Security Directory

L

Lottstift

lottstift.no

72

Lottstift is a Norwegian government regulatory agency responsible for overseeing lotteries and foundations. The website serves as an official information portal for stakeholders and the general public, providing regulatory information and updates. The site is well-branded and consistent with government standards, targeting Norwegian users primarily. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO for optimization, Cookiebot for consent management, and analytics tools such as Google Analytics and Matomo configured with privacy considerations. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and the domain age and WHOIS data align with the official nature of the entity. Overall, the site demonstrates good digital maturity and compliance with privacy regulations, though explicit privacy and terms of service pages were not found in the provided content.

Hoffnungstaler Stiftung Lobetal is a German non-profit foundation providing a broad range of social, medical, and educational services primarily in Berlin and Brandenburg. The website presents a professional and accessible digital presence built on Joomla CMS, incorporating modern technologies such as Usercentrics for cookie consent and Matomo for privacy-respecting analytics. The organization targets individuals seeking social support, healthcare, and education, emphasizing inclusion and community engagement. While the site is well-structured and content-rich, explicit privacy policies and terms of service are not found, which could be improved for compliance and transparency. Security posture is solid with HTTPS and consent management, but lacks explicit incident response contacts or vulnerability disclosure mechanisms.

S

Sirius Facilities GmbH

siriusfacilities.com

53

Sirius Facilities GmbH is a prominent German commercial real estate company specializing in flexible leasing of office spaces, storage, production halls, conference centers, and virtual office services. With over 70 locations and a large portfolio, they cater primarily to small and medium-sized enterprises as well as larger firms. Their website demonstrates a mature digital presence with a professional design, comprehensive service offerings, and multiple contact channels. Technically, the site is built on Drupal CMS with modern JavaScript libraries and includes privacy compliance tools such as Usercentrics CMP and analytics via Google Analytics and Matomo. Security posture is strong with HTTPS and secure forms, though some HTTP security headers could be improved. The WHOIS data is unavailable, which slightly impacts trust but the overall business credibility remains high due to consistent branding and transparent contact information.

N

NVL B.V. & Co. KG

luerssen-defence.com

56

NVL B.V. & Co. KG is a well-established, independent group of northern German shipyards specializing in naval and coastguard vessel construction and related maritime services. With over 145 years of experience, NVL serves a global clientele including the German Navy and fleets in more than 50 countries. Their comprehensive service portfolio spans new builds, maintenance, repair, upgrades, and digital transformation, supported by a network of four shipyards and multiple international subsidiaries. The company emphasizes quality, innovation, and customer-centric solutions, positioning itself as a leader in the naval shipbuilding industry. Technically, the NVL website is built on Drupal 10, leveraging modern web technologies including jQuery and FontAwesome, and is hosted on AWS infrastructure. The site is mobile-optimized, accessible, and employs privacy-conscious analytics via Matomo alongside a robust cookie consent mechanism. The digital presence reflects a mature and professional infrastructure with good SEO and user experience. From a security perspective, the site enforces HTTPS and uses cookie consent tools to comply with GDPR. However, explicit security policies and incident response contacts are not prominently published, and security headers are not visibly configured. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the business claims, showing consistent domain registration and DNS setup. Overall, NVL demonstrates a strong business credibility and digital maturity with a secure and privacy-aware web presence. Strategic improvements in publishing security policies and enhancing security headers would further strengthen their security posture.

L

Lürssen

lurssen.com

62

Lürssen is a renowned German company specializing in the design, construction, and refit of luxury yachts. The website reflects a strong brand presence with a focus on high-end maritime transportation solutions, targeting affluent clients and industry professionals. The site offers multilingual support and highlights key services including new builds, refit and services, and a marine foundation. Technically, the website uses modern frameworks such as Nuxt.js and integrates Matomo for analytics alongside Cookiefirst for cookie consent management, indicating a moderate level of digital maturity. Security-wise, while HTTPS is implied, explicit security headers and detailed privacy policies are not evident, suggesting room for improvement in security posture and compliance transparency. Overall, the site is professional and trustworthy but would benefit from enhanced security disclosures and verified domain registration data.

I

if-kongress management gmbh

if-kongress.de

56

if-kongress management gmbh is a specialized congress and event management company operating primarily in Germany with offices in Munich and Berlin. The company focuses on delivering professional support for congresses, targeting event organizers, participants, sponsors, and exhibitors. Their business model centers on service provision with a strong emphasis on quality, professionalism, and customer-centricity. The website reflects a well-maintained digital presence using TYPO3 CMS, with modern technologies such as Matomo for analytics and Usercentrics for GDPR-compliant cookie consent management. The technical infrastructure is solid, with good mobile optimization and SEO practices, though some improvements in accessibility and security headers could be made. Security posture is strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data, but lacks explicit security policies or incident response contacts. Overall, the website is trustworthy, professional, and compliant with GDPR requirements, supporting the company's credibility in its niche market.

C

Carl von Ossietzky Universität Oldenburg

icbm.de

61

The ICBM is an interdisciplinary marine sciences institute under the Carl von Ossietzky Universität Oldenburg, Germany. It operates research and teaching activities in marine chemistry and biology with multiple working groups and research platforms. The website is professionally designed using TYPO3 CMS, with good technical infrastructure and modern web technologies. Security posture is strong with HTTPS and privacy-conscious analytics (Matomo with disabled cookies). Contact information and social media presence enhance trust. No critical vulnerabilities or compliance gaps were detected, though explicit security policies could be improved. Overall, the site reflects a reputable academic institution with a clear focus on marine research and education.

The Leibniz Institute for Baltic Sea Research Warnemünde (IOW) is a reputable non-university research institute focused on interdisciplinary marine research, particularly the Baltic Sea ecosystems. It operates under the Leibniz Association umbrella and offers research, data services, and educational activities. The website reflects a medium-sized academic institution with a clear focus on scientific excellence and community engagement. Technically, the site uses a modern CMS (Contao), Bootstrap for responsive design, and Matomo for privacy-conscious analytics. The site is accessible, well-structured, and mobile-optimized, though some SEO and accessibility features could be enhanced. Security posture is solid with HTTPS and email obfuscation but lacks security headers and a cookie consent mechanism, which are recommended for GDPR compliance. Overall, the domain registration and WHOIS data align well with the institute's identity, supporting legitimacy and trustworthiness.

D

Deutsche Gesellschaft für Gynäkologie und Geburtshilfe e.V.

dggg.de

58

The Deutsche Gesellschaft für Gynäkologie und Geburtshilfe e.V. (DGGG) is a well-established scientific professional society in Germany specializing in gynecology and obstetrics. Founded in 1885, it serves medical professionals by providing guidelines, hosting events, publishing scientific content, and offering membership benefits. The website reflects a mature organization with a clear focus on healthcare professionals and scientific advancement in women's health. Technically, the site is built on TYPO3 CMS, employs modern web technologies, and integrates a GDPR-compliant consent management platform. The use of Matomo analytics indicates a preference for privacy-conscious tracking. Security posture is solid with HTTPS and asset integrity checks, though HTTP security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the site is professional, trustworthy, and compliant with relevant privacy regulations.

B

Bundesverband Deutscher Internisten e.V. (BDI)

bdi.de

56

The Bundesverband Deutscher Internisten e.V. (BDI) is a professional association representing internists in Germany. The website serves as a platform for political advocacy, member services including legal advice, continuing education, and networking opportunities. It targets medical professionals specializing in internal medicine and operates as a medium-sized non-profit organization. The site is built on TYPO3 CMS and uses Matomo for privacy-conscious analytics. The content is well-structured, professionally presented in German, and includes a member login area and extensive event listings. Social media integration is robust, enhancing outreach and engagement. Security posture is solid with HTTPS and secure form handling, though explicit security policies and incident response information are absent. Privacy compliance is good with a clear privacy and cookie policy, but lacks a cookie consent mechanism. WHOIS data confirms domain legitimacy and consistency with the organization's profile.

R

Rijksoverheid

mijnslachtofferzaak.nl

67

MijnSlachtofferzaak is an official Dutch government platform designed to provide victims of crimes and their relatives with a centralized overview of their case progress. It aggregates information from multiple justice organizations including the police, Public Prosecution Service, and victim support agencies. The platform leverages secure DigiD authentication to ensure privacy and secure access to sensitive case data. The website is well-branded with consistent government logos and partner endorsements, targeting Dutch residents involved in legal proceedings as victims or next of kin. Technically, the site is built on a modern Angular framework (version 20.1.3) and integrates Matomo analytics for user behavior tracking. The platform supports accessibility features and mobile responsiveness, with multimedia content such as videos with captions enhancing user engagement. The site is served over HTTPS with DNSSEC enabled, indicating strong foundational security practices. However, explicit security headers and cookie consent mechanisms are not visibly implemented. From a security perspective, the platform demonstrates good practices including secure login via DigiD and no visible exposure of sensitive data. The domain registration is consistent with the Dutch government entity, with no suspicious WHOIS patterns. The absence of a published security policy or incident response contact is a minor gap. Overall, the site is trustworthy and professionally maintained, suitable for its sensitive user base. Strategically, the platform should enhance transparency by publishing security and incident response policies, implement cookie consent for GDPR compliance, and add security headers to harden defenses. These improvements will strengthen user trust and regulatory compliance while maintaining the platform's critical role in victim support services.

Lürssen Werft Bremen GmbH & Co. KG is a prestigious German shipbuilding company with a history dating back to 1875. The company specializes in the design and construction of bespoke luxury yachts, including superyachts and gigayachts, as well as high-performance naval and coastguard vessels. Their business model combines manufacturing with extensive after-sales services such as refits, maintenance, and yacht management. The company operates multiple specialized production sites across northern Germany, emphasizing quality and innovation in shipbuilding. The website serves as a portal directing visitors to dedicated sites for yachts and defense vessels, reflecting a clear market segmentation and professional brand presence. The target audience includes affluent private clients and government/military customers.

N

Norsk Pensjon AS

norskpensjon.no

68

Norsk Pensjon AS operates a Norwegian pension information platform that consolidates pension agreements and provides pension calculations with secure BankID login. The company is well-established since 2006 and owned by six life insurance companies, positioning it as a trusted source for pension data in Norway. The website is built on WordPress with modern SEO and analytics tools, offering a good user experience with clear navigation and mobile optimization. Security is strong with HTTPS and secure authentication, though cookie consent mechanisms and explicit security policies could be improved. Overall, Norsk Pensjon demonstrates a mature digital presence with a focus on privacy and user trust.

R

RAWMOTION

rawmotion.com

52

Rawmotion is a specialized live sports production company offering a wide range of services including sport event consulting, custom software development, timing and scoring, sports data services, real-time graphics, and media production. The company positions itself as a premier provider in the sports media industry, focusing on delivering integrated storytelling to enhance fan engagement and audience reach. Their client portfolio includes well-known brands and major sports events, underscoring their market presence and credibility. Technically, the website is built on WordPress with a custom theme and leverages modern web technologies such as GSAP for animations and Matomo for privacy-conscious analytics. The site is mobile optimized, well-structured, and includes a comprehensive cookie consent mechanism via Borlabs Cookie, reflecting a mature digital infrastructure and compliance with privacy regulations like GDPR. From a security perspective, the site enforces HTTPS and uses cookie consent to manage tracking. However, it lacks visible security headers and published security policies or incident response information, which are areas for improvement. The absence of WHOIS registration data raises concerns about domain legitimacy, although the professional website and active social media presence mitigate some risk. Overall, Rawmotion presents a professional and trustworthy online presence with strong content quality and privacy compliance. The main risk lies in the missing WHOIS data, which should be investigated to confirm domain ownership and legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and clarifying domain registration details to strengthen trust and security posture.

D

Den norske legeforening

tidsskriftet.no

64

Tidsskriftet.no is the official medical journal of Den norske legeforening (The Norwegian Medical Association), serving as a key platform for publishing medical articles, clinical overviews, debates, and podcasts targeted at healthcare professionals in Norway. The website demonstrates a mature digital presence with a well-structured content offering and consistent branding aligned with its parent organization. The business model is primarily based on professional content delivery supported by advertising and subscription services. Technically, the site is built on Drupal 10, leveraging modern web technologies and analytics tools such as Matomo and Google Analytics with user consent management via Klaro. Security posture is strong with HTTPS enforcement, security headers, and bot protection mechanisms in place, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is trustworthy, professionally maintained, and compliant with GDPR regulations, making it a reliable resource for its target audience.

L

Legejobber.no

legejobber.no

68

Legejobber.no is a Norwegian job portal specializing in medical job listings, primarily targeting healthcare professionals seeking employment opportunities in Norway. Established in 2010, the site offers a focused recruitment platform with curated job postings and recruitment services for employers. The website demonstrates a consistent brand presence and provides a user-friendly experience with clear navigation and mobile optimization. Technically, the site employs a modern JavaScript stack including jQuery and Knockout.js, integrates Matomo analytics for privacy-conscious tracking, and uses Cookiebot for cookie consent management. Security practices include HTTPS enforcement and CSRF protection, though some security headers are not explicitly detected. The absence of visible contact information and terms of service pages suggests areas for improvement in transparency and user trust. Overall, the site is professional, secure, and compliant with GDPR regulations, serving a niche healthcare recruitment market effectively.

I

Intermesh BV

group-office.com

55

Group-Office, operated by Intermesh BV, is a specialized provider of open source groupware and CRM software solutions targeting businesses seeking flexible, privacy-focused collaboration tools. The company offers both self-hosted and cloud-hosted versions, emphasizing data control, GDPR compliance, and integration with native device apps. Their market position is that of a niche player with a strong focus on privacy and customization, supported by transparent business registration and VAT information. Technically, the website employs modern web standards, uses Matomo for privacy-conscious analytics, and supports open synchronization protocols. Security posture is solid with HTTPS and two-factor authentication mentioned, though the absence of explicit security headers and cookie consent mechanisms are areas for improvement. The lack of WHOIS data reduces domain trust somewhat but is mitigated by consistent branding and business transparency. Overall, the website is professional, well-structured, and trustworthy, suitable for its target business audience.

Ö

Österreichische Gesellschaft für Gynäkologie und Geburtshilfe (OEGGG)

oeggg.at

10

The Österreichische Gesellschaft für Gynäkologie und Geburtshilfe (OEGGG) is a well-established Austrian professional society focused on gynecology and obstetrics. The website serves as a comprehensive resource for healthcare professionals, offering guidelines, educational modules, campaigns, and member services. The organization has a strong market position with over 2000 members and maintains a professional online presence with clear navigation and relevant content. Technically, the site is built on WordPress with modern plugins and respects privacy through the use of Matomo analytics and a compliant cookie consent mechanism. Security posture is good with HTTPS enforced, though some security headers could be improved. No critical vulnerabilities or suspicious activities were detected. Overall, the website is trustworthy, compliant with GDPR, and serves its target audience effectively.

N

NVL Egypt

nvlegypt.com

61

NVL Egypt is a medium-sized, important entity in the naval shipbuilding and maritime services sector, operating as a joint venture founded in 2022 and linked to the established German parent company NVL B.V. & Co. KG. The company focuses on designing, manufacturing, and supporting naval and coastguard vessels, with a strong emphasis on the Egyptian market and national shipbuilding strategy. The website is professionally designed using Drupal 10, with modern technologies and good mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though improvements are recommended in security headers and DNSSEC. The domain registration is consistent with the business timeline and transparent, enhancing trustworthiness. Overall, the site presents a credible and professional image suitable for its target audience.

N

NVL d.o.o.

nvl.hr

61

NVL d.o.o. is a Croatian maritime company specializing in naval and coast guard vessel solutions, operating as part of the larger NVL maritime network. The company focuses on innovation, sustainability, and delivering bespoke maritime technology solutions to global navies and coast guards. Their business model centers on B2B engagements, offering services from early business development to complex program execution. The website reflects a professional and consistent brand image with clear contact channels and trust indicators such as ISO 9001 certification and corporate social responsibility commitments. Technically, the site is built on Drupal 10, uses modern JavaScript libraries, and integrates privacy-compliant analytics and cookie consent mechanisms. Security posture is strong with HTTPS, anti-bot measures, and no visible vulnerabilities, though security headers could be improved. Overall, the site is well-optimized for mobile and accessibility, providing a good user experience. The domain registration is consistent with the business claims and location, enhancing trustworthiness.

N

Naval Technology Bulgaria EOOD

ntb.bg

56

Naval Technology Bulgaria EOOD is a Bulgarian subsidiary of the German naval shipbuilding group NVL, specializing in naval vessel design and engineering services. Established in 2021, it operates from Varna, Bulgaria, focusing on the Multipurpose Modular Patrol Vessel (MMPV) program for the Bulgarian Navy. The company offers design, technical surveillance, integrated logistics support, and warranty engineering. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a strong business presence in the naval transportation sector. Technically, the site uses Drupal 10 CMS, integrates Matomo for analytics, and employs a cookie consent mechanism, demonstrating good digital maturity and privacy compliance. Security posture is solid with HTTPS and no exposed sensitive data, though security headers and incident response information are lacking. WHOIS data is privacy protected but consistent with the business claims, supporting legitimacy. Overall, the site scores well on content quality, technical implementation, security, privacy, and business credibility.

E

Erfurt Tourismus & Marketing GmbH

erfurt-tourismus.de

45

Erfurt Tourismus & Marketing GmbH operates the official tourism website for the city of Erfurt, Germany, providing comprehensive information on city tours, accommodation, events, and cultural highlights. The website serves as a central hub for tourists and event planners, offering online booking capabilities and detailed guides. The company holds a strong market position as the official tourism promoter for the region, targeting a broad audience including families, groups, and individual travelers. Technically, the website is built on TYPO3 CMS with Bootstrap for responsive design, hosted on AWS infrastructure. It employs modern web technologies and privacy-conscious analytics tools such as Matomo alongside Google and Facebook tracking pixels. The site is well-optimized for SEO, mobile use, and accessibility, with clear navigation and multilingual support. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. However, explicit security headers are not visibly implemented, and no dedicated security or incident response policies are published. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is solid but could be enhanced with additional headers and transparency. The website content is safe for general audiences, focusing on tourism and cultural promotion without any adult or questionable content. Contact information is comprehensive and clearly presented, supporting business credibility and trust. The domain registration and DNS setup are consistent with a legitimate public entity, reinforcing the site's authenticity. Strategic recommendations include implementing explicit security headers, publishing a security policy or incident response contact, and continuing to maintain GDPR compliance and transparency to enhance user trust and security maturity.

The website www.hpv-info.at serves as an educational platform initiated by the Austrian HPV Alliance, aiming to increase HPV vaccination rates among children and adolescents in Austria. It provides comprehensive, child-friendly information about HPV and vaccination options, targeting children, teens, parents, and caregivers. The site is supported by multiple Austrian medical societies, enhancing its credibility and reach within the healthcare sector. Technically, the site uses a custom CMS, jQuery, Modernizr, and Matomo analytics, indicating a moderate level of digital maturity with privacy-conscious tracking. The website is well-designed with good navigation and mobile optimization, providing a positive user experience. Security-wise, HTTPS is enforced, and cookie consent mechanisms are implemented, but there is room for improvement in security headers and explicit incident response policies. The absence of WHOIS data limits domain trust assessment, but the professional content and partner affiliations support legitimacy. Overall, the site is a trustworthy, well-maintained resource for HPV education in Austria.

B

Berufsverband der Frauenärzte e.V.

bvf.de

56

The Berufsverband der Frauenärzte e.V. (BVF) is a professional association representing gynecologists in Germany, providing a broad range of member services including insurance benefits, professional advice, continuing education through the BVF Akademie, and a members-only online portal. The website is well-structured, professionally designed, and targets medical professionals in the gynecology sector. It maintains a strong market position with approximately 15,000 members and offers relevant content such as news, press releases, and event calendars. Technically, the site is built on the TYPO3 CMS platform, utilizing modern JavaScript libraries such as jQuery, FlexSlider, and SlickNav for responsive navigation and interactive elements. The site employs Matomo analytics configured to be cookie-free, demonstrating a commitment to user privacy and GDPR compliance. Mobile optimization and SEO practices are good, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses privacy-conscious analytics. However, it lacks explicit security headers and published security policies or incident response contacts, which are recommended for enhanced security posture. No vulnerabilities or suspicious content were detected. Overall, the website is trustworthy, professional, and compliant with privacy regulations, serving its niche audience effectively. Strategic improvements in security headers and incident response transparency would further strengthen its security and trustworthiness.

D

Deutscher Berufsverband der Hals-Nasen-Ohrenärzte e.V.

hno-aerzte.de

47

The Deutscher Berufsverband der Hals-Nasen-Ohrenärzte e.V. operates as a professional association for ENT (ear, nose, throat) specialists in Germany. The website serves as a comprehensive portal offering information about the association, professional development events, a marketplace for medical equipment and job postings, and patient education resources. It targets medical professionals and practice staff, positioning itself as a leading entity in the German healthcare sector for ENT specialists. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including Matomo for analytics and responsive design frameworks. The infrastructure is hosted on servers indicated by the agenturserver nameservers, with good mobile optimization and accessibility features. The site implements a cookie consent mechanism compliant with GDPR, and uses HTTPS with a solid SSL configuration. From a security perspective, the site demonstrates good practices such as encrypted connections, cookie consent, and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policy documentation and incident response contacts, which are recommended for enhanced trust and compliance. The WHOIS data aligns well with the website's claims, supporting legitimacy. Overall, the website is professional, trustworthy, and well-maintained, with minor areas for improvement in security transparency and policy disclosures.

P

Politische Kindermedizin

besserbehandelt.at

59

The website besserbehandelt.at is a professionally designed non-profit advocacy platform dedicated to improving healthcare for children and adolescents in Austria. It consolidates expertise, experiences, and voices from affected individuals to influence political decision-making. The platform operates with a clear mission and has established partnerships with reputable organizations, enhancing its credibility. Technically, the site uses Joomla CMS with modern UIkit framework and integrates Matomo for privacy-conscious analytics. It employs a comprehensive cookie consent mechanism aligned with GDPR requirements. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Contact information is limited to an email address, and no explicit terms of service or security policies are published. Overall, the site is trustworthy, well-branded, and accessible, serving its advocacy purpose effectively.

D

Diagnose-Funk e.V.

diagnose-funk.org

47

Diagnose-Funk e.V. is a well-established German non-profit environmental and consumer protection organization focused on educating the public about the risks of electromagnetic fields, including mobile communications and WLAN radiation. The organization provides comprehensive information, advocacy, and publications aimed at promoting health-conscious telecommunications technologies. Their target audience includes affected individuals, environmental advocates, municipalities, and scientific communities. The website is professionally designed with good navigation and mobile optimization, reflecting a mature digital presence. Technically, the site uses a variety of JavaScript libraries and privacy-respecting Matomo analytics, hosted on Hostpoint AG servers. Security posture is solid with HTTPS enabled, but lacks some security headers and cookie consent mechanisms, which are recommended for compliance and enhanced protection. WHOIS data confirms the domain's legitimacy and long-term establishment. Overall, the site is trustworthy and serves as a valuable resource in its niche.

B

BVDP Berufsverband Deutscher Psychiater

berufsverband-psychiater.de

41

The BVDP Berufsverband Deutscher Psychiater website serves as the official online presence of the German professional association for psychiatrists. It provides information, networking opportunities, and representation for psychiatrists in Germany. The site is built on a WordPress platform using the Divi theme, enhanced with SEO tools like Yoast and analytics via Matomo, indicating a moderate level of digital maturity. The technical infrastructure is standard for professional association websites, hosted by securehost.de, and optimized for mobile devices with good navigation and content relevance. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable compliance gap. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security transparency to improve compliance and user trust.

B

BVDN Berufsverband Deutscher Nervenärzte

berufsverband-nervenaerzte.de

42

The website www.berufsverband-nervenaerzte.de represents the BVDN Berufsverband Deutscher Nervenärzte, a professional association for neurologists, psychiatrists, and psychotherapists in Germany. It serves as a platform to consolidate professional and healthcare policy interests at both state and federal levels. The site targets medical professionals within the neurological and psychiatric fields, providing information and networking opportunities. The business model is centered on professional representation and advocacy within the healthcare sector. The website is moderately sized and founded around 2020, consistent with the domain registration data. Technically, the website is built on WordPress using the Divi theme, enhanced with plugins such as Yoast SEO for search engine optimization and Matomo for analytics, indicating a reasonable level of digital maturity. Hosting is provided by securehost.de, and the site uses HTTPS, ensuring encrypted communications. The site is mobile-optimized and demonstrates good design and navigation clarity, although accessibility features are basic. From a security perspective, the site employs HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and does not publish explicit privacy, cookie, or incident response policies, which are important for GDPR compliance and user trust. No vulnerability disclosure or data protection officer contact information is provided, representing compliance gaps. The use of Matomo analytics suggests some privacy-conscious tracking, but cookie consent mechanisms are absent. Overall, the website is professional and trustworthy within its niche but would benefit from enhanced privacy and security disclosures to improve compliance and user confidence. Strategic recommendations include implementing comprehensive privacy and cookie policies with consent mechanisms, publishing incident response and vulnerability disclosure information, adding security headers, and providing data protection officer contact details to align with GDPR requirements.

B

BDN Berufsverband Deutscher Neurologen

berufsverband-neurologen.de

42

The Berufsverband Deutscher Neurologen (BDN) is a professional association representing neurologists in Germany. The website serves as a central platform providing relevant information on health policy, continuing education, billing, guidelines, and professional political engagement. The site targets medical professionals specialized in neurology and positions itself as a key industry body within the German healthcare sector. Technically, the website is built on WordPress using the Divi theme, enhanced with Yoast SEO for search optimization and Matomo for analytics tracking. Hosting is managed via securehost.de, indicating a professional hosting environment. Security posture is moderate with HTTPS usage and no exposed sensitive data, but lacks explicit security headers and incident response policies. Privacy compliance is minimal due to the absence of visible privacy and cookie policies. Overall, the website is professional, content-rich, and trustworthy, but could improve in privacy compliance and security transparency.

B

Bündnis Kinder- und Jugendreha e.V. (BKJR)

kinder-und-jugendreha-im-netz.de

55

The website 'Kinder- und Jugendreha im Netz' serves as a comprehensive informational portal dedicated to medical rehabilitation for chronically ill children and adolescents in Germany. Operated by the Bündnis Kinder- und Jugendreha e.V. (BKJR) in collaboration with the Deutsche Gesellschaft für Pädiatrische Rehabilitation und Prävention e.V. (DGPRP), it provides detailed guidance on rehabilitation services, clinics, application procedures, and downloadable resources. The platform targets families, medical professionals, and stakeholders involved in pediatric rehabilitation, positioning itself as a trusted non-profit resource within the healthcare sector in Germany. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies including jQuery, Flexslider for UI components, Cookiebot for consent management, and Matomo for analytics. The site demonstrates good mobile optimization, SEO practices, and a moderate performance profile. Hosting appears to be managed by monks.de, inferred from tracking domains. From a security perspective, the site enforces HTTPS, implements cookie consent mechanisms, and avoids exposing sensitive data. However, it lacks explicit security headers and published security or incident response policies. Tracking includes Facebook Pixel and Matomo, with moderate user tracking balanced by privacy compliance measures. No critical vulnerabilities or suspicious content were detected. Overall, the website presents a professional, trustworthy, and well-maintained informational resource with a strong focus on pediatric rehabilitation. Strategic improvements could include enhancing security headers, publishing security policies, and expanding contact information to bolster trust and compliance.

The website 'Initiative #Seelen+HirnGesundheit des SPIZ' is a German healthcare initiative focused on mental, neurological, and social health. It provides information, decision aids, and treatment options related to mental health, targeting both the general public and healthcare professionals. The initiative appears to be a small-scale, non-profit organization founded around 2017, consistent with the domain registration date. The website uses WordPress CMS with the Divi theme and employs Yoast SEO for search optimization and Matomo for analytics, indicating a moderate level of digital maturity. The technical infrastructure is hosted by Variomedia AG, a known registrar and hosting provider. Security posture is adequate with HTTPS enabled but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of explicit privacy and cookie policies or consent mechanisms. No contact information or incident response channels are clearly provided, which limits user trust and compliance with regulations. Overall, the website is professional and relevant but would benefit from improved security and privacy practices.

The website www.hpv-info.at is an educational platform operated by the Österreichische HPV-Allianz, aimed at increasing HPV vaccination rates among children and teens in Austria. It provides comprehensive, child-friendly information about HPV and vaccination options, supported by multiple Austrian medical societies. The site targets children, adolescents, parents, and caregivers with clear, structured content and a professional design. Technically, the site uses a CMS with modern JavaScript libraries such as jQuery and Modernizr, and integrates Matomo for analytics, indicating a moderate level of digital maturity. The site is mobile optimized and offers a good user experience with clear navigation. Security-wise, HTTPS is used, and a cookie consent mechanism is implemented, but explicit security headers are not detected, suggesting room for improvement in security hardening. No WHOIS data was available, limiting domain trust assessment, but the presence of reputable partners and professional content supports legitimacy. Overall, the site is safe, GDPR compliant, and trustworthy for its intended audience.

ACK.Travel is the official website of the Asociace cestovních kanceláří ČR, a Czech association representing travel agencies. The site provides news, travel information, and resources primarily targeting travel professionals and travelers within the Czech Republic. The content is professionally presented with a clear focus on travel and tourism industry updates and member services. Technically, the website employs common JavaScript libraries such as jQuery and AmCharts for interactive maps and user interface elements, and uses Matomo for analytics tracking. However, the site lacks visible privacy and cookie policies, and no WHOIS data could be extracted due to malformed WHOIS responses, which limits the ability to fully verify domain legitimacy. Security headers and SSL configuration details are not provided in the data, indicating potential areas for improvement in security posture. Overall, the website appears legitimate and professionally maintained but would benefit from enhanced privacy compliance and security transparency.

I

Institut français

institutfrancais.com

63

Institut français is a key governmental cultural operator under the French Ministry of Europe and Foreign Affairs and the Ministry of Culture. It implements France's external cultural policy by supporting and animating the French cultural cooperation network abroad, assisting creators and cultural industries internationally, and promoting the French language and plurilingualism. The website reflects a professional and comprehensive digital presence with rich content, clear navigation, and strong branding consistent with its governmental affiliation. Technically, the site is built on Drupal 10, uses Matomo for analytics with privacy-respecting settings, and implements a cookie consent mechanism. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers are missing. WHOIS data is unavailable, which is unusual but likely due to query or server issues rather than malicious intent. Overall, the site is trustworthy, well-maintained, and compliant with privacy regulations.

E

expeero

expeero.com

48

Expeero is a German-based technology company offering a SaaS platform focused on reputation management with a unique ecological angle by planting trees for each customer review. The company targets businesses seeking to improve their online reputation while demonstrating environmental responsibility. The website is professionally designed, mobile-optimized, and integrates modern technologies such as Matomo analytics and Bootstrap framework. Security posture is solid with HTTPS and CSRF protections, though some security headers are missing and no explicit cookie consent mechanism is present. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, but the active and comprehensive website content supports business credibility. Overall, Expeero presents a trustworthy and innovative service with room for improvement in transparency and security practices.

J

jpc

jpc.de

70

jpc.de is a well-established German e-commerce platform specializing in the sale of physical media products such as CDs, LPs, DVDs, Blu-rays, and books. The website offers a large catalog with over 4 million items and provides free shipping for vinyl and orders above 20 euros, targeting music and film enthusiasts primarily in Germany. The business model focuses on retail sales through an online shop with additional editorial content and a blog to engage customers. The site is professionally designed with consistent branding and good content quality, supporting both German and English languages.

B

Befalets Fellesorganisasjon

bfo.no

57

Befalets Fellesorganisasjon (BFO) is a leading Norwegian trade union representing military personnel across all ranks. The organization provides career support and union representation, positioning itself as a trusted advocate for its members. The website reflects a professional and consistent brand image, targeting military personnel and related stakeholders in Norway. Technically, the site employs modern web technologies including Craft CMS, Vite, and integrates analytics tools such as Matomo and Google Analytics, alongside a robust cookie consent mechanism via Cookiebot. Security posture is strong with HTTPS enforcement, CSRF protection, and standard security headers, though explicit security and privacy policies are not clearly presented on the site. Overall, the site is well-structured, mobile-optimized, and trustworthy, with extensive user tracking balanced by consent mechanisms. Recommendations include publishing comprehensive privacy and security policies and enhancing contact transparency to improve compliance and user trust.

L

Legeforeningen

legeforeningen.no

10

Legeforeningen is a well-established Norwegian medical association founded in 1886, serving as a professional body for doctors and medical students across Norway. The website provides comprehensive information about the association's advocacy, educational offerings, membership benefits, and job opportunities. It targets medical professionals and students, positioning itself as a key player in Norway's healthcare sector. The site is professionally designed with consistent branding and high-quality content, reflecting its authoritative market position. Technically, the website employs modern JavaScript frameworks such as Vue.js, integrates Matomo for analytics, and uses Microsoft Application Insights for telemetry. The CMS appears to be Episerver, supporting a structured and responsive design. Performance is moderate with good mobile optimization and basic accessibility features. SEO practices are well implemented with appropriate meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and does not publicly disclose security policies or incident response procedures. Privacy compliance is partially addressed with a privacy and cookie policy present, but no explicit cookie consent mechanism is detected. The domain WHOIS data is consistent with the organization's identity, supporting legitimacy. Overall, Legeforeningen's website is a credible, professional platform with strong business credibility and good technical implementation. Enhancements in security headers, privacy consent mechanisms, and public security policies would further strengthen its posture.

D

Delta

delta.no

72

Delta is a Norwegian trade union organization affiliated with YS, providing membership benefits, labor rights advocacy, and professional development services to workers in Norway. The website is professionally designed, content-rich, and targets Norwegian workers seeking union support. Technically, the site uses AngularJS, Bootstrap, and integrates multiple third-party analytics and social media scripts, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and cookie consent implemented, but lacks explicit privacy policy and security headers, which are areas for improvement. Overall, the site is trustworthy and serves its audience well, though enhancing privacy compliance and security practices would strengthen its position.

U

Utdanningsforbundet

utdanningsforbundet.no

10

Utdanningsforbundet is a major Norwegian trade union representing approximately 190,000 members in the education sector, including teachers and leaders across kindergartens, schools, and higher education. The organization focuses on providing support, advocacy, and services to its members, positioning itself as a key player in Norway's educational landscape. The website reflects this with clear messaging, membership services, and educational resources. Technically, the site employs modern web technologies including React, ASP.NET, and is hosted on Microsoft Azure with Cloudflare CDN, ensuring reliable performance and scalability. The presence of multiple analytics and consent management tools indicates a mature digital infrastructure with attention to user privacy and data protection. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, though there is room for improvement in publicly disclosing security policies and incident response procedures. Overall, the website is professional, trustworthy, and well-optimized for its audience, though the lack of WHOIS data introduces some uncertainty about domain registration legitimacy. Strategic recommendations include adding a security.txt file, publishing incident response contacts, and enhancing transparency around terms of service.

I

ICEYE

iceye.com

72

ICEYE is a technology company specializing in Synthetic Aperture Radar (SAR) satellite operations, providing high-resolution Earth observation data and natural catastrophe insights. Their market position is strong as a global leader in commercial SAR satellite imagery, serving government, insurance, and energy sectors with advanced satellite constellations and data services. The website demonstrates a mature digital presence with modern analytics, marketing tools, and a comprehensive privacy and cookie consent framework. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. The absence of WHOIS data introduces some legitimacy concerns but is offset by the professional and consistent business presentation. Overall, ICEYE's website is well-designed, secure, and compliant, supporting their business credibility and market trust.

A

Ajuntament de Barcelona

barcelona.cat

67

Ajuntament de Barcelona operates the official municipal website for the city of Barcelona, providing residents and visitors with comprehensive information about city services, news, cultural events, transport, and business resources. The website is positioned as a key digital gateway for public services and community engagement in Barcelona. The site targets a broad audience including residents, businesses, and tourists, offering multilingual support and extensive navigation options. Technically, the site is built on Drupal 10 with modern frontend frameworks like Bootstrap, and integrates multiple analytics platforms including Matomo and Plausible, alongside marketing and tracking tools such as Adobe Visitor Tracking and Google Analytics. The site demonstrates a mature digital infrastructure with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforced and anti-CSRF protections evident, though explicit security headers are not visible in the provided content and should be verified. Privacy compliance is well addressed with a detailed cookie consent mechanism and granular cookie categorization, although no explicit privacy policy or terms of service URLs were found in the provided content. WHOIS data is privacy protected by puntCAT, which is typical for government domains under the .cat TLD, and does not raise legitimacy concerns. Overall, the website is a professional, secure, and trustworthy government portal with extensive content and good user experience.

N

NVL B.V. & Co. KG

nvl.de

56

NVL B.V. & Co. KG is a well-established German shipbuilding group specializing in naval and coastguard vessels, with over 145 years of experience. The company operates multiple shipyards and docks, serving navies and maritime clients worldwide. Their business model focuses on new builds, repairs, and lifecycle services, supported by a network of subsidiaries in Bulgaria, Croatia, Brunei, and Egypt. The website reflects a mature digital presence built on Drupal 10, with modern technologies and privacy-conscious analytics. Security posture is solid with HTTPS and consent mechanisms, though explicit security policies and incident response contacts could be improved. Overall, NVL demonstrates strong business credibility and technical maturity with a professional, user-friendly website.

IX.br is a critical Brazilian Internet Exchange Point operated under the NIC.br umbrella, facilitating direct interconnection among Autonomous Systems to improve Internet traffic efficiency, quality, and resilience in Brazil. The website reflects a mature organization with strong ties to national Internet governance bodies such as NIC.br and CGI.br. The platform offers services including traffic aggregation, educational events, and support for network operators. Technically, the website employs modern frameworks like Bootstrap and jQuery, and uses Matomo analytics for privacy-conscious tracking. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and cookie consent mechanisms are missing. Overall, IX.br presents a professional and trustworthy digital presence aligned with its role in Brazil's Internet infrastructure.

G

goneo Internet GmbH

goneo.de

64

goneo Internet GmbH is a German-based web hosting provider offering affordable web hosting, domain registration, email services, and a Matrix-based chat server. The company targets small to medium businesses and private users seeking reliable and privacy-focused hosting solutions. Their market position emphasizes German data protection compliance, green hosting powered by renewable energy, and user-friendly products such as a no-code website builder. Technically, the website employs modern frameworks like Bootstrap and UIkit, integrates privacy-respecting analytics tools such as etracker and Matomo, and uses SSL wildcard certificates to secure communications. The site is well-optimized for mobile and SEO, with clear navigation and professional design. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly detailed. Overall, goneo demonstrates a mature digital presence with a focus on privacy and compliance, suitable for its target market.

A

Asociace cestovních kanceláří ČR

ackcr.cz

54

The Asociace cestovních kanceláří ČR (ACK ČR) is a voluntary association representing entities authorized to operate in the Czech tourism sector. The website serves as an information portal providing news, events, and member services targeted at tourists, travel professionals, journalists, and association members. It holds a recognized position within the Czech tourism industry and collaborates with official partners such as CzechTourism and UNESCO-related entities. Technically, the website employs a mix of JavaScript libraries including jQuery, Google Maps API, and Matomo analytics, indicating a moderate level of digital maturity. The site is accessible, well-structured, and provides relevant content primarily in Czech. Security posture is adequate with HTTPS usage and no visible vulnerabilities, but lacks advanced security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. WHOIS data is missing, which impacts domain trust verification. Overall, the website is professional and trustworthy but could improve transparency and privacy compliance.

Kinderaerzte-im-Netz.at is a comprehensive pediatric health information platform operated by the Austrian Society for Pediatric and Adolescent Medicine (ÖGKJ). It provides extensive resources, news, and guidance on child and youth health topics, including vaccination, disease information, and preventive care. The site targets parents, healthcare professionals, and youth in Austria, positioning itself as an authoritative source in the pediatric healthcare sector. Technically, the website is built on TYPO3 CMS, uses modern web technologies, and is mobile-optimized with good accessibility and SEO practices. Security posture is solid with HTTPS enforced and privacy-conscious analytics (Matomo with cookies disabled). However, the absence of WHOIS data and lack of explicit security headers slightly reduce trustworthiness. Overall, the site is professional, content-rich, and trustworthy for its intended audience.

A

Aktionsbündnis Reha hilft Krebspatienten

reha-hilft-krebspatienten.de

59

The website 'Reha hilft Krebspatienten' serves as an informational portal dedicated to oncological rehabilitation for cancer patients in Germany. It is managed by the Aktionsbündnis Reha hilft Krebspatienten, a coalition of reputable rehabilitation clinics. The site provides comprehensive information on rehabilitation concepts, clinic overviews, application procedures, psychosocial support, and current news and events relevant to cancer rehabilitation. The target audience includes cancer patients, their families, and referring physicians. The business model is primarily educational and supportive, aiming to facilitate access to rehabilitation services and improve patient outcomes. Technically, the website is built on TYPO3 CMS, utilizing modern JavaScript libraries such as jQuery and FlexSlider for interactive elements, and SlickNav for mobile navigation. It employs Matomo analytics configured to disable cookies, reflecting a privacy-conscious approach. The site is mobile-optimized with good navigation clarity and SEO practices, though accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms that avoid tracking cookies. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. WHOIS data is minimal but consistent with the website's German healthcare focus, supporting legitimacy. Overall, the website demonstrates a solid balance of content quality, technical implementation, and privacy compliance, suitable for its healthcare informational purpose. Strategic improvements in security headers, incident response transparency, and contact information visibility would enhance trust and compliance further.