Security Directory

P

PWK Technik GmbH

pwk-technik.de

52

PWK Technik GmbH is a well-established German company founded in 1992, specializing in electrical installation, security systems, data networks, fiber optic technology, and interior/shopfitting services. The company operates primarily in Germany and neighboring countries, targeting industrial, commercial, and retail clients, especially those with multiple branches. Their business model has evolved from a pure electrical service provider to a full-service provider, offering integrated solutions including consulting and construction services. The website reflects a professional and consistent brand image with clear contact information and a focus on customer trust and service quality. Technically, the website is built on a Laravel-based CMS with Livewire components, uses modern web standards including HTML5, CSS3, and JavaScript, and integrates a GDPR-compliant cookie consent manager (Klaro). Hosting and DNS services are provided via Cloudflare, ensuring good performance and security. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. No major technical issues or vulnerabilities were detected in the visible content. From a security perspective, the site enforces HTTPS and uses CSRF tokens, but lacks explicit HTTP security headers and detailed security or incident response policies. The privacy policy and cookie consent mechanisms indicate GDPR compliance. No vulnerability disclosure or security contact information is present. Overall, the security posture is solid but could be improved with additional headers and documented policies. The overall risk assessment is low, with no signs of malicious content or blocking by WAFs. Recommendations include enhancing security headers, publishing incident response and security policies, and maintaining regular security audits. The website and business present a trustworthy and professional digital presence aligned with their market position.

Kirchliche Jugendarbeit Diözese Würzburg is a non-profit organization affiliated with the Bistum Würzburg, focusing on youth work, education, and faith formation within the diocese. The website serves as a portal for information on events, services, and contact details aimed at young people and church communities. The organization holds a stable regional position with clear branding and a consistent message aligned with its religious and educational mission. Technically, the website is built on TYPO3 CMS with modern frontend technologies and includes privacy-conscious analytics and consent management tools. Security posture is solid with HTTPS and no visible vulnerabilities, though formal security policies and incident response contacts are not publicly disclosed. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, serving its audience effectively.

F

FIMCAP - International Federation of Catholic Parochial Youth Movements

fimcap.org

46

FIMCAP is an international non-profit federation uniting Catholic and Christian youth organizations across 28 countries with 31 member organizations. Founded in 1962 and officially recognized by the Holy See, it provides networking, advocacy, and organizes intercontinental and continental youth activities. The website is built on WordPress using modern plugins such as Elementor and Yoast SEO, hosted by GoDaddy. It features good design quality, clear navigation, and mobile optimization. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal security policies. Privacy compliance is basic with a cookie consent mechanism but no explicit privacy or terms of service pages. Overall, the site is trustworthy and professional, serving a general audience interested in youth and community development.

M

Mehrgenerationenhaus Ingelheim

mgh-ingelheim.de

50

Mehrgenerationenhaus Ingelheim is a local non-profit community center in Ingelheim am Rhein, Germany, providing a wide range of social, cultural, educational, and health-related services to residents of all ages. The organization focuses on fostering community engagement, volunteering, and multi-generational interaction. Their website reflects a well-structured and community-oriented approach with clear contact information and social media presence on Facebook and Instagram. Technically, the website is built on TYPO3 CMS with Bootstrap 4 and uses several JavaScript libraries including jQuery 1.11.3, FontAwesome, and Slick Slider. The site is mobile responsive and includes a cookie consent mechanism compliant with GDPR. However, some technical improvements could be made, such as updating jQuery to a more secure version and implementing security headers. From a security perspective, the site uses HTTPS and has a cookie consent banner, but lacks explicit security policies, incident response information, and security headers. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is consistent with the website's community focus and shows no privacy protection, indicating transparency. Overall, the website is trustworthy, safe, and professionally maintained, with minor technical and security enhancements recommended to improve its posture and compliance further.

F

Fachzeitungen.de

fachzeitungen.de

35

Fachzeitungen.de operates as an independent German-language portal specializing in the aggregation and presentation of specialist magazines, Fachpublikationen, and eBooks across a wide range of professional and hobbyist categories. The platform offers categorized listings, search functionality, advertising opportunities, and a press release portal, targeting professionals and enthusiasts seeking specialized publications. The website is well-structured with clear navigation and a consistent brand presence, serving a niche media market in Germany. Technically, the site is built on Drupal CMS, employs Matomo for privacy-respecting analytics, and uses modern JavaScript libraries such as Owl Carousel and Tarteaucitron.js for cookie consent management. The site is mobile-optimized and implements HTTPS, but lacks some advanced security headers and explicit security policies. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. However, no direct contact information or incident response channels are publicly visible, which could be improved for trust and compliance. WHOIS data is minimal, limiting full domain trust assessment but no suspicious patterns are evident. Overall, Fachzeitungen.de presents a professional and trustworthy media portal with room for enhanced security and transparency.

M

Messer Austria GmbH

messer.at

71

Messer Austria GmbH is a leading Austrian supplier of industrial, medical, and specialty gases with over 125 years of experience. The company operates as part of the Messer Group, the world's largest privately owned industrial gases company. Their website reflects a mature digital presence with comprehensive product and service information targeting industrial and medical sectors. Technically, the site uses modern technologies including Liferay CMS, HubSpot marketing tools, and Google APIs, delivering a good user experience with mobile optimization and accessibility features. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though there is room for improvement in public security policies and incident response transparency. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, supporting Messer Austria's market position as a reliable industrial gas provider.

D

Diakonisches Werk Coburg e.V.

diakonie-coburg.de

45

Diakonisches Werk Coburg e.V. is a regional non-profit social service organization affiliated with the evangelical church, providing counseling and support services for vulnerable populations including the elderly, disabled, families, and individuals with mental health challenges in Coburg, Germany. The website presents a clear and professional digital presence with good content quality and consistent branding. The technical infrastructure is based on WordPress with modern plugins and themes, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and incident response information are lacking. Privacy compliance is partially met with a privacy policy present but no cookie consent mechanism. Overall, the website is trustworthy and serves its community-focused mission effectively.

K

Kinopolis Management Multiplex GmbH

gloria-palast.de

10

Gloria Palast is a premium cinema located in Munich, operated by Kinopolis Management Multiplex GmbH. The website provides comprehensive information about movie programming, ticket sales, events, and premium services such as luxury seating and catering. The business targets cinema enthusiasts seeking a high-end movie experience and corporate clients for event hosting. The site is well-branded and professionally maintained with consistent messaging and active social media presence. Technically, the website uses modern JavaScript libraries including Flickity for carousels, FontAwesome for icons, and integrates third-party services for ticketing and marketing. Hosting is provided by Hetzner, a reputable German hosting provider. The site is mobile-optimized and SEO-friendly, though some minor backend PHP warnings are visible which should be addressed. Security posture is good with HTTPS enforced and cookie consent mechanisms implemented in compliance with GDPR. However, the Content-Security-Policy is commented out and not enforced, and no security.txt or explicit security policy is found. Tracking and marketing tools include Google Tag Manager, Matomo, Facebook Pixel, and TikTok, indicating moderate user tracking. Overall, the website is trustworthy and professional with minor technical improvements recommended to enhance security and backend stability.

K

Kinopolis Management Multiplex GmbH

kinopolis.de

10

Kinopolis Management Multiplex GmbH operates a regional multiplex cinema chain in Germany, providing film programming, event hosting, and ticket booking services. The website serves as a portal for cinema selection and ticket purchases, targeting general cinema-goers in Germany. The business model centers on cinema exhibition and related services, positioning Kinopolis as a medium-sized player in the German cinema market with multiple locations and partner cinemas. The website branding is consistent and content quality is good, supporting a professional user experience.

Perpetuum.cz is a Czech educational media platform established in 2017, focusing on trends, news, and innovations in education. It targets students, educators, parents, and education professionals by providing articles, videos, and expert blogs. The website is operated under the Scio brand, a recognized entity in Czech education. Technically, the site runs on WordPress with a modern theme and uses common web technologies such as jQuery, Google Analytics, and YouTube embeds. It implements GDPR-compliant cookie consent mechanisms and uses structured data for SEO. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information are lacking. Overall, the site is professional, trustworthy, and compliant with privacy regulations, serving as a reliable source of educational content in the Czech Republic.

Zu gut für die Tonne is a German government initiative aimed at reducing food waste through public education, tips, and campaigns. The website is professionally designed, content-rich, and targets the general public with a focus on sustainability and food preservation. Technically, it uses TYPO3 CMS with modern JavaScript libraries and implements a privacy-respecting Matomo analytics solution. Security posture is strong with HTTPS and cookie consent mechanisms, though some advanced security headers and explicit incident response policies are absent. Overall, the site is trustworthy, well-maintained, and compliant with GDPR requirements.

A

Adolf Lupp GmbH + Co KG

lupp.de

58

Adolf Lupp GmbH + Co KG is a well-established German construction and real estate services company with over 115 years of history and approximately 850 employees. The company operates as a general contractor offering a full lifecycle of real estate services including project development, construction, and facility management. With 13 locations and multiple subsidiaries, Lupp holds a strong market position in Germany and internationally. The website is professionally designed, mobile-optimized, and provides comprehensive business and contact information. Technically, the site runs on WordPress with modern plugins and performance optimizations. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though additional security headers and policies could enhance protection. Overall, the company demonstrates high business credibility and compliance with GDPR.

H

HBS Firmengruppe

hbs-group.de

47

HBS Firmengruppe is a family-owned group of companies specializing in electrical and planning services with multiple subsidiaries distributed across Germany and one in Poland. The group combines craftsmanship with innovative planning, serving a professional audience in the energy sector. Their website is built on TYPO3 CMS and employs modern frontend technologies, offering a good user experience with mobile optimization and clear navigation. Social media presence is strong, supporting brand visibility and engagement. Security posture is solid with HTTPS enforced and secure forms, though explicit security headers and policies are absent. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy or terms of service pages. Overall, the website reflects a professional medium-sized enterprise with a consistent brand and trustworthy online presence.

F

Fränkischer Marienweg

fraenkischer-marienweg.de

53

Fränkischer Marienweg is a small non-profit organization dedicated to promoting the cultural and religious heritage of the Franconia region in Germany through the Fränkischer Marienweg pilgrimage route. The website provides comprehensive information about the pilgrimage, including events, downloadable route data, and useful resources for pilgrims. It targets pilgrims, tourists, and cultural enthusiasts interested in Marian devotion and regional heritage. The site is built on WordPress with Elementor and uses reputable plugins for event management and file downloads, reflecting a moderate to good level of digital maturity.

Qvest is a technology and media consulting company focused on delivering future-forward solutions by leveraging technology, media expertise, and human factors to drive business value and accelerate digital transformation. The company positions itself as an established player in the technology and media sectors, targeting businesses seeking innovative transformation services. The website is powered by TYPO3 CMS and integrates modern web technologies including Google Tag Manager, Pardot, and Cookiebot for analytics and privacy compliance. The site demonstrates good digital maturity with a professional design, mobile optimization, and clear navigation. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response policies are not evident. Overall, the website is trustworthy and professional, but the absence of WHOIS data and explicit contact information slightly reduces business credibility.

V

Venus GmbH

venus.bayern

51

Venus GmbH, transitioning to Venus Ai, operates a Social Knowledge Graph platform that integrates community sourced data from tourism, administration, and regional infrastructure to foster digital sovereignty and regional development. The company targets municipalities, tourism associations, public sector entities, and social organizations primarily in Germany. Their platform leverages open data and AI to semantically link and enrich information, enabling innovative digital applications and improved data quality. Technically, the website is built on TYPO3 CMS with modern web technologies, responsive design, and accessibility features, reflecting a moderate to good digital maturity. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements in security headers and incident response transparency are recommended. Overall, the website and business present a trustworthy and professional image with clear contact information and active social media presence.

B

Bergh Special Products

berghspecialproducts.nl

61

Bergh Special Products is a specialized Dutch company focused on manufacturing and supplying wheelchair parts, accessories, and custom products such as spoke protectors and work surfaces. The company operates an e-commerce platform targeting both individual consumers and business clients, positioning itself as a niche supplier within the wheelchair and industrial product market. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its audience. Technically, the site is built on ASP.NET Web Forms with Telerik UI components and uses modern front-end frameworks like Bootstrap and FontAwesome. It integrates Google Tag Manager for analytics and maintains a moderate performance profile with good mobile optimization. Security-wise, the site enforces HTTPS and follows basic best practices but lacks some advanced headers like Content-Security-Policy. Privacy compliance is well addressed with visible privacy and cookie policies and GDPR adherence. No critical vulnerabilities or suspicious patterns were detected, and the domain registration aligns well with the business claims, indicating legitimacy and trustworthiness.

E

Evangelisch-Lutherisches Dekanat Hof

dekanat-hof.de

46

The website www.dekanat-hof.de represents the Evangelisch-Lutherisches Dekanat Hof, a regional church organization in Germany providing religious, community, and social services. The site is well-structured, content-rich, and targets local community members including families, youth, and churchgoers. It offers information on events, contact persons, and church music groups, reflecting a strong community engagement focus. Technically, the site is built on Drupal 10 with modern web technologies and includes GDPR-compliant cookie consent mechanisms. The hosting is managed via kunde24.de, and the site shows good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent, though some security headers could be improved. No critical vulnerabilities or malicious content were detected. WHOIS data is limited but consistent with the site's purpose and hosting. Overall, the site is trustworthy, professional, and compliant with privacy regulations.

K

KKV Aktuell

kkv-aktuell.de

54

KKV Aktuell is a German non-profit association website providing current information about the KKV Bundesverband. The site targets members and potential members interested in the organization's activities and membership opportunities. The business model is focused on community engagement and information dissemination within a niche non-profit sector. Technically, the website is built on WordPress with modern plugins and frameworks such as Bootstrap and jQuery, offering a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but lacks explicit security headers and incident response information. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is functional and professional but could improve in privacy and security transparency.

D

Durchstarter - Freiwilliges Schuljahr

freiwilligennet.de

41

Durchstarter - Freiwilliges Schuljahr is a German non-profit educational initiative aimed at engaging students from the 8th grade onwards in voluntary social and active school year programs. The website serves as an informational and engagement platform, offering a variety of social, cultural, and ecological volunteer opportunities in cooperation with local organizations. The platform targets young students seeking meaningful extracurricular experiences and supports partnerships with local social institutions. Technically, the website is built on a modern stack including Vue.js, Bootstrap, and Pimcore CMS, with privacy-conscious analytics via Matomo and a compliant cookie consent mechanism. Security posture is adequate with HTTPS enforced and privacy best practices observed, although explicit security headers and incident response policies are not published. Overall, the site is professional, accessible, and trustworthy, with a clear focus on educational and social engagement.

I

INES Berlin

ines-berlin.de

41

INES Berlin is an independent research institute based in Berlin-Mitte, specializing in empirical social and economic research with a focus on labor market policy, education, and personnel research in Germany and Europe. The website presents a professional and consistent brand image, targeting academic and policy audiences interested in social sciences. Key services include data analysis, survey design, and qualitative research. The market position is that of a specialized, small-sized research entity within the education sector. Technically, the website is built using AngularJS and FontAwesome, hosted likely on rzone.de servers. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. No CMS or advanced analytics tools are detected, indicating a straightforward technical infrastructure. From a security perspective, the site uses HTTPS (assumed from standard practice though not explicitly confirmed), but lacks visible security headers and cookie consent mechanisms. No forms or contact emails are present on the homepage, limiting data collection risks but also reducing direct contact options. The WHOIS data is minimal but consistent with the hosting provider, with no suspicious patterns detected. Overall, the security posture is moderate with room for improvement in policy transparency and technical safeguards. The overall risk is low given the nature of the business and content, but strategic recommendations include implementing cookie consent, publishing security and incident response policies, and enhancing security headers to improve trust and compliance.

H

HERING Gruppe

heringinternational.com

10

HERING Gruppe is a well-established German company specializing in innovative construction solutions and infrastructure products, particularly for public spaces and transportation sectors. With a history dating back to 1892 and a workforce of approximately 700 employees, the company offers a broad portfolio including architectural concrete facades, public sanitary facilities, railway construction, noise protection, and photovoltaic technologies. The website reflects a professional and comprehensive digital presence, leveraging TYPO3 CMS and modern frontend technologies to deliver a user-friendly experience. Security posture is generally good with HTTPS and no visible vulnerabilities, though improvements in security headers and cookie consent mechanisms are recommended. The absence of WHOIS data for the domain is a notable anomaly that warrants further investigation to confirm domain legitimacy. Overall, HERING presents as a credible and mature business with strong market positioning in the transportation and construction industries.

H

HBS Elektrobau GmbH

hbs-elektrobau.de

10

HBS Elektrobau GmbH is a German company specializing in electrical installation services, training, and maintenance, operating under the umbrella of the HBS Gruppe. The company positions itself as a quality and reliable provider in the energy and transportation sectors, offering a broad range of services including Anlagenbau, Bahntechnik, Elektrotechnik, and Sicherheitstechnik. The website is professionally designed using TYPO3 CMS and modern frontend technologies, providing good user experience and mobile optimization. Social media integration is strong, enhancing brand presence. Security posture is adequate with HTTPS enabled, but lacks explicit security headers and detailed privacy or incident response policies. No blocking or WAF challenges were detected, allowing full content access. Overall, the site reflects a medium-sized, established business with consistent branding and good technical implementation.

G

Gehrmeyer Orthopädie- und Rehatechnik GmbH

gehrmeyer.com

61

Gehrmeyer Orthopädie- und Rehatechnik GmbH is a medium-sized healthcare company based in Osnabrück, Germany, specializing in orthopedics, rehabilitation technology, and home care services. The company offers a broad range of services including modern rehabilitation technology, pediatric care, mobility aids for the elderly, compression therapy, and pregnancy care. Their website reflects a professional and consistent brand presence targeting patients, healthcare providers, and elderly or disabled individuals. The business model focuses on providing specialized medical devices and support services regionally, supported by partnerships with recognized suppliers. Technically, the website is built on the Umbraco CMS platform and employs modern web technologies such as JavaScript, jQuery, FontAwesome, and integrates Google Analytics and FriendlyCaptcha for analytics and bot protection. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. From a security perspective, the site enforces HTTPS, uses CSRF tokens in forms, and implements captcha protection to mitigate automated abuse. However, the absence of explicit security headers and a visible security policy or incident response contact reduces the overall security maturity. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is missing, which is unusual and slightly reduces trust, but the active and professional website presence supports legitimacy. Overall, Gehrmeyer demonstrates a solid digital presence with good privacy and security practices, though improvements in security header implementation and transparency around incident response would enhance their security posture. The missing WHOIS data warrants monitoring but does not currently indicate malicious intent.

B

Bundesanstalt für Landwirtschaft und Ernährung

genres.de

61

The website www.genres.de is an official German government platform managed by the Bundesanstalt für Landwirtschaft und Ernährung (BLE), focusing on genetic resources and biodiversity. It serves as an information system providing access to databases, expert committees, international cooperation details, and news related to agrobiodiversity and forestry genetic resources. The site targets researchers, policymakers, and professionals in agriculture and forestry sectors, offering authoritative and structured content in German and English. Technically, the site is built on TYPO3 CMS with modern web technologies including jQuery and FontAwesome. It demonstrates good mobile optimization, accessibility, and SEO practices. The site is served over HTTPS with no detected blocking or WAF interference, indicating a secure and accessible infrastructure. However, some security headers are not explicitly detected, and no security.txt or vulnerability disclosure mechanisms are present. From a security and compliance perspective, the site enforces HTTPS and uses nonce attributes for scripts, but lacks a cookie consent mechanism and explicit contact information for incident response or data protection officers. The privacy policy is present and appears comprehensive, supporting GDPR compliance. No advertising or tracking scripts are detected, indicating minimal user tracking. Overall, the website is professional, trustworthy, and well-maintained, suitable for its governmental informational purpose. Strategic improvements include adding cookie consent, explicit contact details for security and data protection, and enhanced security headers to strengthen compliance and security posture.

B

Bundesanstalt für Landwirtschaft und Ernährung

bundesprogramm.de

62

The website www.bundesprogramm.de is an official German federal government platform managed by the Bundesanstalt für Landwirtschaft und Ernährung under the Bundesministerium für Ernährung und Landwirtschaft. It promotes the expansion of ecological agriculture and organic food production in Germany through funding, information dissemination, and research support. The site targets agricultural businesses, bio enterprises, researchers, and consumers interested in organic farming. The business model is a government-funded program providing grants and resources to support organic value chains. The site is well-branded, consistent, and trustworthy with official logos and links to related government portals. Technically, the website is built on TYPO3 CMS and uses modern web technologies including jQuery, FontAwesome, and Slick Carousel. It is hosted likely by ITZBund, a German federal IT service provider, and uses Matomo for privacy-conscious analytics. The site is mobile-optimized, accessible, and SEO-friendly. Cookie consent is implemented via a modal, and privacy policies are comprehensive and GDPR compliant. From a security perspective, the site enforces HTTPS and does not expose sensitive data. However, it lacks explicit security headers and does not provide a public security policy or incident response contact. No vulnerabilities or suspicious elements were detected. The domain WHOIS data is consistent with the website's government affiliation, though detailed registrant info is limited. Overall, the site demonstrates a strong security posture appropriate for a government information portal. The overall risk is low, with no critical issues detected. Strategic recommendations include adding security headers, publishing a security policy, and providing vulnerability disclosure information to enhance transparency and trust.

G

GMK GmbH & Co. KG

gmk.de

55

GMK GmbH & Co. KG is a professional advertising agency based in Bayreuth, Germany, specializing in creative and strategic marketing services including corporate design, content creation, web development, online marketing, and brand building. The company serves a diverse clientele ranging from medium-sized businesses to global players, positioning itself as a full-service agency with a strong regional presence and multiple industry awards. Technically, the website is built on TYPO3 CMS with modern web technologies and integrates advanced analytics and consent management tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and privacy compliance mechanisms in place, though there is room for improvement in security headers and incident response transparency. Overall, the website is professional, trustworthy, and well-optimized for user experience and SEO.

B

Bayerisches Rotes Kreuz – Kreisverband Bayreuth

brk-bayreuth.de

47

The Bayerisches Rotes Kreuz – Kreisverband Bayreuth website represents a well-established regional non-profit organization focused on social, health, and emergency services within the Bayreuth area in Germany. The organization provides a broad range of services including emergency rescue, elderly care, social support, childcare, first aid training, and volunteer community groups. The website content is comprehensive, professionally designed, and clearly targeted at residents and stakeholders seeking assistance or engagement with the Red Cross in Bayreuth. Technically, the website is built on WordPress using modern plugins such as Yoast SEO and WP Rocket for optimization. It employs standard web technologies including jQuery and FontAwesome, and demonstrates good mobile responsiveness and SEO practices. The site loads quickly and provides a positive user experience with clear navigation and structured content. From a security perspective, the site uses HTTPS with an excellent SSL configuration but lacks visible security headers and does not provide public information on security policies, incident response, or vulnerability disclosure. No cookie consent mechanism was detected, which may present a GDPR compliance gap. Analytics are implemented via WP Statistics with minimal user tracking. Overall, the website is trustworthy and professional, with strong business credibility and content quality. Strategic recommendations include implementing security headers, adding cookie consent mechanisms, publishing security and incident response policies, and enhancing privacy compliance disclosures to further strengthen the security posture and regulatory adherence.

I

Institut für Religionspädagogik und Lehrkräftefortbildung in Bayern

irl-bayern.de

41

The Institut für Religionspädagogik und Lehrkräftefortbildung in Bayern (IRL) is a recently founded educational institution (2025) focused on religious pedagogy and teacher training within Bavaria, Germany. It serves religious education teachers across multiple school types by providing professional development courses, resources, and events. The website reflects a professional and regionally focused organization with clear affiliations to the Archdiocese of Munich and Freising. Technically, the website is built on TYPO3 CMS with modern frontend frameworks such as Bootstrap and MDBootstrap, ensuring good mobile responsiveness and user experience. Hosting is provided by Alfahosting, a reputable German hosting provider. The site uses standard web technologies including jQuery and FontAwesome, and employs a contact form with client-side validation. From a security perspective, the site uses HTTPS and secure form submission but lacks visible security headers and explicit privacy or cookie policies, which are important for GDPR compliance. No analytics or tracking scripts were detected, indicating minimal user tracking. WHOIS data is consistent with the business identity, supporting legitimacy. Overall, the website is well-structured and professional but would benefit from enhanced privacy compliance and security header implementation to improve trust and regulatory adherence.

P

pdir GmbH

contao-themes.net

56

Contao-Themes.net is a specialized digital agency project by pdir GmbH, offering a curated collection of free and premium Contao CMS themes. The company leverages over 15 years of experience in Contao development to provide high-quality themes, installation, support, and consulting services. The website is well-positioned in the niche market of Contao CMS themes, targeting web agencies, freelancers, and businesses seeking professional Contao templates. Technically, the site uses a modern stack including Contao CMS, Bootstrap, jQuery, and integrates Google Adsense and Matomo analytics, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and clientTransferProhibited domain status, though improvements like enabling DNSSEC and adding CSP headers are recommended. Privacy compliance is strong with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the site demonstrates professionalism, trustworthiness, and a clear business model focused on theme sales and related services.

G

Gaerne

gaerne.com

69

Gaerne is an established e-commerce business specializing in motorcycle boots and footwear, serving motorcycle enthusiasts and professionals. The website is built on the BigCommerce platform, leveraging modern e-commerce technologies and third-party analytics tools such as Google Analytics, Microsoft Clarity, and Facebook Pixel. Privacy and cookie policies are implemented with a consent mechanism, reflecting good compliance with GDPR standards. The domain is long-standing, created in 1997, and secured with HTTPS and domain transfer protection, indicating a trustworthy online presence. However, the absence of explicit security policies and incident response contacts suggests room for improvement in transparency and security governance.

K

Kompetenzzentrum Technik-Diversity-Chancengleichheit e. V.

zukunftswerkstatt-kommunen.de

50

Zukunftswerkstatt Kommunen (ZWK) is a German government-funded non-profit project managed by Kompetenzzentrum Technik-Diversity-Chancengleichheit e. V. It supports 40 municipalities in managing demographic change through consulting, digital tools, and networking. The website is professionally designed using TYPO3 CMS and modern web technologies, providing comprehensive content, accessibility features, and clear navigation. Security posture is strong with HTTPS, security headers, and reCAPTCHA integration, though dedicated security and incident response policies are not published. Overall, the site is trustworthy, compliant with GDPR, and serves a specialized governmental audience effectively.

W

Wyższa Szkoła Informatyki i Zarządzania

wsiz.pl

48

Wyższa Szkoła Informatyki i Zarządzania (WSIiZ) is a Polish higher education institution specializing in computer science and management, operating since 2001. The website serves as an informational portal for prospective and current students, offering details about academic programs and institutional information. Technically, the site is built on WordPress with common plugins such as Yoast SEO and MegaMenu Pro, and uses Google Tag Manager for analytics. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility features. Security posture is basic with HTTPS enabled but missing important security headers and DNSSEC. Privacy compliance is weak due to absence of explicit privacy and cookie policies. Business credibility is strong given the domain age and consistent WHOIS data. Overall, the site is functional and professional but would benefit from enhanced security and privacy practices.

B

Bischöfliche Studienförderung Cusanuswerk

cusanuswerk.de

46

The Cusanuswerk is a well-established non-profit scholarship organization affiliated with the Catholic Church in Germany, providing financial and ideational support to approximately 2,400 talented Catholic apprentices, students, and doctoral candidates. It operates with funding from state, church, and private sources and holds recognized certifications for excellence, positioning it as a reputable institution in the educational non-profit sector. The website is professionally designed using TYPO3 CMS, featuring comprehensive content, clear navigation, and mobile optimization. It integrates modern frontend technologies such as Owl Carousel and FontAwesome, hosted on a stable infrastructure with domain control by a reputable registrar. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although improvements could be made by adding security headers and explicit incident response contacts. Privacy compliance is generally good with a comprehensive privacy policy, but lacks a visible cookie consent mechanism. Contact information is available primarily via phone and contact forms, with social media presence on LinkedIn. Overall, the site reflects a trustworthy and professional organization with a strong focus on educational support and community engagement.

K

Katholischer Akademischer Ausländer-Dienst

kaad.de

49

The Katholischer Akademischer Ausländer-Dienst (KAAD) is a well-established non-profit organization affiliated with the Catholic Church in Germany, focused on providing scholarships and educational support to postgraduate students and young professionals from developing countries across Africa, Asia, Latin America, Eastern Europe, and the Middle East. With a history spanning over 65 years, KAAD supports leadership development through academic programs, networking, and spiritual guidance. The website reflects a professional and consistent brand image, targeting academics and emerging leaders in global development contexts. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies such as Bootstrap, FontAwesome, and jQuery. It is hosted on Goneo servers, uses HTTPS with good SSL configuration, and demonstrates moderate performance and good mobile optimization. SEO and accessibility are adequately addressed, though some accessibility features could be enhanced. From a security perspective, the website enforces HTTPS and uses secure form submissions but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is generally good with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a minor gap. Overall, the KAAD website presents a trustworthy, professional, and secure platform suitable for its educational and non-profit mission. Strategic improvements in security headers, cookie consent, and vulnerability disclosure would further strengthen its security posture and compliance.

A

Amnesty International Hochschulgruppe Bamberg

amnesty-bamberg-hochschulgruppe.de

46

The website represents the Amnesty International Hochschulgruppe Bamberg, a local non-profit student group focused on human rights advocacy and education. It provides information about events, campaigns, and ways to get involved, targeting students and human rights supporters in Bamberg, Germany. The site is built on WordPress and uses common plugins and libraries to deliver content and event information. While the site is functional and provides relevant content, it lacks some advanced privacy and security features such as cookie consent mechanisms and explicit security headers. Contact information is primarily via a contact form, with no direct emails or phone numbers visible. Social media presence is established on Facebook and Instagram, enhancing outreach. Overall, the site is consistent with a small non-profit local group and maintains a moderate level of professionalism and trustworthiness.

M

Mathäser Filmpalast

mathaeser.de

64

Mathäser Filmpalast is a prominent cinema located in Munich, Germany, offering a wide range of film screenings, events, and online ticketing services. The website reflects a mature digital presence with comprehensive content about current and upcoming films, events, and cinema facilities. It targets cinema-goers in Munich and surrounding areas, positioning itself as a leading entertainment venue with premium technologies such as Dolby Cinema and advanced sound and projection systems. The site integrates multiple third-party services for marketing and ticket sales, demonstrating a well-established business model within the hospitality and entertainment sectors. Technically, the site uses modern JavaScript libraries, responsive design, and structured data to enhance user experience and SEO.

Casino Aschaffenburg operates as a cultural arthouse cinema located in Aschaffenburg, Germany, offering a curated program of arthouse films, special film series, and events. The business targets local cinema enthusiasts and cultural audiences, providing ticket sales, café services, and venue rental. The website reflects a small-sized, community-focused business with consistent branding and good content quality. Technically, the site is built on TYPO3 CMS with modern frontend technologies including jQuery and Slick Slider, and incorporates a cookie consent manager (Klaro) to comply with privacy regulations. The site is mobile-optimized and provides a clear navigation structure. Security-wise, the website enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and incident response information. No vulnerabilities or suspicious content were detected. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

B

Brillinger Orthopädie

brillinger.de

49

Brillinger Orthopädie is a well-established German healthcare provider specializing in orthopaedic and rehabilitation technologies. Recently acquired by Ottobock, it benefits from being part of a large global network, enhancing its market position and service capabilities. The website reflects a professional healthcare business with a clear focus on patient care and quality. Technically, the site is built on TYPO3 CMS, uses modern web technologies, and implements GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS and privacy tools in place, though explicit security headers and policies could be improved. Overall, the site is trustworthy, accessible, and well-structured, serving its target audience effectively.

The website www.bender-verlag.com is currently inaccessible beyond a maintenance mode placeholder page in German, indicating the site is offline or under maintenance. There is no accessible business content, contact information, or security and privacy policies. The technical infrastructure is minimal, relying on WordPress with the SeedProd coming soon plugin, jQuery, Tailwind CSS, and FontAwesome. No advanced security headers or analytics tools are detected. The WHOIS data is unavailable or the domain appears unregistered, which severely impacts trust and legitimacy. Overall, the site lacks digital maturity and security posture, providing no meaningful business or compliance information.

T

Trägerverein Freies Kinderhaus e.V.

seegrasspinnerei.de

9

The Alte Seegrasspinnerei website represents a small non-profit organization, Trägerverein Freies Kinderhaus e.V., focused on child and youth community services in Nürtingen, Germany. The organization offers free children's house services, event hosting, workshops, and fundraising initiatives. Their market position is local and community-oriented, targeting families, donors, and supporters of youth welfare. The website content is primarily in German and provides clear contact information and donation links integrated with recognized platforms such as betterplace.org and wirwunder.de. Technically, the website is built on WordPress with common plugins for event management and galleries. The infrastructure includes jQuery and FontAwesome, hosted with DNS services from DomainControl (GoDaddy). The site is moderately performant and mobile-optimized, with basic accessibility and SEO features. No advanced security headers were detected, but HTTPS is enforced, and no sensitive data exposure was found. From a security perspective, the site shows a moderate security posture with room for improvement in implementing security headers and visible security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. No incident response or vulnerability disclosure information is available. The domain WHOIS data is minimal but consistent with a legitimate small non-profit entity. Overall, the website is professional, trustworthy, and safe for general audiences, with recommendations to enhance security headers, privacy compliance, and incident response transparency to improve trust and resilience.

V

Verband der W. K. St. V. Unitas e.V.

unitas.org

10

The website www.unitas.org represents the Verband der Wissenschaftlichen Katholischen Studentenvereine Unitas e.V., the oldest Catholic student and academic association in Germany, founded in 1855. It serves as a community platform for Catholic students and alumni across 29 university locations, offering social, educational, and religious activities. The organization uniquely includes both male and female student associations and emphasizes lifelong connections and social responsibility through various projects and events. The site content is primarily in German and targets Catholic students and academics in Germany.

The website kircheinbayern.de serves as an official informational platform for the Catholic Church in Bavaria, operated under the auspices of the Bistum Würzburg. It provides comprehensive information about dioceses, church programs, and community engagement, targeting the general public interested in religious content. The site is built on TYPO3 CMS with modern frontend technologies and integrates privacy-respecting analytics and consent management, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response details are absent. Overall, the site demonstrates a high level of professionalism and trustworthiness appropriate for a government/non-profit religious institution.

V

Volkshochschulen Kulmbach Stadt und Land

vhs-kulmbachstadtundland.de

47

Volkshochschulen Kulmbach Stadt und Land operates as a regional adult education provider offering a broad range of courses in areas such as politics, culture, health, languages, and digital learning. The website serves as a comprehensive portal for course information, registration, and institutional details, targeting adult learners in the Kulmbach district of Germany. The organization holds recognized certifications such as EFQM 2023, enhancing its credibility in the education sector. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including jQuery and FontAwesome, with accessibility tools like eyeAble and a robust cookie consent mechanism via Klaro. The site is mobile-optimized, SEO-friendly, and provides a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS and employs cookie consent for privacy compliance. However, it lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or suspicious activities were detected, and the domain registration data aligns well with the website content, indicating legitimacy. Overall, the website presents a trustworthy, professional, and user-friendly platform for adult education services with good privacy compliance and moderate security posture. Strategic improvements in security headers and incident response transparency could further enhance its security maturity.

D

Deutsches Taubblindenwerk gemeinnützige GmbH

taubblindenwerk.de

57

Deutsches Taubblindenwerk is a leading non-profit organization in Europe dedicated to supporting individuals with dual sensory impairments, specifically Taubblindheit and Hörsehbehinderung. The organization offers a comprehensive range of services including early intervention, special education, residential care, rehabilitation, and vocational training. Their mission focuses on enabling self-determined lives and social participation for children, youth, and adults affected by these disabilities. The website reflects a well-structured and professional digital presence with clear navigation and accessibility features tailored to their audience. Technically, the site is built on WordPress with modern frameworks and includes essential SEO and privacy compliance elements such as GDPR-aligned cookie consent and privacy policies. Security posture is solid with HTTPS enforced and privacy-conscious analytics configurations, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the domain and hosting setup appear legitimate and consistent with the organization's profile, supporting a trustworthy online presence.

S

Sparkasse Hannover

gut-fuereinander.de

37

The website gut-fuereinander.de serves as a platform for the Sparkasse Ehrenamtspreis 2025, an initiative by Sparkasse Hannover to promote and support voluntary engagement among its employees and retirees. It provides information about the award, allows participants to apply for funding for charitable organizations in the Hannover region, and enables voting for favorite projects. The site targets internal stakeholders of Sparkasse Hannover and its subsidiaries, emphasizing community involvement and corporate social responsibility. Technically, the website employs a modest technology stack including jQuery 1.11.0, Alertify.js, FontAwesome, and Galleria for image galleries. While functional, the use of an outdated jQuery version and broken image links indicate areas needing maintenance and modernization. The site lacks advanced frameworks or CMS indications and shows basic mobile optimization and accessibility features. From a security perspective, the site uses HTTPS and includes CSRF tokens in its login form, demonstrating some security awareness. However, the absence of security headers, outdated libraries, and missing cookie consent mechanisms highlight compliance and security gaps. No critical vulnerabilities or malware indicators were found, but improvements are recommended to enhance security posture and GDPR compliance. Overall, the website is moderately trustworthy and functional but would benefit from technical updates, improved privacy compliance, and enhanced user experience to better serve its audience and uphold security standards.

A

ARTAL-Reisen GmbH

artal-reisen.de

45

ARTAL-Reisen GmbH is a well-established German bus travel company founded in 1972, specializing in group travel, wheelchair accessible trips, and bus rentals primarily serving the Hannover and Bremen regions. The company operates a professional website built on WordPress with modern plugins and a clear focus on user experience and accessibility. The site includes comprehensive privacy and cookie policies with GDPR-compliant consent mechanisms, reflecting a mature approach to data protection. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the website projects trustworthiness and professionalism suitable for its target audience.

B

Bad Soden am Taunus

bad-soden.de

61

Bad Soden am Taunus operates an official municipal website providing a broad range of citizen services, city information, leisure activities, economic development support, and online digital services. The site targets residents, visitors, and local businesses, positioning itself as a comprehensive government portal for the community. The website is built on the ionas4 CMS platform with modern web technologies including AngularJS and SystemJS, and it is hosted on regional government infrastructure. The site demonstrates good digital maturity with responsive design, clear navigation, and structured content. Security posture is solid with HTTPS enforced and use of Google reCAPTCHA for form protection, though explicit security headers and policies are not fully visible. Privacy compliance is basic with a cookie consent mechanism but lacks a clearly accessible privacy policy. Overall, the site is trustworthy and professional, serving its government function effectively.

KHG Erlangen is a small, non-profit community organization serving students and young academics in Erlangen, Germany. The website provides information about their spiritual, social, and support services including regular religious services, community events, counseling, and housing assistance. The organization positions itself as an inclusive and open community welcoming diverse backgrounds. Technically, the website is built on the Contao CMS platform with modern frontend libraries such as jQuery and Bootstrap, hosted on NSHost infrastructure. The site is mobile optimized and offers a good user experience with clear navigation and relevant content. Security posture is moderate with HTTPS enabled but lacks visible security headers and a public security policy. Privacy compliance is basic with a privacy policy page present but no cookie consent mechanism. Overall, the website is trustworthy and professional, serving its community effectively.

G

GFBio - Gesellschaft für Biologische Daten e.V.

gfbio.org

54

GFBio is a German non-profit federation focused on providing a national data infrastructure for biological and environmental research data management. Established in 2013 and funded by the DFG, it offers services including data submission, search, visualization, and training to researchers in biodiversity and ecology. The website reflects a mature organization with a clear mission and strong partnerships, notably with the NFDI4Biodiversity consortium and other research projects. Technically, the website employs modern web technologies such as Bootstrap 5, Matomo and Google Analytics for tracking, and uses secure HTTPS connections. The infrastructure appears stable and moderately performant with good mobile optimization. However, some security enhancements like DNSSEC and security headers are missing, and there is no visible cookie consent mechanism, which may impact GDPR compliance. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and domain transfer protection. The WHOIS data is transparent and consistent with the organization's profile, enhancing trustworthiness. No critical vulnerabilities or suspicious content were detected. Nonetheless, improvements in security headers, privacy compliance, and incident response disclosures are recommended. Overall, GFBio presents a trustworthy and professional online presence suitable for its research audience, with moderate risk and room for security and privacy enhancements.