Security Directory

Hanau engagiert is an official government information portal operated by the City of Hanau, Germany, aimed at providing Ukrainian refugees with comprehensive support and integration services. The website offers detailed guidance on housing, medical care, education, employment, and volunteer opportunities, positioning itself as a trusted local government resource. The platform is well-branded with consistent city logos and maintains an active social media presence to engage its target audience effectively. Technically, the website leverages a modern tech stack including Bootstrap 5, jQuery, and Matomo analytics with a strong emphasis on user privacy through explicit cookie consent mechanisms. It is hosted on servers managed by aspiria.de, with DNS and WHOIS data consistent with a legitimate government service. The site is mobile-optimized and provides a good user experience with clear navigation and multilingual support. From a security perspective, the site enforces HTTPS and employs privacy-conscious analytics but lacks explicit security headers and a public security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with GDPR-aligned policies and cookie management in place. Overall, Hanau engagiert demonstrates a solid digital maturity for a government service portal, with good content quality, technical implementation, and privacy compliance. Strategic improvements could focus on enhancing security headers, publishing security policies, and establishing a vulnerability disclosure process to further strengthen trust and resilience.

Hanau Bäder GmbH is a public service company operating swimming pools and sauna facilities in Hanau, Germany. The company provides recreational and wellness services including indoor and outdoor swimming, sauna experiences, aqua fitness, courses, and events targeting families and local residents. The website reflects a well-structured and professionally maintained digital presence consistent with a medium-sized municipal or regional service provider. Technically, the site uses a modern tech stack including jQuery, Bootstrap, FontAwesome, and Matomo analytics, built on the IMPERIA CMS platform. Accessibility features and cookie consent mechanisms are implemented, demonstrating compliance with GDPR and user inclusivity. Security posture is adequate with HTTPS usage and no visible vulnerabilities, though security headers and incident response policies could be improved. Overall, the website is trustworthy, user-friendly, and aligned with the business's public service mission.

C

Congress Park Hanau

cph.de

56

Congress Park Hanau is a well-established event venue located in Germany's eastern Rhine-Main region, specializing in hosting congresses, seminars, cultural events, exhibitions, and banquets. The website reflects a professional and consistent brand presence with a focus on providing versatile event spaces and services such as catering and technical support. The company targets event organizers and cultural audiences, positioning itself as a regional leader in hospitality and event hosting. Technically, the website is built on WordPress using the Avada theme and integrates modern plugins like Modern Events Calendar and Yoast SEO, indicating a mature digital infrastructure. The site is mobile-optimized and includes multimedia content and social media integration, enhancing user engagement and SEO performance. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks visible security headers and formal privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure mechanisms are present, suggesting areas for improvement in security governance. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices to reduce risk and improve user trust.

V

Vlaams Instituut Voor De Zee (VLIZ)

planeetzee.be

56

Planeet Zee is an educational platform operated by the Vlaams Instituut Voor De Zee (VLIZ), focusing on marine environment education targeted primarily at youth and educators in Belgium. The website provides news, learning resources, and engagement activities related to ocean sustainability and marine science. It holds a niche position within the educational and non-profit sector, leveraging the credibility of VLIZ. Technically, the site is built on Drupal 10 with modern web technologies including Matomo for analytics and Font Awesome for icons. The site is mobile optimized, accessible, and performs moderately well. Security is robust with HTTPS enforced and cookie consent implemented, though some security headers and policies could be improved. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is good with a clear cookie banner and a linked privacy policy. However, the site lacks explicit terms of service, security policy, and incident response contacts, which are recommended for enhanced trust and compliance. Overall, the site is trustworthy, professionally maintained, and suitable for its educational mission. Strategic recommendations include publishing security and incident response policies, adding terms of service, and enhancing security headers to further strengthen the security posture.

V

Vlaams Instituut voor de Zee

scheldemonitor.be

64

ScheldeMonitor is a well-established Flemish-Dutch governmental and research portal focused on environmental monitoring and data dissemination for the Schelde estuary. It is funded by the Vlaams-Nederlandse Scheldecommissie and managed by the Vlaams Instituut voor de Zee, providing a comprehensive platform for datasets, visualizations, GIS maps, literature, and research tools. The website demonstrates a mature digital infrastructure using Drupal 10, with privacy-conscious analytics and cookie compliance. Security posture is solid with HTTPS and anti-bot measures, though explicit security policies and vulnerability disclosures are absent. Overall, the site is trustworthy, professional, and serves a specialized audience of researchers and policymakers.

V

Vlaams Instituut voor de Zee

kustportaal.be

58

The Kustportaal website is a professionally maintained government/research portal operated by the Vlaams Instituut voor de Zee, providing comprehensive spatial data and information related to the Belgian North Sea and coastal zone. It serves a diverse audience including coastal users, researchers, policymakers, and citizens interested in marine and coastal environments. The portal offers interactive and static map products, metadata downloads, thematic information, and supports citizen science initiatives such as CoastSnap. Technically, the site is built on Drupal 10 with modern web technologies, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and policies could be improved. Privacy compliance is strong, with clear privacy and cookie policies linked to the parent institute's domain. Overall, the site is trustworthy, well-branded, and fulfills its informational mission effectively.

V

Vlaams Instituut voor de Zee

compendiumkustenzee.be

58

The Compendium Kust en Zee website is an authoritative knowledge platform operated by the Vlaams Instituut voor de Zee (VLIZ), a Belgian governmental research institute. It provides comprehensive scientific summaries, policy overviews, and marine research information focused on the Belgian part of the North Sea. The site targets researchers, policymakers, and stakeholders interested in marine and coastal management. The business model is non-commercial, focusing on knowledge dissemination and policy support. Technically, the website is built on Drupal 10, leveraging modern web technologies including Matomo for analytics and Font Awesome for icons. The site is mobile-optimized, accessible, and performs moderately well. Privacy compliance is well addressed with cookie consent mechanisms and a linked privacy policy. However, explicit security policies and incident response information are not publicly available. From a security perspective, the site uses HTTPS and has no visible vulnerabilities or exposed sensitive data. The absence of security headers is a minor gap, and the site would benefit from publishing vulnerability disclosure information. Overall, the security posture is solid for an institutional website. The domain is registered with BELNET since 2013, consistent with the institutional nature of the site and Belgian origin. No suspicious patterns or privacy protection issues are detected. The website is trustworthy, professional, and safe for general audiences.

N

NORCE

norceresearch.no

64

NORCE is a Norwegian research institute focused on sustainable innovations and solutions for the future. The website presents a professional and consistent brand image, targeting a general audience interested in research and innovation. The technical infrastructure includes modern web technologies and analytics tools such as Matomo and Cookiebot for consent management, indicating a mature digital presence. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, the website is trustworthy and well-maintained, with no signs of malicious activity or content blocking.

B

Bayerisches Staatsministerium für Ernährung, Landwirtschaft, Forsten und Tourismus

100genussorte.bayern

71

Genussorte Bayern is a government-backed initiative promoting the culinary richness of Bavaria through a well-structured website featuring regional specialties, events, recipes, and interactive maps. The platform targets both residents and tourists interested in exploring Bavarian food culture. Technically, the site is built on WordPress with Elementor and uses modern JavaScript libraries and plugins to enhance user experience. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although some HTTP security headers could be improved. Privacy compliance is robust, with a comprehensive privacy policy and cookie management system. Overall, the site presents a trustworthy and professional image consistent with its government affiliation.

D

Diözesan-Caritasverband Würzburg

caritas-wuerzburg.de

53

The website www.caritas-wuerzburg.de represents the Diözesan-Caritasverband Würzburg, a large non-profit organization focused on social services, charitable activities, and community support within the Unterfranken region of Germany. The site offers extensive information about their services including help and counseling, volunteering, donations, projects, and social services for various vulnerable groups such as children, families, seniors, and people with disabilities. The organization positions itself as a regional leader in social welfare and charity, targeting a broad audience including those in need and potential volunteers or donors. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies such as Bootstrap, jQuery, and Font Awesome for UI components. It integrates privacy-conscious analytics via Matomo and employs Usercentrics for GDPR-compliant cookie consent management. The site demonstrates good mobile optimization and accessibility features, with a well-structured navigation system that supports user experience and SEO. From a security perspective, the site enforces HTTPS and uses privacy-respecting analytics, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or suspicious external domains were detected. The WHOIS data is consistent with the website's professional presentation, indicating legitimacy and trustworthiness. Overall, the website is professional, secure, and compliant with privacy regulations, serving as a reliable digital presence for a reputable non-profit organization. Strategic improvements could focus on enhancing security headers, publishing a security policy, and providing explicit contact information for incident response to further strengthen trust and security posture.

Kirchliche Jugendarbeit Diözese Würzburg is a non-profit organization affiliated with the Bistum Würzburg, focusing on youth work, education, and faith formation within the diocese. The website serves as a portal for information on events, services, and contact details aimed at young people and church communities. The organization holds a stable regional position with clear branding and a consistent message aligned with its religious and educational mission. Technically, the website is built on TYPO3 CMS with modern frontend technologies and includes privacy-conscious analytics and consent management tools. Security posture is solid with HTTPS and no visible vulnerabilities, though formal security policies and incident response contacts are not publicly disclosed. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, serving its audience effectively.

B

Bistum Würzburg

bistum-wuerzburg.de

53

Bistum Würzburg is a large regional Catholic Church organization serving the Unterfranken area in Germany. The website provides comprehensive information about faith, church services, community engagement, education, and charitable activities. It targets local Catholic believers and interested parties with a non-profit service model. Technically, the site is built on TYPO3 CMS with modern frontend technologies and uses Matomo for privacy-conscious analytics. The site implements GDPR-compliant cookie consent via Usercentrics and provides standard legal pages such as privacy policy and imprint. Security posture is good with HTTPS and privacy-respecting analytics, though some security headers could be improved. No blocking or WAF challenges were detected, and the site content is safe and appropriate for general audiences.

F

Fachstelle für den Umgang mit sexualisierter Gewalt der ELKB

aktiv-gegen-missbrauch-elkb.de

52

The Fachstelle für den Umgang mit sexualisierter Gewalt der ELKB is a specialized non-profit entity operating under the Evangelical Lutheran Church in Bavaria (ELKB). It provides comprehensive support services including counseling for victims of sexualized violence, advisory roles in suspected cases, prevention work, and material assistance. The organization targets victims, church communities, and affiliated institutions, positioning itself as a trusted resource within the religious and social support sector in Germany. The website reflects a professional and well-branded digital presence with clear navigation and relevant content tailored to its audience. Technically, the website is built on WordPress with a modern theme (Avada) and utilizes plugins for SEO (Yoast), analytics (Matomo), accessibility, and newsletter management (CleverReach). Hosting is provided by Contabo, with domain registration consistent with the organization's identity. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Privacy considerations are evident through the use of Matomo with disabled cookies, but the absence of a cookie consent mechanism is a noted gap. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the lack of security headers and absence of published security or incident response policies indicate areas for improvement. Overall, the site maintains a high level of trustworthiness and professionalism, suitable for its sensitive and important mission. Risk assessment shows no critical vulnerabilities or suspicious indicators. Strategic recommendations include implementing security headers, adding cookie consent for GDPR compliance, publishing security policies, and considering a vulnerability disclosure mechanism to enhance transparency and trust.

B

Bundesverband Deutscher Stiftungen

stiftungssuche.de

49

Stiftungssuche.de is a comprehensive online platform operated by the Bundesverband Deutscher Stiftungen, providing an extensive database and search capabilities for foundations in Germany. It offers both free and subscription-based services with detailed foundation profiles, targeting foundations, applicants, and service providers within the German non-profit sector. The website is well-positioned as a leading resource in its niche, supported by a reputable parent organization. Technically, the site is built on WordPress with WooCommerce and uses modern tools such as Matomo for analytics and Borlabs Cookie for GDPR-compliant cookie management. The site demonstrates good digital maturity with responsive design and structured data for SEO. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though it lacks explicit security policies and incident response contacts. Overall, the site is trustworthy, professional, and compliant with GDPR requirements, making it a reliable resource for its audience.

B

Bundesverband Deutscher Stiftungen

stiftungswelt.de

48

The website 'Stiftungswelt' serves as the official online magazine for the Bundesverband Deutscher Stiftungen, providing news, insights, and resources related to foundations and the nonprofit sector in Germany. It targets foundation professionals, donors, and stakeholders interested in foundation management, law, finance, and societal impact. The platform is well-positioned as a leading information source within its niche, offering high-quality, relevant content with a professional presentation. Technically, the site is built on TYPO3 CMS, leveraging modern JavaScript libraries such as jQuery and Parsley for form validation. It integrates multiple analytics platforms including Google Analytics and Matomo, and employs Google Tag Manager for marketing tag management. The site is hosted on UI-DNS nameservers, uses HTTPS with a Content Security Policy, and implements a comprehensive cookie consent mechanism compliant with GDPR. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent management. However, the Content Security Policy is permissive with 'unsafe-inline' and 'unsafe-eval', which could be hardened to reduce XSS risks. There is no visible security policy or incident response information, nor a vulnerability disclosure mechanism like security.txt. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, secure, and compliant with privacy regulations, making it a trustworthy resource for its audience. Strategic improvements in security headers and transparency around security policies could further enhance its posture.

O

onlineshops-finden.de

onlineshops-finden.de

46

onlineshops-finden.de is a German online marketplace and directory portal specializing in listing over 8000 online shops across diverse categories. The platform serves both consumers and B2B users by providing thematic sorting, shop search, and marketing opportunities. It is positioned as a niche leader in the German e-commerce directory space with a medium-sized operation and a focus on comprehensive shop listings and related press content. Technically, the site is built on Drupal CMS with modern JavaScript libraries and includes privacy-conscious analytics via Matomo. The site implements cookie consent mechanisms and uses HTTPS, reflecting a moderate level of digital maturity. Security posture is adequate but could be improved with additional headers and published policies. The site includes mature content categories such as vape and cannabis lifestyle products, requiring age-appropriate content warnings. WHOIS data is minimal, with generic name servers, which slightly reduces trust but no direct red flags are present. Overall, the site is functional, professional, and trustworthy with room for security and compliance enhancements.

B

Bundesinstitut für Öffentliche Gesundheit

iris-plattform.de

65

The IRIS Plattform is a German government-supported online health initiative focused on helping pregnant women and those planning pregnancy to abstain from smoking and alcohol. It offers personalized, anonymous, and free online programs with educational content, self-assessment tests, motivational support, and success stories. The platform targets a niche healthcare segment with a clear social benefit and operates under the Bundesinstitut für Öffentliche Gesundheit in cooperation with the Verband der Privaten Krankenversicherung e.V. The website is built on TYPO3 CMS, uses modern web technologies including jQuery and Matomo analytics configured with strong privacy protections, and is hosted on German infrastructure. The site is well-designed, mobile-optimized, and accessible, providing a good user experience with clear navigation and relevant content.

B

Bundesinstitut für Öffentliche Gesundheit (BIÖG)

infektionsschutz.de

60

Infektionsschutz.de is a German government-affiliated public health information platform operated by the Bundesinstitut für Öffentliche Gesundheit (BIÖG). It provides authoritative, up-to-date, and professionally reviewed content on infectious diseases, vaccination recommendations, hygiene tips, and educational materials targeting the general public and healthcare professionals. The website is well-positioned as a trusted source for infection protection information in Germany. Technically, the site is built on TYPO3 CMS with modern frontend technologies and uses Matomo analytics configured for privacy compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforcement and privacy-conscious analytics, though some security headers and explicit incident response policies are missing. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, making it a reliable resource for its audience.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend (BMFSFJ)

familienportal.de

62

The Familienportal.de website is an official German federal government portal managed by the Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend (BMFSFJ). It serves as a comprehensive information hub for families, providing detailed guidance on state family benefits, legal regulations, advisory services, and various calculators and application forms. The portal targets families in Germany, including parents, children, and related social groups, positioning itself as the authoritative source for family-related governmental information. The site is professionally designed with consistent branding and excellent content quality, supporting a high level of trustworthiness. Technically, the website employs modern web technologies including JavaScript, SVG icons, and Matomo analytics for user behavior tracking with privacy-conscious consent mechanisms. The site demonstrates good mobile optimization, accessibility, and SEO practices, although no explicit CMS or hosting provider details are evident. Security posture is strong with HTTPS enforced and privacy-respecting analytics, but explicit security headers and incident response contacts are not clearly published. From a security and compliance perspective, the portal implements GDPR-compliant privacy and cookie policies with clear user consent mechanisms and data retention policies. However, it lacks visible vulnerability disclosure or security.txt files, and no direct contact information for security incidents is provided. Overall, the site maintains a solid security posture appropriate for a government information portal. The overall risk assessment is low, with no critical vulnerabilities or suspicious indicators detected. Strategic recommendations include publishing explicit security headers, providing incident response contact details, and establishing a vulnerability disclosure policy to enhance transparency and trust. The portal's technical infrastructure and content quality support its role as a trusted government resource for families in Germany.

N

Nationales Zentrum Frühe Hilfen (NZFH)

elternsein.info

72

The website www.elternsein.info is an official informational portal operated by the Nationales Zentrum Frühe Hilfen (NZFH), a German government-associated entity focused on providing early support and resources for pregnant women, new parents, and families with young children. The site offers comprehensive content including educational articles, videos, local support searches, and news updates, all designed to assist families in early childhood care and parenting. The portal is well-branded, professionally designed, and highly accessible, reflecting a mature digital presence. Technically, the site is built on the TYPO3 CMS platform, leveraging modern web technologies such as Bootstrap for responsive design, Swiper for interactive sliders, and AblePlayer for accessible video playback. The site employs Matomo analytics with strong privacy measures including IP anonymization and explicit user consent mechanisms, demonstrating a commitment to GDPR compliance and user privacy. From a security perspective, the site uses HTTPS and implements cookie consent banners, but lacks explicit security headers and a public vulnerability disclosure policy. No vulnerabilities or suspicious activities were detected in the content or scripts. The WHOIS data is unavailable due to a malformed query response, which slightly reduces trust but does not contradict the site's legitimacy given its government affiliation and content quality. Overall, the site presents a low-risk profile with strong privacy and accessibility practices, serving as a trustworthy resource for its target audience. Strategic recommendations include enhancing security headers, publishing a security.txt file, and improving WHOIS transparency to further bolster trust and security posture.

B

Bundesministerium für Familie, Senioren, Frauen und Jugend

hilfetelefon-schwangere.de

59

The website 'Hilfetelefon Schwangere in Not' is an official German government service operated by the Bundesministerium für Familie, Senioren, Frauen und Jugend. It provides confidential, anonymous, and free counseling services for pregnant women in distress, including chat, telephone, and email support, as well as information on confidential birth and local counseling centers. The site is well-positioned as a trusted national resource with extensive reach and multilingual accessibility. Technically, the website is built on TYPO3 CMS, uses Matomo for analytics with a clear cookie consent mechanism, and incorporates modern UI elements such as responsive design and accessibility features. The performance is moderate with good SEO and mobile optimization. Hosting details are not explicit but DNS data shows stable name servers. From a security perspective, the site uses encrypted communication channels for counseling, has a GDPR-compliant privacy policy, and implements cookie consent with opt-in. However, explicit security headers and incident response contacts are not visible, and no vulnerability disclosure policy is published. Overall, the security posture is solid but could be improved with additional transparency and technical controls. The domain WHOIS data aligns well with the website's government affiliation, indicating high legitimacy and trustworthiness. No WAF or blocking mechanisms were detected, allowing full content access and analysis.

B

Bundesverband Deutscher Stiftungen

stiftungen.org

51

The Bundesverband Deutscher Stiftungen is Germany's largest association for foundations, providing news, consulting, and networking services to the foundation sector. The website serves as an information hub for foundations, offering resources on foundation law, establishment, and sector news. It targets foundations, non-profit organizations, and individuals interested in foundation activities in Germany. Technically, the site is built on TYPO3 CMS, integrates Google Tag Manager, Google Analytics, and Matomo for analytics, and employs a GDPR-compliant cookie consent mechanism. The site is well-structured, mobile-optimized, and professionally designed, reflecting a mature digital presence. Security-wise, the site uses HTTPS and has implemented cookie consent and CSRF protections in analytics scripts, but could improve by adding explicit security headers and publishing vulnerability disclosure or incident response policies. The WHOIS data is unavailable, which slightly reduces trust but the overall professionalism and compliance indicators suggest a legitimate and trustworthy organization. Strategic recommendations include enhancing security headers, publishing security policies, and improving transparency around data protection officers and incident response.

E

Enovis Corporation

limacorporate.com

72

Enovis Corporation operates a professional and patient-facing surgical healthcare website, providing tailored access portals for different user groups. The company positions itself as a specialized healthcare provider with a focus on surgical products and services. The website demonstrates a moderate level of digital maturity, utilizing modern JavaScript frameworks such as Alpine.js, analytics tools like Matomo and Google Tag Manager, and a cookie consent mechanism powered by OneTrust. Hosting is managed via cyon.ch, and the domain is secured with HTTPS and clientTransferProhibited status, indicating a reasonable security posture. However, explicit security headers and detailed security policies are not evident, suggesting room for improvement in security documentation and technical controls. Overall, the website is professional, well-branded, and compliant with GDPR cookie consent requirements, but lacks visible contact and incident response information.

F

Fachkräfte für Mittelfranken

fachkraefte-mittelfranken.de

41

Fachkräfte für Mittelfranken is a regional information portal supported by the IHK Nürnberg für Mittelfranken, focusing on workforce development and HR topics relevant to the Mittelfranken region in Germany. The portal provides companies and HR professionals with practical examples, tools, events, and services to address challenges such as digital transformation, demographic changes, and international workforce integration. The website is well-branded, consistent, and leverages structured data and social media to enhance trust and visibility. Technically, the site is built on WordPress with a modern plugin ecosystem including Fusion Builder and Events Manager. It uses Matomo for privacy-respecting analytics and implements HTTPS with good SSL configuration. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. From a security perspective, the site enforces HTTPS and uses privacy-friendly embedded content. However, it lacks explicit security headers and a public security policy or incident response contact. No vulnerabilities or suspicious domains were detected. WHOIS data aligns well with the website's organizational claims, showing a consistent and legitimate registration history. Overall, the website presents a professional, trustworthy, and secure platform for its target audience. Strategic improvements could include enhanced security headers, explicit incident response information, and more visible contact details to further strengthen trust and compliance.

F

Fachzeitungen.de

fachzeitungen.de

35

Fachzeitungen.de operates as an independent German-language portal specializing in the aggregation and presentation of specialist magazines, Fachpublikationen, and eBooks across a wide range of professional and hobbyist categories. The platform offers categorized listings, search functionality, advertising opportunities, and a press release portal, targeting professionals and enthusiasts seeking specialized publications. The website is well-structured with clear navigation and a consistent brand presence, serving a niche media market in Germany. Technically, the site is built on Drupal CMS, employs Matomo for privacy-respecting analytics, and uses modern JavaScript libraries such as Owl Carousel and Tarteaucitron.js for cookie consent management. The site is mobile-optimized and implements HTTPS, but lacks some advanced security headers and explicit security policies. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. However, no direct contact information or incident response channels are publicly visible, which could be improved for trust and compliance. WHOIS data is minimal, limiting full domain trust assessment but no suspicious patterns are evident. Overall, Fachzeitungen.de presents a professional and trustworthy media portal with room for enhanced security and transparency.

L

Landeshauptstadt Mainz

kultursommer-eroeffnung.de

67

Landeshauptstadt Mainz operates an official municipal website providing comprehensive information about cultural events such as the Kultursommer Eröffnungsfest 2025. The site targets residents and visitors interested in cultural and community activities, offering detailed event programs, partner information, and accessibility features. The website is well-branded, consistent, and professionally maintained, reflecting the city's commitment to public service and cultural promotion. Technically, the site uses a custom CMS (Sitepark Information Enterprise Server) with modern JavaScript libraries like jQuery and Modernizr, and integrates Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized and accessible, with clear navigation and multilingual support. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though HTTP security headers could be improved. WHOIS data confirms the domain's legitimacy as an official city domain. Overall, the site is trustworthy, compliant with GDPR, and provides a positive user experience.

M

medio GmbH

busstag.de

62

The website www.busstag.de serves as an informational and campaign platform for the Buß- und Bettag, a religious day of reflection observed by evangelical Christians in Germany. It is operated under the auspices of the Evangelische Kirche and developed by medio GmbH, a TYPO3 CMS specialist. The site provides event information, prayer submissions, and live broadcast details, targeting a German-speaking religious audience. Technically, the site uses a modern stack including TYPO3, Bootstrap, Font Awesome, and Matomo analytics, hosted behind Cloudflare DNS services. Security posture is adequate with HTTPS and privacy-respecting analytics, though some security headers and policies could be improved. Privacy compliance is supported by a cookie consent banner and a privacy policy page. Overall, the site is professional, trustworthy, and well-aligned with its mission as a church campaign platform.

K

Kinopolis Management Multiplex GmbH

kinopolis.de

10

Kinopolis Management Multiplex GmbH operates a regional multiplex cinema chain in Germany, providing film programming, event hosting, and ticket booking services. The website serves as a portal for cinema selection and ticket purchases, targeting general cinema-goers in Germany. The business model centers on cinema exhibition and related services, positioning Kinopolis as a medium-sized player in the German cinema market with multiple locations and partner cinemas. The website branding is consistent and content quality is good, supporting a professional user experience.

S

Stadt Coburg

sagscoburg.de

30

Stadt Coburg operates the 'Sag's Coburg' platform, a municipal government website designed to facilitate communication between residents and city authorities by enabling citizens to report issues, provide suggestions, and offer compliments related to public spaces and services. The platform supports civic engagement and aims to improve the quality of life in Coburg through timely feedback and municipal responsiveness. The website is well-branded with official city logos and social media presence, targeting local residents and visitors. Technically, the website is built on WordPress CMS using the Enfold theme and Avia framework, hosted on RZone servers. It employs Matomo analytics for privacy-conscious user tracking and implements a cookie consent mechanism compliant with GDPR. The site is mobile-optimized and features good SEO practices, although accessibility features are basic. No forms are embedded on the analyzed page; reporting is redirected to an external city domain. From a security perspective, the site enforces HTTPS and uses cookie consent banners but lacks visible security headers in the HTML content. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is limited but consistent with a legitimate municipal domain. Privacy policies and terms of service are present and comprehensive, supporting GDPR compliance. Overall, the website presents a trustworthy, professional, and functional government service platform with moderate technical sophistication and good privacy practices. Strategic improvements in security headers and incident response transparency could enhance its security posture further.

C

Urlaub in Coburg

coburgmarketing.de

62

The website www.coburgmarketing.de serves as a regional tourism marketing platform promoting the city of Coburg, Germany. It highlights the city's cultural and hospitality offerings, targeting tourists and visitors interested in arts, culture, and leisure activities. The site is built on TYPO3 CMS, indicating a mature and flexible content management infrastructure. It employs Cookiebot for cookie consent management and Matomo for privacy-conscious analytics, reflecting a moderate level of digital maturity. Security measures include HTTPS enforcement and the use of hCaptcha to protect booking forms from bots. However, the absence of explicit privacy policy, terms of service, and contact information pages limits the site's compliance and user trust aspects. Overall, the site is functional and professionally presented but would benefit from enhanced transparency and security documentation.

S

Stadt Coburg

mein-coburg.de

54

The website www.coburg.de serves as the official municipal portal for the city of Coburg, Germany. It provides residents and visitors with up-to-date news, event information, and public service announcements. The site is well-branded with the city's official logo and maintains consistent content quality aimed at local citizens. The business model is focused on government communication and citizen engagement, positioning it as an essential resource for the community. The target audience includes local residents, businesses, and visitors seeking municipal information. Technically, the website employs a modern CMS platform (Information Enterprise Server by Sitepark GmbH) and integrates Matomo analytics with a GDPR-compliant cookie consent banner. The site uses HTTPS with strong security headers and includes accessibility and mobile optimization features. The technical infrastructure supports a moderate performance level with good SEO practices. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, consent mechanisms, and use of reCAPTCHA for forms. However, it lacks explicit published security policies, incident response contacts, and vulnerability disclosure information. No vulnerabilities or suspicious activities were detected in the content or scripts. The WHOIS data aligns with a legitimate municipal domain, enhancing trust. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include publishing explicit security and incident response policies, enhancing direct contact information, and considering a vulnerability disclosure policy to further strengthen trust and security posture.

P

Paritätischer Wohlfahrtsverband Niedersachsen e.V.

paritaetischer.de

62

Paritätischer Wohlfahrtsverband Niedersachsen e.V. is a prominent non-profit welfare association in Lower Saxony, Germany, representing over 880 member organizations. The website serves as an informational and service portal for members and the public, offering insights into the organization's structure, services, and regional presence. The business model focuses on social welfare advocacy, support, and coordination of member organizations across various social sectors. The organization holds a strong market position as a leading welfare umbrella in the region.

A

Arbeitgeberverband Oldenburg e.V.

agv-oldenburg.de

57

Arbeitgeberverband Oldenburg e.V. is the largest employer association in northwest Lower Saxony, Germany, representing over 750 companies and approximately 85,000 employees. The association offers a broad range of services including legal advice, process representation, cost avoidance, interest representation, seminars, and networking opportunities. The website reflects a professional and well-established organization with a history dating back to 1919. The target audience primarily consists of employers across various industries in the region. Technically, the website employs modern web technologies such as Matomo for analytics, StimulusJS for frontend interactivity, and Swiper.js for sliders. The site is mobile-optimized, accessible, and SEO-friendly, though no explicit CMS was detected. Hosting appears to be managed via your-server.de and related nameservers. From a security perspective, the site uses HTTPS with good SSL configuration and respects DoNotTrack settings in analytics. However, it lacks visible security headers and does not provide explicit incident response or vulnerability disclosure information. Privacy compliance is strong with a comprehensive privacy policy and terms of service, but no cookie consent mechanism was found. Overall, the website is trustworthy, professional, and well-maintained, with minor areas for improvement in security headers and privacy consent mechanisms. There is no indication of blocking or WAF interference, and the content is safe for general audiences.

B

Bundeszentrum Kita- und Schulverpflegung (NQZ)

gemeinsamgutessen.de

67

The website gemeinsamgutessen.de serves as the official platform for the Bundeszentrum Kita- und Schulverpflegung (NQZ), a government-affiliated initiative focused on improving the quality of nutrition in kindergartens and schools across Germany. It provides comprehensive information, resources, and networking opportunities for stakeholders involved in childcare and school meal provision. The site targets educators, parents, policymakers, and nutrition professionals, positioning itself as a trusted authority in this niche. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries such as jQuery and Slick Carousel for enhanced user experience. It employs Matomo analytics hosted on a controlled server, ensuring privacy compliance. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site uses HTTPS with a strong SSL configuration and implements a robust cookie consent mechanism aligned with GDPR requirements. While security headers are not explicitly detected, no vulnerabilities or exposed sensitive data were found. The absence of a published security policy or incident response contact suggests room for improvement in transparency and readiness. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. It effectively serves its public service mission with clear navigation, quality content, and user-centric features. Strategic recommendations include enhancing security headers, publishing a security policy, and establishing a vulnerability disclosure channel to further strengthen its security posture and stakeholder trust.

S

Sozialverband Deutschland e.V. Landesverband Nordrhein-Westfalen

sovd-nrw.de

45

The Sozialverband Deutschland e.V. Landesverband Nordrhein-Westfalen is a regional branch of a well-established German non-profit social welfare association. The organization provides social law advice, advocacy, and support services primarily targeting residents of Nordrhein-Westfalen. Their website is professionally designed, content-rich, and offers multiple channels for engagement including social media, newsletters, and podcasts. The business model focuses on membership and social support services, positioning the organization as a trusted regional social advocate. Technically, the website is built on TYPO3 CMS with modern frameworks like Bootstrap and integrates analytics tools such as Matomo and Google Tag Manager. The site is mobile-optimized, accessible, and performs moderately well. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site demonstrates a strong commitment to privacy compliance with comprehensive privacy and cookie policies. However, explicit security policies and incident response contacts are not published, which could be enhanced. The domain registration data is limited but consistent with a legitimate non-profit entity. The website is safe for general audiences with no adult or questionable content. Strategically, the organization should focus on enhancing security transparency, publishing incident response information, and maintaining strong privacy practices to further build trust and compliance.

S

Sozialverband Deutschland e.V.

sovd-gemeinsam.de

46

SoVD Gemeinsam gegen Einsam is a campaign website operated by Sozialverband Deutschland e.V., a large non-profit social welfare organization in Germany. The campaign addresses the issue of loneliness affecting various vulnerable groups including seniors, disabled persons, caregivers, and youth. The website offers information on counseling, neighborhood help, and political engagement to combat social isolation. Technically, the site is built on WordPress using the Elementor page builder and employs privacy-conscious tools such as Matomo analytics and Borlabs Cookie for GDPR-compliant cookie consent. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Contact is primarily via regional volunteer email addresses, with no phone numbers or physical addresses explicitly listed in the content provided. Overall, the site is professional, well-branded, and trustworthy with a clear social mission.

A

ASCA® GmbH & Co. KG

asca.com

48

ASCA® GmbH & Co. KG is a German-based company specializing in organic photovoltaic (OPV) solar films that enable flexible, lightweight, and transparent solar energy solutions. Positioned as a world market leader in OPV technology, ASCA® serves sectors including architecture, mobility, and smart products with custom solar solutions. The company operates under the HERING group umbrella and maintains a professional digital presence with a modern TYPO3 CMS-based website. The website is well-designed, mobile-optimized, and rich in relevant content, targeting architects, designers, and sustainability-focused businesses. Technically, the site uses modern frameworks and analytics tools but lacks some security headers and a cookie consent mechanism, which are recommended for compliance and security enhancement. WHOIS data is unavailable, which slightly reduces transparency but does not detract significantly from the company's credibility given the professional presentation and clear contact information.

H

Haus für Sicherheit®

hfs-systempartner.de

42

Haus für Sicherheit® is a specialized security technology company based in Germany, offering a wide range of products and services including alarm systems, safes, locking systems, electronic cylinders, video surveillance, mailbox systems, and fire protection technology. The company targets both private and business customers seeking comprehensive security solutions. The website presents a professional and consistent brand image with clear navigation and relevant content tailored to its audience. Technically, the site is built on WordPress using the Divi theme, enhanced with SEO and privacy-focused analytics tools such as Matomo. While the site employs HTTPS and obfuscates email addresses to reduce spam, it lacks some advanced security headers and a cookie consent mechanism, which are important for GDPR compliance. Overall, the security posture is moderate with room for improvement in policy transparency and technical safeguards. The domain registration data aligns well with the website content, indicating legitimacy and stable operation.

H

Haus für Sicherheit®

haus-fuer-sicherheit.de

42

Haus für Sicherheit® is a specialized small business focused on comprehensive security technology solutions including alarm systems, safes, locking systems, and video surveillance. The company targets both private and commercial customers seeking reliable security products and services. Their website reflects a professional presence with clear branding and a consistent message emphasizing experience and trust. Technically, the site is built on WordPress using the Divi theme, incorporating modern web technologies and privacy-conscious analytics via Matomo. The site is mobile-optimized and SEO-friendly, though some accessibility features are basic. Security posture is good with HTTPS enforced and obfuscated contact details, but could be improved by adding security headers and incident response information. Privacy compliance is partially met with a privacy and cookie policy present, but lacks a cookie consent mechanism. Overall, the website is trustworthy and functional, supporting the business's market position as a regional security specialist.

H

Haus für Sicherheit® Hannover

hfs-hannover.de

40

Haus für Sicherheit® Hannover is a specialized security technology company based in Germany, focusing on mechanical and electronic security solutions including locking systems, safes, alarm systems, and video surveillance. The company targets both private and commercial customers seeking comprehensive security services. Their market position is that of a local specialist with a professional online presence and a clear business focus. Technically, the website is built on WordPress using the Divi theme, incorporating modern analytics tools such as Matomo and Google Analytics, and demonstrates good mobile optimization and SEO practices. Security-wise, the site enforces HTTPS, uses common security headers, and obfuscates email addresses to reduce spam, though it lacks a cookie consent mechanism and explicit security or incident response policies. Overall, the website is trustworthy and professional, with room for improvement in privacy compliance and security transparency.

H

Haus für Sicherheit® Hildesheim

hfs-hildesheim.de

39

Haus für Sicherheit® Hildesheim is a specialized small business focused on providing comprehensive mechanical and electronic security technology solutions including locking systems, safes, alarm systems, and consulting services primarily for the Hildesheim region in Germany. The website reflects a professional and consistent brand presence with clear contact information and relevant service offerings. Technically, the site is built on WordPress using the Divi theme and integrates privacy-conscious analytics via Matomo alongside Google Analytics. Security posture is adequate with HTTPS enforced and email obfuscation implemented, though there is room for improvement in security headers and cookie consent mechanisms. Overall, the site is trustworthy and well-positioned for its local market niche.

C

CVJM Deutschland

cvjm.de

49

CVJM Deutschland is a well-established non-profit Christian youth organization operating primarily in Germany with a global YMCA affiliation. The website serves as an information hub for youth aged 10 to 30, offering community, spiritual growth, volunteer opportunities, and sports activities. The organization maintains a strong social media presence and provides clear contact information and donation options. Technically, the site uses Ecics CMS with jQuery, Slick Carousel, and Matomo analytics, delivering a moderately performant and mobile-optimized experience. Security posture is adequate with HTTPS and no visible vulnerabilities, but lacks advanced security headers and published policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional, trustworthy, and well-aligned with its mission.

D

dm-drogerie markt GmbH + Co. KG

lust-an-zukunft.de

68

The website 'Lust an Zukunft' is a community engagement platform operated by dm-drogerie markt GmbH + Co. KG, a large retail company in Germany. The site focuses on supporting local initiatives for a livable and open society, aligning with the company's corporate social responsibility efforts. The platform is well-branded and consistent with dm's retail and community values, targeting a general audience interested in social initiatives and retail services. Technically, the site employs modern web technologies including JavaScript modules and CSS, with a self-hosted Matomo analytics solution integrated via Cookiebot for GDPR-compliant user tracking. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms effectively, though it lacks explicit security headers and a published security policy. No critical vulnerabilities or suspicious content were detected, and the domain registration aligns with the brand identity. Overall, the website demonstrates a mature digital presence with strong privacy compliance and a trustworthy business profile.

D

Deutsch-Polnisches Jugendwerk / Polsko-Niemiecka Współpraca Młodzieży

sherpa-bne.org

42

The website sherpa-bne.org serves as an educational platform dedicated to Education for Sustainable Development (BNE), targeting youth and organizers involved in international youth encounters primarily between Germany and Poland. It is operated under the auspices of the Deutsch-Polnisches Jugendwerk and Polsko-Niemiecka Współpraca Młodzieży, reflecting a non-profit mission to promote sustainable and future-oriented youth exchanges. The platform offers thematic content, practical methods, and project examples to support sustainable development education in youth projects. Technically, the site is built on WordPress 6.8.3 with a modern tech stack including jQuery, Lightbox2, Slick Carousel, and WPML for multilingual support. It uses Matomo analytics, indicating a privacy-conscious approach to user tracking. The site is mobile-optimized and accessible, with good SEO practices and moderate performance. Hosting and domain registration are consistent and legitimate, with no signs of privacy protection or suspicious registrations. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks DNSSEC and explicit security headers. There is no visible cookie consent mechanism or published security/incident response policies, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is moderate but could be enhanced with additional best practices. The overall risk assessment is low, with the site presenting a trustworthy, professional, and educational resource. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent, and publishing security policies to improve compliance and trust.

P

Polsko-Niemiecka Współpraca Młodzieży

pnwm.org

53

Polsko-Niemiecka Współpraca Młodzieży (PNWM) is a well-established non-profit organization founded in 1998, dedicated to fostering Polish-German youth cooperation through funding, educational resources, and project support. The website serves as a comprehensive platform offering information on grants, training, publications, and partner search tools, targeting youth organizations, schools, and project organizers in Poland and Germany. The organization maintains a strong market position as a bilateral youth cooperation entity with a medium-sized operational scale and a clear mission to support international youth exchange projects. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, WPML for multilingual support, and Matomo for privacy-conscious analytics. It demonstrates good mobile optimization, accessibility, and SEO practices. The site employs HTTPS with a good SSL configuration and uses a cookie consent mechanism compliant with GDPR, reflecting a mature digital infrastructure. From a security perspective, the site follows best practices including HTTPS enforcement, cookie consent, and privacy-respecting analytics. However, there is room for improvement by enabling DNSSEC, implementing additional security headers, and publishing explicit security policies and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Overall, PNWM's website is professional, trustworthy, and compliant with privacy regulations, supporting its mission effectively. The domain's WHOIS data confirms legitimacy with a long registration history consistent with the organization's profile. Strategic recommendations include enhancing security headers, publishing security policies, and continuous monitoring of third-party plugins to maintain a strong security posture.

Z

Zentrum Verkündigung der EKHN

zentrum-verkuendigung.de

59

Zentrum Verkündigung der EKHN is a non-profit religious organization affiliated with the Evangelische Kirche in Hessen und Nassau, providing a broad range of church-related services including publications, events, spiritual resources, and music programs. The website serves as an important regional hub for church members, volunteers, and stakeholders, offering comprehensive content and resources tailored to their needs. The organization maintains a clear and consistent brand presence with good content quality and user experience. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and integrating Matomo for analytics. Hosting is provided by SchlundTech, a reputable provider. The site demonstrates good mobile optimization, accessibility, and SEO practices, ensuring a positive digital maturity level. From a security perspective, the site uses HTTPS with a solid SSL configuration and secure form handling. However, it lacks explicit security policies and incident response information publicly available, which could be improved. Privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms in place. No critical vulnerabilities or suspicious activities were detected. Overall, the website presents a trustworthy and professional digital presence for a religious non-profit entity, with recommendations to enhance security headers and publish security-related policies to further strengthen its posture.

M

Mach Kirchenmusik

mach-kirchenmusik.de

57

Mach Kirchenmusik is a specialized non-profit platform focused on promoting church music through education, events, and community engagement in Germany. The website serves musicians, students, and church communities by providing resources, event listings, and opportunities to participate in church music activities. The platform maintains a professional and consistent brand presence with excellent content quality and user experience. Technically, the site is built on Drupal 10, uses Matomo Analytics for privacy-conscious tracking, and implements GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the site is trustworthy, well-maintained, and compliant with privacy regulations.

W

webfactory GmbH

webfactory.de

59

webfactory GmbH is a well-established German web agency founded in 1997, specializing in custom websites and web applications primarily for companies, organizations, and public institutions. The company emphasizes long-term partnerships and high-quality, sustainable digital solutions. Their market position is strong within the German-speaking market, supported by a portfolio of reputable clients and projects. Technically, the website uses a modern stack including PHP, Symfony, and a proprietary CMS called wfDynamic, with privacy-conscious analytics via Matomo. The site is well-optimized for performance, accessibility, and mobile devices. Security posture is solid with HTTPS and privacy-respecting analytics, though some security policy disclosures and cookie consent mechanisms could be improved. Overall, the business credibility and professionalism are high, with clear contact information and consistent branding.

P

PERBILITY GmbH

concludis.de

52

PERBILITY GmbH operates the website www.mein-helix.de, offering enterprise-grade HR software solutions with a focus on high-volume recruiting through their product concludis. The company targets large organizations requiring efficient applicant management and seamless system integration. The website is professionally designed, multilingual (German and English), and provides comprehensive information about their services including onboarding, apprenticeship management, e-learning, and AI assistance. Technically, the site uses modern web technologies, including Matomo analytics and Leadinfo tracking, with hosting likely provided by Noris Network. Security posture is solid with HTTPS and CAPTCHA protections, though some improvements in security headers and incident response disclosures are recommended. Privacy compliance is mostly met with a clear privacy policy, but lacks a cookie consent mechanism. Overall, the site is trustworthy, well-branded, and serves a specialized B2B market segment effectively.

P

PERBILITY GmbH

concludis.com

52

PERBILITY GmbH operates the website www.mein-helix.de, offering enterprise-grade HR software solutions with a focus on high-volume recruiting through their product concludis. The company targets large organizations and enterprises requiring efficient applicant management and seamless system integration. The website is professionally designed, content-rich, and provides clear pathways for engagement such as demo requests. Technically, the site employs modern tracking tools like Matomo and Leadinfo, uses Cloudflare Turnstile CAPTCHA for form security, and is hosted on reputable nameservers. Security posture is strong with HTTPS and security headers in place, though improvements can be made in cookie consent and explicit security policies. Overall, the site reflects a mature digital presence suitable for its market segment.