Security Directory

C

CCC München - Comprehensive Cancer Center

ccc-muenchen.de

67

CCC München is a comprehensive cancer center jointly operated by the Ludwig-Maximilians-Universität München and the Technische Universität München. Established in 2014 and recognized as an oncological excellence center by Deutsche Krebshilfe, it provides advanced cancer patient care, clinical research, and educational events for medical professionals. The website targets patients, healthcare providers, and researchers, offering detailed information about services, events, and collaborations. Technically, the website is built on the Scrivito CMS platform, hosted on AWS infrastructure, and uses modern web technologies including JavaScript, Matomo analytics for privacy-conscious tracking, and Leaflet for interactive maps. The site is mobile-optimized and SEO-friendly, with a moderate performance profile. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and implements cookie consent mechanisms. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. It effectively supports its healthcare mission but could improve by publishing more detailed security and incident response information.

T

Technische Hochschule Mannheim

th-mannheim.de

65

Technische Hochschule Mannheim is a well-established public technical university in Germany offering a wide range of Bachelor and Master degree programs with innovative study concepts. The institution targets students, prospective students, employees, and companies, providing education, research, transfer services, and international exchange opportunities. The website reflects a strong market position as a regional technical university with comprehensive academic and research offerings. Technically, the website is built on TYPO3 CMS with modern frontend technologies like Bootstrap and jQuery, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS, cookie consent mechanisms, and no visible vulnerabilities, although some security headers could be improved. Privacy compliance is robust with clear GDPR-aligned policies and cookie management. Overall, the website is professional, trustworthy, and user-friendly, supporting the institution's credibility and outreach.

U

Urban Brew Studios

urbanbrew.co.za

50

Urban Brew Studios is a well-established South African media production company specializing in television and audio studio facilities, content creation, and channel management. With over 25 years in the industry, it holds a leading position in the independent television production sector in South Africa. The company offers a broad range of services including high-end audio post-production, branded content, and facilities hire, targeting broadcasters, content creators, and advertisers. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses common web technologies such as jQuery and FontAwesome. The site is mobile optimized and performs moderately well. Security posture is adequate with HTTPS enforced but lacks comprehensive security headers and formal security policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the domain registration and WHOIS data align well with the business claims, supporting legitimacy.

R

Russmedia Digital GmbH

russmedia.com

10

Russmedia is a well-established media company based in Austria, specializing in regional newspapers, digital marketing, and publishing services. The company targets regional media consumers and advertisers, positioning itself as a leader in the Austrian media landscape. The website reflects a professional digital presence with a focus on user experience and compliance with privacy regulations such as GDPR. Technically, the site is built on WordPress and leverages modern web technologies including jQuery, FontAwesome, and Cookiebot for cookie consent management. Security measures include HTTPS enforcement and standard security headers, although no explicit security policy or vulnerability disclosure is published. The absence of WHOIS data for the domain is a notable anomaly, reducing transparency but not necessarily indicating illegitimacy given the professional nature of the site and business. Overall, the site demonstrates a mature digital infrastructure with moderate performance and good privacy compliance.

N

NEB - Die Niederbarnimer Eisenbahn

neb.de

54

NEB - Die Niederbarnimer Eisenbahn operates as a regional railway service provider in the Brandenburg and Berlin area, offering passenger transport, ticketing, and travel information services. The website is well-structured, professionally designed, and targets regional commuters and travelers. It provides detailed information about train lines, tickets, excursions, and service updates. The digital infrastructure is based on TYPO3 CMS, enhanced with modern web technologies and accessibility features, ensuring a good user experience across devices. The website employs Cookiebot for cookie consent management and integrates Google Analytics for traffic analysis, reflecting a mature approach to privacy compliance. Security posture is solid with HTTPS enforced and Cloudflare DNS usage, although some security headers could be improved. Overall, the website is trustworthy, professional, and compliant with relevant privacy regulations, though explicit privacy policy and terms of service pages were not detected in the provided content.

L

Landesregierung Brandenburg

digitalesbb.de

44

Digitales Brandenburg is an official digital transformation initiative by the Landesregierung Brandenburg (State Government of Brandenburg, Germany). The website serves as a comprehensive information portal providing updates on digital policies, strategies, and projects within the state. It targets citizens, municipalities, and businesses interested in digital development and government services in Brandenburg. The platform offers news, event information, newsletters, and resources related to digital infrastructure and society. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses SEO best practices and analytics tools such as Google Analytics and WP Statistics. The hosting is managed via kasserver.com, consistent with the domain's WHOIS data. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit policies are missing. Privacy compliance is partial, with a comprehensive privacy policy present but lacking a cookie consent mechanism. Overall, the website is professional, trustworthy, and well-positioned as a government digital resource.

L

Landkreis Freyung-Grafenau

mehralsduerwartest.de

50

The website www.mehralsduerwartest.de serves as the official regional marketing campaign platform for Landkreis Freyung-Grafenau, Germany. It promotes the region's business landscape, quality of life, and community engagement through rich multimedia content, stories, and event information. The site targets residents, families, local businesses, and tourists, positioning itself as a trusted source for regional promotion backed by local government. Technically, the site is built on WordPress with modern plugins like Yoast SEO and Borlabs Cookie, ensuring good SEO and privacy compliance. The infrastructure is stable with HTTPS and moderate performance. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance with GDPR regulations.

The Bundesverband Deutscher Innovations-, Technologie- und Gründerzentren e.V. (BVIZ) is a well-established German non-profit association representing innovation, technology, and startup centers across Germany. Founded in 1988, it serves as a network and advocacy group for over 150 member organizations, providing resources, events, and publications to support innovation infrastructure. The website reflects a professional and consistent brand presence, targeting innovation centers, startups, and related stakeholders. Technically, the website employs modern web technologies including Bootstrap for responsive design, FontAwesome for icons, and Google Analytics for visitor tracking. It is hosted on a domain managed by DomainControl (GoDaddy) and uses HTTPS with a good SSL configuration. The site is mobile-optimized and provides clear navigation and content structure, although some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks visible security headers and does not provide explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is consistent with the website's professional nature and shows no suspicious patterns. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. Strategic improvements in security headers and transparency around security policies would further enhance its posture. The site is safe for general audiences and does not contain any adult or questionable content.

S

Schwäbisch Media

suedfinder.de

49

Südfinder is a well-established regional weekly newspaper operated by Schwäbisch Media, targeting readers across southern Germany with a strong presence in local markets. The website offers digital e-paper editions, advertising services, and local contact points, reflecting a mature media business model focused on free distribution funded by advertising. Technically, the site is built on WordPress with a modern tech stack including jQuery and Cookiebot for consent management, ensuring GDPR compliance. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is strong, with comprehensive cookie consent and a detailed privacy policy. Overall, the site is trustworthy and professionally maintained, with no critical issues detected.

F

Forschungszentrum Borstel, Leibniz Lungenzentrum

fz-borstel.de

49

Forschungszentrum Borstel, Leibniz Lungenzentrum is a reputable German lung research institution focusing on chronic inflammatory lung diseases and infectious lung inflammation such as tuberculosis. It operates under the Leibniz Association and is publicly funded, with a strong emphasis on scientific research, publications, and collaboration. The website reflects a professional and well-structured digital presence, utilizing Joomla CMS and modern web technologies, with good mobile optimization and accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the site demonstrates a high level of trustworthiness and compliance with GDPR regulations.

F

Fondazione FIRMO

fondazionefirmo.com

68

Fondazione FIRMO is a specialized non-profit organization dedicated to research, awareness, and support related to bone diseases, primarily operating in Italy. The website presents a professional and consistent brand image, targeting patients, healthcare professionals, researchers, and donors. It offers key services including research funding, patient education, events, and publications. Technically, the site is built on WordPress with modern SEO and slider plugins, delivering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit privacy or cookie policies. The absence of WHOIS data for the domain raises legitimacy concerns, though the active content and social media presence support its authenticity. Overall, the site is functional and trustworthy but would benefit from enhanced security and compliance documentation.

1

10x Group

10x.group

44

10x Group is a venture capital firm focused on investing in founders across Europe and Silicon Valley, with a portfolio spanning growth, late-stage, and early-stage companies through its 10x Founders and FLEX Capital funds. The website presents a professional and consistent brand image, showcasing a broad portfolio of companies with successful IPOs and exits, indicating a strong market position. Technically, the site uses modern web technologies including jQuery, ScrollReveal, Google Analytics, and Hotjar, providing a moderate level of digital maturity with good mobile optimization and user experience. Security posture is adequate with HTTPS implied, but lacks visible security headers and formal privacy or cookie policies, which are areas for improvement. Overall, the site is safe, business-focused, and trustworthy, though the absence of WHOIS data due to TLD limitations slightly reduces transparency.

M

mg: mannheimer gründungszentren gmbh

next-mannheim.de

46

NEXT MANNHEIM is a professionally managed startup ecosystem platform focused on supporting entrepreneurs and startups in Mannheim, Germany. It operates as a 100% subsidiary of Innovationsstadt Mannheim, providing infrastructure, consulting, networking, and event spaces tailored to various startup communities including female entrepreneurs and international founders. The website reflects a strong regional market position with comprehensive services and active community engagement. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance and SEO optimization. Security posture is solid with HTTPS and some security headers, though improvements are recommended in CSP and incident response transparency. Overall, the site is trustworthy and well-maintained, with minor gaps in privacy compliance and security policy disclosures.

E

Erziehungswissenschaftliches Fort- und Weiterbildungsinstitut der Evangelischen Kirchen in Rheinland-Pfalz

efwi.de

47

The Erziehungswissenschaftliches Fort- und Weiterbildungsinstitut der Evangelischen Kirchen in Rheinland-Pfalz (EFWI) is a small, regionally focused non-profit educational institute dedicated to supporting teachers and pedagogical professionals through training, consulting, and specialized seminars. The website clearly targets educators in Rheinland-Pfalz, Germany, offering a variety of professional development opportunities aligned with current educational challenges and research. The business model is service-oriented, focusing on educational enrichment and church-affiliated community support. The website is well-branded and consistent with the organization's mission and regional focus. Technically, the website is built on the TYPO3 CMS platform, leveraging modern frontend technologies such as Bootstrap 4, jQuery, and FontAwesome. The site demonstrates good mobile optimization and SEO practices, with a moderate performance profile. Hosting is managed via DomainControl, consistent with the domain's WHOIS data. The technical infrastructure supports a professional and accessible user experience. From a security perspective, the site uses HTTPS with an excellent SSL configuration, but lacks visible security headers and a cookie consent mechanism, which are recommended for compliance and enhanced security posture. No vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response contact limits transparency in security management. Overall, the security posture is good but could be improved with additional best practices. The overall risk assessment is low, with no blocking or WAF detected, no suspicious content, and a trustworthy domain registration. Strategic recommendations include implementing a cookie consent banner, adding security headers, publishing a security policy, and considering a vulnerability disclosure mechanism to enhance compliance and trust.

Energy Community is a government organization dedicated to uniting and coordinating energy policies and market integration across Europe, with a focus on the Western Balkans and Eastern Europe. The organization provides legal frameworks, event coordination, and support for energy transition and climate governance. Their website reflects a professional and well-structured digital presence, targeting government entities, energy sector stakeholders, and policy makers. The site offers extensive event information, news updates, and resources related to energy policy and market developments. Technically, the website employs modern web technologies including jQuery, Foundation framework, and Google Tag Manager for analytics, hosted on a CMS platform identified as Magnolia. The site is mobile-optimized, accessible, and SEO-friendly, with a fast to moderate performance profile. Security posture is good with HTTPS enforced and CSRF protection on forms, but lacks explicit security headers and published security policies. Privacy compliance is weak due to absence of visible privacy and cookie policies. WHOIS data is unavailable due to query failure, but the website content and structured data strongly indicate legitimacy as a government entity. Overall, the site is trustworthy and professional but could improve transparency on privacy and security policies.

U

Uzin Utz Tools GmbH & Co.KG

pajarito-tools.com

63

Pajarito is a German manufacturer specializing in high-quality professional tools for painters, drywall installers, and plasterers, with a history dating back to 1923. The company emphasizes precision, durability, and reliability, offering a comprehensive product range made entirely in Germany. Their market position is strong within the professional trades sector, supported by a well-structured website and active social media presence. Technically, the website is built on TYPO3 CMS, leveraging modern frontend technologies and analytics tools such as Google Analytics and Matomo, ensuring good performance and user experience across devices. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not found. The absence of WHOIS data for the domain raises some concerns but may be explained by the use of a subdomain or privacy measures. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

B

BBS-Betriebe

bbs-betriebe.de

43

The website bbs-betriebe.de serves as a login portal primarily for businesses and external users associated with a school scheduling system. It provides access to schedules, class books, and trainee information, targeting a niche educational audience in Germany. The platform is built using RapidWeaver CMS with Bootstrap and jQuery, offering basic mobile responsiveness and user navigation. While the site includes essential privacy and cookie consent mechanisms, it lacks comprehensive contact information, terms of service, and advanced security policies. Security posture is moderate with HTTPS enabled but missing critical security headers and using an outdated jQuery version, which could expose vulnerabilities. Overall, the site is functional for its intended educational business use but would benefit from enhanced security and clearer business transparency.

C

CPS-Datensysteme GmbH

virtueller-stundenplan.org

49

Virtueller Stundenplan is a German educational platform focused on providing students and school staff with digital timetable management, class plans, and administrative tools such as sick leave reporting. The platform supports login via email/password and integrates with Microsoft Office365 for authentication, targeting primarily German-speaking students and educational institutions. The website is built using RapidWeaver CMS with Bootstrap and jQuery, offering a responsive and user-friendly interface. While the technical infrastructure is adequate for its purpose, there is room for improvement in security practices, such as enabling DNSSEC and implementing security headers. The domain registration is consistent and transparent, registered under CPS-Datensysteme GmbH since 2020, which aligns with the business age and purpose. Overall, the website demonstrates moderate technical maturity and business credibility but lacks comprehensive privacy and security policies.

O

openfellas GmbH

openfellas.de

74

openfellas GmbH is a well-established German company specializing in Odoo ERP consulting and implementation services. With over 15 years of experience and more than 250 successful projects, they position themselves as a trusted Odoo Gold Partner in the German-speaking market. Their services span ERP consulting, Odoo system implementation, financial consulting, and digital transformation solutions. The website targets businesses seeking tailored ERP solutions, emphasizing professionalism and customer success stories. Technically, the site is built on the Odoo CMS platform, leveraging Cloudflare for DNS and CDN services, and integrates Google Tag Manager for analytics and marketing. The site is mobile-optimized with good SEO and accessibility practices. Security-wise, the site enforces HTTPS and uses domain transfer protection but lacks some advanced security headers and a published security policy. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

S

Stadt Leipzig

leipzig.de

70

The website www.leipzig.de serves as the official digital portal for the city of Leipzig, Germany, providing comprehensive information and services to residents, tourists, and businesses. It is positioned as a large government entity portal offering a wide range of municipal services including administration, social services, culture, economy, environment, and urban development. The site is well-branded, professionally designed, and highly accessible, certified with BITV 90+ standards. It targets a broad audience including citizens, families, tourists, and enterprises. Technically, the site is built on TYPO3 CMS with modern frontend technologies such as Bootstrap and jQuery, hosted likely by Deutsche Telekom infrastructure. The site demonstrates good performance, mobile optimization, and SEO practices. It integrates cookie consent mechanisms and GDPR-compliant privacy policies, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, uses cookie consent, and shows no signs of exposed sensitive data or vulnerable libraries. However, explicit security headers and incident response policies are not prominently documented, suggesting room for improvement in security transparency and vulnerability disclosure. Overall, the site is trustworthy, professional, and compliant with relevant regulations, with a strong security posture and excellent user experience. Strategic recommendations include enhancing security header implementation, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen trust and security culture.

W

webgo GmbH

webgo.de

11

webgo GmbH is a German-based web hosting and online services provider established in 2004, offering a comprehensive portfolio including web hosting, virtual and dedicated servers, domain registration, website builders with AI features, and online marketing tools. The company positions itself as a performance-driven and environmentally conscious hosting provider, leveraging 100% green energy and emphasizing customer support availability year-round. Their market position is reinforced by multiple awards such as the Stiftung Warentest rating and the German Customer Award, indicating strong customer satisfaction and product quality. Technically, the website employs modern web technologies including Alpine.js, FontAwesome, hCaptcha for bot protection, and Microsoft Clarity for analytics. The site is built on the Statamic CMS platform, optimized for fast performance, mobile responsiveness, and accessibility. Security best practices are observed with HTTPS enforcement, comprehensive security headers, and no visible vulnerabilities or exposed sensitive data. From a security posture perspective, webgo demonstrates a mature approach with strong SSL configuration and bot mitigation. However, explicit security policies, incident response details, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. Overall, webgo presents a trustworthy and professional online presence with a high degree of business credibility and technical maturity. The domain registration data, while limited due to DENIC privacy restrictions, aligns with the company's German market focus and business claims. No signs of malicious activity or content safety concerns are detected, making webgo a reliable hosting provider in its sector.

I

Internationaler Bund

internationaler-bund.de

69

Internationaler Bund is a large, well-established German non-profit organization focused on social work, education, and integration services across Germany. With approximately 14,000 employees, it supports children, youth, and adults through a wide range of programs including youth social work, refugee assistance, vocational training, and international cooperation. The website reflects a mature digital presence with comprehensive content tailored to its target audience of social workers, educational institutions, and beneficiaries. Technically, the site is built on TYPO3 CMS, hosted on German Telekom infrastructure, and employs Matomo analytics with a robust cookie consent mechanism, demonstrating good digital maturity and privacy compliance. Security posture is solid with HTTPS enforcement and standard security headers, though the absence of a dedicated security policy or incident response page suggests room for improvement. Overall, the site is professional, trustworthy, and compliant with GDPR, supporting the organization's credibility and mission.

U

Uzin Utz Tools GmbH & Co.KG

pajarito.de

50

Pajarito is a well-established German manufacturer specializing in high-quality professional tools for painters, drywall installers, and plasterers. Founded in 1923, the company emphasizes precision, durability, and reliability with all products made in Germany. The website reflects a mature digital presence with comprehensive product catalogs, clear navigation, and strong branding. Technically, the site is built on TYPO3 CMS and integrates modern analytics tools such as Google Analytics and Matomo, alongside a robust cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and no evident vulnerabilities, though security headers could be improved. However, the absence of WHOIS registration data raises concerns about domain legitimacy, warranting further verification. Overall, the site projects professionalism and trustworthiness, targeting professional tradespeople and the construction industry.

C

Codex GmbH & Co. KG

codex-x.com

47

Codex GmbH & Co. KG operates a professional website focused on providing high-quality installation systems for tiling and natural stone, targeting qualified tilers and construction professionals. The company is positioned as a medium-sized manufacturing entity within Germany and is part of the Uzin Utz SE group, which is reflected in the branding and linked domains. The website is built on TYPO3 CMS and integrates modern analytics tools such as Google Analytics and Matomo, demonstrating a mature digital infrastructure. The site features comprehensive cookie consent mechanisms and privacy policies aligned with GDPR requirements, enhancing user trust and compliance. Security posture is solid with HTTPS enforced and session management for logged-in users, though some security headers and explicit security policies are absent. Overall, the website presents a professional, well-structured, and user-friendly experience with clear business information and contact details. However, the lack of WHOIS data for the subdomain reduces domain trustworthiness slightly, though the overall legitimacy is supported by consistent branding and external references.

U

Uzin Utz Nederland bv

arturoflooring.com

60

Arturo Flooring, operated by Uzin Utz Nederland bv, specializes in resin and cementitious flooring solutions for industrial, retail, public, office, and residential applications. The company offers a broad product portfolio including self-smoothing floors, resin screeds, coatings, sealers, and professional tools, positioning itself as a reputable international brand in the flooring industry. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to industry professionals and end customers alike. Technically, the site is built on TYPO3 CMS, employs modern JavaScript libraries, and integrates analytics tools such as Google Analytics and Matomo, demonstrating a balanced approach to performance and user tracking. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and incident response information are not publicly disclosed. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact channels, supporting a positive business credibility profile.

U

Uzin Utz Tools GmbH & Co.KG

wolff-tools.com

61

WOLFF, operated by Uzin Utz Tools GmbH & Co.KG, is a well-established manufacturer and distributor of powerful machines and premium quality tools for floor removal, subfloor preparation, and floor installation. The company targets flooring professionals and distributors, offering a comprehensive product range including cordless power tools, measurement devices, and cleaning equipment. The website reflects a strong market position with consistent branding and detailed product information, supported by a parent company presence (Uzin Utz SE). Technically, the website is built on TYPO3 CMS with modern frontend technologies such as Bootstrap, FontAwesome, and slick sliders. It integrates Google Analytics and Matomo for analytics, with a robust cookie consent mechanism ensuring GDPR compliance. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. From a security perspective, the site enforces HTTPS and implements cookie consent but lacks visible security headers and explicit security or incident response policies. The absence of WHOIS registration data for the domain raises moderate concerns about domain legitimacy, although the website content and company information appear trustworthy and professional. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements in security headers, incident response transparency, and domain registration verification would enhance trust and security posture.

C

Cellebrite

cellebrite.com

82

Cellebrite is a well-established company specializing in digital investigations software and forensic solutions, primarily serving law enforcement, government agencies, and enterprises. The company holds a strong market position as a leading provider of digital intelligence platforms, enabling clients to collect, review, analyze, and manage data effectively. The website reflects a mature digital presence with comprehensive content tailored to its professional audience. Technically, the site is built on WordPress, hosted on AWS infrastructure, and employs modern web technologies including jQuery, Google Tag Manager, and Cookiebot for privacy compliance. The site demonstrates good performance, mobile optimization, and accessibility standards. Security-wise, the website enforces HTTPS and implements cookie consent mechanisms, though it lacks explicit security policies and vulnerability disclosure pages. WHOIS data confirms the domain's legitimacy and long-standing presence, aligning with the company's history. Overall, the site is professional, secure, and compliant with privacy regulations, supporting Cellebrite's credibility in the digital forensic industry.

N

nukliD – Radiopharmacy Cluster Dresden

nuklid.network

56

nukliD – Radiopharmacy Cluster Dresden is a specialized healthcare cluster focused on advancing radiopharmacy and nuclear medicine innovations, particularly in cancer treatment. The website presents a professional and well-structured platform aimed at healthcare professionals and industry stakeholders in the Dresden region. The business model centers on collaboration and innovation facilitation within the nuclear medicine sector. Technically, the site is built on WordPress with modern SEO and GDPR compliance plugins, offering good mobile optimization and user experience. Security posture is moderate with HTTPS usage but lacks explicit security headers and detailed privacy policies. Overall, the domain registration is privacy protected but consistent with the business profile, indicating legitimacy. Strategic recommendations include enhancing privacy disclosures, implementing security headers, and expanding contact information to improve trust and compliance.

L

LMU Klinikum

lmu-klinikum.de

67

LMU Klinikum is a leading university hospital in Munich, Germany, recognized for its extensive medical services, research, and education. It operates two main campuses and serves approximately 500,000 patients annually. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional design. Technically, it uses modern web technologies including Scrivito CMS and Matomo analytics, hosted on AWS infrastructure. Security posture is strong with HTTPS and CSRF protections, though some security headers and explicit incident response policies are absent. Privacy compliance is well addressed with clear cookie consent and a detailed privacy policy. Overall, the site demonstrates high business credibility and trustworthiness.

L

Leibniz-Institut für Festkörper- und Werkstoffforschung Dresden e. V.

ifw-dresden.de

57

The Leibniz-Institut für Festkörper- und Werkstoffforschung Dresden e. V. (IFW Dresden) is a reputable research institute focused on the physics and chemistry of new materials, aiming to generate fundamental knowledge and innovations in quantum physics and materials science. The institute operates within the education and technology sectors, serving researchers, students, and the scientific community. It is part of the Leibniz Association and offers research programs, technology transfer, training, and visitor engagement. The website reflects a professional and consistent brand image with clear navigation and relevant content.

T

Tanzschule TenDance

tanzen-ulm.de

55

Tanzschule TenDance is a local dance school based in Ulm, Germany, offering a variety of dance and fitness courses for children, youth, and adults. Their services include Kindertanzen, Jugend- und Schultanzkurse, HipHop, Paartanz, and fitness classes, positioning them as a community-focused hospitality business in the dance education sector. The website is professionally designed using WordPress and Elementor, with good SEO practices and mobile optimization. The presence of structured data and social media integration enhances their digital presence. Technically, the site uses modern technologies including Cookiebot for GDPR-compliant cookie consent and Microsoft Clarity and Google Tag Manager for analytics and tracking. Security posture is adequate with HTTPS enabled and cookie consent implemented, though additional security headers and policies could improve resilience. No privacy policy or terms of service were found, which is a compliance gap. Overall, the website is trustworthy and serves its business purpose well, but could benefit from enhanced privacy and security documentation.

E

Ehinger Schwarz

ehinger-schwarz.de

63

Ehinger Schwarz is a well-established German jewelry manufacturer and retailer founded in 1876, offering high-quality, innovative jewelry products including rings, necklaces, and wedding bands. The company operates an e-commerce platform supported by a professional website built on the Shopware CMS, hosted by Timme Hosting. The site is well-structured, mobile-optimized, and includes modern tracking and consent management tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and formal security policies could be improved. Privacy compliance is strong with clear GDPR-aligned privacy and cookie policies. Overall, the website projects a trustworthy and professional image suitable for its retail audience.

U

Uzin Utz SE

uzin-utz.com

57

Uzin Utz SE is a well-established German manufacturer specializing in floor installation systems and related products, boasting over a century of history. The company operates a portfolio of strong brands including UZIN, WOLFF, PALLMANN, Arturo, codex, and Pajarito, serving professionals in construction, flooring, and related industries. Their website reflects a mature digital presence with comprehensive content, investor relations, and career opportunities. Technically, the site is built on TYPO3 CMS with modern analytics and consent management tools, ensuring good performance and compliance with privacy regulations. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent, though some security headers could be explicitly implemented. The absence of WHOIS data limits domain trust verification, but the overall professional presentation and transparent policies support legitimacy. Strategic recommendations include enhancing security headers, maintaining updated software, and improving incident response visibility.

D9T GmbH is a German-based technology company specializing in digital transformation and Odoo ERP implementation services. As a certified Odoo Gold Partner, they provide comprehensive ERP solutions, hosting services in their own data centers, and consulting support tailored to the German market. Their market position is strengthened by multiple certifications, specialized apps, and a membership in the openfellas Gruppe, indicating strategic growth and partnership. The website reflects a professional and trustworthy business with clear service offerings aimed at enterprises seeking efficient ERP deployment and hosting. Technically, the website is built on the Odoo platform, leveraging modern web technologies such as Bootstrap and FontAwesome. It is mobile-optimized, accessible, and SEO-friendly, with moderate performance. The hosting is self-managed, indicating control over infrastructure. Security posture is good with HTTPS enforced and CSRF tokens present, but lacks some security headers and cookie consent mechanisms, which are recommended for enhanced compliance and protection. Security-wise, the site shows no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies and incident response contacts suggests room for improvement in transparency and readiness. The WHOIS data is limited due to DENIC privacy restrictions but shows an active domain with consistent registration status. Overall, the domain and website appear legitimate and professionally maintained. The overall risk is low with recommendations focusing on improving privacy compliance and security headers. Strategic enhancements in these areas will strengthen trust and regulatory adherence, supporting D9T GmbH's position as a reliable technology partner in the ERP space.

N

N&TS GROUP

netsgroup.com

60

N&TS GROUP is an established Italian company specializing in advanced digital payment solutions, serving a diverse range of sectors including luxury, petrol, retail, telecommunications, transport, travel, utilities, financial institutions, and insurance. The company positions itself as a modular and innovative provider, emphasizing flexibility and rapid time-to-market to meet evolving market demands. Their business model is primarily B2B, targeting enterprises and financial institutions with comprehensive payment technologies and services. The website reflects a professional and consistent brand image, supporting their market position with ISO 27001 certification and active social media presence.

C

Carl von Ossietzky Universität Oldenburg

uni-oldenburg.de

62

Carl von Ossietzky Universität Oldenburg is a well-established public university in Germany, founded in 1973, offering a broad range of academic programs and research activities. The website serves as an information portal for students, researchers, staff, and international visitors, providing access to study programs, research news, events, and administrative resources. The university emphasizes research excellence, international cooperation, and lifelong learning. Technically, the site is built on TYPO3 CMS with modern frontend libraries and is served securely over HTTPS. The site is well-structured, mobile-optimized, and accessible, with good SEO practices. However, explicit privacy and cookie policies are not clearly presented, and no incident response or vulnerability disclosure information is available, which are areas for improvement. Overall, the site reflects a professional and trustworthy academic institution with a solid digital presence.

U

Unglaublich wichtig

unglaublich-wichtig.de

42

Unglaublich wichtig is an informational platform highlighting the contributions of German Universities of Applied Sciences (HAWs) in various sectors such as energy, mobility, healthcare, and digital innovation. The website serves as a knowledge hub providing educational content, news, and insights into applied sciences research and practical solutions. It targets a general audience interested in the future of technology and society, emphasizing the importance of HAWs in addressing contemporary challenges. Technically, the website is built on WordPress using the Enfold theme, leveraging modern web technologies including jQuery, FontAwesome, and Borlabs Cookie for consent management. The site is mobile-optimized with good SEO practices and moderate performance. It integrates marketing tools like CleverReach for newsletter management but avoids intrusive tracking or advertising. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security policies. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive privacy policy and cookie management in place. Overall, Unglaublich wichtig presents a professional, trustworthy, and well-maintained digital presence with a clear educational mission. Strategic improvements in security headers, incident response policies, and accessibility could further enhance its posture and user trust.

T

TOTAL E-QUALITY Deutschland e.V.

total-e-quality.de

50

TOTAL E-QUALITY Deutschland e.V. is a German non-profit organization dedicated to promoting equal opportunities across genders in business, science, and government sectors. The organization offers an award recognizing commitment to equal opportunity policies and provides membership and informational services to interested parties. The website is professionally designed, multilingual, and includes clear navigation and relevant content targeted at organizations and individuals interested in gender equality advocacy. Technically, the website is built on Django CMS with modern frontend technologies including jQuery, Bootstrap, and FontAwesome. It employs Matomo analytics for user tracking, reflecting a privacy-conscious approach. The site is mobile-optimized and accessible, with good SEO practices. However, some security best practices such as security headers and cookie consent mechanisms are missing. From a security perspective, the site uses HTTPS with excellent SSL configuration and no visible vulnerabilities or exposed sensitive data. The absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in security transparency and readiness. Overall, the website is trustworthy and professional, with a solid business credibility score. The main risks relate to privacy compliance gaps and missing security headers. Strategic improvements in these areas would enhance the site's security posture and regulatory compliance.

A

acht.neun

acht-neun.de

51

acht.neun is a regional city magazine serving Ulm, Neu-Ulm, and the surrounding region, offering monthly publications and online content focused on lifestyle, culture, gastronomy, and local events. The website is built on WordPress using the Divi theme, enhanced with SEO tools like Yoast and a cookie consent mechanism via Usercentrics, reflecting a moderate to good level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent implemented, though additional security headers and policies could improve resilience. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, targeting local residents and visitors with engaging editorial content.

P

Paulbergman GmbH

alumnii.de

49

Alumnii, operated by Paulbergman GmbH, is a specialized SaaS platform focused on providing comprehensive alumni network management solutions primarily for educational institutions, companies, foundations, and associations in Germany. The platform offers integrated services including member management, newsletters, payment processing, event management, job boards, and mentoring functionalities. The company positions itself as a niche provider with a strong emphasis on GDPR compliance and German-based hosting. Technically, the website is built using modern web technologies such as Jekyll for static site generation, Bootstrap for responsive design, and integrates analytics via Matomo. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Security measures include HTTPS with strong encryption and Google reCAPTCHA to protect forms, although additional security headers and explicit cookie consent mechanisms are absent. From a security perspective, the site demonstrates good practices with encrypted communications and data protection aligned with GDPR. However, the absence of published incident response contacts and vulnerability disclosure policies suggests room for improvement in transparency and readiness. The WHOIS data aligns well with the website's claims, showing consistent domain registration and hosting in Germany without privacy protection, enhancing trustworthiness. Overall, Alumnii presents a professional, trustworthy, and well-structured online presence suitable for its target audience. Strategic enhancements in security policies and privacy mechanisms would further strengthen its compliance and user trust.

C

Carl von Ossietzky Universität Oldenburg

uol.de

62

Carl von Ossietzky Universität Oldenburg is a well-established public university in Germany, founded in 1973, offering a broad range of academic programs and research activities. The website serves students, researchers, academic staff, and the general public with comprehensive information about study programs, research, campus life, and international cooperation. The university positions itself as a research-oriented institution with a strong regional and international presence.

A

Abstract-Technology GmbH

abstract-technology.de

52

Abstract-Technology GmbH is a specialized provider of Open Source Learning Management Systems, primarily leveraging the Open edX platform. Positioned as a leading verified Open edX partner in Europe, the company offers tailored digital learning solutions for a diverse clientele including educational institutions, enterprises, and NGOs. Their service portfolio encompasses platform implementation, migration, virtual classrooms, advanced proctoring, and learning design, supported by a professional and content-rich website that reflects their expertise and market position. Technically, the website is built on the Odoo CMS platform, hosted on AWS infrastructure, and integrates modern web technologies such as FontAwesome, Flowbite, and jQuery. The site demonstrates good SEO practices, mobile responsiveness, and includes analytics via Google Analytics, indicating a mature digital presence. Security-wise, the site enforces HTTPS and includes CSRF tokens and cookie consent mechanisms, but lacks explicit security headers and published security policies, suggesting room for improvement in security transparency and incident response readiness. Overall, the website is professional, trustworthy, and compliant with GDPR, with a strong business credibility score and no critical security issues detected.

G

Gesellschaft für wissenschaftliche Datenverarbeitung mbH Göttingen

gwdg.de

61

GWDG is a specialized IT service provider and research support center serving the Georg-August-Universität Göttingen and the Max-Planck-Gesellschaft. It offers a broad range of information and communication services tailored to scientific research and education, supported by its own research in practical and applied computer science. The organization is positioned as a key regional IT competence center with strong institutional affiliations and ISO certifications, reflecting a high level of professionalism and trust. Technically, the website is built using the Hugo static site generator, enhanced with modern JavaScript libraries such as Swiper.js and FontAwesome for UI elements. The site demonstrates excellent performance, mobile optimization, and accessibility, with proper use of HTTPS and resource integrity checks. However, some security headers are missing, and no cookie consent mechanism is present, which are areas for improvement. From a security perspective, the site maintains a strong posture with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The presence of ISO 27001 certification indicates adherence to recognized security standards. Nonetheless, the absence of explicit incident response contacts and vulnerability disclosure mechanisms suggests room to enhance transparency and readiness. Overall, GWDG presents a low-risk profile with a well-maintained digital presence aligned with its institutional mission. Strategic recommendations include implementing cookie consent for GDPR compliance, adding security headers, publishing incident response information, and introducing a security.txt file to facilitate vulnerability reporting.

G

Gymnasium Lüchow

gymnasium-luechow.de

46

Gymnasium Lüchow is a medium-sized educational institution in Germany, recognized as an open all-day school and a UNESCO project school. The website provides comprehensive information about the school’s educational offerings, projects, international partnerships (notably Erasmus+), and community engagement. The school targets students, parents, and educators, emphasizing sustainability, cultural education, and social responsibility. Technically, the site is built on TYPO3 CMS, hosted by SchlundTech, and employs modern web technologies with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the website reflects a professional and trustworthy educational institution with strong community ties.

M

MANZ Verlag

manz.at

73

MANZ Verlag is a well-established Austrian specialist publisher focused on legal, tax, and economic content, offering books, journals, seminars, and online legal research products. The company has a strong market position in the German-speaking legal sector and operates under the MANZ Gruppe umbrella with subsidiaries such as MANZ Solutions GmbH. The website reflects a mature digital presence built on TYPO3 CMS with modern frontend technologies, providing a professional and user-friendly experience optimized for mobile devices. Security posture is strong, evidenced by ISO 27001 certification and HTTPS enforcement, although some security headers could be improved. Privacy compliance is robust with clear policies and consent mechanisms. Overall, the site demonstrates high trustworthiness and professionalism.

[

[PIAS]

piasgroup.net

53

PIAS is a well-established independent music company founded in 1982, operating globally with offices in London and Brussels. The company focuses on music distribution, marketing, and licensing services, supporting the independent music community. The website is built on WordPress using Elementor and Yoast SEO, indicating a modern CMS and SEO awareness. However, the site is currently undergoing a redesign, with limited content and no visible privacy or cookie policies. Security posture is moderate with HTTPS enabled but lacks security headers and explicit privacy compliance. The absence of WHOIS data raises concerns about domain registration transparency, though the website branding and external links suggest legitimacy. Strategic improvements in privacy compliance, security headers, and domain registration transparency are recommended.

N

NABU Sachsen

lebendige-luppe.de

59

Lebendige Luppe is a German non-profit environmental project focused on the revitalization of the Elster-Luppe floodplain area from Leipzig to Schkeuditz. The project involves ecological restoration, environmental education, and scientific research, led by the City of Leipzig, the City of Schkeuditz, and NABU Sachsen. Although the project officially ended in 2023, the website remains active to provide ongoing information and resources. The site is well-structured, content-rich, and targets environmentally conscious citizens, educators, and researchers. Technically, the website uses a REDAXO CMS with common frontend libraries such as Bootstrap and jQuery, providing good mobile responsiveness and user experience. Security posture is moderate with some gaps such as missing security headers and no visible incident response contacts. Privacy compliance is good with cookie consent and obfuscated emails. Overall, the website is trustworthy and professionally maintained, serving as an informational hub for the project and its stakeholders.

9

970 Design

970design.com

64

970 Design is a small marketing agency based in Vail, Colorado, specializing in branding, custom website design, and storytelling for purpose-driven brands. The company has been established since 2011, with a professional online presence that reflects its niche market focus. The website is built on WordPress and leverages modern technologies such as jQuery, Cloudflare Stream, Google Tag Manager, and reCAPTCHA to provide a functional and secure user experience. Cookie consent is managed via CookieYes, indicating some level of privacy compliance, although no explicit privacy policy or terms of service pages were detected. Security posture is generally good with HTTPS enabled and domain registration details consistent and transparent. However, DNSSEC is not enabled, and no formal security or incident response policies are published on the site.

S

Südtiroler Landesmuseum für Volkskunde

volkskundemuseum.it

41

The Südtiroler Landesmuseum für Volkskunde is a regional cultural museum located in Dietenheim near Bruneck, Italy, dedicated to showcasing the rural life and folk culture of South Tyrol. The museum offers permanent and special exhibitions, events, workshops, and research services, targeting a broad audience including families, schools, and cultural visitors. The website reflects a well-maintained digital presence with clear business information and visitor resources. Technically, the site employs modern web technologies including JavaScript libraries and cookie consent solutions, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and privacy compliance via Iubenda cookie management, though explicit security policies and incident response contacts are absent. Overall, the domain registration and website content align well, indicating a legitimate and trustworthy institution.

Z

Z Sea Line

zsealine.com

63

Z Sea Line is a maritime transportation company specializing in the shipping of crude oil and energy products, operating since 2019 under the Zeren Group Holding Companies. The company positions itself as a reliable partner in global shipping with a focus on sustainable and cost-effective maritime logistics. Their website reflects a professional and business-oriented approach targeting industry professionals and businesses in the energy and transportation sectors. Technically, the website employs a modern frontend stack including jQuery, Bootstrap, and various UI libraries, hosted behind Cloudflare DNS. The site is mobile optimized with good navigation and design quality, though no CMS or advanced backend platform is detected. Performance is moderate with no evident broken elements. However, the site lacks advanced SEO and accessibility features. From a security perspective, the website uses HTTPS and has domain transfer protections but lacks DNSSEC and visible security headers. There are no privacy or cookie policies, nor vulnerability disclosure mechanisms, indicating compliance and security maturity gaps. No analytics or tracking scripts were detected, suggesting minimal user tracking. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, security hardening, and transparency policies to improve trust and regulatory adherence.