Security Directory

L

Lungenärzte im Netz

lungenaerzte-im-netz.de

55

Lungenärzte im Netz is a reputable German healthcare information portal focused on lung health, respiratory diseases, diagnostics, smoking cessation, and rehabilitation. It serves patients and the general public with authoritative medical content supported by professional associations. The website is powered by TYPO3 CMS and uses modern web technologies including Matomo analytics configured for privacy. The site is well-structured, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and privacy-conscious analytics, though improvements can be made by adding security headers and cookie consent mechanisms. No blocking or WAF challenges were detected, allowing full content access. The domain registration data is consistent and trustworthy, supporting the legitimacy of the site.

Neurologen und Psychiater im Netz is a German healthcare information portal focused on mental health and neurological diseases. It is published by professional associations representing psychiatrists, psychotherapists, neurologists, and related specialists in Germany. The website provides comprehensive information on diseases, diagnostics, therapies, legal issues, and self-help resources, targeting patients, relatives, and healthcare professionals. It also offers a doctor and clinic search feature and regularly updated news and advice articles. Technically, the site is built on TYPO3 CMS, uses modern JavaScript libraries, and integrates privacy-respecting Matomo analytics. The site is well-structured, mobile-optimized, and accessible, with clear navigation and professional design. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. WHOIS data is unavailable due to privacy protection, but the site’s legitimacy is supported by its association with reputable German medical organizations and professional presentation. Overall, the site represents a trustworthy and valuable resource in its domain.

Internisten im Netz is a reputable German healthcare information platform operated by the Berufsverband Deutscher Internistinnen und Internisten e.V., focusing on internal medicine and related specialties. The website offers comprehensive medical content, online health tests, medication information, and a doctor/clinic search tool, targeting patients and the general public seeking trustworthy health information. The platform is well-established with consistent branding and strong trust indicators such as a data protection seal and affiliation with a professional medical association. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and Matomo analytics configured to respect user privacy by disabling cookies. The website is mobile-optimized, accessible, and SEO-friendly, providing a good user experience with clear navigation and professional design. SSL is properly implemented, ensuring secure connections. From a security perspective, the site follows good practices including HTTPS enforcement and privacy-conscious analytics. However, it lacks published security policies, incident response contacts, and security headers, which are recommended for enhanced security posture. No vulnerabilities or suspicious content were detected. Overall, the website is safe, professional, and trustworthy, with minimal user tracking and strong privacy compliance. Strategic improvements could focus on publishing security policies and enhancing HTTP security headers to further strengthen the security posture.

B

Berufsverband der Frauenärzte e.V. (BVF)

frauenaerzte-im-netz.de

59

Frauenärzte im Netz is a well-established German medical information portal focused on women's health, gynecology, family planning, and pregnancy. It is published by the Berufsverband der Frauenärzte e.V. in cooperation with the Deutsche Gesellschaft für Gynäkologie und Geburtshilfe (DGGG), positioning it as a trusted source for women seeking reliable health information and medical services. The website offers comprehensive content, including educational articles, a doctor and clinic search, and digital services such as video consultations and a patient app. The target audience spans from teenagers to older women, emphasizing preventive care and health education. Technically, the site is built on the TYPO3 CMS platform, uses modern JavaScript libraries like jQuery and FlexSlider, and employs Matomo analytics configured for privacy. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Security-wise, the site enforces HTTPS, uses a cookie consent banner with no tracking cookies by default, and disables cookies in Matomo analytics, reflecting a privacy-conscious approach. However, it lacks explicit security policies, incident response contacts, and security headers, which are areas for improvement. WHOIS data is consistent with the site's professional nature, showing no privacy protection and stable domain registration. Overall, the website demonstrates a strong commitment to content quality, privacy, and user trust, with moderate technical and security maturity.

I

Infortrend Technology Inc.

infortrend.com

67

Infortrend Technology Inc. is a global enterprise data storage provider specializing in SAN, NAS, unified storage, hybrid cloud, and AI storage solutions. The company targets enterprise IT customers and offers a broad portfolio of storage products and management software. Their market position is supported by a strong partner ecosystem including major technology companies such as Microsoft, Intel, and Amazon Web Services. The website content is professional, comprehensive, and well-structured, reflecting a mature digital presence. The technical infrastructure of the website leverages modern web technologies including Bootstrap, jQuery, Google Tag Manager, Matomo, and Tawk.to chat integration. The site is mobile optimized and includes privacy and cookie consent mechanisms, indicating a good level of digital maturity and compliance with GDPR. Analytics usage is moderate with multiple tracking services employed responsibly. Security posture is solid with HTTPS enforced and reCAPTCHA implemented on forms. However, the absence of visible HTTP security headers and lack of explicit incident response or vulnerability disclosure information are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable, which slightly reduces trust but the overall website professionalism and partner ecosystem support legitimacy. Overall, Infortrend's website demonstrates a strong business and technical foundation with good security and privacy practices. Strategic improvements in security headers, incident response transparency, and contact information visibility would enhance trust and compliance further.

S

Starline Computer GmbH

starline.de

60

Starline Computer GmbH is a well-established German company specializing in secure, scalable, and highly available storage and server solutions tailored for small and medium-sized enterprises (KMU) and enterprise environments. Founded in 1982, the company has built a strong market position with over 40 years of experience, offering a comprehensive range of IT hardware products and services including storage systems, servers, backup solutions, and technical support. Their business model focuses on B2B clients, providing personalized consulting and technical expertise to ensure reliable IT infrastructure solutions. The website reflects a professional and consistent brand image with clear navigation and rich content aimed at their target audience. Technically, the website employs modern web technologies including Matomo for analytics and CookieHub for consent management, ensuring GDPR compliance and user privacy. The site is mobile-optimized, fast-loading, and accessible, hosted likely on LF.net infrastructure. Security posture is strong with HTTPS enforced and secure form handling, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, Starline demonstrates a mature digital presence with good privacy and security practices, though it lacks explicit public security policies or incident response contacts. The domain registration data aligns well with the company's business claims, reinforcing legitimacy and trustworthiness. The company maintains active communication channels and social media presence, further supporting its credibility.

N

NorSIS

slettmeg.no

47

Slettmeg.no is a Norwegian website operated by NorSIS, providing free advice and guidance on deleting personal information from internet services and offering privacy and digital rights support. The site targets Norwegian users seeking assistance with online data removal and privacy issues. Technically, the site is built on WordPress with modern plugins such as Yoast SEO, Matomo analytics for privacy-respecting tracking, and Google invisible reCAPTCHA for form security. The website is mobile-optimized and accessible, with good SEO practices. Security posture is moderate with HTTPS enforced and no exposed sensitive data, but lacks explicit security headers and has some technical issues with a Facebook deceased profile deletion form. Privacy compliance is good with clear privacy and cookie policies, though no terms of service or vulnerability disclosure policies are found. Overall, the site is trustworthy, professional, and serves a niche government/non-profit role in Norway.

U

Utdanningsdirektoratet and Datatilsynet (collaborative project)

dubestemmer.no

58

DuBestemmer.no is a Norwegian government-backed educational platform collaboratively operated by Utdanningsdirektoratet and Datatilsynet. It provides comprehensive learning resources focused on privacy, internet safety, and critical media literacy targeted at children and youth aged 9 to 18 years, as well as teachers and parents. The site is positioned as an authoritative resource in the Norwegian education sector, emphasizing digital citizenship and responsible online behavior. Technically, the website employs modern JavaScript libraries including jQuery, Microsoft Application Insights, and Matomo Analytics for performance monitoring and user behavior analysis, while respecting user privacy by disabling cookies for tracking. The site appears to be built on the Episerver CMS platform, with good mobile optimization, accessibility, and SEO practices. Hosting details are not explicitly disclosed but analytics are served via udir.matomo.cloud. From a security perspective, the site enforces HTTPS and uses minimal necessary cookies with explicit consent mechanisms. While no advanced security headers were detected, the site avoids collecting sensitive user data on the homepage and demonstrates privacy-conscious analytics usage. The WHOIS data is not publicly available due to Norid privacy policies, which is typical for Norwegian domains. Overall, the domain registration and website content are consistent with a legitimate, government-backed educational service. The overall risk profile is low, with no detected vulnerabilities or suspicious indicators. Strategic recommendations include enhancing security headers, publishing an incident response policy, and adding a vulnerability disclosure mechanism to further strengthen trust and security posture.

N

Netbeat GmbH

netbeat.de

61

Netbeat GmbH is a German-based web hosting provider offering affordable and professional web hosting, domain registration, and server solutions primarily targeting private users and small to medium-sized businesses. The company emphasizes transparency, compliance with GDPR, and security certifications such as ISO 27001, hosting all services in German data centers operated by their partner Vautron Rechenzentrum AG. The website is well-structured, mobile-optimized, and provides clear information about various hosting packages with competitive pricing. Technically, the site uses modern frameworks like Bootstrap and jQuery, with privacy-conscious analytics via Matomo. Security posture is solid with HTTPS and ISO certification, though security headers could be improved. Privacy compliance is strong with explicit cookie consent and a comprehensive privacy policy. Overall, the site projects a trustworthy and professional image suitable for its market segment.

V

Vautron Rechenzentrum AG

vautron.de

56

Vautron Rechenzentrum AG is a well-established German technology company specializing in domain registration, dedicated servers, cloud servers, and managed hosting services. With a strong market position as one of Germany's leading domain registrars and a portfolio exceeding 1.1 million domains, Vautron operates multiple data centers and offers comprehensive IT infrastructure solutions tailored to business clients. Their services include Proxmox virtualization, S3 cloud storage, and managed private cloud offerings, emphasizing flexibility, security, and scalability. Technically, the website employs modern web technologies such as Bootstrap, jQuery, FontAwesome, and Matomo analytics, ensuring a responsive and user-friendly experience. The infrastructure is supported by ISO 27001 certified data centers, reflecting a mature security posture. The company demonstrates GDPR compliance through clear privacy and cookie policies, consent mechanisms, and transparent contact channels. Security-wise, Vautron maintains strong practices including secure managed services, abuse reporting, and encrypted communications. However, there is room for improvement in publicly disclosing vulnerability disclosure policies and enhancing HTTP security headers. No critical vulnerabilities or suspicious activities were detected. Overall, Vautron presents a trustworthy, professional, and technically sound digital presence with a high level of business credibility and compliance. The risk profile is low, supported by consistent WHOIS data and transparent business operations.

B

brand MARINE CONSULTANTS GmbH

the-bmc-group.com

52

The bMC GROUP is a medium-sized, Germany-based marine consultancy group established in 2014, offering a broad range of specialized services to the shipping industry including marine consultancy, claims management, vessel design, and behavioral science tools. The group operates globally with multiple international offices and subsidiaries, serving shipowners, law firms, P&I clubs, offshore contractors, and insurance companies. Technically, the website is built on the Contao CMS platform, uses jQuery, Google Maps API, and Matomo analytics, and demonstrates good mobile optimization and user experience. Security posture is solid with HTTPS enforcement and CSRF protections, though DNSSEC is not enabled and security headers could be improved. Privacy compliance is well addressed with a cookie consent mechanism and a privacy policy page. Overall, the website is professional, trustworthy, and business-focused with no signs of malicious or adult content.

B

Behinderten- und Rehabilitations-Sportverband Berlin e.V.

sportbildung.berlin

36

The website sportbildung.berlin serves as the official training and licensing portal for the Behinderten- und Rehabilitations-Sportverband Berlin e.V., a regional sports association focused on disabled and rehabilitation sports in Berlin, Germany. It provides educational resources, licensing guides, and online application services for training and continuing education in the rehabilitation sports sector. The portal targets individuals and clubs involved in this niche sports community, offering structured information and digital services to support their certification and training needs. Technically, the site is built on TYPO3 CMS with Bootstrap 5 and jQuery, ensuring a modern and responsive user experience. It integrates Matomo analytics with privacy-conscious settings and uses HTTPS with a valid SSL certificate. However, DNSSEC is not enabled, and some security headers appear to be missing, indicating room for improvement in security hardening. The site is well-structured with clear navigation and good accessibility features, supporting a positive user experience. From a security and compliance perspective, the site demonstrates basic GDPR compliance with a privacy policy and cookie consent banner. However, it lacks visible terms of service, security policies, incident response contacts, and explicit business contact information, which are important for trust and legal completeness. The WHOIS data is consistent and legitimate, with a domain age appropriate for the business. No suspicious or malicious indicators were found. Overall, the website is a credible and professional portal for its niche audience but would benefit from enhanced security practices, clearer contact and legal information, and improved transparency to strengthen trust and compliance.

I

Institut für Auslandsbeziehungen (ifa)

kulturaustausch.de

49

Kulturaustausch is a cultural magazine operated under the Institut für Auslandsbeziehungen (ifa), focusing on international relations, culture, and society with contributions from global authors. The website serves as a platform for in-depth dossiers, articles, and print issues, targeting readers interested in diverse international perspectives. Technically, the site is built on TYPO3 CMS, employs Matomo for analytics, and uses modern web technologies ensuring good performance, accessibility, and SEO. Security posture is solid with HTTPS and some security best practices, though additional headers could enhance protection. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant, reflecting a mature privacy stance. Contact is primarily via a web form, with no direct emails or phone numbers publicly listed. Overall, the site is professional, trustworthy, and well-positioned in the media and non-profit cultural sector.

O

OEMUS MEDIA AG

designpreis.org

53

The website designpreis.org serves as the official platform for the ZWP Designpreis, an established German award recognizing outstanding dental practice designs. Operated by OEMUS MEDIA AG, the site provides comprehensive information about the competition, showcases winners, and facilitates applications. The target audience includes dental professionals and architects interested in innovative dental office design. Technically, the site is built on WordPress 6.8.2, uses Matomo for privacy-conscious analytics, and hosts media assets on Amazon S3, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and domain transfer protections, but lacks DNSSEC and security headers, indicating room for improvement. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional, trustworthy, and well-aligned with its niche business purpose.

W

wbv Distribution

wbv-distribution.de

58

wbv Distribution is a German family-owned logistics and fulfillment service provider specializing in sustainable supply chain solutions. Their key services include E-Commerce Fulfillment, PreFBA logistics, media and advertising logistics, and campaign logistics. The company positions itself as a reliable partner with over 125 years of logistics experience, emphasizing sustainability and certified quality management. The website reflects a professional and consistent brand image with clear contact information and customer testimonials, supporting a high trust level. Technically, the website uses modern frontend technologies such as jQuery and UIkit, with Matomo analytics for user tracking. The site is mobile-optimized, accessible, and SEO-friendly, hosted likely by a German provider (Schlundtech). Security best practices include HTTPS and a cookie consent mechanism with blocking access until consent, though security headers and incident response information are not evident. The security posture is solid but could be improved by adding security headers and publishing a security policy or vulnerability disclosure. No critical vulnerabilities or suspicious patterns were detected. The domain registration is consistent with the business claims, and the parent company relationship to wbv Media is clearly stated. Overall, the website is professional, secure, and compliant with GDPR, making it a trustworthy platform for its target B2B audience in logistics and fulfillment.

A

Allgemeine Anthroposophische Gesellschaft

sektion-landwirtschaft.org

47

The Sektion für Landwirtschaft is a non-profit organization affiliated with the Allgemeine Anthroposophische Gesellschaft and based at the Goetheanum in Switzerland. It focuses on promoting biodynamic agriculture through education, research, publications, and events. The website is professionally designed using TYPO3 CMS and integrates modern technologies such as Matomo for analytics and Tiny Slider for UI components. Contact information and social media presence are clearly provided, enhancing trust and accessibility. Privacy and cookie policies are implemented with GDPR compliance, although explicit terms of service and security policies are absent. The WHOIS data is unavailable due to query failure, but the website content and affiliations strongly indicate legitimacy and a mature organizational presence.

P

Pedagogical Section at the Goetheanum and International Council for Steiner Waldorf Education

waldorf-resources.org

50

Waldorf Resources is a specialized online platform dedicated to supporting Waldorf and Steiner educators worldwide by providing academic publications, essays, and pedagogical articles. The website is affiliated with the Pedagogical Section at the Goetheanum and the International Council for Steiner Waldorf Education, positioning it as a niche educational resource within the Waldorf community. The platform operates as a non-profit entity focused on educational content and resource sharing. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including Bootstrap and jQuery, with integrated privacy compliance tools such as Iubenda for cookie consent and Matomo for analytics. The site demonstrates good mobile optimization and SEO practices, although some accessibility features could be enhanced. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and employs a comprehensive cookie consent mechanism, reflecting good privacy compliance with GDPR. However, security headers are not explicitly detected, and no published security or incident response policies are available. The WHOIS data is malformed or privacy-protected, limiting transparency but not indicating suspicious activity. Overall, the security posture is solid but could benefit from additional hardening and transparency. The overall risk assessment is low, with the site presenting as a trustworthy educational resource. Strategic recommendations include implementing security headers, publishing vulnerability disclosure and incident response information, and enhancing accessibility. These improvements would strengthen trust and security culture while maintaining compliance and user confidence.

A

Allgemeine Anthroposophische Gesellschaft

paedagogik-goetheanum.ch

51

The Pädagogische Sektion am Goetheanum website represents a small, specialized educational organization focused on Waldorf and anthroposophical pedagogy. It offers resources, events, and publications targeting educators and researchers in this niche field. The site is professionally designed using TYPO3 CMS and integrates modern privacy compliance tools such as Iubenda for cookie and privacy policies. The technical infrastructure is solid, with moderate performance and good mobile optimization. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Contact information and business legitimacy are clearly established with consistent WHOIS data and a professional imprint. Overall, the website is trustworthy, well-maintained, and serves its educational mission effectively.

I

ICSBF - International Catch’n Serve Ball Sports Federation

catchandserve-ball.com

46

The International Catch’n Serve Ball Sports Federation (ICSBF) operates as a niche non-profit organization dedicated to promoting the sport of Catch'n Serve Ball globally. The website provides comprehensive information about the federation's activities, including event calendars, membership details, and news updates, positioning ICSBF as a specialized sports federation with a clear focus on community engagement and international sports development. The target audience includes sports enthusiasts, athletes, and sports clubs interested in this emerging sport. Technically, the website employs modern web standards with HTML5, CSS, and JavaScript, and integrates Matomo analytics for user tracking, reflecting a moderate level of digital maturity. The site is mobile-optimized and offers good navigation and content relevance. However, some technical improvements are recommended, such as implementing security headers and enhancing accessibility features. From a security perspective, the site benefits from HTTPS encryption and does not expose sensitive data. Nonetheless, the absence of security headers and lack of published security or incident response policies indicate room for improvement. The missing WHOIS data raises concerns about domain legitimacy, although the professional presentation and valid contact information mitigate some trust issues. Overall, the website is functional, professional, and safe for general audiences, but strategic enhancements in security posture, privacy compliance, and domain registration transparency are advised to strengthen trust and compliance.

A

Allgemeine Anthroposophische Gesellschaft

goetheanum-paedagogik.ch

51

The Pädagogische Sektion am Goetheanum website represents a well-established non-profit educational organization focused on Waldorf and anthroposophical pedagogy. It serves educators, researchers, and the Waldorf community by providing events, publications, and pedagogical resources. The organization holds a strong market position within its niche, supported by clear affiliations and partnerships with recognized anthroposophical and Waldorf institutions. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates privacy-compliant cookie management and analytics. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security headers could be improved. The site is fully accessible without WAF or blocking mechanisms, and contact information is transparent and consistent with WHOIS data. Overall, the website demonstrates professionalism, trustworthiness, and compliance with GDPR.

E

ENTSO-E

entsoe.eu

74

ENTSO-E is a key European association representing transmission system operators for electricity. The organization focuses on developing network codes, promoting data transparency, fostering research and innovation, and supporting the development of a clean and competitive power system across Europe. The website reflects a professional and authoritative presence with comprehensive content targeting energy sector stakeholders, policymakers, and the public. Technically, the site uses modern web technologies, including custom fonts and Matomo analytics configured for privacy. Security posture is strong with HTTPS and privacy-respecting analytics, though explicit security policies and incident response information are not published. Overall, the site is trustworthy and well-maintained, supporting ENTSO-E's role as a central coordinating body in European electricity transmission.

R

ROBIN WOOD e.V.

robinwood.de

47

ROBIN WOOD e.V. is a German non-profit environmental organization dedicated to nature and climate protection through activism, campaigns, and public engagement. The website serves as a platform to inform supporters, promote campaigns, and solicit donations and memberships. It maintains a strong presence on multiple social media platforms and regularly publishes press releases and reports. The organization targets environmentally conscious individuals and activists. Technically, the website is built on Drupal 10 CMS, utilizing modern front-end libraries such as Bootstrap and Swiper.js for responsive design and interactive elements. Hosting is provided by Hostsharing, inferred from the nameservers. The site implements HTTPS with a good SSL configuration and includes a cookie consent banner with an opt-in mechanism, reflecting good privacy compliance practices. Matomo analytics is used for tracking with minimal user tracking. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the site lacks published security policies, incident response contacts, and a security.txt file, which are recommended for improved transparency and security readiness. Overall, the website is professional, trustworthy, and well-maintained, with good content quality and user experience.

E

EU project TAILOR

tailor-network.eu

54

The TAILOR website represents a European Union funded research project focused on establishing a network of European research centers dedicated to the foundations of trustworthy artificial intelligence. The project is positioned as a collaborative research network with multiple work packages addressing various AI research challenges, including trustworthy AI, social AI, and industry innovation. The site targets academic researchers, industry partners, and EU stakeholders interested in AI research and development. Technically, the website is built on WordPress using the Astra theme and several plugins including Yoast SEO and Modern Events Calendar Lite. It integrates analytics tools such as Google Analytics and Matomo for user tracking. The site is well-structured with good navigation and mobile optimization, reflecting a moderate to good level of digital maturity. Security-wise, the site uses HTTPS with no visible vulnerabilities or exposed sensitive data, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Overall, the website is professional and trustworthy, consistent with an EU research project, but could improve in privacy and security transparency.

LEAF is a Slovak non-profit organization dedicated to enhancing the quality of life in Slovakia through sustainability, energy efficiency, and social initiatives. The website reflects a professional and consistent brand presence targeting Slovak citizens, policymakers, and stakeholders interested in environmental and social development. The digital infrastructure is built on WordPress with modern technologies and integrates multiple analytics and marketing tools, indicating a moderate level of digital maturity. Security posture is solid with HTTPS enforcement and security headers, though the absence of explicit privacy and terms policies and incident response contacts suggests room for improvement in compliance and transparency. Overall, the website is trustworthy and well-positioned within its sector, with recommendations to enhance privacy compliance and incident response readiness.

B

Berufsverband der Kinder- und Jugendärzt*innen e.V.

kinderaerzte-im-netz.de

57

Kinderaerzte-im-Netz.de is a comprehensive German healthcare information platform operated by the Berufsverband der Kinder- und Jugendärzt*innen e.V. (BVKJ), focusing on pediatric and adolescent health. The site offers extensive resources including disease information, vaccination schedules, developmental milestones, and preventive care tips, targeting parents, children, and healthcare professionals. It also provides a doctor search service and a dedicated mobile app for patient communication. The platform holds a strong market position as a trusted source in pediatric healthcare in Germany. Technically, the website is built on TYPO3 CMS and employs modern web technologies such as jQuery, FlexSlider, and FontAwesome. It uses Matomo analytics configured to disable cookies, reflecting a privacy-conscious approach. The site is mobile-optimized with good navigation and content structure, although some accessibility features are basic. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks some security headers and does not publicly disclose a security policy or incident response contacts. No cookie consent mechanism is present, which is a minor compliance gap. No vulnerabilities or suspicious patterns were identified. Overall, the security posture is solid but could be improved with additional headers and transparency. The domain registration data aligns well with the website's purpose and business entity, indicating legitimacy. External links point to reputable partner and related domains. No adult or inappropriate content is present, making the site safe for general audiences. Strategic recommendations include implementing cookie consent, publishing security policies, and enhancing security headers to strengthen compliance and trust.

Z

ZEKO - Zentrale Ethikkommission bei der Bundesärztekammer

zentrale-ethikkommission.de

64

The Zentrale Ethikkommission (ZEKO) is an official ethics commission affiliated with the German Medical Association (Bundesärztekammer), established in 1994 to provide independent ethical guidance in medicine and related fields. The website serves as a platform for publishing ethical statements, resolutions, and supporting medical professionals and the public in ethical discourse. The target audience includes physicians, healthcare professionals, and interested members of the public. Technically, the website is built on the TYPO3 CMS platform, leveraging modern frontend technologies such as Bootstrap 5 and FontAwesome. It is hosted by SchlundTech and employs privacy-conscious analytics via Matomo and consent management through Cookiebot. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms compliant with GDPR, and avoids exposing sensitive data. While some security headers are not explicitly visible in the HTML, the overall posture is strong with no detected vulnerabilities. The WHOIS data aligns with the organization's official status, enhancing trust. Overall, the website presents a low-risk profile with strong compliance and professionalism. Strategic recommendations include enhancing explicit security headers and publishing a vulnerability disclosure policy to further strengthen security transparency.

W

Wissenschaftlicher Beirat Psychotherapie

wbpsychotherapie.de

65

The Wissenschaftlicher Beirat Psychotherapie is a German scientific advisory board established under § 8 PsychThG, jointly supported by the Bundesärztekammer and Bundespsychotherapeutenkammer. It provides expert opinions on the scientific recognition of psychotherapy methods, serving as an authoritative body in the healthcare regulatory landscape. The website reflects this official status with professional content, clear contact information, and compliance with data protection laws. Technically, the site is built on TYPO3 CMS, uses modern frontend frameworks like Bootstrap and FontAwesome, and integrates privacy-respecting analytics via Matomo alongside Cookiebot for consent management. Security posture is solid with HTTPS enforced and no evident vulnerabilities, though some security headers could be improved. Overall, the site demonstrates a mature digital presence appropriate for a governmental advisory entity.

W

Wissenschaftlicher Beirat der Bundesärztekammer

wbbaek.de

61

The Wissenschaftlicher Beirat der Bundesärztekammer is an interdisciplinary scientific advisory board affiliated with the German Medical Association, providing expert consultation on medical and scientific matters related to legislation and medical practice. The website serves as an official communication platform, offering access to guidelines, statements, and annual reports, targeting medical professionals and stakeholders in healthcare governance. Technically, the site is built on TYPO3 CMS, employs modern frontend frameworks like Bootstrap 5, and integrates privacy-respecting analytics via Matomo. Cookie consent is implemented comprehensively, ensuring GDPR compliance. Security posture is solid with HTTPS and consent-based tracking, though security headers and incident response policies could be enhanced. Overall, the site is professional, trustworthy, and well-structured, reflecting its authoritative role in the healthcare sector.

A

Arzneimittelkommission der deutschen Ärzteschaft

akdae.de

69

The Arzneimittelkommission der deutschen Ärzteschaft (AkdÄ) is a scientific advisory committee affiliated with the German Federal Medical Association (Bundesärztekammer). It serves as an authoritative body providing drug safety information, pharmaceutical therapy guidelines, and regulatory statements to healthcare professionals in Germany. The website offers comprehensive resources including news updates, educational materials, and official publications, targeting medical practitioners and regulatory stakeholders. The business model is non-profit and focused on public health and safety. Technically, the website is built on the TYPO3 CMS platform, leveraging modern technologies such as Bootstrap 5 and FontAwesome for responsive and accessible design. Hosting is provided by SchlundTech, a reputable German hosting provider. The site demonstrates good digital maturity with GDPR-compliant cookie consent managed by Cookiebot and privacy-respecting analytics via Matomo. Performance and SEO are moderate to good, with clear navigation and mobile optimization. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and published incident response or vulnerability disclosure policies. No critical vulnerabilities or suspicious activities were detected. Privacy compliance is strong, with a comprehensive privacy policy and cookie management. Overall, the website is a trustworthy, professional resource with high content quality and business credibility. Strategic recommendations include enhancing security headers, publishing a security.txt file, and providing explicit incident response contacts to further strengthen security posture and transparency.

B

Bund der Freien Waldorfschulen

jedestundezaehlt.de

50

The website 'Jede Stunde zählt' is a professionally developed educational campaign platform focused on promoting the career of Waldorf teachers in Germany. It is operated by the Bund der Freien Waldorfschulen, a recognized organization in the Waldorf education sector. The site offers comprehensive information about Waldorf schools, career entry guidance, job offers, and regional contact points for prospective teachers. The platform is well-positioned within its niche market, targeting educators and individuals interested in Waldorf pedagogy. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Borlabs Cookie for GDPR-compliant cookie management. It uses Matomo for analytics, ensuring privacy-conscious tracking. The site is mobile-optimized, accessible, and SEO-friendly, hosted on a provider consistent with the domain's nameservers. Performance is moderate, with good design and navigation clarity. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms. However, it lacks explicit security headers and a published security or incident response policy. No vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the website's purpose and market, enhancing trustworthiness. Overall, the website demonstrates a strong commitment to privacy compliance, user experience, and business credibility. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining regular audits of third-party scripts to sustain a robust security posture.

C

CO2ero e.V.

co2ero.de

55

CO2ero e.V. is a German non-profit organization dedicated to climate protection through education and sustainable development initiatives primarily targeting schools and educational institutions. The organization offers workshops, campaigns, and resources to support climate action and sustainability goals, positioning itself as a niche leader recognized by UNESCO's BNE 2030 program. Their website reflects a professional and consistent brand image with clear navigation and relevant content for their target audience. Technically, the website employs modern web technologies including asynchronous JavaScript loading and Matomo analytics configured to disable cookies, indicating a privacy-conscious approach. The site is served over HTTPS with good performance and mobile optimization, though no explicit CMS or hosting provider details are evident. Accessibility is basic but functional, and SEO practices appear adequate. From a security perspective, the site benefits from HTTPS and privacy-aware analytics but lacks explicit security headers, a published privacy or cookie policy, and a vulnerability disclosure mechanism. Contact information is clearly provided, enhancing trust. The WHOIS data shows eco-friendly hosting consistent with the organization's mission but lacks detailed registrant information, slightly reducing trustworthiness. Overall, the website is safe, professional, and credible with room for improvement in privacy compliance and security best practices. No adult or questionable content is present, and the site is fully accessible without WAF or blocking mechanisms.

2

2025 Steiner Festjahr

2025-steiner-stuttgart.de

49

2025 Steiner Festjahr is a non-profit cultural event organizer focused on celebrating the legacy of Rudolf Steiner and Anthroposophy through a three-day festival in Stuttgart. The website serves as an informational and promotional platform for the event, targeting individuals interested in sustainable agriculture, holistic education, and cultural heritage. Technically, the site is built on WordPress with modern plugins for SEO, privacy compliance, and analytics, hosted by a reputable provider. Security posture is solid with HTTPS and cookie consent, though some security headers and policies could be improved. Overall, the site is professional, trustworthy, and well-aligned with its mission.

E

Erfurter Herbstlese e.V.

herbstlese.de

56

Erfurter Herbstlese e.V. is a well-established non-profit cultural organization based in Erfurt, Germany, specializing in literary festivals, cultural events, and venue rental at the historic Kultur: Haus Dacheröden. The organization targets literature enthusiasts, families, and the local community with a diverse program of readings, concerts, exhibitions, and educational activities. The website reflects a mature digital presence with comprehensive event information, ticketing integration, and active community engagement through newsletters and social media. Technically, the site employs modern frontend technologies such as Alpine.js and Swiper.js, is mobile-optimized, and uses Matomo for privacy-conscious analytics. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though security headers could be improved. The domain registration data is consistent and supports the legitimacy of the organization. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

S

Sparkassen-Finanzgruppe Hessen-Thüringen

sparkassen-finanzgruppe-ht.de

63

Sparkassen-Finanzgruppe Hessen-Thüringen operates as a large regional financial services group in Germany, providing banking, insurance, and financing products to customers across Hessen and Thüringen. The website presents a professional image with consistent branding and a clear focus on financial services including wealth building, insurance, and construction financing. The target audience includes individuals and businesses seeking financial products and local engagement. Technically, the site is built on Concrete CMS, uses modern JavaScript libraries such as jQuery and Swiper.js, and integrates Matomo analytics with a GDPR-compliant cookie consent mechanism. Accessibility is enhanced via the eyeAble plugin. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and explicit policies could be improved. WHOIS data confirms domain legitimacy and consistency with the business identity. Overall, the website is well-structured, user-friendly, and trustworthy but lacks explicit privacy and terms of service documentation.

B

Bundesärztekammer

bundesaerztekammer.de

66

The Bundesärztekammer website represents the official German Medical Association, serving as the apex organization for medical self-governance in Germany. It primarily advocates for the professional interests of physicians and healthcare professionals, offering services such as policy representation, quality assurance, continuing education, and hosting key events like the Deutscher Ärztetag. The site targets medical professionals, policymakers, and the press, reflecting a non-profit organizational model with a strong market position in the healthcare sector within Germany. Technically, the website is built on the TYPO3 CMS platform, leveraging modern frameworks like Bootstrap 5 and FontAwesome for responsive and accessible design. It employs Cookiebot for GDPR-compliant cookie consent management and Matomo for privacy-respecting analytics. Hosting is managed via schlundtech.de, a reputable provider, and the site demonstrates good mobile optimization, accessibility, and SEO practices. From a security perspective, the site enforces HTTPS and integrates cookie consent mechanisms aligned with GDPR. While explicit security headers are not visible in the HTML, the overall SSL configuration is good. No critical vulnerabilities or exposed sensitive data were detected. However, recommendations include implementing explicit security headers, publishing a security policy, and establishing a vulnerability disclosure channel. Overall, the website is professional, trustworthy, and compliant with privacy regulations, with a strong security posture and high-quality content. The domain registration data aligns with the organization's legitimacy, and no blocking or WAF challenges were detected, enabling full content accessibility.

V

Vetter GmbH

vetter-rescue.com

49

Vetter GmbH is a German manufacturing company specializing in pneumatic rescue equipment and tents, serving emergency services, fire brigades, and medical services worldwide. Established in 1964, the company positions itself as the global leader in emergency pneumatics, offering a range of products including rescue, industrial, HazMat, recovery, and shelter equipment, along with training and service. The website reflects a professional and consistent brand presence with a global dealer network and active participation in trade fairs and events. Technically, the site is built on Joomla CMS with modern frameworks such as Bootstrap and Helix Ultimate, and uses Matomo for analytics. The site is mobile-optimized and performs moderately well. Security posture is good with HTTPS enforced and cookie consent implemented, though there is a lack of published security policies and incident response information. Privacy compliance is partial, with cookie consent but no visible privacy policy or terms of service pages. Overall, the website is trustworthy and safe for general audiences, with room for improvement in privacy and security transparency.

FOINIA STEEL spol. s r.o. is a medium-sized, family-owned Czech company specializing in the sale and processing of steel and metallurgical materials since 1991. The company serves both business clients and individual craftsmen, offering a broad product range including pipes, profiles, sheets, and additional value-added services such as cutting, bending, locksmith work, and delivery across the Czech Republic. Their website reflects a professional and consistent brand image with clear contact information and GDPR-compliant privacy and cookie policies. Technically, the website is built on a custom CMS platform (IPO CMS) utilizing jQuery, jQuery UI, Google reCAPTCHA, and Matomo analytics for privacy-conscious tracking. The site is mobile-optimized with good SEO and accessibility basics, though some security headers are missing. HTTPS is enforced, and cookie consent mechanisms are implemented effectively. From a security perspective, the site shows good practices such as HTTPS and CAPTCHA protection but lacks explicit security policies and incident response contacts. The absence of WHOIS domain registration data is a notable concern, reducing domain trustworthiness and raising questions about domain legitimacy. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is safe, professional, and functional with moderate technical maturity. Strategic improvements in security headers, incident response transparency, and domain registration transparency are recommended to enhance trust and compliance.

G

Gerulata Technologies j. s. a.

gerulata.com

63

Gerulata Technologies is a specialized technology company focused on providing advanced AI-powered tools and professional services to combat information warfare and disinformation. Their offerings, including the Gerulata Juno platform, target government institutions, regulators, law enforcement, military, intelligence agencies, research institutions, and journalism professionals. The company positions itself as a niche provider in the information security and analysis sector with a strong emphasis on digital safety and strategic communications. Technically, the website employs a modern tech stack including jQuery, Slick Carousel, Axios, Google reCAPTCHA v3, Matomo analytics, and CookieYes for consent management. The site is well-structured, mobile-optimized, and incorporates privacy-respecting analytics. However, no CMS or hosting provider details are explicitly identified. Performance is moderate with good SEO and basic accessibility features. From a security perspective, the site enforces HTTPS, uses reCAPTCHA to protect forms, and provides a comprehensive cookie consent mechanism aligned with GDPR. However, security headers are not explicitly detected, and there is no visible security policy or incident response information. The absence of WHOIS data for the domain is a notable concern, as it reduces trust in domain legitimacy despite the professional website presence. Overall, the website is professional, secure, and privacy-conscious but would benefit from improved transparency regarding domain registration, explicit security policies, and direct contact information to enhance trust and compliance.

W

Waldreport

waldreport.de

57

Waldreport is a German non-profit environmental initiative dedicated to protecting forests by raising awareness of forest threats, networking nature enthusiasts, and collecting data on forest damage. The website is well-structured, professionally designed, and targets environmentally conscious individuals and organizations in Germany. It leverages partnerships with reputable environmental groups such as Greenpeace and Robin Wood to enhance its credibility and outreach. Technically, the site is built on Drupal 10 with Bootstrap 5.2 and uses Matomo for privacy-conscious analytics. The site is mobile-optimized and accessible, with a cookie consent mechanism compliant with GDPR. Security posture is moderate with room for improvement in security headers and incident response transparency. No critical vulnerabilities or suspicious content were detected, and the domain registration data aligns with the website's purpose, indicating legitimacy.

C

Cassini

cassini.eu

63

Cassini is an official European Commission initiative aimed at fostering entrepreneurship in the space sector across the EU from 2021 to 2027. It supports startups, SMEs, and entrepreneurs with funding, hackathons, mentoring, business acceleration, and matchmaking services. The initiative is positioned as a key enabler for the EU space economy, leveraging a €1 billion fund and various programs to stimulate innovation and market uptake of space technologies and services. The website reflects a professional and consistent brand aligned with EU standards and space industry stakeholders. Technically, the website is built on Drupal 10, employing modern web technologies and analytics tools such as Matomo and Google Tag Manager. The site is mobile optimized, accessible, and SEO friendly, providing a good user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks some advanced security headers and explicit incident response information. From a security and compliance perspective, the site respects GDPR principles with a comprehensive privacy policy and cookie policy, though it lacks a cookie consent mechanism. No direct contact emails or phone numbers are published, relying on contact forms. WHOIS data is privacy protected by EURid, typical for .eu domains, and consistent with the official nature of the initiative. No suspicious or malicious indicators were found. Overall, Cassini's website is a trustworthy, well-maintained platform supporting EU space entrepreneurship. Strategic recommendations include enhancing security headers, publishing incident response contacts, implementing cookie consent, and providing more direct contact information to improve transparency and user trust.

A

Anthroposophische Gesellschaft in Deutschland

anthroposophie.de

53

The website www.anthroposophie.de represents the Anthroposophische Gesellschaft in Deutschland, a non-profit organization dedicated to promoting and educating about Anthroposophy, a spiritual and philosophical movement. The site serves as a central hub for information, events, and community engagement related to Anthroposophy in Germany. It targets a broad audience including interested individuals, critics, and practitioners. The business model is educational and community-focused, with a medium-sized organizational footprint in the non-profit sector.

B

Bundesministerium für Bildung und Forschung

digitalpaktschule.de

56

The website digitalpaktschule.de is an official German government platform managed by the Bundesministerium für Bildung und Forschung (Federal Ministry of Education and Research). It serves as the authoritative source for the DigitalPakt Schule initiative, which aims to enhance digital infrastructure and competencies in German schools. The site provides comprehensive information, resources, and updates targeted at schools, educators, students, parents, and related stakeholders. It holds a strong market position as a government-backed educational resource with clear branding and trust signals. Technically, the website employs modern JavaScript libraries such as jQuery and Modernizr, uses the Slick Carousel for UI elements, and integrates Matomo analytics with a privacy-conscious opt-in mechanism. The site is mobile-optimized, accessible, and SEO-friendly, though it appears to use a custom or proprietary CMS. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms to comply with GDPR. However, it lacks explicit security policy pages, incident response contacts, and advanced security headers. No vulnerabilities or exposed sensitive data were found. Overall, the security posture is solid but could be improved with additional transparency and security best practices. The website is safe for general audiences, contains no adult or questionable content, and maintains high trustworthiness. The domain registration data aligns well with the website content, confirming legitimacy and consistency with a government entity. Strategic recommendations include publishing security policies, incident response information, and implementing additional security headers to enhance trust and compliance.

L

LUKAS Hydraulik GmbH

lukas.com

59

LUKAS Hydraulik GmbH is a well-established German manufacturer specializing in hydraulic products for rescue equipment and industrial applications. With a history dating back to the 1940s and a domain registered since 1995, the company operates as a subsidiary of IDEX Corporation, reinforcing its market credibility. The website effectively communicates the company's expertise, product range, and global dealer network, targeting industrial clients, rescue services, and job seekers. Technically, the site is built on Joomla CMS with modern front-end libraries and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS and CSRF protections, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is strong, featuring a comprehensive privacy policy and cookie consent mechanism. Overall, the site reflects a professional and trustworthy corporate presence.

N

Norwegian SciTech News

norwegianscitechnews.com

10

Norwegian SciTech News is a specialized media outlet providing research news focused on technology, energy, environment, and science, primarily related to Norwegian institutions NTNU and SINTEF. The website targets the general public interested in scientific developments and innovation. Technically, the site is built on WordPress with a modern tech stack including Google Analytics, Facebook SDK, and Matomo for analytics, and uses Cloudflare for DNS. The site is well optimized for SEO, mobile, and accessibility, with a professional design and clear navigation. Security posture is good with HTTPS and domain transfer protection, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is evident with a comprehensive privacy and cookie policy and consent mechanism. Contact information is available via email and contact forms, but no explicit security or incident response policies are published. Overall, the site is trustworthy, professionally maintained, and serves as a credible source of scientific news.

B

Biodynamic Federation Demeter International

demeter.net

11

Demeter International is a globally recognized organization dedicated to biodynamic agriculture certification and promotion. With a history spanning over 100 years, it serves as a trusted certifier and advocate for sustainable, ecological farming practices. The website reflects a mature digital presence built on WordPress, enhanced with SEO and consent management tools, and integrates privacy-respecting analytics. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled. The site provides comprehensive privacy and cookie policies, social media engagement, and a clear business focus on certification and education in biodynamic farming.

R

Rynek.Pro | Lokalni-Profesjonalni

rynek.pro

53

Rynek.Pro is a local business directory portal primarily serving Polish and Lithuanian markets, offering categorized listings for production, retail trade, wholesale, and services. The platform targets local consumers and businesses seeking reliable contractors and professional services. It operates as an online advertisement and business listing service with an interactive map feature to enhance user experience. The website is built on WordPress using the TownHub theme and integrates modern technologies such as Elementor, WooCommerce, and Matomo Analytics, reflecting a moderate to good level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers and explicit security policies are absent. The domain WHOIS data is privacy protected but registered through a reputable registrar, consistent with the business type. Overall, the site demonstrates good professionalism, privacy compliance, and user experience, making it a trustworthy platform for local business promotion.

M

Ministerstvo financí České republiky

statnipokladna.cz

73

The website statnipokladna.cz serves as the official portal for the Ministry of Finance of the Czech Republic, specifically focusing on the State Treasury functions. It provides centralized financial management services including revenue centralization, expenditure control, asset management, liquidity and debt management, financial planning, payment processing, and reporting. The site targets government entities and public sector organizations, positioning itself as a critical government service platform. The content is professionally presented, with clear navigation and good mobile optimization, reflecting a mature digital presence. Technically, the website employs standard web technologies including HTML5, CSS3, and JavaScript, with integrations of Cookiebot for cookie consent management and analytics tools such as Google Analytics and Matomo. The site uses HTTPS and shows good security practices, although explicit security headers are not visible in the HTML source. The performance is moderate, and accessibility features are adequately implemented. From a security standpoint, the site benefits from HTTPS encryption and a robust cookie consent mechanism compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in transparency and security maturity. Overall, the website demonstrates a strong business credibility as a government portal with high trustworthiness. The risk profile is low, but strategic enhancements in security policy publication and contact information disclosure would further strengthen its posture.

D

DVV Media Group GmbH

thb.info

67

The website www.thb.info is a professional German maritime news portal operated by DVV Media Group GmbH. It provides daily news, industry insights, and subscription-based content focused on shipping, ports, logistics, and maritime economy. The site targets maritime professionals and stakeholders, offering services such as newsletters, podcasts, job listings, and company guides. The business model is primarily subscription-driven with advertising revenue. Technically, the site is built on TYPO3 CMS and integrates modern analytics and consent management tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and consent mechanisms, though some security headers could be improved. The WHOIS data is malformed and unavailable, which slightly reduces domain trust but does not outweigh the professional presentation and established brand. Overall, the site is trustworthy, well-structured, and compliant with GDPR requirements.

D

DVV Media Group GmbH

shipandoffshore.net

65

Ship & Offshore is a specialized maritime industry media platform operated by DVV Media Group GmbH, providing news, reports, and subscription-based specialist publications focused on shipbuilding, offshore, and maritime technology sectors. The website demonstrates a mature digital infrastructure using TYPO3 CMS, integrated with modern analytics and consent management tools, ensuring compliance with privacy regulations. Security posture is strong with HTTPS enforcement and consent-based tracking, though explicit security headers could be improved. The absence of WHOIS registration data for the domain is a notable concern, potentially indicating privacy protection or domain registration issues, which impacts trustworthiness from a domain legitimacy perspective. Overall, the site offers professional content and user experience suitable for maritime professionals and industry stakeholders.