health in Germany. The website reflects a well-established entity with a history dating back to 2003, offering forums, publications, and events to support health goal formulation and policy discourse. Technically, the website is built on the KONTEXT-CMS platform, utilizing modern technologies such as jQuery and Tailwind CSS. It is hosted on servers associated with cloudpit.de and employs Matomo analytics for user tracking, indicating a privacy-conscious approach. The site is mobile-optimized with good navigation and SEO practices, though some accessibility features could be improved. From a security perspective, the site uses HTTPS with a valid SSL configuration and has domain transfer protections in place. However, it lacks DNSSEC and security headers, and there is no visible security.txt or incident response contact information. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a privacy policy present but no visible cookie consent mechanism. Overall, the website is professional, trustworthy, and serves its target audience effectively. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance its security posture and compliance.

M

Mint House

minthouse.com

69

Mint House is a modern residential hospitality company specializing in tech-enabled furnished apartments and vacation rentals across multiple US cities. The company leverages technology such as smart locks and digital concierge services to enhance guest experiences for both short and long-term stays. Their market position is that of a tech-forward hospitality provider with a growing footprint in key urban locations. Technically, the website is built on WordPress with a solid tech stack including Yoast SEO, Google Tag Manager, and Klaviyo for marketing automation. The site is mobile optimized and accessible with good SEO practices. Security posture is generally good with HTTPS and domain registration protections, though improvements can be made by enabling DNSSEC and updating legacy libraries. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the website is professional and trustworthy, supporting a medium-sized business in the hospitality sector.

F

Frauenselbsthilfe Krebs Bundesverband e. V.

frauenselbsthilfe.de

55

Frauenselbsthilfe Krebs Bundesverband e. V. is a German non-profit organization dedicated to supporting cancer patients and their families through self-help groups, counseling, and educational resources. The website serves as a comprehensive platform offering information, networking opportunities, and qualification programs tailored to cancer-affected individuals. It holds recognized certifications and partnerships with reputable health organizations, reinforcing its credibility and trustworthiness. Technically, the website is built on the Neos CMS platform using PHP and the Flow framework, with frontend technologies including Bootstrap 3 and jQuery. It employs Matomo for privacy-conscious analytics and implements GDPR-compliant cookie consent mechanisms. The site is mobile-optimized with good SEO practices, though some frontend libraries are somewhat outdated. From a security perspective, the site uses HTTPS and cookie consent but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data shows standard domain registration with no privacy protection, consistent with the organization's public profile. Overall, the website presents a professional, trustworthy, and user-friendly experience for its target audience, with room for improvement in security headers and explicit security documentation to enhance its security posture.

Ö

Österreichische Gesellschaft für Gynäkologie und Geburtshilfe (OEGGG)

jungegyn.at

51

Junge Gyn is a specialized working group under the Austrian Society for Gynecology and Obstetrics (OEGGG), established in 2004 to represent young gynecology specialists in training. The organization provides support, education, networking, and advocacy for its members and medical students interested in the field. The website reflects a professional, well-maintained digital presence with clear navigation and relevant content tailored to its target audience. Technically, the site is built on WordPress with modern plugins and privacy-conscious analytics (Matomo). Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and trustworthy platform. Overall, Junge Gyn presents a credible and focused professional association website serving the Austrian gynecology community.

W

Weimarhalle

weimarhalle.de

58

Weimarhalle is a medium-sized event venue and congress center located in Weimar, Germany, offering versatile and individual event hosting services including conferences, cultural events, and celebrations. The website is built on the Liferay CMS platform with modern web technologies such as React and YUI, and includes interactive features like 360-degree virtual tours. The site is HTTPS secured and uses Matomo for analytics, indicating a moderate level of digital maturity. However, the absence of explicit privacy and cookie policies, as well as limited visible contact information, suggests room for improvement in privacy compliance and user trust. Security posture is adequate but could benefit from enhanced security headers and published security policies. Overall, the website presents a professional and user-friendly experience suitable for its target audience of event organizers and visitors.

The University of New Brunswick (UNB) is a well-established Canadian educational institution with a rich history dating back to 1785. The website serves as a comprehensive portal for prospective and current students, faculty, staff, alumni, and partners, offering detailed information on academic programs, admissions, student life, research, and athletics. UNB positions itself as a leading university on Canada's East Coast with a broad range of study options and strong community engagement. The site reflects a mature business model focused on education, research, and community partnerships.

N

NNPC Marine Insurance

nnpc.nl

68

NNPC Marine Insurance is a specialized marine insurance provider operating as the only Dutch P&I club, offering global marine insurance and risk solutions with a personal touch. Their services include P&I Mutual, Fixed Premium, FD&D, Crew insurance, Charterers Liability, and Inland Shipping insurance. The website targets marine industry professionals such as ship owners and charterers, positioning itself as a trusted and expert provider in the marine insurance sector. Technically, the website is built on WordPress with a modern tech stack including WPBakery Page Builder, multilingual support via WPML, and analytics tools like Google Tag Manager and Matomo. The site is hosted by Hosting Concepts B.V. and uses HTTPS with a good SSL configuration. Mobile optimization and SEO are well implemented, though accessibility is basic. From a security perspective, the site employs HTTPS and cookie consent mechanisms, but lacks explicit security policies, incident response contacts, and DNSSEC. The WHOIS data shows inconsistencies, notably a domain creation date in the future, which warrants further verification. No WAF or blocking mechanisms were detected, and no critical vulnerabilities were found in the visible content. Overall, the website presents a professional and trustworthy front for NNPC Marine Insurance, but improvements in transparency around security policies, incident response, and domain registration details are recommended to enhance trust and compliance.

S

Skuld

skuld.com

64

Skuld is a globally recognized marine insurer with a strong financial position and a presence in 10 countries. The company offers a comprehensive range of insurance products and services tailored to shipowners, charterers, the energy sector, renewables, and aquaculture. Their website reflects a professional and trustworthy brand with clear messaging and extensive content about their services, sustainability commitments, and industry expertise. Technically, the website employs modern technologies including Matomo analytics and Microsoft Application Insights, ensuring good performance and privacy-aware tracking. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved and a formal security policy is absent. Overall, the site is well-designed, accessible, and optimized for mobile users, supporting a positive user experience and strong business credibility.

D

DataGrail, Inc.

datagrail.io

72

DataGrail, Inc. operates a sophisticated AI-powered data privacy management platform designed to help businesses comply with GDPR, CCPA, and other data privacy regulations. Positioned as an enterprise-grade SaaS provider, DataGrail offers key services including live data mapping, consent management, request handling, privacy assessments, and risk management. The platform integrates with a broad ecosystem of partners such as Salesforce, Okta, Shopify, Zendesk, and Webflow, enhancing its market reach and functionality. Technically, the website is built on WordPress with modern technologies including jQuery, Google Tag Manager, Matomo analytics, and HubSpot forms. It demonstrates excellent performance, mobile optimization, and SEO practices. Security measures include HTTPS enforcement and reCAPTCHA on forms, though explicit security headers and policies could be improved. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. However, the site lacks explicit incident response and vulnerability disclosure information, which could be enhanced to build further trust. Overall, the website and business present a high level of professionalism and trustworthiness. The lack of WHOIS data is consistent with privacy protection practices common in this industry. Strategic recommendations include enhancing security headers, publishing security policies, and establishing a vulnerability disclosure program to further strengthen security and compliance posture.

H

Hochschule für Musik FRANZ LISZT Weimar

hfm-weimar.de

56

The Hochschule für Musik FRANZ LISZT Weimar is a specialized higher education institution focused on music education, research, and cultural events. It serves students, faculty, researchers, and the broader community interested in music and related disciplines. The institution offers a variety of academic programs, research projects, and cultural activities, positioning itself as a reputable music university in Germany with a tradition dating back to 1872. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies such as Bootstrap, jQuery, and Matomo for analytics. The site demonstrates good mobile optimization and a structured navigation system, providing a positive user experience. Hosting appears to be managed by university-related infrastructure, ensuring alignment with the institution's academic nature. From a security perspective, the website employs HTTPS and asynchronous script loading, contributing to a secure and performant environment. However, explicit security headers are not detected, and no visible privacy or cookie policies are present in the analyzed content, indicating areas for improvement in compliance and security best practices. Overall, the website is trustworthy and professional, with a strong business credibility score. The absence of explicit privacy and cookie policies and contact information slightly lowers the privacy compliance and content quality scores. There are no indications of adult or unsafe content, and no WAF or blocking mechanisms interfere with content accessibility.

S

Sparkassen-Kulturstiftung Hessen-Thüringen

sparkassen-kulturstiftung.de

63

The Sparkassen-Kulturstiftung Hessen-Thüringen is a well-established non-profit foundation focused on promoting arts, culture, and education in the German regions of Hessen and Thüringen. It operates under the umbrella of the Sparkassen-Finanzgruppe and has a strong market position as a major cultural funder. The website reflects a professional and consistent brand image with comprehensive information about its projects, goals, and engagement activities. Technically, the site uses Concrete CMS, modern JavaScript libraries, and integrates accessibility and cookie consent tools, indicating a mature digital infrastructure. Security posture is good with HTTPS and no visible vulnerabilities, though some security headers and policies could be improved. Privacy compliance is moderate due to the absence of an explicit privacy policy page, despite the presence of cookie consent mechanisms. Overall, the site is trustworthy, well-designed, and serves its target audience effectively.

S

Stadt Neustadt bei Coburg

neustadt-bei-coburg.de

57

The website www.neustadt-bei-coburg.de serves as the official municipal portal for the city of Neustadt bei Coburg in Germany. It provides comprehensive information about local government services, community life, cultural events, economic development, and citizen resources. The site targets residents, visitors, and local businesses, offering structured navigation and relevant content to support civic engagement and municipal transparency. The business model is that of a government entity focused on public service delivery. Technically, the website is built on TYPO3 CMS, leveraging modern frontend technologies such as Bootstrap, FontAwesome, and OpenLayers for maps. It is hosted by netcup GmbH, as inferred from the nameservers. The site demonstrates good mobile optimization, accessibility features, and moderate performance. SEO practices are basic but functional. Analytics are handled via Matomo with a clear cookie consent mechanism, reflecting a commitment to privacy compliance. From a security perspective, the site enforces HTTPS and includes cookie consent banners, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The WHOIS data is consistent and legitimate, supporting the trustworthiness of the domain. No WAF or blocking mechanisms interfere with content access. Overall, the website presents a professional, trustworthy, and privacy-conscious municipal portal with room for improvement in security headers and incident response transparency. The risk profile is low, with no critical issues identified.