Security Directory

P

Papoo Software & Media GmbH

cmm-ehrenfeld.de

47

The website cmm-ehrenfeld.de hosts a login page for CCM19, a cookie consent management software developed by Papoo Software & Media GmbH. The platform targets businesses and website operators requiring tools to manage cookie consent and privacy compliance, offering multilingual support and user account management. The business operates in the technology sector, likely as a small-sized SaaS provider focused on privacy compliance solutions. Technically, the website uses standard web technologies including jQuery and CSS, with hosting DNS managed by GoDaddy's domaincontrol.com. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. No CMS or advanced frameworks are detected. The login form uses secure POST methods but lacks visible security headers and explicit SSL/TLS configuration details. From a security perspective, the site shows basic best practices such as password masking and form submission via POST. However, it lacks published privacy, cookie, or security policies, and no incident response or vulnerability disclosure information is available. WHOIS data is minimal but consistent with a legitimate domain, though registrant details are not disclosed. No WAF or blocking mechanisms are detected, and the content is fully accessible and safe. Overall, the website is functional but basic in content and security posture, with room for improvement in privacy compliance, security headers, and transparency. The risk level is moderate with no critical vulnerabilities detected but lacking in trust and compliance signals.

The website www.ict-group.cz represents a small Czech IT service provider specializing in IT management, protection, outsourcing, and related IT services. The site is built using Thrive Themes tools and incorporates multiple third-party marketing and tracking technologies such as Google Tag Manager, Facebook Pixel, Microsoft Clarity, and Adform. The content is primarily in Czech and targets business clients seeking IT solutions. The technical infrastructure is moderately modern with HTTPS enabled, but lacks advanced security headers and visible privacy or cookie policies, which impacts compliance and trust. The absence of WHOIS data and registrant information reduces domain trustworthiness and raises concerns about domain legitimacy. Overall, the website is functional but requires improvements in transparency, security best practices, and compliance to enhance its credibility and security posture.

A

Autodesk

autodesk.cz

71

Autodesk is a globally recognized leader in design and make technology, providing software solutions across architecture, engineering, construction, manufacturing, and entertainment industries. The website reflects a mature digital presence with extensive localization, professional design, and advanced technical infrastructure. The use of Adobe Experience Manager as CMS and integration of monitoring tools like Dynatrace and Tealium indicate a high level of digital maturity. Security posture is strong with HTTPS enforcement and modern cookie practices, though explicit security policies and incident response information are not readily visible. The absence of WHOIS data is noted but likely due to privacy or registry policies rather than malicious intent. Overall, Autodesk's website is professional, secure, and trustworthy, serving a broad professional audience worldwide.

RetroFest.cz is a small-scale, niche event website dedicated to a 2015 retro computing conference organized by students of the Czech Technical University in Prague under the Silicon Hill club. The site serves primarily as an informational portal for event details, partner acknowledgments, and archival content such as lecture recordings. The business model revolves around community engagement and educational event hosting within the technology and education sectors. The website's market position is limited to a specialized audience interested in retro hardware and software history. Technically, the website is a simple static HTML site with basic CSS and JavaScript, including Google Analytics for visitor tracking. The hosting is provided by ACTIVE 24, and the domain is registered consistently with the academic affiliation. However, the site lacks modern web standards such as HTTPS, security headers, and mobile optimization, which limits its technical maturity and security posture. From a security perspective, the absence of HTTPS and security headers, along with loading external scripts over HTTP, exposes the site to potential man-in-the-middle attacks and data interception risks. No privacy or cookie policies are present, which is a compliance gap under GDPR. The site does not collect user data via forms, reducing some risk, but the use of Google Analytics without consent mechanisms is a privacy concern. Overall, the website is functional for its intended purpose but requires significant improvements in security, privacy compliance, and technical modernization to enhance trustworthiness and user safety. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, improving mobile responsiveness, and adopting security best practices.

S

Silicon Hill

installfest.cz

45

Installfest.cz is a well-established community-driven event focused on Linux and open-source software, organized primarily by the Silicon Hill club at the Czech Technical University. The website serves as an information hub for the annual InstallFest conference, targeting both beginners and experts in the Linux and open-source community. The event offers installation assistance, lectures, and online participation, positioning itself as a key community event in the Czech Republic's technology education sector. Technically, the website uses modern web technologies such as Vue.js and JavaScript modules, hosted by a reputable Czech provider, Active24. The site is mobile-optimized and well-structured, providing a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and avoids exposing sensitive data but lacks visible security headers and formal privacy or cookie policies, which are areas for improvement. Overall, the domain registration data aligns well with the website's history and content, supporting its legitimacy and trustworthiness.

The website bistum-wuerzburg.systems represents the Diocese of Würzburg, a public law corporation serving as the Catholic Church's regional authority in Würzburg, Germany. The site primarily provides official contact information and links to the main diocesan website and legal/privacy pages. The business operates as a non-profit religious organization with a focus on ecclesiastical administration and community services. The target audience includes parishioners, church members, and the general public interested in diocesan affairs. Technically, the website is minimalistic, built with basic HTML and CSS, lacking modern frameworks or CMS indications. It shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. No analytics or tracking scripts are detected, indicating a privacy-conscious approach. From a security perspective, the site lacks visible HTTPS enforcement and security headers, which lowers its security posture. The malformed WHOIS data limits domain registration transparency, raising moderate trust concerns. However, the presence of official contact details and consistent branding supports legitimacy. No vulnerabilities or sensitive data exposures are evident. Overall, the website is safe and trustworthy but would benefit from improved technical and security implementations. Strategic recommendations include enabling HTTPS, adding security headers, implementing cookie consent, and improving WHOIS transparency to enhance trust and compliance.

N

NEW.EGO GmbH

newego.de

68

NEW.EGO GmbH is a premium internet agency based in Munich, Germany, specializing in TYPO3 CMS solutions and digital B2B communication services. Founded in 2005, the company serves medium-sized businesses and hidden champions primarily in the DACH region. Their key offerings include TYPO3 consulting, development, hosting, SEO, and comprehensive digital strategy services. The company holds multiple TYPO3 certifications and industry awards, reflecting a strong market position and trusted reputation. Technically, the website is built on TYPO3 CMS with a modern tech stack including JavaScript, CSS, and privacy-focused analytics tools like self-hosted Matomo. The site is well-optimized for performance, mobile responsiveness, and SEO, with a professional design and clear navigation. Security best practices such as HTTPS and cookie consent mechanisms are implemented, though explicit security headers and incident response policies are not publicly detailed. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, featuring comprehensive privacy and cookie policies aligned with GDPR. The company demonstrates strong business credibility through detailed contact information, client testimonials, and certifications. Overall, the website presents a trustworthy and professional digital presence suitable for its B2B audience.

V

vdek - Verband der Ersatzkassen e.V.

vdek-arztlotse.de

51

The vdek-Arztlotse website is a healthcare information platform operated by the vdek - Verband der Ersatzkassen e.V., a German health insurance association. It provides comprehensive search and rating services for doctors, dentists, and psychotherapists across Germany, targeting patients and the general public seeking medical professionals. The platform is well-positioned within the German healthcare sector as a trusted source of medical provider information. Technically, the website employs modern web technologies including HTML5, CSS, JavaScript, and uses Adobe Experience Manager as its CMS. It integrates Piwik (Matomo) analytics for user tracking and demonstrates good mobile optimization, accessibility, and SEO practices. The site is served over HTTPS, ensuring secure communications. From a security perspective, the site follows basic best practices such as HTTPS enforcement and secure form handling. However, it lacks explicit security headers and a cookie consent mechanism, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website's public healthcare association identity, indicating legitimacy and consistency. Overall, the website presents a low risk profile with good business credibility and technical maturity. Strategic recommendations include implementing security headers, adding cookie consent for GDPR compliance, publishing a security policy, and providing direct contact information for improved transparency and trust.

Č

Česká Národní AI Platforma (CNAIP)

cnaip.cz

61

CNAIP (Česká Národní AI Platforma) is a key national platform driving the development and collaboration of artificial intelligence in the Czech Republic. It connects academia, industry, government, and non-profit sectors to foster a robust AI ecosystem. The platform organizes major AI events, including the Dny AI festival and AI Awards, positioning the Czech Republic as a European AI leader. Technically, the website is built on modern frameworks like Next.js and React, with good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers are missing. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent. Overall, CNAIP presents a professional and trustworthy digital presence supporting its mission.

S

Stadt Ingelheim am Rhein, Forschungsstelle Kaiserpfalz Ingelheim

karlsjahr2014-ingelheim.de

44

The website karlsjahr2014-ingelheim.de serves as an informational and promotional platform for the Karlsjahr 2014 cultural event in Ingelheim am Rhein, commemorating 1200 years since the death of Charlemagne. It is managed by local government and cultural institutions, providing detailed schedules, exhibition information, and visitor guidance. The site targets tourists, history enthusiasts, families, and educational groups. The business model focuses on cultural heritage promotion and education, positioning itself as a local government-supported event site.

S

ScioArt

scioart.cz

55

ScioArt is an innovative basic art school based in Prague, Czech Republic, targeting children aged 5 to 18 years. The institution focuses on interdisciplinary art education, fostering creativity, experimentation, and project-based learning. The website reflects a professional and consistent brand image aligned with its educational mission. Technically, the site is built on the Wix platform, utilizing standard Wix scripts and assets, with moderate performance and good mobile optimization. Security posture is basic, with HTTPS enabled but lacking advanced security headers and privacy policies. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency. Overall, the site presents a moderate risk profile with recommendations to improve security headers, privacy compliance, and domain registration verification.

S

Silicon Hill

siliconhill.cz

41

Silicon Hill is a prominent student club operating within the Strahov dormitories primarily serving CTU students and other university residents. It provides a broad range of services including network infrastructure management, educational courses, event organization, and community facilities such as a gym and workshop spaces. The club has a strong partnership network with major technology companies and the university itself, positioning it as a key player in the student community ecosystem. Technically, the website employs standard web technologies with JavaScript and CSS but lacks advanced frameworks or CMS. The site is moderately optimized for performance and accessibility but could improve mobile responsiveness and SEO. Security posture is moderate; while CSRF tokens are present, there is no evidence of HTTPS enforcement or security headers in the provided data. The absence of WHOIS data is a concern for domain legitimacy verification, though the detailed and consistent website content suggests a legitimate organization. Privacy and cookie policies are missing, indicating compliance gaps. Overall, the site is functional and professional but would benefit from enhanced security and privacy measures.

Z

Zweckverband Abfallwirtschaft Südwestsachsen

za-sws.de

50

The Zweckverband Abfallwirtschaft Südwestsachsen (ZAS) is a public-law waste management association founded in 1993, serving the Erzgebirgskreis and Zwickau counties in Germany. It operates as a regional waste disposal authority responsible for waste management infrastructure, disposal security, landfill remediation, and waste balance reporting. The website provides comprehensive information and services for residents and businesses in the region, including waste calendars, contact forms, and downloadable official documents. The site is professionally designed with clear navigation and consistent branding, targeting local citizens and commercial entities requiring waste management services. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript with jQuery and fancyBox libraries for UI enhancements. While no CMS or hosting provider details are evident, the site shows moderate performance and basic mobile optimization. SEO and accessibility features are present but could be improved. The site employs HTTPS and a cookie consent mechanism with Google Analytics tracking, indicating a moderate level of digital maturity. From a security perspective, the site lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is good with a clear privacy policy and cookie consent banner. The WHOIS data aligns well with the organization's identity, showing a consistent and legitimate domain registration without privacy protection, appropriate for a public entity. Overall, the website presents a trustworthy and professional digital presence for a regional government waste management authority. Strategic improvements could focus on enhancing security headers, mobile accessibility, and publishing security and incident response policies to strengthen trust and compliance.

W

Wilhelm Zuleeg GmbH

zuleeg.de

66

Wilhelm Zuleeg GmbH operates a professional e-commerce website specializing in high-quality, sustainable fabrics made in Germany. The website targets sewing enthusiasts and businesses seeking premium textile materials and accessories. The company leverages the Shopify platform, ensuring a modern and performant online shopping experience. The site includes comprehensive privacy and cookie policies, indicating GDPR compliance and a focus on user data protection. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy, although the website content and platform usage support its authenticity. Security measures such as HTTPS, hCaptcha, and cookie consent mechanisms are implemented, but explicit security policies and incident response contacts are not found.

A

Abele Optik

abele-optik.de

70

Abele Optik is a well-established German retail company specializing in eyewear products including glasses, sunglasses, contact lenses, and related care products. With a strong physical presence of 75 stores across Germany and an integrated online shop, the company targets consumers seeking quality optical products and professional services. The website reflects a mature digital infrastructure built on modern web frameworks such as Nuxt.js and Vue.js, hosted on Bunny.net, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers and formal security policies are absent. The presence of Trusted Shops certification and active social media channels enhance trust and credibility. Overall, the website is professional, user-friendly, and compliant with basic privacy regulations, though explicit privacy and terms of service documents were not found in the analyzed content.

N

NailCrest

nailcrest.de

61

NailCrest operates a German-language e-commerce website specializing in premium black gin and related gift products. The site targets adult consumers interested in exclusive alcoholic beverages and gift sets. The business model is retail-focused, leveraging Shopify's platform for online sales and customer engagement. The website features professional design, clear navigation, and positive customer reviews, indicating a strong market position within its niche. Technically, the site uses modern web technologies and reputable third-party services such as Klaviyo for marketing and Judge.me for customer reviews, hosted on Shopify's secure infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers could be improved. Privacy compliance is limited due to the absence of visible privacy and cookie policies, which should be addressed to meet GDPR standards. Overall, the site is trustworthy and professionally managed but would benefit from enhanced transparency in privacy and contact information.

D

Delidia

delidia.de

69

Delidia operates as a German-based e-commerce platform specializing in organic delicacies, offering products directly from producers with a focus on social responsibility by involving people with disabilities in packaging. The website is built on the Shopify platform using the Flex theme, indicating a modern and scalable technical infrastructure. The site is optimized for mobile and desktop users with good SEO practices and moderate performance. Security posture is strong with HTTPS enforced and standard security headers present, although explicit privacy and cookie policies are missing, which impacts compliance. No signs of WAF or content blocking were detected, and the site content is safe for general audiences.

S

Stetic GmbH

stetic.com

62

Stetic GmbH is a German-based independent product studio specializing in AI-driven digital solutions, notably AI headshots through their Headyshot product and privacy-friendly web analytics as an alternative to Google Analytics. Established since 2004, the company targets professionals and businesses seeking modern, AI-supported tools that respect user privacy. Their market position is strengthened by a user base exceeding 100,000 and a clear emphasis on data protection and cookie-free analytics. Technically, the website is built on a modern Next.js framework with React, delivering fast performance and excellent mobile optimization. The site employs JavaScript tracking via their own Fourstats analytics, avoiding third-party cookies, aligning with their privacy commitments. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response information are absent. WHOIS data is unavailable, which slightly reduces trust but does not negate the evident legitimacy of the business. Overall, the website is professional, trustworthy, and well-structured, with room for improvement in transparency around security policies and cookie consent.

A

Anna-marie Redpath

anmari.com

42

Anmari.com is a personal portfolio website for Anna-marie Redpath, showcasing her work in WordPress plugin development, web design services, and art. The site serves as a hub linking to various projects and social media profiles, targeting individuals interested in WordPress tools and personal creative work. The domain is well-established, dating back to 2002, indicating a mature personal brand presence. Technically, the website is built with basic HTML and CSS, utilizing Font Awesome icons. There is no detected CMS or advanced frameworks. Hosting appears to be via GoDaddy, with no DNSSEC enabled and no advanced security headers present. The site is moderately optimized for mobile and accessibility but lacks modern SEO and performance enhancements. From a security perspective, the site lacks privacy and cookie policies, security headers, and DNSSEC, which lowers its security posture. No forms or data collection mechanisms are present, reducing risk but also limiting user engagement. The WHOIS data is consistent with the website content, showing no suspicious patterns and a legitimate long-term registration. Overall, the site is a straightforward personal portfolio with moderate technical maturity and basic security. Strategic improvements in security headers, privacy compliance, and contact information transparency would enhance trust and compliance.

C

ChemCoast e. V.

chemcoast.de

43

ChemCoast e.V. is a regional industry association focused on promoting chemical industry locations and energy transition projects, particularly wind hydrogen, in Northern Germany. The website serves as an information portal for industry stakeholders, investors, and policymakers, highlighting key industrial parks and collaborative projects. The site is professionally structured with clear navigation and up-to-date news content, reflecting a medium-sized organization with a solid regional presence. Technically, the website uses an older jQuery version and a proprietary CMS (Nijo CMS), hosted on kasserver.com. While the site is accessible and SEO-optimized with basic mobile responsiveness, there is room for modernization and improved security practices, including updating libraries and implementing security headers. Security posture is moderate; the site uses cookie consent mechanisms and links to a privacy policy indicating GDPR compliance. However, no explicit security policies or incident response contacts are published. No WAF or blocking mechanisms are detected, and no vulnerabilities are apparent from the provided data. Overall, the website presents a trustworthy and professional front for ChemCoast e.V., but improvements in security headers, updated technology stack, and enhanced transparency on security policies would strengthen its posture and compliance.

B

Bundesverband der Pharmazeutischen Industrie e.V.

bpi.de

56

The Bundesverband der Pharmazeutischen Industrie e.V. (BPI) is a German pharmaceutical industry association representing a broad spectrum of pharma companies nationally and internationally. The website serves as an information hub, providing news, events, publications, and member services targeted at industry professionals, policymakers, and the public. The organization positions itself as a key advocate for the pharmaceutical sector in Germany, emphasizing innovation, healthcare policy, and industry collaboration. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including responsive design and Matomo analytics for user tracking with consent. The site demonstrates good SEO and accessibility practices, though some improvements in accessibility and security headers could be made. The cookie consent mechanism is robust, supporting opt-in and revocation, aligning with GDPR requirements. From a security perspective, the site uses HTTPS with no visible critical vulnerabilities or exposed sensitive data. However, it lacks explicit published security policies, incident response contacts, or vulnerability disclosure mechanisms, which could enhance trust and preparedness. WHOIS data is consistent with the organization's identity, supporting legitimacy. Overall, the website is professional, trustworthy, and well-maintained, serving its role as an industry association portal effectively. Strategic improvements in security transparency and accessibility could further strengthen its posture.

I

Initiative Chemie im Dialog (CID) / Verband der Chemischen Industrie e. V. (VCI)

ihre-chemie.de

56

The website 'Ihre Chemie' serves as an informational platform operated by the Initiative 'Chemie im Dialog' (CID) and supported by the Verband der Chemischen Industrie e. V. (VCI). It focuses on educating the public about the German chemical industry's transformation towards climate neutrality by 2045, emphasizing sustainable energy use, resource conservation, and alternative raw materials. The site targets a broad audience interested in sustainability and industrial innovation. Technically, the site employs modern JavaScript modules, CSS, and integrates eTracker analytics with a compliant cookie consent mechanism. The hosting is managed via plusline.de nameservers, indicating a stable infrastructure. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information are absent. Overall, the site demonstrates high professionalism, excellent design, and strong trust indicators including prestigious German design and brand awards.

B

Bund der Kaufleute e.V.

bundderkaufleute.de

61

Bund der Kaufleute e.V. is a German association likely representing merchants or business professionals. The website is built on the Squarespace platform and primarily serves as an informational portal with basic contact details and organizational branding. The technical infrastructure is modern and benefits from Squarespace's hosting and security features, including HTTPS and HSTS. However, the site lacks comprehensive privacy and terms of service documentation, which are important for compliance and user trust. Security posture is solid due to platform defaults but could be improved with explicit policies and incident response information. Overall, the website is functional and professional but limited in content depth and compliance documentation.

C

Caritas gGmbH St. Heinrich und Kunigunde

wohnen-fuer-erwachsene.de

59

Wohnen für Erwachsene is a German non-profit social care organization providing residential and supportive living services for adults with disabilities. The website is professionally designed, well-structured, and targets adults with disabilities and their families in the Lichtenfels region. It is affiliated with Caritas gGmbH, a recognized social service provider, enhancing its credibility and trustworthiness. The site offers detailed information about its facilities, services, and career opportunities, supported by social media presence on Facebook and Instagram. Technically, the website is built on the Multiscreensite CMS platform, utilizing modern web technologies including service workers for progressive web app capabilities and Usercentrics for GDPR-compliant cookie consent management. The site is hosted on internet1.de nameservers and uses HTTPS, ensuring secure communication. Performance and mobile optimization are moderate to good, with basic accessibility features. From a security perspective, the website enforces HTTPS and uses a consent management platform, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website content and business, indicating legitimacy. Overall, the site demonstrates a solid security posture for a non-profit organization but could improve by adding explicit security headers and incident response information. The overall risk is low, with no signs of malicious activity or content safety concerns. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and continuous monitoring of third-party scripts to maintain compliance and security.

Y

YGG-Workgroups

solutionondemand.com

39

SolutionOnDemand is a German-based small business offering a proprietary Content Management System (CMS) tailored for compact and professional websites, alongside professional web design services. The company, identified as YGG-Workgroups, has been operating since at least 2003, with a stable domain registration consistent with its business history. The website content is primarily in German and targets a broad audience interested in CMS solutions and web design. The business model focuses on software product sales and related web design services, positioning itself as a niche CMS provider in the German market. Technically, the website relies on legacy technologies including Flash (via SWFObject), which is deprecated and poses security and accessibility challenges. The site uses basic HTML and CSS with no modern frameworks detected. Hosting and domain registration are managed through German providers, but there is no evidence of HTTPS enforcement or modern security headers, which impacts the site's security posture. The website lacks mobile optimization and accessibility features, and SEO practices are basic. From a security perspective, the site shows several weaknesses: absence of HTTPS enforcement, no DNSSEC, no security headers, and use of deprecated Flash content. Privacy compliance is minimal, with a privacy policy page present but lacking GDPR compliance indicators and no cookie consent mechanism. No contact emails, phone numbers, or incident response contacts are visible, limiting transparency and trust. The WHOIS data is consistent and legitimate, with no suspicious patterns. Overall, the website scores moderately low on AI evaluation due to outdated technology, weak security posture, and limited privacy compliance. Strategic improvements in security, privacy, and modernization of technology stack are recommended to enhance trustworthiness and compliance.

H

Holzhofer Consulting GmbH

holzhofer-consulting.de

64

Holzhofer Consulting GmbH is a specialized consulting firm based in Munich, Germany, focusing on data protection, IT, and information security services. With over 14 years of experience, the company positions itself as a pioneer in external data protection officer services and information security management. Their key offerings include GDPR compliance consulting, ISO 27001 certification support, risk management, audits, and employee training. The firm targets medium-sized enterprises primarily within Germany, emphasizing practical and tailored solutions to ensure business continuity alongside compliance. Technically, the website employs modern web technologies such as Bootstrap for responsive design and Matomo for privacy-conscious analytics. Hosting is managed via kundencontroller.de, consistent with the domain's nameservers. The site is well-structured, mobile-optimized, and demonstrates good SEO practices, although some accessibility features could be enhanced. No CMS was explicitly detected, suggesting a custom or lightweight solution. From a security perspective, the site uses HTTPS with a good SSL configuration and avoids exposing sensitive data. However, it lacks explicit security headers and a cookie consent mechanism, which are important for GDPR compliance and security hardening. The presence of numerous industry-recognized certifications and a clear incident response section indicates a mature security posture. No vulnerabilities or suspicious domains were detected, and the privacy settings in analytics reflect a commitment to user privacy. Overall, Holzhofer Consulting presents a professional, trustworthy, and secure online presence aligned with its business focus. Strategic improvements in cookie consent, security headers, and vulnerability disclosure would further enhance compliance and security posture.

V

Versorgungswerk der Landesapothekerkammer Hessen

apothekerversorgungswerk.de

40

The Versorgungswerk der Landesapothekerkammer Hessen operates as a pension insurance provider specifically for pharmacists and pharmaceutical interns in the Hessen region of Germany. It serves a niche healthcare sector audience with a focus on membership management, pension services, and providing relevant legal and organizational information. The website reflects a regional public service entity with a clear and consistent branding aligned with the Landesapothekerkammer Hessen. Technically, the website is built on a custom CMS (cms Morpheus) and uses standard web technologies such as HTML5, CSS, and Font Awesome icons. Hosting is provided by kasserver.com, a known hosting provider. The site demonstrates moderate performance and basic mobile and accessibility features. SEO and metadata are present but minimal, with no advanced structured data or analytics detected. From a security perspective, the site uses no-cache headers but lacks advanced security headers and explicit HTTPS confirmation in the provided data. No security or incident response policies are published, and no contact emails or phone numbers are directly visible, relying instead on contact forms. There are no signs of vulnerabilities or malicious content, but improvements in security posture and privacy compliance are recommended. Overall, the website is trustworthy and professional, serving its intended audience effectively. However, enhancements in privacy policy visibility, cookie consent, security headers, and incident response transparency would strengthen its compliance and security posture.

B

Böklunder

boeklunder.de

40

Böklunder is a well-established German manufacturer and retailer specializing in traditional sausage products with a history spanning over 75 years. The company offers a variety of award-winning sausages and related culinary content such as recipes, targeting a general consumer audience interested in quality meat products. The website is professionally designed using TYPO3 CMS, featuring clear navigation and good mobile optimization. It integrates analytics via etracker but lacks a visible cookie consent mechanism. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response policies are absent. Overall, the site reflects a credible and trustworthy business presence with room for improvement in privacy compliance and security transparency.

YGG-Workgroups Medienagentur is a small German full-service media agency specializing in internet presence, software development, multimedia, and graphic design. Their website content is primarily in German and targets a general audience seeking media and web services. The agency uses a proprietary CMS platform named SolutionOnDemand and hosts their website on servers associated with kasserver.com. The site design and navigation are basic but functional, reflecting a small local business profile. From a technical perspective, the website employs standard HTML and CSS without modern JavaScript frameworks or advanced technologies. There is no evidence of advanced performance optimization or mobile responsiveness beyond basic levels. The absence of visible scripts or analytics tools suggests limited digital marketing or tracking capabilities. Security posture is weak, with no detected HTTPS/SSL configuration or security headers. There is no cookie consent mechanism or explicit privacy compliance indicators beyond a basic privacy policy page. The WHOIS data is consistent with the website's business claims and hosting provider, indicating legitimacy. However, the lack of contact information and security best practices reduces trustworthiness. Overall, the website presents a low to moderate risk profile but requires improvements in security, privacy compliance, and contact transparency to enhance business credibility and user trust.

D

Die evangelische Kirche

kirche-entdecken.de

44

Kirche-entdecken.de is a German non-profit educational website operated by the Evangelische Kirche, targeting children to explore and learn about the Christian faith through interactive content, games, quizzes, videos, and crafts. The platform is well-established and sponsored by major regional church organizations, positioning it as a trusted resource for religious education for children in Germany. Technically, the site is built on the TYPO3 CMS platform, uses modern web technologies, and is hosted on German infrastructure with good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and privacy-respecting analytics via Matomo, though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, but no explicit terms of service or security policy pages are found. Overall, the site is safe, professional, and trustworthy with no adult or questionable content.

D

Dipl. Ing. Hartmut Schreiber

hartmutschreiber.com

48

The website hartmutschreiber.com represents a small-scale professional service focused on software architecture, primarily using .NET technologies such as C#. The site is targeted at businesses or professionals seeking software development and architecture expertise. The business appears to be an individual consultant or small entity based in Germany, with a domain age consistent with a long-standing presence since 2009. The website content is basic but relevant, with a clear navigation structure and moderate branding consistency. Technically, the site uses Joomla! CMS with standard web technologies including jQuery and Font Awesome. Mobile optimization and accessibility are basic but functional. Security posture is moderate; while HTTPS is presumably enabled (not explicitly stated), no DNSSEC or security headers are present, and no cookie consent mechanism is implemented, which impacts GDPR compliance. Contact information is limited to a contact form with no explicit emails or phone numbers displayed. No social media or certifications are visible, limiting trust signals. Overall, the site is functional and professional but could benefit from enhanced security and privacy features.

L

Landwirtschaftliche Rentenbank

landwirtschaftliche-rentenbank.de

66

Landwirtschaftliche Rentenbank is a central refinancing institution serving the German agricultural and food industry sectors. It operates as a promotional bank offering specialized loans and refinancing services tailored to agribusiness needs. The website presents a professional and consistent brand image, targeting stakeholders within Germany's agricultural finance market. The technical infrastructure includes modern JavaScript and CSS technologies, with integration of etracker analytics and a Cognigy-powered chatbot for enhanced user interaction. Hosting is managed via Ecotel nameservers, indicating a stable and professional hosting environment. Security posture is solid with HTTPS enforced and some privacy considerations such as disabling cookies for analytics, though explicit privacy and cookie policies are not found in the analyzed content. Overall, the website is trustworthy and well-positioned within its niche, but could improve privacy compliance and security header implementation.

E

Elektrobau SEWA GmbH

elektrobau-sewa.de

38

Elektrobau SEWA GmbH is a small local electrical services company based in Germany, specializing in electrical installation and electrician services primarily serving the Sondershausen area. The website is built on TYPO3 CMS and incorporates Usercentrics for cookie consent management, indicating some level of privacy compliance. However, the site lacks visible privacy policies, terms of service, and explicit contact information, which limits transparency and user trust. Technically, the site enforces HTTPS and includes a basic Content-Security-Policy header but could benefit from additional security headers and improved accessibility and SEO optimizations. The security posture is moderate with no critical vulnerabilities detected, but the absence of incident response contacts and security policies is a gap. Overall, the website is functional and safe but would benefit from enhancements in privacy compliance, contact transparency, and security best practices.

E

Elektro Schulz GmbH

elektro-schulz.de

52

Elektro Schulz GmbH is a German-based company specializing in the installation, project planning, and maintenance of electrical energy systems including substations, transformer stations, low-voltage switchgear, and energy management solutions. Established in 1991, the company serves industrial clients, public sector entities, and major customers such as Deutsche Bahn, with international operations in over 30 countries. Their business model focuses on delivering turnkey electrical infrastructure projects with a strong emphasis on quality, reliability, and customer-specific solutions. Technically, the website is built on the Contao CMS platform and employs modern web technologies including HTML5, CSS, JavaScript, and several jQuery-based libraries for enhanced user experience. The site is mobile-optimized with good accessibility and SEO practices. Hosting is provided via rzone.de, with secure HTTPS connections and no detected blocking or WAF interference. From a security standpoint, the website enforces HTTPS, includes privacy consent on its contact form, and avoids exposing sensitive data. However, it lacks explicit security headers and incident response contact information. Google Analytics is present but disabled, reflecting a privacy-conscious approach. The privacy policy is comprehensive and GDPR compliant, though no cookie consent banner is implemented. Overall, Elektro Schulz GmbH presents a professional and trustworthy online presence with strong business credibility and adequate technical and security measures. Recommendations include enhancing security headers, adding incident response details, and implementing cookie consent mechanisms to further improve compliance and security posture.

E

Elektro-Duschl GmbH

duschl-elektro.de

57

Elektro-Duschl GmbH is a small, regional German company specializing in electrical installation services in the Rosenheim and Kolbermoor area near Munich. The company offers a broad range of services including electrical installations, alarm and brandmeldeanlagen (fire alarm systems), and network services. It holds recognized certifications such as VdS for fire alarm systems and ISO 9001:2015 for quality management, positioning it as a trusted local service provider. The website content is primarily in German and targets local private and commercial customers. Technically, the website is built with basic HTML, CSS, and JavaScript without modern CMS or frameworks, resulting in moderate performance and basic mobile optimization. Security posture is average with HTTPS assumed but lacking security headers and cookie consent mechanisms. No advanced tracking or analytics tools are detected, indicating minimal user tracking. Overall, the site is functional and professional but could benefit from technical and compliance improvements.

D

Digital Connect GmbH

digital-con.de

66

Digital Connect GmbH is a small German IT services company specializing in IT solutions and digital transformation to enhance information technology and IT infrastructure efficiency. The company targets business clients seeking modernization and digitalization of their IT environments. The website is professionally designed using WordPress with the Gutenberg editor, providing a good user experience and mobile optimization. Technical infrastructure is modern but lacks some advanced security headers and analytics integrations. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but could be improved by implementing security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is trustworthy and business-focused but would benefit from enhanced privacy and security transparency.

N

NLS Netzwerke GmbH

nls-netzwerke.de

38

NLS Netzwerke GmbH is a specialized technology service provider based in Germany, focusing on both passive and active network technology solutions including fiber optic and copper cabling, switching and routing technologies, network security, and management systems. The company targets business clients requiring reliable and efficient network infrastructure, positioning itself as a trusted regional partner with strong vendor relationships. The website demonstrates a professional digital presence built on WordPress with SEO optimization but lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Technically, the site is well-structured and mobile-optimized, hosted likely on Kasserver, and uses HTTPS, indicating a secure baseline. However, security headers and incident response information are missing, suggesting room for improvement in security posture. Overall, the domain registration data aligns well with the website content, supporting legitimacy and trustworthiness.

O

Outdooractive

outdooractive.gr

65

Outdooractive.gr is a Greek localized website offering a comprehensive platform for outdoor sports enthusiasts, including hiking, cycling, running, mountaineering, winter sports, and water sports. The site provides route planning, travel guides, community features, and detailed maps, leveraging contributions from local professionals and guides. It is part of a larger international network with multiple language versions, indicating a strong market presence in the outdoor activity sector. The website is well-structured, with good content quality and user experience, optimized for mobile and SEO. Technically, it uses modern mapping technologies such as Leaflet and Mapbox GL, and employs HTTPS for secure communications. However, explicit cookie consent mechanisms and detailed security policies are not evident, which could be improved for better GDPR compliance and user trust. WHOIS data confirms the domain's legitimacy and consistency with the business profile.

O

Outdooractive

outdooractive.cz

67

Outdooractive.cz is a well-established online platform dedicated to outdoor sports enthusiasts, offering comprehensive services such as trip planning, GPS route tracking, detailed maps, and community engagement. The website targets hikers, cyclists, skiers, and other outdoor activity participants, providing rich content and multi-language support to serve a broad international audience. The business model revolves around providing premium outdoor content and tools to facilitate adventure planning and exploration. Technically, the website employs modern JavaScript libraries including Leaflet.js and Mapbox GL for interactive maps, alongside standard web technologies like HTML5 and CSS. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. However, some performance optimizations could be considered to enhance loading speed. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in its HTML content. Nevertheless, it lacks visible security headers and published security policies or incident response information, which are recommended for improving trust and compliance. Privacy compliance is supported by a comprehensive privacy policy and terms of service, though a cookie consent mechanism is not evident. Overall, the website presents a professional and trustworthy front for its outdoor activity services, but the absence of WHOIS data and some security best practices slightly reduce its trustworthiness. Strategic improvements in security transparency and privacy mechanisms would enhance its risk posture and user confidence.

V

Vlaams Instituut voor de Zee

scheldemonitor.be

64

ScheldeMonitor is a well-established Flemish-Dutch governmental and research portal focused on environmental monitoring and data dissemination for the Schelde estuary. It is funded by the Vlaams-Nederlandse Scheldecommissie and managed by the Vlaams Instituut voor de Zee, providing a comprehensive platform for datasets, visualizations, GIS maps, literature, and research tools. The website demonstrates a mature digital infrastructure using Drupal 10, with privacy-conscious analytics and cookie compliance. Security posture is solid with HTTPS and anti-bot measures, though explicit security policies and vulnerability disclosures are absent. Overall, the site is trustworthy, professional, and serves a specialized audience of researchers and policymakers.

S

Sparkasse Hegau-Bodensee

sparkasse-hegau-bodensee.de

67

Sparkasse Hegau-Bodensee is a regional German bank serving private and corporate customers primarily in the Hegau and Bodensee regions. The website offers a comprehensive range of banking services including online banking, accounts, credit cards, loans, investments, insurance, and real estate financing. The bank positions itself as a trusted local financial institution with strong community ties and a focus on customer service. Technically, the website is built on a modern CMS platform (likely Adobe Experience Manager), uses standard web technologies, and is optimized for accessibility and SEO. Security posture is strong with HTTPS enforced, cookie consent mechanisms, and session management features, although explicit security policies and incident response contacts are not publicly listed. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, reflecting a mature digital presence for a regional bank.

S

Santeda International B.V.

billybet.de

10

Billy Bets is a relatively new online casino platform founded in 2022 and operated by Santeda International B.V. It targets the German market with a broad selection of casino games including slots, live casino, and table games from reputable software providers such as NetEnt, Microgaming, and Evolution Gaming. The platform emphasizes user-friendly design and attractive bonus offers to attract and retain players. Technically, the website uses modern web technologies with Cloudflare providing DNS and CDN services, ensuring good performance and security. The site is mobile-optimized and offers a smooth user experience. Security-wise, the site employs SSL encryption and RNG for game fairness, but lacks visible security headers and publicly available privacy or cookie policies, which are compliance gaps. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. The site is rated as moderately trustworthy with room for improvement in privacy compliance and security transparency.

O

Home | Outdooractive

outdooractive.com

69

Outdooractive.com is an established online platform catering to outdoor enthusiasts including hikers, cyclists, mountaineers, and winter sports participants. The website offers a comprehensive suite of services such as route planning, travel guides, community engagement, and detailed maps. It is positioned as a trusted resource recommended by industry professionals like mountain guides and trail wardens. Technically, the site employs modern mapping technologies including Leaflet.js and Mapbox GL, with a responsive design optimized for mobile users. Security posture is moderate with HTTPS usage evident, but lacks explicit security headers and incident response information. Privacy compliance is supported by a comprehensive privacy policy and terms of service, though no cookie consent mechanism was detected in the provided content. The absence of WHOIS data reduces domain trustworthiness, but the professional website content and structure mitigate some concerns. Overall, the platform serves a medium-sized audience with a focus on outdoor activity planning and community features.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend (BMFSFJ)

familienportal.de

62

The Familienportal.de website is an official German federal government portal managed by the Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend (BMFSFJ). It serves as a comprehensive information hub for families, providing detailed guidance on state family benefits, legal regulations, advisory services, and various calculators and application forms. The portal targets families in Germany, including parents, children, and related social groups, positioning itself as the authoritative source for family-related governmental information. The site is professionally designed with consistent branding and excellent content quality, supporting a high level of trustworthiness. Technically, the website employs modern web technologies including JavaScript, SVG icons, and Matomo analytics for user behavior tracking with privacy-conscious consent mechanisms. The site demonstrates good mobile optimization, accessibility, and SEO practices, although no explicit CMS or hosting provider details are evident. Security posture is strong with HTTPS enforced and privacy-respecting analytics, but explicit security headers and incident response contacts are not clearly published. From a security and compliance perspective, the portal implements GDPR-compliant privacy and cookie policies with clear user consent mechanisms and data retention policies. However, it lacks visible vulnerability disclosure or security.txt files, and no direct contact information for security incidents is provided. Overall, the site maintains a solid security posture appropriate for a government information portal. The overall risk assessment is low, with no critical vulnerabilities or suspicious indicators detected. Strategic recommendations include publishing explicit security headers, providing incident response contact details, and establishing a vulnerability disclosure policy to enhance transparency and trust. The portal's technical infrastructure and content quality support its role as a trusted government resource for families in Germany.

B

Bundesverband Deutscher Stiftungen

stiftungen.org

51

The Bundesverband Deutscher Stiftungen is Germany's largest association for foundations, providing news, consulting, and networking services to the foundation sector. The website serves as an information hub for foundations, offering resources on foundation law, establishment, and sector news. It targets foundations, non-profit organizations, and individuals interested in foundation activities in Germany. Technically, the site is built on TYPO3 CMS, integrates Google Tag Manager, Google Analytics, and Matomo for analytics, and employs a GDPR-compliant cookie consent mechanism. The site is well-structured, mobile-optimized, and professionally designed, reflecting a mature digital presence. Security-wise, the site uses HTTPS and has implemented cookie consent and CSRF protections in analytics scripts, but could improve by adding explicit security headers and publishing vulnerability disclosure or incident response policies. The WHOIS data is unavailable, which slightly reduces trust but the overall professionalism and compliance indicators suggest a legitimate and trustworthy organization. Strategic recommendations include enhancing security headers, publishing security policies, and improving transparency around data protection officers and incident response.

T

Tobit.Software

chayns.org

70

chayns.site is a cloud-based digital platform operated by Tobit.Software, offering a comprehensive operating system for digitalization. It enables users to create personalized sites, integrate applications, and connect with communities through an intuitive interface and extensive API support. The platform targets businesses, developers, and organizations aiming to enhance their digital presence and operational efficiency. Technically, the website leverages modern web technologies including React and JavaScript, hosted on reputable infrastructure with good performance and mobile optimization. Security posture is solid with HTTPS enforcement and domain transfer protections, though improvements in DNSSEC and security headers are recommended. Privacy compliance is evident through a comprehensive privacy policy and terms of service, but the absence of a cookie consent mechanism is a minor gap. Overall, the website presents a professional, trustworthy, and well-structured digital platform with strong business credibility and technical maturity.

D

Digitalstadt Ahaus

digitalstadt-ahaus.de

62

Digitalstadt Ahaus is a smart city initiative based in Ahaus, Germany, focused on integrating digital services to enhance the lives of citizens and visitors. The website showcases various innovative digital hotspots and services such as cashier-less supermarkets, digital gastronomy, eBike sharing, and automated boat rentals. It positions itself as a leading example of smart city development in Germany, leveraging the Tobit Chayns platform for its digital infrastructure. The site targets a broad audience including residents, tourists, businesses, and government stakeholders interested in smart city solutions. Technically, the website uses modern web technologies including React and the Chayns CMS platform, hosted on Tobit's cloud infrastructure. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies could be improved. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-aligned with its business goals.

C

chayns®

chayns.space

59

chayns® is a technology platform operated by Tobit AG that facilitates direct connections between people, companies, and organizations through websites, apps, push notifications, and digital services such as payments and wallets. The platform targets a broad audience including service providers and end users, offering a unified user experience across devices. The website is professionally designed, mobile-optimized, and uses modern web technologies including React and proprietary Chayns frameworks. Hosting and DNS are managed via Cloudflare and Tobit infrastructure, ensuring good performance and security. Security posture is solid with HTTPS enforced, but lacks explicit security headers and cookie consent mechanisms. Privacy policy is present and GDPR compliance appears addressed, though contact information and incident response details are not clearly provided. Overall, the site is trustworthy and well-maintained, with room for improvement in privacy and security transparency.

S

Sherlock's

sherlocks-ahaus.de

55

Sherlock's is a small, themed steakhouse located in Ahaus, Germany, offering a unique digital dining experience integrated with the chayns platform. The business leverages technology to provide customers with smartphone-based table reservations, ordering, and payment, enhancing convenience and modernizing traditional hospitality services. The website reflects a consistent brand identity centered around the Sherlock Holmes theme and promotes special event dinners to attract and engage customers. Technically, the site uses modern frameworks such as React and is hosted on reputable infrastructure, ensuring moderate performance and good mobile optimization. However, the absence of explicit privacy and cookie policies, as well as security headers, indicates areas for improvement in compliance and security posture. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

W

Wohnbau Stadt Coburg GmbH

wohnen-coburg.de

51

Wohnbau Stadt Coburg GmbH operates as a real estate company providing housing and property management services primarily in Coburg, Germany. The website is built on WordPress using the Divi theme and incorporates Cookiebot for cookie consent management, indicating awareness of privacy compliance requirements. The technical infrastructure is standard for a medium-sized local business, hosted on German nameservers with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent implemented; however, the absence of security headers and explicit privacy and terms policies suggests room for improvement. Contact information and incident response details are not clearly presented, which may impact user trust and compliance. Overall, the website is professional and safe, targeting local residents and tenants, but would benefit from enhanced transparency and security practices.