Security Directory

W

Westfaelische Wilhelms-Universitaet Muenster

sciebo.de

59

The website hochschulcloud.nrw is an academic cloud storage service operated by Westfaelische Wilhelms-Universitaet Muenster, targeting universities and their staff and students in the NRW region of Germany. It offers secure, non-commercial cloud storage with features such as file sharing, collaboration, and project-specific storage. The service emphasizes data protection under strict German regulations and operates data centers exclusively in NRW. Technically, the site uses Imperia CMS and Bootstrap, with a moderate performance profile and good mobile optimization. Security posture is adequate but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is good with a comprehensive privacy policy, though no cookie consent mechanism was detected. Overall, the site is trustworthy and professionally presented, with no signs of malicious content or vulnerabilities.

N

Newbie

newbie-academy.eu

42

The NEWBIE website represents a European agriculture innovation network focused on supporting new entrants and successors in farming through business model development and knowledge dissemination. The platform connects various stakeholders including researchers, advisors, and regional actors to foster sustainable agricultural entrepreneurship. The site is professionally designed using WordPress with modern plugins and SEO optimizations, reflecting a moderate to good level of digital maturity. Security posture is adequate with HTTPS and secure forms, but lacks advanced security headers and explicit privacy and cookie policies, indicating room for compliance improvement. Overall, the site is trustworthy and serves a niche audience effectively, though enhancing privacy transparency and security policies would strengthen its risk profile.

Admoderate is a specialized digital brand development agency based in Germany, focusing on medium-sized businesses and agencies. They offer services including brand creation, corporate website design, and digital media conception with over 10 years of experience. The company positions itself as a reliable partner for digital growth in the mid-market segment and is part of the queo Gruppe, enhancing its market credibility. Technically, the website is built on WordPress using Elementor and optimized with Yoast SEO and WP Rocket, ensuring fast performance and excellent mobile responsiveness. Security measures include HTTPS enforcement, content security policy monitoring, and cookie consent management, although explicit security policies and incident response contacts are not published. Overall, the site demonstrates a strong professional presence with good SEO and privacy compliance, but could improve transparency on security and vulnerability disclosures.

S

Social Web macht Schule

social-web-macht-schule.de

58

Social Web macht Schule is a small educational organization based in Dresden, Germany, focused on promoting media literacy and digital media prevention among students, parents, and teachers. Their key services include workshops and prevention projects aimed at combating cyberbullying and encouraging safe use of social networks. The website is professionally designed using the Wix platform, featuring structured data for local business and website information, which supports their credibility. Technically, the site uses Wix's Thunderbolt framework and includes scripts to enhance security by hardening fetch and XMLHttpRequest calls. However, the site lacks visible privacy and cookie policies, which is a compliance gap given GDPR requirements. Security headers are not detected, and there is no public incident response or vulnerability disclosure information, which could be improved to enhance trust and security posture. Overall, the website is safe, well-targeted to its audience, and demonstrates a moderate level of technical maturity.

P

Procunia GmbH

procunia-online.de

44

Procunia GmbH is a specialized financial consulting firm focused on providing professional financing solutions for medium-sized enterprises in Germany. Their services include comprehensive financial planning, rating optimization, and capital procurement, leveraging over 15 years of industry experience. The company positions itself as a trusted advisor to the SME sector, offering tailored financing strategies beyond traditional banking products. The website reflects a professional and consistent brand image with clear communication channels and detailed team profiles. Technically, the site is built on WordPress with Elementor and Yoast SEO, ensuring modern content management and SEO capabilities. Security posture is solid with HTTPS enforced and some privacy-conscious scripting, though security headers could be improved. No blocking or WAF challenges were detected, allowing full content accessibility. Overall, the site demonstrates good digital maturity and business credibility with minimal tracking and a strong focus on privacy compliance.

I

intolight

intolight.de

65

Intolight is a specialized creative agency based in Germany, focused on designing and implementing interactive installations and exhibitions for clients including museums, events, and trade shows. The company positions itself as a niche player with expertise in immersive and interactive digital experiences, supported by a portfolio of notable clients such as Netflix and Thyssenkrupp. Technically, the website is built on WordPress using the Avada theme and several modern plugins, demonstrating a mature digital infrastructure with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent managed via Borlabs Cookie, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, reflecting a well-managed digital presence for a small but important business in the creative technology sector.

Q

queo valueTec

queo-valuetec.com

60

queo valueTec is a German technology company specializing in tailored software solutions aimed at sustainable value creation and business process optimization. The company positions itself as a trusted partner offering services from business analysis through solution architecture, software development, and application management. Their client portfolio includes notable organizations such as VW and Fraunhofer, supported by certifications like TISAX and CPRE, underscoring their commitment to quality and security. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, incorporating modern JavaScript libraries and analytics tools such as Matomo and Facebook Pixel. The site demonstrates good mobile optimization, SEO practices, and a professional design, reflecting a mature digital presence. Cookie consent mechanisms and GDPR-compliant privacy policies are implemented, indicating attention to privacy regulations. From a security perspective, the site enforces HTTPS and employs cookie consent but lacks visible security headers and explicit incident response or vulnerability disclosure information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data reduces transparency but does not detract significantly from the overall trustworthiness given the professional presentation and certifications. Overall, queo valueTec presents a credible and professional business with a solid technical foundation and reasonable security posture. Strategic improvements in security headers, incident response transparency, and WHOIS data availability would enhance trust and compliance further.

M

Militzer & Münch Group

mumnet.at

53

Militzer & Münch Group is a well-established international logistics and transportation company specializing in freight forwarding, warehousing, and supply chain management. The company targets businesses requiring comprehensive logistics solutions and maintains a strong market presence primarily in Europe and Asia. Their website reflects a professional and consistent brand image with multilingual support, catering to a global audience. Technically, the site is built on WordPress with Elementor, leveraging modern web technologies and providing a good user experience with mobile optimization and SEO best practices. Security posture is strong with HTTPS enforced and appropriate security headers, though the absence of a published security policy and vulnerability disclosure reduces transparency. The WHOIS data is missing, which raises concerns about domain registration legitimacy, but the overall business credibility and website professionalism mitigate some of these concerns. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the website is reliable and professional but would benefit from improved transparency in domain registration and security disclosures.

U

University of Colorado Boulder

colorado.edu

64

University of Colorado Boulder is a leading public research university established in 1876, offering a wide range of academic programs and research initiatives. The website serves a diverse audience including students, faculty, staff, alumni, and the broader community. It provides comprehensive information on admissions, academics, research, campus events, and support services. The university maintains a strong market position as a top-tier educational institution in Colorado with a focus on innovation and community impact. Technically, the website is built on Drupal 10, leveraging modern web technologies and multiple analytics and marketing tools, ensuring a responsive and accessible user experience. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response details are not publicly detailed. Overall, the site is professional, trustworthy, and well-maintained, reflecting the university's stature and commitment to transparency and user engagement.

S

Sustaining Arctic Observing Networks

arcticobserving.org

50

Sustaining Arctic Observing Networks (SAON) is a well-established international non-profit initiative focused on coordinating and sustaining Arctic observing networks. The website serves as an information hub providing strategy, partner coordination, activities, governance, and publications related to Arctic observation. The target audience includes researchers, policymakers, and Arctic Council members. The organization is positioned as a key collaborative platform in the Arctic scientific community with partnerships from major Arctic and polar organizations. Technically, the website uses Joomla CMS with common web technologies such as jQuery, Bootstrap, and a slideshow plugin. Hosting is inferred to be via GoDaddy. The site is moderately optimized for mobile and performance but lacks advanced accessibility and SEO features. Google Analytics is used for tracking without visible cookie consent mechanisms, indicating privacy compliance gaps. From a security perspective, the site uses HTTPS and has domain registration protections but lacks DNSSEC and visible security headers. No privacy, cookie, or terms of service policies are present, and no incident response or vulnerability disclosure information is provided. No forms are present, reducing input-related risks. Overall, the security posture is moderate but could be improved with better policies and technical controls. The overall risk is low given the non-commercial, informational nature of the site, but compliance and security improvements are recommended to enhance trust and regulatory adherence.

L

Life Coach Certification Institute

lifecoachcertification.com

46

Life Coach Certification Institute operates a professional online platform offering life coach certification and recertification courses. The business targets individuals seeking convenient and affordable certification with benefits such as unlimited exam retakes, instant certification, and online study materials. The website is well-structured, with clear navigation and a consistent brand presence, supported by trust badges from Norton and TRUSTe. Technically, the site uses concrete5 CMS, jQuery, Google Tag Manager, and Google Analytics, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and trust seals, but lacks some security headers and cookie consent mechanisms. The absence of WHOIS registration data raises concerns about domain legitimacy, which impacts overall trust. Contact information is limited to email, with no phone or physical address provided. Overall, the site presents a professional educational service but would benefit from improved transparency and security practices.

J

Joomag, Inc.

joomag.com

73

Joomag, Inc. operates a sophisticated digital publishing and content experience platform designed to empower businesses and marketers to create, distribute, and analyze interactive content with ease. The company holds a strong market position with over 5,000 customers and millions of users, offering a comprehensive suite of services including creative tools, AI-powered content generation, content automation, and behavioral analytics. Their platform targets non-creatives and marketing professionals seeking to scale personalized content efficiently. Technically, the website is built on modern web technologies such as Webflow CMS, Google Fonts, Cookiebot for consent management, and Google Tag Manager for analytics. The site is well-optimized for mobile devices, fast loading, and SEO-friendly, reflecting a mature digital infrastructure. The presence of cookie consent and privacy policies indicates a commitment to privacy compliance, including GDPR. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and publicly available incident response or vulnerability disclosure information. The absence of WHOIS data for the domain is a notable anomaly, reducing domain trustworthiness despite the professional appearance and strong business signals on the site. Overall, Joomag presents a credible and professional digital presence with strong business and technical foundations. However, improvements in security transparency and domain registration clarity are recommended to enhance trust and compliance.

U

University of the Arctic (UArctic)

uarctic.org

65

The University of the Arctic (UArctic) operates as a collaborative network of academic and research institutions focused on education and research in the Arctic and northern regions. The organization facilitates cooperation among over 200 member institutions, providing thematic networks, mobility programs such as north2north, and resources to support research and education. The website reflects a well-established non-profit entity with a clear mission to strengthen collective resources for northern studies. Technically, the website employs modern web technologies including Font Awesome 6 Pro, Embla Carousel, and lazy loading for images, ensuring a fast and responsive user experience. The use of Umbraco CMS is inferred from HTML structure, indicating a professional content management approach. Security posture is strong with HTTPS enforced, cookie consent mechanisms, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR considerations. Overall, the website demonstrates high professionalism, trustworthiness, and a strong digital presence suitable for its academic and non-profit nature.

U

ULMATEC GmbH

ulmatec.de

47

ULMATEC GmbH operates a professional website focused on modular extraction and filtration systems for industrial applications. The company positions itself as a specialized provider in the manufacturing sector, offering tailored solutions to business clients. The website is built on a modern WordPress CMS with Elementor page builder and includes multiple marketing and analytics integrations, indicating a mature digital presence. However, the WHOIS data for the domain www.ulmatec.com is missing or indicates the domain is not registered, which raises concerns about domain legitimacy despite the professional appearance of the site. Security posture is moderate with HTTPS enabled but lacks visible security headers and formal privacy or cookie policies. Overall, the website is safe and professional but would benefit from improved transparency and domain registration verification.

F

Fagor Automation

fagorautomation.com

61

Fagor Automation is a well-established global company specializing in the development and manufacture of automation and machinery control products, including CNC systems and feedback systems. With over 45 years of industry experience, it holds a strong market position as a benchmark in manufacturing technology. The company targets industrial manufacturers and machine tool builders, offering a comprehensive suite of products and services such as technical support, training, and digital solutions. The website reflects a professional and consistent brand image with multilingual support and rich content.

Y

Yaskawa

yaskawa.de

56

Yaskawa is a prominent provider of industrial automation solutions in Germany, specializing in products such as industrial robots, frequency converters, servomotors, and control systems. The website targets industrial and manufacturing businesses, positioning itself as a leading automation technology provider. The digital infrastructure leverages modern technologies including Bootstrap for frontend styling, Matomo for privacy-respecting analytics, and Usercentrics for cookie consent management, indicating a mature digital presence. Security posture is strong with HTTPS enforced and security headers present, although explicit privacy policies and terms of service are not found in the analyzed content. Overall, the website is professional, well-structured, and trustworthy, but could improve transparency by publishing comprehensive privacy and security policies.

M

Menzel Metallchemie GmbH

menzel-metallchemie.de

45

Menzel Metallchemie GmbH is a German-based medium-sized company specializing in the development and manufacturing of minimum quantity cooling and lubrication technologies using biodegradable high-performance oils. Positioned as a pioneer and market leader, the company serves industrial manufacturers, particularly in metal and plastic processing sectors, offering products such as spray technology systems, cooling lubricants, safety cold bronzing systems, and technical cleaning solutions. The website reflects a professional and consistent brand image with comprehensive product information and multiple contact channels including GDPR-compliant forms. Technically, the website is built on Mae CMS and employs modern web technologies including HTML5, CSS, JavaScript, and jQuery, with Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized with good SEO practices, though some accessibility features are basic. Performance is moderate, with room for improvement in loading speed and security headers. From a security perspective, the site uses HTTPS with good SSL configuration and secure forms incorporating CSRF tokens and GDPR consent checkboxes. However, explicit security policies and incident response information are absent, and security headers are not detected. No vulnerabilities or suspicious content were found, indicating a generally sound security posture. Overall, the website is trustworthy and professional, with strong business credibility and compliance with privacy regulations. Recommendations include implementing cookie consent mechanisms, enhancing security headers, and publishing security and incident response policies to further strengthen trust and compliance.

The website dyntrk.com is currently inaccessible, returning a 403 Forbidden error page with no accessible content. This prevents any meaningful analysis of the business, services, or technical infrastructure from the website itself. The domain is registered since 2012 with InterNetX GmbH and uses Amazon AWS nameservers, indicating a potentially stable hosting environment. However, the lack of accessible content and absence of security or privacy policies significantly limits the ability to assess the company's digital maturity or security posture. No contact information or business details are available from the website content. The security posture cannot be evaluated beyond the domain registration data, and the site appears to lack standard security headers or SSL configuration details in the provided data. Overall, the site is currently non-functional for external visitors, which poses a risk to business credibility and user trust.

A

Abion AB

playin.com

61

Playin.com is an online platform specializing in demo play of slot games, primarily focusing on Playin slot titles. The website offers free play options, bonus buy trials, previews of upcoming games, and a community forum for discussions. The business operates under Abion AB, a Swedish company established in 2018, positioning itself as a niche player in the online gaming demo market. The platform targets gamers and slot enthusiasts seeking to explore games before engaging in real-money play. Technically, the website is built using modern web technologies including React and Next.js, hosted on Vercel, and employs Vercel Analytics for performance and usage tracking. The site demonstrates good performance, mobile optimization, and basic accessibility features. SEO is well addressed with appropriate meta tags and Open Graph data enhancing social sharing. From a security perspective, the site enforces HTTPS, uses security headers, and maintains a domain status that prevents unauthorized transfers. However, DNSSEC is not enabled, and there is a lack of published privacy, cookie, and security policies, which are critical for compliance and user trust. No contact information for incident response or data protection officers is provided, indicating areas for improvement in transparency and compliance. Overall, Playin.com presents a professional and functional gaming demo platform with a solid technical foundation but requires enhancements in privacy compliance, user contact transparency, and security policy disclosures to strengthen its trustworthiness and regulatory adherence.

A

Akademie des Versicherers im Raum der Kirchen

autobahnkirche.de

60

The website autobahnkirche.de represents a non-profit organization focused on providing spiritual rest stops along German highways, known as Autobahnkirchen. The site is managed by the Akademie des Versicherers im Raum der Kirchen, supported by entities such as HUK-Coburg and Deutsche Telekom. The business model centers on offering travelers places for reflection, rest, and spiritual comfort, with information about locations and events. The website content is well-structured, professionally presented, and targets travelers and visitors interested in spiritual respite. Technically, the site is built using Adobe Experience Manager CMS, with standard web technologies including JavaScript and CSS. Hosting appears to be managed by Deutsche Telekom, inferred from nameservers. Performance is moderate with basic mobile optimization and accessibility features. The site uses Dynatrace for monitoring user experience and performance. SEO and meta tags are basic but sufficient for the site's scope. From a security perspective, the site uses HTTPS and implements a cookie consent banner, indicating awareness of privacy compliance. However, no explicit security headers were detected in the provided data, and no incident response or security policy pages are present. No forms or contact emails are visible on the main page, limiting direct user data collection. The WHOIS data aligns with the website's organizational claims, showing a consistent and legitimate registration. Overall, the website presents a low-risk profile with a good level of professionalism and compliance for a non-profit entity. Recommendations include enhancing security headers, improving mobile and accessibility features, and adding explicit security and incident response policies to strengthen trust and compliance.

M

Markgrafenkirchen im Markgraftum Ansbach

markgrafenkirchen-ansbach.de

44

The website www.markgrafenkirchen-ansbach.de serves as an informational platform dedicated to the Markgrafenkirchen churches located in the Markgraftum Ansbach region of Germany. It provides visitors with historical, architectural, and cultural insights about these churches, supported by interactive maps, directories, and downloadable brochures. The site targets tourists, local community members, and cultural heritage enthusiasts. It is supported and financed by regional church organizations, reflecting a niche cultural heritage focus within the government/non-profit sector. Technically, the site is built on Drupal 10 CMS, employing modern web technologies including the Klaro consent manager for GDPR compliance and jQuery Colorbox for image galleries. Hosting is provided by kunde24.de, a typical hosting provider for small to medium German websites. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a clean and professional design. From a security perspective, the site uses HTTPS (assumed though not explicitly confirmed in headers), employs a cookie consent mechanism, and does not expose sensitive data or vulnerable libraries in the HTML content. However, explicit HTTP security headers are not detected, and no dedicated security or incident response policies are published. Privacy compliance is well addressed with a clear privacy policy and cookie consent. No analytics or tracking beyond consent management is observed, indicating a privacy-conscious approach. Overall, the website presents a low-risk profile with a good balance of content quality, technical implementation, and privacy compliance. It is suitable for its cultural heritage mission but could improve security posture by adding security headers and explicit policies. Contact information is limited to a contact form, which may impact direct communication channels.

M

Markgrafenkirchen e.V.

markgrafenkirchen.de

59

Markgrafenkirchen e.V. is a non-profit organization dedicated to the cultural, spiritual, and touristic promotion of the Markgrafenkirchen churches in Upper Franconia, Germany. The website serves as a comprehensive resource offering detailed information about nearly 60 churches, including photos, events, tours, and educational materials. The organization is positioned as a niche cultural heritage promoter with a strong regional focus and supported by European Union funding. Technically, the website is built on WordPress with modern plugins and frameworks, providing a good user experience and SEO optimization. Security posture is solid with HTTPS and some security plugins, though improvements can be made in cookie consent and explicit security policies. Overall, the site is trustworthy, professional, and well-maintained, serving its target audience effectively.

Mobil Betriebskrankenkasse is a public health insurance provider based in Munich, Germany, operating as a Körperschaft des öffentlichen Rechts with self-administration. The website targets insured persons, offering services such as online processing of sick notes, sickness benefits, bonus programs, preventive health offers, and free health courses. The organization is a member of the BKK Landesverband Bayern, indicating its regional market position within Bavaria. The website presents a professional and consistent brand image with good content quality and accessibility features.

Kassensuche GmbH operates a German-language online portal focused on helping users find and compare statutory health insurance providers (gesetzliche Krankenkassen) in Germany. The website offers multiple tools including a contribution calculator, user-type based search, and detailed benefit comparisons. The portal targets insured individuals in Germany seeking optimal health insurance options. Technically, the site uses modern JavaScript modules, jQuery, and lazy loading techniques to enhance performance and user experience. The site is hosted with reputable DNS providers and uses HTTPS, ensuring secure connections. Security posture is adequate but could be improved by adding security headers and explicit incident response information. Privacy compliance is partially met with a clear privacy policy and terms of service, but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

I

ITSG - SV-Meldeportal der Sozialversicherung für Arbeitgeber

sv-meldeportal.de

61

The SV-Meldeportal is an official electronic reporting portal operated by the Informationstechnische Servicestelle der gesetzlichen Krankenversicherung GmbH (ITSG), serving employers and self-employed individuals in Germany for social insurance data exchange. It provides a secure, system-verified fill-in aid for submitting mandatory social insurance notifications, contribution statements, certificates, and applications. The portal is positioned as a government-related service with a clear focus on compliance and secure communication. Technically, the website is built on a modern WordPress CMS platform, utilizing popular plugins such as Yoast SEO Premium and WPBakery Page Builder. The site demonstrates good mobile optimization, SEO practices, and accessibility features, although some improvements in security headers and cookie consent mechanisms could be made. The presence of ISO 27001 certification indicates a strong commitment to information security standards. From a security perspective, the site uses HTTPS with a good SSL configuration and does not expose sensitive data in its HTML content. However, explicit security headers are not visibly implemented, and no incident response contact details are provided. The site lacks a cookie consent banner despite having a cookie policy, which may affect GDPR compliance. Overall, the security posture is solid but could benefit from enhancements in transparency and technical controls. The overall risk assessment is low, with the site appearing trustworthy, professionally maintained, and aligned with its stated business purpose. Strategic recommendations include implementing comprehensive security headers, adding a cookie consent mechanism, publishing vulnerability disclosure information, and providing clear incident response contacts to further strengthen trust and compliance.

S

Stiftung Gesundheit

stiftung-gesundheit.de

43

Stiftung Gesundheit is a German healthcare-focused organization dedicated to disseminating health knowledge and education, as indicated by its website title and description. The website targets a general audience interested in health information and operates likely as a non-profit or educational entity. Technically, the site is built on WordPress using the Elementor page builder, with modern font integration via Typekit and emoji support. The site is accessible, mobile-optimized, and uses HTTPS, but lacks advanced security headers and privacy compliance documentation. No contact information or formal policies such as privacy or cookie policies are present, which limits user trust and compliance with GDPR. The WHOIS data is minimal and lacks detailed registrant information, which slightly reduces domain trustworthiness. Overall, the website is functional and professional but would benefit from enhanced security practices and privacy compliance to improve trust and legal adherence.

M

Messer Medical

messermedical.hu

42

Messer Medical is a Hungarian healthcare service provider specializing in oxygen therapy and sleep therapy equipment and services. The company targets patients with chronic oxygen deficiency and medical professionals requiring high-quality therapeutic devices. The website reflects a medium-sized business with a national presence, supported by contracts with the National Health Insurance Fund of Hungary since 2004. The site uses WordPress with a professional theme and common plugins, providing a good user experience and mobile optimization. However, it lacks critical privacy and cookie policies, which impacts compliance and user trust. Security posture is moderate with HTTPS enabled but missing security headers and incident response contacts. Overall, the website is professional and trustworthy but requires improvements in privacy compliance and security best practices.

B

BDG – Bundesverband der Deutschen Gießerei-Industrie

guss.de

44

The website www.guss.de represents the BDG – Bundesverband der Deutschen Gießerei-Industrie, a prominent German foundry industry association. It serves as an information hub for industry news, events, research projects, and training related to the foundry sector. The site targets professionals, researchers, and stakeholders within the German manufacturing and foundry industry. The business model is centered on advocacy, knowledge dissemination, and member services, positioning BDG as a key industry player in Germany. Technically, the website is built on TYPO3 CMS, a robust and widely used content management system, and integrates modern tools such as Google Tag Manager, Google Analytics, and Usercentrics for consent management. Hosting is provided by Intersolute, as indicated by the domain's nameservers. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, with a professional and consistent design. From a security perspective, the site enforces HTTPS and uses consent management for cookies, reflecting GDPR awareness. However, no explicit privacy policy or terms of service pages were found in the provided content, and no security headers were detected, suggesting room for improvement in security hardening. No vulnerabilities or exposed sensitive data were identified. The WHOIS data aligns well with the website content, indicating a legitimate and trustworthy domain registration. Overall, the website is professional, content-rich, and trustworthy, but could enhance its privacy and security posture by publishing clear policies, adding security headers, and providing contact information for incident response. These improvements would strengthen compliance and user trust.

V

VHBS

vhbs.de

54

VHBS is a specialized organization operating in the maritime transportation sector, focusing on container charter market indices such as New ConTex, industry news, and event organization like the EISBEIN dinners. The website targets shipping professionals and partners in the maritime industry, providing market data, news, and networking opportunities. Technically, the site is built on TYPO3 CMS with legacy jQuery libraries and uses CanvasJS for charting. The site is moderately optimized for performance and mobile use but could benefit from modernization and enhanced accessibility. Security posture is adequate with HTTPS and cookie consent mechanisms but lacks advanced security headers and uses outdated JavaScript libraries, which could pose risks. Privacy compliance is basic but present, with a privacy policy and cookie banner. Contact information is limited to a login form and partner emails referenced in news content. Overall, the site is professional and trustworthy within its niche but could improve technical and security aspects to enhance user trust and compliance.

B

bulb

bulb-startups.de

61

bulb is a German startup support network focused on providing legal and business consulting services to founders and startups. The website positions itself as a practical and relevant resource offering support through a strong network and specialized advice, particularly in labor law. The company targets startups and entrepreneurs, aiming to help transform ideas into successful businesses. The website is built on WordPress using the Avada theme and includes modern web technologies such as jQuery and WPForms. Cookie consent is managed via Cookiebot, indicating GDPR compliance. Social media presence on Instagram and LinkedIn supports community engagement. Security posture is good with HTTPS enforced and spam protection on forms, though security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the site is professional, well-structured, and trustworthy, serving a niche startup support market in Germany.

H

Hamburger Verkehrsverbund

hvv.de

68

Hamburger Verkehrsverbund (hvv) operates as the primary public transportation network for Hamburg and its surrounding areas, providing comprehensive services including timetable information, ticket sales, and mobility consulting. The website serves as a digital portal for users to access schedules, purchase tickets, and stay informed about service updates. The platform targets public transit users in the Hamburg region and positions itself as a leading transportation provider with a strong regional presence. Technically, the website employs a modern JavaScript stack with libraries such as jQuery UI, GSAP, and Moment.js to enhance user experience and performance. It features responsive design and accessibility considerations, including keyboard navigation and ARIA roles. The site integrates tracking via etracker for analytics while maintaining GDPR compliance through cookie consent mechanisms and a detailed privacy policy. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, indicating attention to secure data handling. However, explicit security headers and a published security policy or vulnerability disclosure are absent, representing areas for improvement. No signs of WAF or blocking mechanisms were detected, allowing full content access. Overall, the website demonstrates a solid balance of usability, compliance, and security suitable for a public transportation entity. Strategic enhancements in security transparency and incident response readiness would further strengthen its posture.

O

OEKO-TEX® Service GmbH

eko-tex.com

72

OEKO-TEX® Service GmbH operates as a globally recognized certification and standard-setting organization focused on the textile and leather industries. Their website demonstrates a strong commitment to sustainability, transparency, and scientific rigor, offering multiple certifications such as STANDARD 100, MADE IN GREEN, and ECO PASSPORT. The company targets manufacturers, brands, and consumers seeking verified sustainable and safe textile products. The business is positioned as a medium-sized entity headquartered in Zurich, Switzerland, with a foundation dating back to 1992. Technically, the website is built on TYPO3 CMS and integrates modern tools like Google Tag Manager and a chatbot for enhanced user interaction. The site is well-optimized for mobile devices, features clear navigation, and maintains good SEO and accessibility standards. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and employs a cookie consent mechanism aligned with GDPR requirements. However, it lacks visible security headers and does not publish explicit security or incident response policies, which are areas for improvement. The absence of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy, though the website content and contact information appear authentic and professional. Overall, OEKO-TEX® presents a trustworthy and professional online presence with strong business credibility and privacy compliance. Strategic enhancements in security transparency and domain registration clarity would further strengthen their digital trustworthiness.

K

Kallinich Media GmbH & Co. KG

chemie-azubi.de

46

Chemie-Azubi.de is a specialized educational blog operated by Kallinich Media GmbH & Co. KG, focusing on apprenticeships and dual study programs in the German chemical industry. The platform provides comprehensive career guidance, company profiles, and chemistry knowledge targeted at students, apprentices, parents, and educators. It holds a niche position supported by chemical industry employers and associations, emphasizing practical career information and industry insights. Technically, the website is built on TYPO3 CMS with modern web technologies including Bootstrap and jQuery, hosted on Schlundtech infrastructure. It integrates privacy-compliant analytics (Matomo) and user consent management (Usercentrics), reflecting a mature digital infrastructure. Security posture is strong with HTTPS and consent mechanisms, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-optimized for its audience and purpose.

A

Arbeitgeberverband im Bezirk Hildesheim e.V.

agvhildesheim.de

46

The Arbeitgeberverband im Bezirk Hildesheim e.V. is a well-established regional employer association representing approximately 200 member companies and nearly 22,000 employees across the Hildesheim, Alfeld, Holzminden, and Peine regions in Germany. Founded in 1949, it serves as a voluntary association providing legal, social-political, and economic representation and support to its members. The website clearly communicates its mission, services, and organizational structure, targeting regional employers seeking advocacy, legal advice, training, and networking opportunities. Technically, the website is built on Joomla CMS with Bootstrap and jQuery frameworks, hosted on rzone.de servers. It features a professional design with responsive elements and basic SEO optimizations. The site includes a cookie consent mechanism compliant with GDPR and employs JavaScript-based email cloaking to reduce spam. No advanced analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS with good SSL configuration but lacks advanced security headers and explicit incident response or vulnerability disclosure policies. No critical vulnerabilities or suspicious elements were found. The WHOIS data is minimal but consistent with the business claims, and no privacy protection is used, which is appropriate for this type of organization. Overall, the website presents a trustworthy, professional, and compliant digital presence for a regional employer association, with room for improvement in security headers and incident response transparency.

A

ANA Allgemeiner Norddeutscher Arbeitgeberverband e. V.

anaev.de

54

ANA Allgemeiner Norddeutscher Arbeitgeberverband e. V. is a regional non-profit employer association in Northern Germany providing labor law advisory services, legal representation, and political interest representation for its member companies. The website is professionally designed using TYPO3 CMS and modern web technologies, offering clear navigation and relevant content targeted at member companies and stakeholders. The technical infrastructure is moderate in performance with good mobile optimization but lacks some advanced security headers and cookie consent mechanisms. Security posture is adequate with HTTPS implied but could be improved by adding explicit security policies and incident response contacts. Overall, the website is trustworthy and credible with strong partner networks and clear contact information.

U

UV Nord

uvnord.de

45

UV Nord is a regional employers' association in northern Germany, providing advocacy, information, and networking services to its member companies. The website is professionally designed using WordPress and Elementor, with a focus on labor law, social law, infrastructure, and economic topics relevant to the region. The technical infrastructure is modern and includes performance optimizations and a consent management platform for GDPR compliance. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and policies could be improved. Overall, the website is trustworthy and serves its target audience effectively.

V

Verband Forschender Arzneimittelhersteller e.V. (vfa)

starkamstandort.de

54

The website starkamstandort.de serves as an informational and advocacy platform for the pharmaceutical industry in Germany, operated under the umbrella of the Verband Forschender Arzneimittelhersteller e.V. (vfa). It highlights the importance of pharma as a key industry through events, policy discussions, and economic insights, targeting policymakers, industry stakeholders, and the general public interested in healthcare innovation. The site is well-branded, consistent, and professionally designed, reflecting a large and established organization with significant market influence. Technically, the site is built on the Contao Open Source CMS, utilizing modern web technologies such as jQuery, Bootstrap, and Swiper for responsive and interactive user experience. The site is mobile-optimized and SEO-friendly, with comprehensive metadata and structured data enhancing discoverability. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. It uses secure session management and CSRF protection cookies. However, it lacks explicit security headers and published security policies or incident response contacts, which are recommended for enhanced security posture. No vulnerabilities or suspicious patterns were detected. Overall, the site presents a low-risk profile with strong business credibility and compliance posture. Strategic recommendations include adding security headers, publishing a security policy, and providing clearer contact information for incident response to further strengthen trust and security.

L

Startseite – #LebeFarbe

lebe-farbe.de

51

The website www.lebe-farbe.de is a German-language site focused on the theme of color and its impact on home environments. It provides content about the effects of colors and how they can transform living spaces, targeting a general audience interested in home decoration and color psychology. The site uses WordPress as its CMS and integrates third-party services such as Cookiebot for cookie consent management, Google Analytics, Facebook Pixel for tracking, and Spotify embeds for audio content. The technical infrastructure is modern with HTTPS enabled, though some security headers are not explicitly detected in the provided content. The cookie consent mechanism is comprehensive and GDPR compliant, but no explicit privacy policy or terms of service pages were found in the analyzed content. Contact information such as emails or phone numbers is not present in the visible HTML content, which limits direct user engagement channels. WHOIS data is minimal but consistent with a German domain, with no privacy protection or suspicious patterns detected. Overall, the website presents a good level of professionalism and compliance but could improve transparency and security posture by publishing privacy and terms documents and enhancing security headers.

M

MEHRWERT:PFLEGE

mehrwert-pflege.com

43

MEHRWERT:PFLEGE is a healthcare-focused non-profit initiative affiliated with the Verband der Ersatzkassen e. V. (vdek), providing free and comprehensive process consulting to promote employee health in hospitals, stationary and ambulatory care facilities. The website presents a professional and well-structured digital presence with clear navigation, multimedia content, and strong branding consistency. Technically, it is built on WordPress with the Avada theme and employs modern web technologies and SEO best practices. Security posture is good with HTTPS and cookie consent mechanisms, though some advanced security headers and incident response information are missing. The domain WHOIS data is unavailable, which raises some concerns about registration transparency but does not detract from the overall legitimacy suggested by the content and affiliations. Strategic recommendations include enhancing security headers, publishing incident response contacts, and verifying domain registration details.

V

vdek and Ersatzkassen

gesund-digital.info

47

Gesund digital is a German-language digital health education platform supported by major health insurers such as vdek and Ersatzkassen. It aims to empower users, particularly older adults and insured members, to effectively use digital health applications and understand digital health services. The website provides structured modules on finding, understanding, and trusting digital health offerings, including electronic patient records and telemedicine. Technically, the site uses modern frontend technologies like Alpine.js and serves content over HTTPS with a cookie consent mechanism, reflecting a moderate to good level of digital maturity. Security posture is solid with no evident vulnerabilities, though some HTTP security headers could be improved. Privacy compliance is strong, with a comprehensive privacy policy and GDPR-aligned cookie consent. The WHOIS data is privacy protected, which is justified given the healthcare context, and no suspicious patterns were detected. Overall, Gesund digital presents a trustworthy, professional, and user-friendly platform for digital health literacy.

S

Stiftung Gesundheit

arzt-auskunft.de

57

Stiftung Gesundheit operates the Arzt-Auskunft platform, a comprehensive German healthcare provider search service established in 1997. The platform enables patients to find doctors, clinics, therapists, and pharmacies nearby, offering features such as online appointment booking and information on barrier-free practices. The website is well-positioned in the German healthcare information market with a large user base and a strong reputation as a non-profit entity. Technically, the website employs modern frontend technologies including Vue.js, Bootstrap, jQuery, and Choices.js, ensuring a responsive and user-friendly experience across devices. Hosting is managed via Schlundtech, a reputable provider. The site demonstrates good SEO and accessibility practices, though performance is moderate. From a security perspective, the site uses HTTPS and deferred script loading, but lacks explicit security headers and a visible security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive GDPR-compliant privacy policy, though no cookie consent mechanism was observed. Overall, the website presents a low-risk profile with high trustworthiness and professionalism. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing incident response details to further strengthen security posture and compliance.

M

Vermittlerportal - gesetzlicheKrankenkassen.de Vermittlerportal

makleraktiv.de

45

Makleraktiv.de operates as a specialized distribution partner portal focused on statutory health insurance in Germany. It targets insurance brokers and professionals by providing tools such as comparison calculators, online application processing without signature requirements, and a pooling service for membership applications. The platform emphasizes its 25 years of experience and offers a registration system for brokers to access these services. Technically, the website uses modern web technologies including Bootstrap and JavaScript ES modules, hosted on infrastructure associated with DomainControl. The site is mobile-optimized and presents a professional design with clear navigation. Security-wise, the site uses HTTPS and secure form submission but lacks visible advanced security headers and CSRF protections, which are recommended for improvement. Privacy compliance is partially addressed via a privacy policy hosted on a related domain, but no cookie consent mechanism is present on the login page. Overall, the website is legitimate and functional with moderate trustworthiness, suitable for its business purpose.

K

Künstlersozialkasse

kuenstlersozialkasse.de

52

The Künstlersozialkasse website serves as the official online presence for the German statutory social insurance scheme for self-employed artists and publishers. It provides comprehensive information about the KSVG law, services, compliance, and contributions, targeting artists, publishers, and companies obligated to pay contributions. The site is positioned as a government-related entity under the parent organization Knappschaft-Bahn-See since 2025, offering key services such as insurance coverage, online forms, and up-to-date news. Technically, the website is built on TYPO3 CMS with Bootstrap and FontAwesome, ensuring a modern and responsive design. Cookie consent is managed via Cookiebot, and analytics are handled by Matomo, reflecting a privacy-conscious approach. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR, though it lacks explicit terms of service and vulnerability disclosure mechanisms.

K

Knappschaft-Bahn-See

arbeitgeberversicherung.de

63

The website arbeitgeberversicherung.de represents the employer insurance services provided by Knappschaft-Bahn-See, a major German government-related insurance entity. It offers comprehensive insurance coverage for employers regarding employee sickness and maternity benefits through Umlageverfahren U1 and U2. The site targets employers in both commercial and private sectors, including those with Minijobbers and employees insured under the Knappschaft system. With over two million customers and a history dating back to 1969, it holds a strong market position in Germany's social insurance landscape. Technically, the website is built on the Government Site Builder CMS, leveraging modern JavaScript libraries, Matomo analytics, and Usercentrics for cookie consent management. The site is well-optimized for mobile and accessibility, with good SEO practices and a moderate performance profile. It uses HTTPS and encrypted form submissions, ensuring secure data handling. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and consent management but lacks explicit published security policies or incident response contacts. No vulnerabilities or suspicious content were detected. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Overall, the website is professional, trustworthy, and well-aligned with its government insurance service mission. Strategic improvements could include publishing dedicated security and incident response information and enhancing security headers to further strengthen its security posture.

M

Minijob-Zentrale

minijob-zentrale.de

68

Minijob-Zentrale is the official German government portal dedicated to providing comprehensive information and administrative services related to Minijobs and minor employment in Germany. It serves as the central registration and reporting authority for such employment types, targeting both employers and employees. The website offers a broad range of services including registration, calculators, informational articles, newsletters, and a household job marketplace platform. The site is well-positioned as a trusted government resource with authoritative content and a strong market presence in the employment sector.

F

Finest Audience Academy

aflare.de

48

The website aflare.de appears to be a small-scale affiliate marketing or digital marketing related site powered by Finest Audience Academy. The content is minimal and primarily focused on marketing tracking technologies. The technical infrastructure includes common analytics and marketing tools such as Google Analytics, Google Tag Manager, Facebook Pixel, and reCAPTCHA, hosted behind Cloudflare nameservers. However, the site lacks critical privacy and cookie policies, contact information, and visible security best practices, which limits its trustworthiness and compliance posture. The WHOIS data is limited but consistent with Cloudflare usage, providing no strong indicators of illegitimacy but also lacking transparency. Overall, the site demonstrates basic digital maturity but requires significant improvements in privacy compliance, security posture, and business transparency to enhance credibility and user trust.

F

fit trotz Family

fit-trotz-family.de

65

fit-trotz-family.de is a German niche fitness blog focused on helping parents balance fitness, family, and work life. The website offers fitness tips, product reviews, challenges, and local gym information with childcare options. It targets parents seeking practical advice to maintain an active lifestyle despite family commitments. The site is built on the Jimdo Creator CMS platform, hosted by Jimdo GmbH, and uses modern web technologies including jQuery and Google Analytics with GDPR-compliant cookie consent mechanisms. The design is professional, mobile-optimized, and content is relevant and trustworthy. Security posture is good with HTTPS enforced and basic security best practices, though additional security headers could improve protection. No critical vulnerabilities or exposed sensitive data were found. Contact is primarily via a company email address, with no phone or physical address listed. Overall, the website is safe, family-friendly, and compliant with privacy regulations.

machtfit operates a German health platform that connects companies, their employees, and health partners to promote employee wellness and engagement. The platform positions itself as a key intermediary in corporate health management, targeting medium-sized businesses in Germany. The website is built on WordPress using Elementor, integrating modern web technologies and analytics tools such as Hotjar and Google Tag Manager, although Google Analytics is not fully configured. The technical infrastructure is hosted on AWS, ensuring reliable performance and scalability. The site demonstrates good mobile optimization and SEO practices but lacks comprehensive privacy and cookie policies, which impacts compliance and user trust. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but the absence of security headers and incident response policies suggests room for improvement. Overall, the website is professional and functional, but enhancing privacy compliance and security transparency would strengthen its credibility and trustworthiness.

S

SECURVITA

securvita.de

49

SECURVITA is a well-established German health insurance provider offering a broad range of statutory and private insurance products with a strong emphasis on natural healing methods and family services. The company is recognized as one of Germany's best health insurers, supported by awards and a comprehensive service portfolio including modular insurance options, bonus programs, and financial products. The website is professionally designed, content-rich, and targets German-speaking customers seeking health insurance solutions. Technically, the site is built on TYPO3 CMS, hosted on plusserver.com, and incorporates modern accessibility and cookie consent technologies. Security posture is solid with HTTPS and cookie consent mechanisms, though the absence of explicit security policies and incident response contacts suggests room for improvement. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact channels primarily via phone and contact forms.

Mobil Betriebskrankenkasse is a public health insurance provider based in Munich, Germany, operating as a Körperschaft des öffentlichen Rechts with self-administration. The company serves insured persons primarily in Bavaria and offers services such as online processing of sick notes, sickness benefits, bonus programs, preventive health offers, and free health courses. It is a member of the BKK Landesverband Bayern, indicating a solid regional market position within the German healthcare sector. The website is professionally designed with good content quality and clear navigation, targeting insured individuals seeking health insurance services. Technically, the site employs modern web technologies including Cookiebot for consent management and Matomo for analytics, ensuring GDPR compliance and user privacy. The site is mobile-optimized and accessible, with structured data enhancing SEO and user experience. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response policies are not publicly documented. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.