Security Directory

LinkedIn is a leading global professional networking platform owned by Microsoft, serving over a billion members worldwide. The website de.linkedin.com targets German-speaking users, offering services such as professional networking, job search, e-learning, and recruiting solutions. The platform is positioned as a market leader in the technology sector with a strong enterprise presence. Technically, the site employs modern web technologies including JavaScript frameworks and Google Identity Services for authentication, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and public security policies could be enhanced. Privacy compliance is robust with comprehensive privacy and cookie policies aligned with GDPR requirements. Overall, the site demonstrates high professionalism, trustworthiness, and content quality, making it a reliable platform for professional users.

D

Diözese Innsbruck

dibk.at

48

The website www.dibk.at serves as the official online portal for the Diocese of Innsbruck, a regional religious authority in Austria. It provides comprehensive information about the Catholic Church's activities, faith-related events, educational resources, and community services targeted primarily at members of the Catholic community in Tirol and interested visitors. The site is well-branded, consistent, and offers a good user experience with clear navigation and mobile optimization. Technically, it is built on the Ibexa CMS platform, utilizing JavaScript and jQuery libraries, and employs HTTPS for secure communications. Security best practices are partially implemented, though some security headers are missing and no explicit security policy or incident response contacts are published. The site does not display advertising or tracking scripts, indicating a privacy-conscious approach. WHOIS data confirms the domain's legitimacy and consistency with the organization's identity. Overall, the site is professional, trustworthy, and suitable for its intended audience.

L

Lidl Schweiz

lidl.ch

78

Lidl Schweiz operates as a major retail supermarket chain in Switzerland, offering a wide range of grocery products and weekly promotions. The website www.lidl.ch serves as an information portal for customers, providing access to current offers and company information. The business is part of the Schwarz Gruppe, a large international retail group, and holds a strong market position in the Swiss retail sector. The site targets general consumers seeking affordable supermarket products. Technically, the website employs modern JavaScript frameworks, integrates third-party services such as YouTube and Kameleoon for marketing and analytics, and uses OneTrust for cookie consent management. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Security-wise, the website enforces HTTPS, uses standard security headers, and manages user consent for tracking scripts, reflecting a mature security posture. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. Overall, the site is professional, trustworthy, and compliant with GDPR, with minimal security or privacy concerns detected.

C

C&A

c-and-a.com

71

C&A is a well-established European fashion retailer offering affordable clothing for men, women, children, and babies. The company operates a comprehensive e-commerce platform with a broad product range including seasonal collections, plus sizes, and special bargains. The website is professionally designed with clear navigation and targets a general audience seeking quality fashion at fair prices. Technically, the site uses modern web technologies such as React and Cloudinary for image hosting, and implements cookie consent via OneTrust. Security posture is strong with HTTPS enforced and standard security headers present, though no public vulnerability disclosure or security.txt file is found. The WHOIS data is unavailable, which slightly reduces domain trust but the overall business credibility remains high based on website content and contact information.

The website www.eversportscorporate.com is currently inaccessible beyond a robot challenge screen that implements a JavaScript proof-of-work captcha. This indicates the presence of a Web Application Firewall (WAF) or security mechanism blocking direct access to the site content. No business information, contact details, or policies are available on the page, and the WHOIS lookup failed to return any registration data, suggesting the domain may be unregistered or privacy-protected to an extreme degree. The technical infrastructure relies on JavaScript and AWS Cloudfront CDN for serving challenge assets, but no CMS or business platform is detectable. Security posture is weak due to lack of visible HTTPS confirmation, security headers, or compliance documentation. Overall, the site is not currently usable for business or customer engagement, and trustworthiness is low.

H

Helium Development

customerfields.com

65

Customer Fields is a specialized SaaS provider offering Shopify store owners tools to collect, manage, and approve customer data through custom registration forms and customer profiles. The company operates under Helium Development, with a focus on enhancing Shopify customer account capabilities. The website demonstrates a professional and consistent brand presence with clear business offerings targeted at e-commerce merchants and developers. Technically, the site uses modern JavaScript frameworks and integrates analytics and customer engagement tools such as Google Analytics, Hotjar, and Intercom, indicating a mature digital infrastructure. Security posture is solid with HTTPS enabled and domain protections in place, though improvements could be made by enabling DNSSEC and adding security headers. Privacy and cookie policies are present but hosted on the parent company site, with no direct contact information or incident response details visible on the main site. Overall, the website is trustworthy, well-maintained, and suitable for its target audience.

M

MDR (Mitteldeutscher Rundfunk)

mdrjump.de

62

MDR JUMP is a digital entertainment brand operated by Mitteldeutscher Rundfunk (MDR), a major public broadcaster in Germany. The website serves as a hub for radio streaming, podcasts, video content, event information, and traffic updates primarily targeting audiences in Eastern Germany and Mitteldeutschland. The platform is well-branded, professionally designed, and integrates social media and Alexa skill support to enhance user engagement. The content is diverse, catering to a broad general audience with a focus on entertainment and community.

S

Süddeutsche.de GmbH

sueddeutsche.de

63

Süddeutsche.de GmbH operates a leading German news website providing current news, commentary, and background reports. The site targets a broad audience interested in national and international news, leveraging a digital subscription and advertising business model. The company maintains a strong market position in the German media landscape with a professional and consistent brand presence. Technically, the website employs a modern tech stack including subscription management via Piano, Google Tag Manager, Datadog logging, and advanced advertising technologies. The site is mobile optimized and uses consent management platforms to comply with GDPR requirements. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly published. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations, though improvements in transparency around security and contact information could enhance user trust.

E

EVIE – Engagement, Vielfalt und Integration im Ehrenamt

phronesis-bildung.de

58

The website 'EVIE – Engagement, Vielfalt und Integration im Ehrenamt' is a German non-profit focused on promoting volunteer engagement, diversity, and integration within community and neighborhood projects. It offers educational training programs such as 'Fortbildung für Vereinsmitglieder', 'Train the Trainer', and 'Nachbarschafts-Coach'. The site is built on the Squarespace platform, leveraging modern web technologies and hosting infrastructure, providing a moderate performance and good mobile optimization. Security posture is strong with HTTPS and HSTS enabled, but lacks explicit privacy and cookie policies, which impacts compliance. Contact information is not clearly provided, limiting direct communication channels. Overall, the site is professional and trustworthy within its niche but could improve privacy compliance and user contact accessibility.

B

Biosphären-VHS St. Ingbert

vhs-igb.de

43

Biosphären-VHS St. Ingbert is a municipal adult education provider offering a wide range of courses and cultural events to the citizens of St. Ingbert, Germany. The website reflects a well-structured and content-rich platform targeting community education, integration, health, languages, and digital literacy. The institution holds a solid local market position as a trusted public education entity. Technically, the site uses a proprietary CMS (CMX) with modern web technologies, delivering a good user experience with mobile optimization and accessibility features. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though improvements are recommended in cookie consent and security policy transparency. Overall, the website is professional, trustworthy, and compliant with GDPR, though it lacks some advanced privacy and security disclosures.

B

Bichinger Software & Consulting

jobboersencheck.de

62

Jobboersencheck.de is a German-language online platform specializing in the comparison and evaluation of job boards. It provides independent employer and applicant reviews, enabling users to make informed decisions about where to post or search for jobs. The platform is developed by Bichinger Software & Consulting and features a modern, user-friendly interface with a focus on job market transparency in German-speaking regions. Technically, the site employs React components, Cookiebot for GDPR-compliant cookie management, and Google Tag Manager for analytics, reflecting a moderate level of digital maturity. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms but lacks visible advanced security headers and explicit security policies, indicating room for improvement. Overall, the website is professional, trustworthy, and safe for general audiences, with a moderate risk profile primarily due to missing explicit privacy and security documentation.

S

Studierendenwerk Kaiserslautern

studierendenwerk-kaiserslautern.de

48

Studierendenwerk Kaiserslautern operates as a regional non-profit organization providing essential student services including housing, dining, childcare, and counseling for approximately 20,000 students across multiple campuses in Germany. The website reflects a well-structured and professional digital presence, leveraging TYPO3 CMS and modern cookie consent management via Usercentrics, ensuring compliance with GDPR regulations. The content is relevant and targeted to the student community, with clear navigation and multilingual support (German and English). Security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website demonstrates a mature digital infrastructure suitable for its institutional role.

C

Chamaeleon AG

chamaeleon.de

65

Chamaeleon AG is a German-based technology company specializing in advanced content management systems (CMS) and digital solutions for enterprises and public administration. Their flagship product, the ionas CMS, offers WYSIWYG editing optimized for web and mobile platforms. The company positions itself as 'Die Webarchitekten' (The Web Architects), emphasizing tailored digital architecture and support services. The website reflects a medium-sized business with a clear focus on B2B clients in both private and governmental sectors. Technically, the website is built on a modern CMS platform (ionas4) with JavaScript frameworks and uses SystemJS for module loading. Hosting appears to be provided by Deutsche Telekom, inferred from the nameservers. The site is mobile-optimized and includes SEO best practices such as meta tags and canonical URLs. Performance is moderate with no major technical issues detected. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, explicit security headers (e.g., CSP, HSTS) are not detected, and no published security or incident response policies are found. No vulnerabilities or exposed sensitive data were identified in the HTML content. The absence of direct contact emails or phone numbers suggests a preference for contact via web forms. Overall, the website demonstrates a professional and trustworthy digital presence with good privacy compliance and a solid technical foundation. Strategic improvements could include publishing formal security policies, adding security headers, and providing direct contact information for incident response. These enhancements would strengthen the security posture and business credibility further.

A

AD4NET s.r.o.

ad4net.eu

65

AD4NET s.r.o. is a small media services company specializing in digital advertising product optimization primarily serving the DACH region. Their website presents a professional image with clear descriptions of their services including job advertisements, media design, and typesetting. The company positions itself as a leading provider in its niche with a focus on quality and flexible resources. Technically, the website is built on TYPO3 CMS, employs modern web technologies, and includes a cookie consent mechanism compliant with GDPR. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. The absence of public WHOIS data is due to EURid privacy policies, which is common and justified for this business type. Overall, the website is trustworthy and well-maintained.

The FAIR GmbH operates an international accelerator research center in Darmstadt, Germany, focusing on antiproton and ion research to explore fundamental physics. The website serves a diverse audience including researchers, students, partners, and the public, providing scientific information, career opportunities, and news updates. The organization holds a strong market position as a major European research initiative with international collaborations. Technically, the site is built on TYPO3 CMS, uses Matomo for analytics, and implements GDPR-compliant privacy and cookie policies with consent mechanisms. The site is well-structured, mobile-optimized, and professionally designed, supporting good user experience and trust. Security posture is adequate with HTTPS and privacy controls, but lacks some advanced security headers and explicit incident response information. Overall, the website is trustworthy, safe, and aligned with its scientific mission.

H

Helmholtz-Institut Mainz

hi-mainz.de

56

The Helmholtz-Institut Mainz website represents a reputable scientific research institute specializing in physics and chemistry of superheavy elements and related fields. The site is professionally designed using TYPO3 CMS and integrates cookie consent management via Cookiebot, reflecting a mature digital presence. The content is targeted primarily at the scientific community, academics, and students, with clear navigation and multilingual support. Technically, the site employs modern web standards with HTTPS enforced, though lacks some advanced security headers. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and accessible platform. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, the absence of explicit contact emails, phone numbers, and security policies suggests areas for improvement in transparency and incident response readiness. Overall, the website demonstrates a solid security posture and business credibility consistent with a medium-sized research institution in Germany.

A

ALEX Berlin

alex-berlin.de

64

ALEX Berlin operates the digital media platform 'ALEX Kosmos', providing livestreams of TV and radio, podcasts, videos, and community-driven content primarily targeting the Berlin region. The platform positions itself as a creative and participatory media hub for an urban audience, offering crossmedia content accessible 24/7. The business model revolves around media streaming and community engagement, supported by a modern web infrastructure and compliance with European data protection laws. Technically, the website leverages modern JavaScript frameworks, a consent management platform for GDPR compliance, and is hosted on a reputable provider with HTTPS enforced, ensuring secure user interactions. The site demonstrates good mobile optimization and accessibility features, though some advanced security headers could be improved. Security posture is strong with no visible vulnerabilities or exposed sensitive data, but lacks explicit published security policies or incident response contacts. Overall, the platform is trustworthy, professionally designed, and compliant with privacy regulations, making it a reliable media service for its audience.

The Ökumenisches Heiligenlexikon is a well-established German-language informational website dedicated to providing comprehensive biographies, historical data, and religious context about saints from various Christian denominations. Founded in 1988 and online since 1998, it holds a strong market position as the most visited German site on this topic. The site offers rich content including calendars, patron saints, glossaries, and multimedia resources, targeting a general audience interested in religious and historical education. Technically, the website employs a custom-built infrastructure using standard web technologies such as HTML5, CSS3, JavaScript, Google Fonts, and jQuery. It integrates Google Analytics and Adsense for tracking and monetization. The hosting appears to be with 1&1 IONOS, providing moderate performance and good mobile optimization. SEO and accessibility are adequately addressed, though some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. While some security headers are not explicitly detected, no critical vulnerabilities or exposed sensitive data were found. Privacy policies are comprehensive and clearly presented, supporting GDPR compliance. Contact information is limited to email addresses, with no phone or physical address provided. Overall, the website demonstrates a solid security posture and high content quality, with no signs of blocking or WAF interference. It is safe for general audiences with no adult or NSFW content. Strategic recommendations include enhancing security headers, adding incident response contacts, and improving accessibility to further strengthen trust and compliance.

Die Nacht der 1000 Lichter is a well-established non-profit religious event organized primarily by the Katholische Jugend der Diözese Innsbruck and other Austrian dioceses. The website serves as an informational and engagement platform for a liturgical event held annually on October 31st, attracting tens of thousands of visitors across Austria and South Tyrol. It provides event details, multimedia content, and contact information for organizers across multiple dioceses. The target audience includes youth groups, church communities, and the general public interested in religious and cultural events. The business model is community and event-driven without commercial intent, focusing on spiritual and social engagement.

J

Javni štipendijski, razvojni, invalidski in preživninski sklad Republike Slovenije

sklad-kadri.si

54

The website www.srips-rs.si represents the official online presence of the Javni štipendijski, razvojni, invalidski in preživninski sklad Republike Slovenije, a Slovenian government institution dedicated to scholarships, workforce development, social rights, and child maintenance compensation. It serves a broad audience including students, workers, employers, and educational institutions. The site provides comprehensive information on various scholarship programs, development initiatives, worker rights, and support for disabled persons. Technically, the website is built using modern web standards and likely runs on OctoberCMS, hosted by a Slovenian registrar. It employs HTTPS and cookie consent mechanisms, with Google Tag Manager used for analytics, respecting user consent. Security posture is solid but could be improved by adding explicit security headers and publishing security policies. The domain registration data is consistent with the institution's profile, indicating legitimacy. Overall, the website is professional, trustworthy, and well-structured, though it lacks explicit privacy and terms of service pages.

D

Doctolib Srl

doctolib.it

65

Doctolib Srl operates a leading online healthcare appointment booking platform in Italy, enabling patients to find specialists and book visits easily. The company is part of the larger Doctolib group with operations in France and Germany, positioning itself as a key player in European digital healthcare services. The website is professionally designed, mobile-optimized, and rich in relevant content, targeting patients and healthcare professionals. Technically, the site leverages modern JavaScript frameworks, robust monitoring tools, and consent management solutions, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement, modern security headers, and privacy compliance aligned with GDPR. No critical vulnerabilities or blocking mechanisms were detected, indicating a trustworthy and reliable platform. Overall, Doctolib presents a secure, compliant, and user-friendly service with clear business legitimacy and strong market presence.

E

Esselunga S.p.A.

esselunga.it

70

Esselunga S.p.A. is a well-established Italian supermarket chain founded in 1957, offering a wide range of retail services including physical supermarkets, online grocery shopping, loyalty programs, and specialized subsidiaries such as parafarmacia and enoteca. The website reflects a mature digital presence with professional design, clear navigation, and rich content tailored to general consumers in Italy. Technically, the site uses modern web technologies and Adobe Experience Manager CMS, with good mobile optimization and accessibility features. Security posture is solid with HTTPS and no exposed sensitive data, though some security headers could be improved. Privacy compliance is basic with no explicit privacy or cookie policies detected in the provided content. Overall, the site is trustworthy and professionally managed, with strong business credibility and a comprehensive service offering.

The website circulareconomynetwork.it is currently inaccessible due to a security challenge page implementing a JavaScript-based proof-of-work captcha. This indicates the presence of a Web Application Firewall or similar security mechanism blocking direct access to the site's content. As a result, no business-related content, contact information, or policy documents are available for analysis. The domain is registered since 2018 with a valid status and no DNSSEC enabled. The page loads external resources from Amazon CloudFront CDN and uses custom JavaScript for the captcha challenge. Due to the blocking mechanism, the website's technical maturity, security posture, and privacy compliance cannot be fully assessed, resulting in a low overall AI score.

The CISPA Helmholtz Center for Information Security is a prominent German national research institution specializing in cybersecurity, privacy, and trustworthy artificial intelligence. It operates as a Big Science institution within the Helmholtz Association and collaborates with academic and industry partners, including the Technical University of Munich. The website presents a professional and content-rich platform highlighting research achievements, faculty insights, and technology transfer initiatives, positioning CISPA as a leading global research center in its domain. Technically, the website employs modern web technologies such as JavaScript and CSS with responsive design and good accessibility features. However, there is limited evidence of advanced security configurations such as security headers or explicit SSL/TLS details in the provided data. The absence of visible privacy, cookie, and terms of service policies indicates areas for compliance improvement, especially concerning GDPR requirements. From a security posture perspective, while the site is accessible and professional, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The WHOIS data is minimal but does not raise significant legitimacy concerns given the institutional context. Overall, the site demonstrates a strong business credibility and content quality but requires enhancements in privacy compliance and security transparency. Strategically, CISPA should prioritize publishing comprehensive privacy and cookie policies, implementing cookie consent mechanisms, and enhancing security headers and incident response information to strengthen trust and compliance. These improvements will support its reputation as a leading cybersecurity research institution and ensure alignment with regulatory standards.

H

Helmholtz-Zentrum für Infektionsforschung (HZI)

helmholtz-hzi.de

60

The Helmholtz-Zentrum für Infektionsforschung (HZI) is a prominent German research institution specializing in infection biology and related scientific fields. Affiliated with the Helmholtz Association, it operates multiple locations across Germany and focuses on understanding infectious diseases and their defense mechanisms. The website serves as a comprehensive portal for scientific publications, career opportunities, public events, and knowledge transfer initiatives, targeting researchers, students, and healthcare professionals. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries such as Masonry and Leaflet for layout and mapping functionalities. It employs Matomo for analytics, indicating a privacy-conscious approach. The site is well-optimized for mobile devices, accessible, and SEO-friendly, with structured data and Open Graph metadata enhancing discoverability. From a security perspective, the site enforces HTTPS and uses secure forms but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with no visible privacy or cookie policies or consent mechanisms, which could be improved to meet GDPR standards fully. Overall, the website reflects a high level of professionalism, trustworthiness, and technical maturity, suitable for a large research institution. Strategic improvements in privacy disclosures and security transparency would further enhance its compliance and user trust.

18Months is a small Italian technology company specializing in designing and developing cloud-based applications with a strong focus on user experience and innovation. Their flagship product, 18tickets, is a cloud ticketing application offered on a pay-per-use basis. The company positions itself as an innovative niche player in the Italian cloud application market, targeting businesses and users interested in modern cloud solutions. The website is bilingual (Italian and English) and presents a professional image with clear navigation and consistent branding. From a technical perspective, the website uses modern web technologies including JavaScript, Typekit fonts, Google Maps API, and Font Awesome icons. The site is moderately optimized for performance and mobile devices, though accessibility features are basic. There is no detected CMS or hosting provider information. SEO optimization is basic with standard meta tags but no advanced structured data or Open Graph tags. Security posture is moderate; HTTPS is used as indicated by URLs, and a partnership with Secure Network is mentioned, suggesting some level of security awareness. However, no security headers are detected in the HTML content, and no explicit privacy or cookie policies are present, indicating compliance gaps. No incident response or vulnerability disclosure information is provided. No analytics or tracking services are detected, implying minimal user tracking. Overall, the website is safe with no adult or questionable content. The lack of privacy and cookie policies and limited security headers reduce the compliance and security scores. Contact information is limited to a contact form on a separate page, with no direct emails or phone numbers found. The site is trustworthy but could improve transparency and security practices.

18Tickets is an Italian cloud-based ticketing platform specializing in cinema and theater venues, offering an integrated pay-per-use service that combines eTicketing, cash register, bar, and e-commerce management. The platform emphasizes social engagement through integration with social networks, particularly Facebook, enhancing the user experience for both venue owners and customers. The business is positioned as an innovative solution targeting small and multiscreen cinemas in Italy, supported by its parent company 18Months. Technically, the website uses modern web technologies including HTML5, CSS3, JavaScript, Google reCAPTCHA for security, and Typekit fonts for branding consistency. The site is mobile-optimized and provides a demo to encourage user adoption. Security posture is adequate with HTTPS enforced and reCAPTCHA implemented, but lacks security headers and explicit incident response or security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or terms of service. Overall, the website is professional and trustworthy but could improve in compliance and security transparency.

H

Helmholtz Association

hifis.net

67

HIFIS (Helmholtz Federated IT Services) is a specialized IT service provider focused on delivering digital infrastructure and software services to the Helmholtz Association, a major German research organization. The website presents a professional and comprehensive overview of their offerings including cloud services, identity management, software consulting, and training. The target audience primarily includes scientists, software engineers, cloud service providers, and IT support experts within the Helmholtz ecosystem. The organization is well positioned as a key facilitator of research IT services within Germany's scientific community. Technically, the website is built with modern web standards including HTML5, CSS3, and JavaScript, leveraging libraries such as FontAwesome and Modernizr for enhanced UI/UX. Hosting is provided by DESY, a reputable Helmholtz research center, ensuring reliable infrastructure. The site is mobile optimized, fast loading, and accessible, with good SEO practices. Analytics are implemented via Matomo with cookies disabled, reflecting a privacy-conscious approach. From a security perspective, the site uses HTTPS and shows no signs of exposed sensitive data or vulnerabilities. However, it lacks visible security headers and a cookie consent mechanism, which are recommended for GDPR compliance and enhanced security. There is no published security policy or incident response information, which could be improved to strengthen trust and preparedness. Overall, the website is trustworthy, professional, and well-aligned with its institutional backing. The domain registration data corroborates the legitimacy and consistency of the service. Strategic improvements in privacy compliance and security transparency would further enhance the site's security posture and user trust.

S

Sandstein Kultur

sandstein-kultur.de

51

Sandstein Kultur is a specialized agency and publishing house based in Dresden, Germany, focusing on cultural and art-related publications such as exhibition catalogs and museum catalogs. The company targets cultural institutions, museums, and art enthusiasts, offering both publishing and agency services including campaigns and promotional materials. The website reflects a niche market position within the German cultural media sector, supported by a professional and consistent brand presentation. Technically, the website is built on Craft CMS and uses modern web technologies including SVG graphics and Matomo analytics with cookies disabled, indicating a moderate level of digital maturity and privacy awareness. Hosting is provided by SchlundTech, a reputable German hosting provider. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site enforces HTTPS and uses CSRF tokens for form submissions, but lacks explicit security headers and a published security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is supported by a clear privacy policy and terms of service, though a cookie consent mechanism is missing. Overall, the website is safe, professional, and trustworthy with a good balance of content quality and technical implementation. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance the security posture and compliance further.

E

European XFEL GmbH

xfel.eu

66

European XFEL GmbH operates a leading European research facility specializing in X-ray free-electron laser technology. The 3.4 km long facility generates intense X-ray flashes used globally by researchers to study atomic and molecular processes. The website serves a diverse audience including scientists, users, visitors, and educational groups, providing comprehensive information about the facility, instruments, user policies, and events. The business model is non-profit, focused on enabling cutting-edge scientific research. Technically, the website is built on modern web standards with a CMS likely based on Zope/ZMS, featuring responsive design and good accessibility. Security posture is solid with HTTPS and no exposed sensitive data, though improvements are recommended in security headers and incident response transparency. Privacy compliance is partially addressed with a detailed privacy policy but lacks cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-positioned in its niche, with room for enhanced security and privacy practices.

E

Europäischer Wettbewerb

europaeischer-wettbewerb.de

49

The Europäischer Wettbewerb website serves as the official platform for a long-standing educational competition in Germany, targeting students and schools nationwide. It is positioned as a reputable and historic institution fostering creativity and European awareness among young participants. The website is built on WordPress using the Divi theme, incorporating standard web technologies and Matomo analytics for user tracking. While the site offers good content quality and user experience, it lacks explicit privacy, cookie, and security policies, which are critical for compliance and trust. Security posture is moderate with no advanced headers or incident response information evident. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security measures.

I-ST.net is a German system house providing IT services and products primarily targeting business customers. The company has a long-established domain since 1997, indicating a stable presence in the IT sector. The website offers customer login functionality and support modules, reflecting a service-oriented business model. However, the site content is basic and lacks modern design and mobile optimization. Technically, the site uses standard HTML, CSS, and JavaScript with external scripts for chat and remote support. Security posture is weak due to lack of HTTPS, missing security headers, and insecure login form implementation. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the business credibility is moderate given the domain age and contact transparency, but technical and security improvements are needed.

C

chiliSCHARF GmbH

chilischarf.com

63

chiliSCHARF GmbH is a professional internet agency based in Austria with offices in Linz and Vienna, specializing in digital communication, online marketing, and e-commerce solutions. Their expertise includes TYPO3 CMS, Shopware, Magento, and xtCommerce platforms, complemented by video production and photography services. The company targets businesses seeking comprehensive digital presence and marketing support. The website demonstrates a mature digital infrastructure with modern technologies, consent management, and accessibility features, reflecting a high level of digital maturity. Security posture is solid with HTTPS and privacy tools, though some security headers and policies could be improved. Overall, the site is professional, trustworthy, and well-positioned in its market niche.

U

Universität des Saarlandes

uni-saarland.de

64

The Universität des Saarlandes website serves as the official digital presence of a large public university in Germany, offering accredited degree programs, research initiatives, and international academic services. The site targets prospective and current students, alumni, academic staff, and international partners. It provides comprehensive navigation to academic offerings, research profiles, campus life, and international cooperation. Technically, the website is built on TYPO3 CMS, employs Matomo for privacy-conscious analytics, and enforces HTTPS for secure communications. The design is professional, mobile-optimized, and accessible, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and formal privacy and security policies are not evident in the provided content. WHOIS data confirms domain legitimacy and consistency with the university's identity. Overall, the site demonstrates a high level of professionalism and trustworthiness appropriate for an educational institution.

G

Global Payments Europe s.r.o.

gpnmerchant.com

64

Global Payments Europe s.r.o. is a medium-sized financial services company specializing in payment processing solutions for premium card brands such as American Express and UnionPay. Operating primarily in the Czech Republic and Hungary, it is part of the larger Global Payments Inc. group, a NYSE-listed entity. The company offers comprehensive merchant services including card acceptance, terminal installation, mobile payments, and an online portal for transaction management. The website reflects a professional and consistent brand presence with clear business information and client references. Technically, the website uses a modern but basic tech stack including HTML5, CSS3, JavaScript, jQuery, and Bootstrap 3. The site is mobile optimized with good navigation and user experience, though accessibility and SEO optimizations are basic. No CMS or advanced platforms were detected. Performance is moderate with no critical errors. From a security perspective, the site uses HTTPS and secure login forms but lacks DNSSEC and important security headers such as CSP or HSTS. No explicit security or incident response policies are published. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. WHOIS data is consistent and trustworthy, showing a domain registered since 2013 under a Czech registrar, matching the business location. Overall, the website is professional and trustworthy with room for improvement in security hardening and privacy compliance. No critical vulnerabilities or blocking mechanisms were detected, enabling full content access and analysis.

B

Bundesakademie für musikalische Jugendbildung Trossingen

bundesakademie-trossingen.de

52

The Bundesakademie für musikalische Jugendbildung Trossingen is a German educational institution specializing in music pedagogy and professional development for music educators. The website serves as an informational portal for courses, events, and professional training opportunities in the music education sector. The site is built on TYPO3 CMS, indicating a mature and stable technical infrastructure. The design is professional and mobile-optimized, providing a good user experience for its target audience. However, the website lacks explicit privacy, cookie, and terms of service policies, which are critical for compliance with GDPR and other data protection regulations. Security posture is moderate with no advanced security headers detected and no visible vulnerability disclosure or incident response information. Overall, the site is functional and credible but would benefit from enhanced privacy and security measures to improve trust and compliance.

The website represents the official municipal portal for the city of Neu-Ulm, Germany. It provides information about city politics, services, and citizen engagement. The site is powered by TYPO3 CMS and integrates accessibility tools to support users with disabilities, reflecting a commitment to inclusivity. The use of Matomo analytics hosted on their own domain indicates a privacy-conscious approach to user data. However, explicit privacy and cookie policies are not found in the provided content, which is a gap in compliance. The site is well-structured, mobile-optimized, and professionally designed, targeting residents and visitors of Neu-Ulm.

D

Deutscher Engagementpreis

deutscher-engagementpreis.de

54

The Deutscher Engagementpreis website represents a well-established non-profit award platform dedicated to recognizing outstanding civic engagement in Germany. Supported by reputable partners including the Deutsche Stiftung für Engagement und Ehrenamt and government bodies, it serves as a central hub for nominations, jury decisions, public voting, and award ceremonies. The site targets engaged individuals, initiatives, and the general public interested in volunteerism and social contribution. Technically, the site is built on TYPO3 CMS, employs modern web technologies, and integrates Matomo analytics and Google reCAPTCHA for security and user tracking. Privacy compliance is robust with a comprehensive cookie consent mechanism and a detailed privacy policy. Security posture is strong with HTTPS and secure voting mechanisms, though additional security headers and a formal security policy could enhance trust further. Overall, the site is professional, trustworthy, and well-positioned in its niche.

C

Cinema Caravaggio

cinemacaravaggio.it

69

Cinema Caravaggio operates as a local cinema in Rome, Italy, providing movie screenings and online ticket sales through a dedicated website. The business targets general moviegoers in the Rome area and leverages the 18tickets platform for content management and ticketing services. The website presents a professional and user-friendly interface with clear programming schedules and ticket purchasing options. Technically, the site uses modern web technologies including JavaScript, Google reCAPTCHA for bot protection, and Socket.IO for real-time features. The site is mobile optimized and includes basic accessibility features. Security posture is adequate with HTTPS enforced and CSRF tokens implemented, though additional security headers could enhance protection. Privacy compliance is well addressed with clear cookie and privacy policies and a consent mechanism. The domain registration is consistent with the business claims, enhancing trustworthiness. Overall, the website is reliable, secure, and professionally maintained, serving its intended audience effectively.

L

Legacoop Produzione e Servizi

lps.coop

54

Legacoop Produzione e Servizi is an Italian cooperative association representing worker cooperatives across multiple sectors including construction, logistics, manufacturing, and services. Founded in 2022, it serves as an important national body promoting cooperative values and supporting its members through representation, sector-specific initiatives, and participation in European projects. The website reflects a professional and consistent brand presence with active social media engagement and structured content aimed at cooperative stakeholders. The technical infrastructure is based on WordPress with a modern tech stack including popular plugins for SEO, sliders, and analytics. The site is mobile optimized and performs moderately well, with good SEO practices and structured data implementation. Analytics are handled via Matomo and WP Statistics, indicating moderate user tracking. Security posture is adequate with HTTPS enabled and some security plugins in use, but there are areas for improvement such as enabling DNSSEC, adding security headers, and publishing formal security and privacy policies. No WAF or blocking mechanisms were detected, and the WHOIS data is consistent with the business identity, supporting legitimacy. Overall, the website is a credible and professional platform for the cooperative association, but it would benefit from enhanced security policies, privacy documentation, and incident response information to strengthen trust and compliance.

N

NHO Service og Handel

nhosh.no

67

NHO Service og Handel is a major Norwegian business association representing approximately 6,800 companies and around 130,000 employees across various sectors including employment, recruitment, health and welfare, safety, trade, and wellness. The website reflects a professional organization with a clear focus on service and trade industries in Norway. The digital infrastructure incorporates modern analytics and marketing technologies such as Google Analytics, Microsoft Application Insights, Cookiebot for consent management, and reCAPTCHA Enterprise for bot protection, indicating a mature digital presence. Security posture is generally good with HTTPS enforced and consent mechanisms in place, though the absence of explicit privacy policies and terms of service pages limits full compliance visibility. The lack of WHOIS data reduces domain trust verification, but the website content and technology usage suggest legitimacy. Overall, the site is well-structured, mobile-optimized, and provides a positive user experience for its target audience.

Z

Zbornica za razvoj slovenskega zasebnega varovanja

zrszv.si

55

Zbornica za razvoj slovenskega zasebnega varovanja is a Slovenian chamber focused on the development of private security services. Established in 2000, it provides professional training, membership services, and information for private security companies and their clients. The website serves as an information hub and a platform for education and membership management. Technically, the site uses a custom CMS with ASP backend, Bootstrap framework, and integrates Google Analytics and Facebook SDK for tracking. The site is mobile optimized and presents a professional design with clear navigation. Security posture is moderate with HTTPS assumed but lacks explicit security headers and a published vulnerability disclosure policy. Privacy compliance is basic with cookie consent mechanisms and terms of service available. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and serves its niche audience effectively.

A

AES - Associação de Empresas de Segurança

aes-empresasdeseguranca.com

67

AES - Associação de Empresas de Segurança is a Portuguese association representing private security companies. The website serves as an institutional platform providing information about the sector, legislation, and association activities. It targets security companies and professionals within Portugal, positioning itself as a recognized entity in the private security domain. The site offers key services such as advocacy, sector information dissemination, and communication with stakeholders. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, jQuery, and Google Analytics, with good mobile optimization and accessibility features. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, though explicit security headers are not detected. The absence of WHOIS data for the domain is a notable anomaly, reducing trust slightly despite the professional presentation and official contact information. Overall, the website is well-structured, compliant with GDPR, and trustworthy for its intended audience.

H

Hrvatski ceh zaštitara

hcz.hr

45

Hrvatski ceh zaštitara is a professional chamber representing security guards in Croatia, established since 2004. The website serves as an informational platform for members and stakeholders in the security profession, providing industry news and organizational information. The site is built on WordPress using the Divi theme, hosted under Croatian academic network infrastructure, indicating a local and official presence. Technically, the website employs standard web technologies but lacks advanced security headers and privacy compliance features. No explicit contact information or privacy policies were found, which may impact user trust and regulatory compliance. The security posture is basic, with room for improvement in SSL configuration and security best practices. Overall, the site is legitimate and consistent with its stated purpose but would benefit from enhanced privacy, security, and user engagement features.

M

Mairie de Versoix

versoix.ch

41

The website www.versoix.ch is the official digital presence of the City of Versoix, Switzerland, serving as a municipal government portal. It provides residents and visitors with comprehensive information on local news, events, administrative services, public projects, and community resources. The site targets local citizens and stakeholders, positioning itself as a trusted source for municipal information and services. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript libraries such as jQuery and Flickity, and integrates third-party services like Google Tag Manager, Google reCAPTCHA, and social media SDKs. The site is mobile-optimized and features good navigation and content structure, although accessibility features are basic. From a security perspective, the site enforces HTTPS and uses reCAPTCHA for form protection, but lacks some recommended security headers such as Content-Security-Policy and X-Frame-Options. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is weak due to the absence of explicit privacy and cookie policies. Overall, the website is professionally designed and trustworthy, with a strong business credibility score. However, improvements in privacy compliance and security headers are recommended to enhance user trust and regulatory adherence.

The website www.puplinge.ch serves as the official online presence for the Commune de Puplinge, a local government entity in Switzerland. It provides municipal information, community news, and administrative services targeted primarily at residents and visitors of Puplinge. The site is designed with modern web technologies including Vue.js and Tailwind CSS, indicating a contemporary technical infrastructure with server-side rendering via Nuxt.js. The website is mobile-optimized and offers a good user experience with clear navigation and relevant content. From a security perspective, the site uses HTTPS, ensuring encrypted communications. However, the absence of security headers and lack of explicit privacy and cookie policies indicate areas for improvement in compliance and security posture. No forms or contact information were detected in the provided content, which may limit user engagement and support capabilities. Overall, the website reflects a trustworthy and professional government service portal with moderate technical maturity. Strategic enhancements in privacy compliance, security headers, and contact transparency would further strengthen its security and user trust profile.

C

Commune de Meyrin

meyrin.ch

48

The Commune de Meyrin website serves as the official digital presence for the municipal government of Meyrin, Switzerland. It provides comprehensive information about local administration, public services, cultural activities, environmental initiatives, and economic development. The site targets residents and visitors, offering clear navigation and relevant content in French. The business model is typical of a public sector entity focused on community engagement and service delivery. Technically, the site is built on Drupal 10, leveraging modern web standards and responsive design to ensure accessibility across devices. Security posture is strong with HTTPS enforcement, security headers, and GDPR-compliant cookie consent mechanisms, although explicit security and incident response policies are not prominently published. Overall, the site demonstrates a mature digital infrastructure with good content quality and trust indicators, supporting its role as a reliable municipal resource.

C

Commune de Gy

mairie-gy.ch

58

The website www.mairie-gy.ch serves as the official online presence for the Commune de Gy, a small municipal government entity in Switzerland. It provides residents and visitors with access to local government services, news, events, and administrative resources. The site is well-structured, professionally designed, and optimized for mobile devices, reflecting a moderate level of digital maturity appropriate for a local government. The technical infrastructure leverages modern web technologies and a specialized CMS platform (i-web.ch), ensuring a functional and accessible user experience. Security posture is adequate with HTTPS enforced and secure login mechanisms, though there is room for improvement in implementing security headers and explicit security policies. Privacy compliance is addressed with clear privacy and cookie policies, including user consent mechanisms. Overall, the website demonstrates high business credibility and trustworthiness consistent with its public sector role.

D

dishcounter

dishcounter.de

60

Dishcounter.de is a German e-commerce platform specializing in the rental and sale of dishware, cutlery, glasses, and dishwashing machines. The business targets event organizers and catering companies requiring large quantities of dishware, emphasizing sustainability, hygiene, and competitive pricing. The website is built on Wizmo CMS, hosted on rzone.de, and uses modern web technologies including JavaScript and Google Analytics with IP anonymization. While the site is well-designed and mobile-optimized, it lacks explicit privacy and terms of service pages, as well as clear contact information, which impacts its privacy compliance and business credibility scores. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosures. No WAF or blocking mechanisms are detected, and the content is safe for general audiences.

H

Helbling Holding AG

helbling.de

48

Helbling Holding AG is a well-established consultancy firm specializing in business advisory, technology development, and sustainability consulting. The company serves a broad range of industries including energy, real estate, manufacturing, and technology, positioning itself as a leader in innovation and sustainable business practices. Their website reflects a mature digital presence with comprehensive service descriptions and a clear focus on client engagement. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, supported by modern JavaScript libraries and Google Tag Manager for analytics. The site is hosted on Hostpoint servers, ensuring reliable performance and fast loading times. Mobile optimization and accessibility are well addressed, providing a seamless user experience across devices. From a security perspective, the site enforces HTTPS and employs consent management for cookies, demonstrating compliance with GDPR. While explicit security headers are not fully visible in the HTML, the overall posture is strong with no exposed vulnerabilities or sensitive data leaks. The absence of a dedicated security policy or incident response page is noted as an area for improvement. Overall, Helbling's website is professional, trustworthy, and aligned with industry best practices, supporting its market position as a credible and innovative consultancy. The domain registration data corroborates the legitimacy and consistency of the business identity.