Security Directory

M

Mention

mention.com

64

Mention is a mature and established SaaS company specializing in social listening and media monitoring tools. The company targets marketers, agencies, and founders, providing a comprehensive platform to monitor, analyze, and engage with online conversations. Recently acquired by Agorapulse, Mention benefits from a strong market position and a broad customer base. The website reflects a professional and modern digital presence, leveraging WordPress CMS with advanced SEO and marketing technologies. The technical infrastructure includes robust analytics, A/B testing, and consent management tools, ensuring a data-driven approach to user engagement. Security posture is strong with HTTPS enforcement, security headers, and bot management, although DNSSEC is not enabled and no explicit security policy is published. Privacy compliance is well addressed with a detailed cookie consent mechanism and GDPR-aligned policies. Overall, the website and domain registration data indicate a trustworthy and credible business with a high level of professionalism and digital maturity.

B

Behinderten- und Rehabilitations-Sportverband Berlin e.V.

sportbildung.berlin

36

The website sportbildung.berlin serves as the official training and licensing portal for the Behinderten- und Rehabilitations-Sportverband Berlin e.V., a regional sports association focused on disabled and rehabilitation sports in Berlin, Germany. It provides educational resources, licensing guides, and online application services for training and continuing education in the rehabilitation sports sector. The portal targets individuals and clubs involved in this niche sports community, offering structured information and digital services to support their certification and training needs. Technically, the site is built on TYPO3 CMS with Bootstrap 5 and jQuery, ensuring a modern and responsive user experience. It integrates Matomo analytics with privacy-conscious settings and uses HTTPS with a valid SSL certificate. However, DNSSEC is not enabled, and some security headers appear to be missing, indicating room for improvement in security hardening. The site is well-structured with clear navigation and good accessibility features, supporting a positive user experience. From a security and compliance perspective, the site demonstrates basic GDPR compliance with a privacy policy and cookie consent banner. However, it lacks visible terms of service, security policies, incident response contacts, and explicit business contact information, which are important for trust and legal completeness. The WHOIS data is consistent and legitimate, with a domain age appropriate for the business. No suspicious or malicious indicators were found. Overall, the website is a credible and professional portal for its niche audience but would benefit from enhanced security practices, clearer contact and legal information, and improved transparency to strengthen trust and compliance.

K

KraftCERT AS

kraftcert.no

70

KraftCERT AS is a specialized non-profit cybersecurity organization focused on securing process control systems within the Norwegian energy sector, including power, petroleum, and related industries. It operates as an Information Sharing and Analysis Center (ISAC) and Incident Response Team (IRT), providing members with vulnerability monitoring, threat intelligence, incident handling, advisory services, exercises, and training. The organization holds recognized certifications such as Trusted Introducer and FIRST membership, reinforcing its credibility and sector-specific expertise. Technically, the website employs a modern Bootstrap framework with JavaScript enhancements, offering a responsive and well-structured user experience. While the site lacks advanced analytics and tracking, it uses email obfuscation and provides PGP keys to secure communications. However, explicit privacy and cookie policies are absent, and no security headers were detected, indicating room for improvement in compliance and security hardening. The security posture is solid in terms of operational focus and incident response capabilities, but the website itself could benefit from enhanced security headers and formalized privacy documentation. The absence of WHOIS data limits domain trust analysis, but the detailed contact information, certifications, and professional presentation support legitimacy. Overall, KraftCERT presents a trustworthy and professional front for its niche cybersecurity services, with recommendations to improve privacy compliance and web security practices to further strengthen stakeholder confidence.

J

Jazzclub Sondershausen e.V.

jazzclub-sondershausen.de

55

Jazzclub Sondershausen e.V. is a small non-profit cultural organization based in Germany dedicated to promoting jazz music through live events and concerts. The website serves as a platform to announce upcoming events, showcase photo galleries from past concerts, and provide contact avenues primarily via a contact form. The organization leverages reputable external ticketing platforms to facilitate event ticket sales, enhancing trust and convenience for attendees. The site targets jazz enthusiasts and the local community, positioning itself as a key cultural player in the Sondershausen region. Technically, the website is built on WordPress 6.8.3 with Bootstrap 5 and jQuery, ensuring a modern and responsive design. The site demonstrates good SEO practices with comprehensive meta tags and Open Graph data, supporting social media sharing and discoverability. Mobile optimization is good, and the site loads with moderate performance. However, there is room for improvement in accessibility and security headers implementation. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. There are no detected vulnerabilities or malicious scripts. However, the absence of security headers and a vulnerability disclosure policy indicates potential areas for enhancement. Privacy compliance is partially addressed with a privacy policy present, but no cookie consent mechanism is implemented, which may be a compliance gap under GDPR. Overall, the website is professional, trustworthy, and well-aligned with its business purpose. Strategic recommendations include implementing cookie consent, adding security headers, publishing a vulnerability disclosure or security.txt file, and providing clearer direct contact information to improve user trust and compliance posture.

C

Connect4Climate

connect4climate.org

65

Connect4Climate is a globally recognized partnership platform dedicated to fostering climate action through youth engagement, innovative campaigns, and community storytelling. The website serves as a hub for connecting organizations and individuals to co-create sustainable solutions and amplify climate awareness. The platform targets a diverse audience including youth, creatives, business leaders, and climate advocates worldwide. Technically, the site is built on Drupal 10 with Bootstrap 5, leveraging modern web technologies and analytics tools such as Google Analytics and Adobe DTM, ensuring a responsive and accessible user experience. Security posture is solid with HTTPS and IP anonymization in analytics, though it lacks explicit security headers and formal privacy/cookie policies. The absence of WHOIS data due to privacy protection is common for non-profit entities and does not detract significantly from the site's legitimacy. Overall, Connect4Climate presents a professional, trustworthy, and content-rich platform with room for improvement in privacy compliance and security best practices.

I

Informa Markets

spacetechexpo-europe.com

60

Space Tech Expo Europe is a leading B2B event organizer specializing in the space technology sector, hosting Europe's largest space industry exhibition and conference. The event connects over 950 exhibitors and 10,000 attendees, providing a platform for networking, knowledge sharing, and business development. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the site uses modern frameworks such as Bootstrap and integrates multiple analytics and marketing tools, including Google Analytics, Facebook Pixel, and consent management solutions. Security posture is solid with HTTPS and Content Security Policy headers, though additional headers could enhance protection. Privacy compliance is well addressed with clear policies and consent mechanisms. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy, which contrasts with the professional and trustworthy nature of the website content and its association with Informa Markets. Overall, the site demonstrates strong business credibility and technical maturity but should address domain registration transparency to improve trust.

I

ISISPACE

isispace.nl

54

ISISPACE is a medium-sized technology company based in the Netherlands, specializing in end-to-end space mission solutions including satellite platforms, power systems, communication systems, and launch equipment. The company has a strong market position with over 19 years of experience, serving more than 50 countries and maintaining a solid customer base. Their website reflects a professional and modern digital presence built on WordPress with Bootstrap and other contemporary web technologies. The site is well-structured, mobile-optimized, and SEO-friendly, supporting their B2B business model targeting aerospace and space mission professionals. Security posture is good with HTTPS and DNSSEC enabled, but lacks explicit security policies and incident response contacts. Privacy compliance is partial, with a cookie consent mechanism but no clear privacy or terms of service pages. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the website is trustworthy and professional, though improvements in privacy and security transparency are recommended.

A

Adra (AI, Data and Robotics Association, asbl)

adr-association.eu

65

Adra Association is a European non-profit organization founded in 2021 by leading AI, Data, and Robotics entities including BDVA, CAIRNE, ELLIS, EurAI, and euRobotics. It serves as the private side of the AI, Data and Robotics Partnership under Horizon Europe, aiming to unify stakeholders across industry, research, and policy to foster innovation and collaboration in these technology sectors. The association targets a broad European audience of innovators and policymakers, positioning itself as a key driver of digital transformation in Europe. Technically, the website is built on Drupal 10 with modern front-end frameworks like Bootstrap 5, ensuring good mobile optimization and accessibility. Security posture is strong with HTTPS and security headers implemented, though privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

Z

ZEKO - Zentrale Ethikkommission bei der Bundesärztekammer

zentrale-ethikkommission.de

64

The Zentrale Ethikkommission (ZEKO) is an official ethics commission affiliated with the German Medical Association (Bundesärztekammer), established in 1994 to provide independent ethical guidance in medicine and related fields. The website serves as a platform for publishing ethical statements, resolutions, and supporting medical professionals and the public in ethical discourse. The target audience includes physicians, healthcare professionals, and interested members of the public. Technically, the website is built on the TYPO3 CMS platform, leveraging modern frontend technologies such as Bootstrap 5 and FontAwesome. It is hosted by SchlundTech and employs privacy-conscious analytics via Matomo and consent management through Cookiebot. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms compliant with GDPR, and avoids exposing sensitive data. While some security headers are not explicitly visible in the HTML, the overall posture is strong with no detected vulnerabilities. The WHOIS data aligns with the organization's official status, enhancing trust. Overall, the website presents a low-risk profile with strong compliance and professionalism. Strategic recommendations include enhancing explicit security headers and publishing a vulnerability disclosure policy to further strengthen security transparency.

W

Wissenschaftlicher Beirat der Bundesärztekammer

wbbaek.de

61

The Wissenschaftlicher Beirat der Bundesärztekammer is an interdisciplinary scientific advisory board affiliated with the German Medical Association, providing expert consultation on medical and scientific matters related to legislation and medical practice. The website serves as an official communication platform, offering access to guidelines, statements, and annual reports, targeting medical professionals and stakeholders in healthcare governance. Technically, the site is built on TYPO3 CMS, employs modern frontend frameworks like Bootstrap 5, and integrates privacy-respecting analytics via Matomo. Cookie consent is implemented comprehensively, ensuring GDPR compliance. Security posture is solid with HTTPS and consent-based tracking, though security headers and incident response policies could be enhanced. Overall, the site is professional, trustworthy, and well-structured, reflecting its authoritative role in the healthcare sector.

A

Arzneimittelkommission der deutschen Ärzteschaft

akdae.de

69

The Arzneimittelkommission der deutschen Ärzteschaft (AkdÄ) is a scientific advisory committee affiliated with the German Federal Medical Association (Bundesärztekammer). It serves as an authoritative body providing drug safety information, pharmaceutical therapy guidelines, and regulatory statements to healthcare professionals in Germany. The website offers comprehensive resources including news updates, educational materials, and official publications, targeting medical practitioners and regulatory stakeholders. The business model is non-profit and focused on public health and safety. Technically, the website is built on the TYPO3 CMS platform, leveraging modern technologies such as Bootstrap 5 and FontAwesome for responsive and accessible design. Hosting is provided by SchlundTech, a reputable German hosting provider. The site demonstrates good digital maturity with GDPR-compliant cookie consent managed by Cookiebot and privacy-respecting analytics via Matomo. Performance and SEO are moderate to good, with clear navigation and mobile optimization. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and published incident response or vulnerability disclosure policies. No critical vulnerabilities or suspicious activities were detected. Privacy compliance is strong, with a comprehensive privacy policy and cookie management. Overall, the website is a trustworthy, professional resource with high content quality and business credibility. Strategic recommendations include enhancing security headers, publishing a security.txt file, and providing explicit incident response contacts to further strengthen security posture and transparency.

B

Bundesärztekammer

bundesaerztekammer.de

66

The Bundesärztekammer website represents the official German Medical Association, serving as the apex organization for medical self-governance in Germany. It primarily advocates for the professional interests of physicians and healthcare professionals, offering services such as policy representation, quality assurance, continuing education, and hosting key events like the Deutscher Ärztetag. The site targets medical professionals, policymakers, and the press, reflecting a non-profit organizational model with a strong market position in the healthcare sector within Germany. Technically, the website is built on the TYPO3 CMS platform, leveraging modern frameworks like Bootstrap 5 and FontAwesome for responsive and accessible design. It employs Cookiebot for GDPR-compliant cookie consent management and Matomo for privacy-respecting analytics. Hosting is managed via schlundtech.de, a reputable provider, and the site demonstrates good mobile optimization, accessibility, and SEO practices. From a security perspective, the site enforces HTTPS and integrates cookie consent mechanisms aligned with GDPR. While explicit security headers are not visible in the HTML, the overall SSL configuration is good. No critical vulnerabilities or exposed sensitive data were detected. However, recommendations include implementing explicit security headers, publishing a security policy, and establishing a vulnerability disclosure channel. Overall, the website is professional, trustworthy, and compliant with privacy regulations, with a strong security posture and high-quality content. The domain registration data aligns with the organization's legitimacy, and no blocking or WAF challenges were detected, enabling full content accessibility.

The BVKJ Pädiatriebörse website serves as a specialized job and practice exchange platform for pediatric medical professionals in Germany, operated by the Berufsverband der Kinder- und Jugendärzt*innen e.V. It offers a range of services including job listings, practice transfers, representation offers, and opportunities for medical students to find internships or practical year placements. The platform targets BVKJ members, medical assistants, and students, providing a free service to these groups. The website is well-branded, professionally designed, and provides clear navigation and contact information, reinforcing its credibility within the healthcare niche. Technically, the site employs a modern tech stack including Bootstrap 5 and jQuery 3.6.3, with external authentication handled via OAuth2 through the BVKJ domain. The site is mobile-optimized and SEO-friendly, though some accessibility features could be enhanced. Security-wise, the site uses HTTPS and OAuth2 for login but lacks visible security headers and a cookie consent mechanism, which are areas for improvement. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. Overall, the security posture is moderate with no critical vulnerabilities detected, but improvements in security headers and privacy compliance are recommended. The domain registration data aligns well with the business, supporting legitimacy and trustworthiness. The site content is safe, professional, and targeted at a general audience of healthcare professionals without any adult or questionable content.

V

Vetter GmbH

vetter-rescue.com

49

Vetter GmbH is a German manufacturing company specializing in pneumatic rescue equipment and tents, serving emergency services, fire brigades, and medical services worldwide. Established in 1964, the company positions itself as the global leader in emergency pneumatics, offering a range of products including rescue, industrial, HazMat, recovery, and shelter equipment, along with training and service. The website reflects a professional and consistent brand presence with a global dealer network and active participation in trade fairs and events. Technically, the site is built on Joomla CMS with modern frameworks such as Bootstrap and Helix Ultimate, and uses Matomo for analytics. The site is mobile-optimized and performs moderately well. Security posture is good with HTTPS enforced and cookie consent implemented, though there is a lack of published security policies and incident response information. Privacy compliance is partial, with cookie consent but no visible privacy policy or terms of service pages. Overall, the website is trustworthy and safe for general audiences, with room for improvement in privacy and security transparency.

B

Beton Union Plzeň s.r.o.

betonunion.cz

55

Beton Union Plzeň s.r.o. is a regional specialist company focused on the production, transportation, and placement of concrete and mortar mixtures primarily serving western Czech Republic. The company operates multiple concrete plants and offers customized concrete mixes supported by laboratory testing and professional consulting. Their website reflects a medium-sized manufacturing and transportation business with a clear market position and professional branding. Technically, the website uses modern JavaScript libraries and frameworks, is mobile optimized, and implements cookie consent mechanisms, though it lacks some security headers and explicit privacy policy documentation. Security posture is moderate with HTTPS enabled but could be improved by adding security headers and incident response information. The absence of WHOIS data reduces domain trustworthiness, but the website content and social media presence support legitimacy. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security documentation.

D

Digin

digin.no

59

Digin is Norway's largest IT and digitalization cluster based in the Agder region, comprising over 130 member companies. The organization focuses on fostering collaboration, knowledge sharing, and innovation through networking, projects, courses, and events tailored to the IT sector. Their website reflects a professional and consistent brand presence, targeting IT businesses and stakeholders in the region. Technically, the site is built on the Umbraco CMS platform, leveraging modern JavaScript libraries and frameworks such as jQuery, Bootstrap, and Cookiebot for consent management. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the website enforces HTTPS and includes cookie consent mechanisms but lacks explicit security policy pages and advanced security headers. The domain is well-established since 2013, aligning with the organization's maturity and market position. Overall, the site demonstrates a solid digital presence with room for improvement in security transparency and compliance documentation.

M

MAS Bohdanečsko

mas-bohdanecsko.cz

39

MAS Bohdanečsko is a regional non-profit organization based in the Czech Republic, focused on local community development through the LEADER method, supported by EU and national funding. The organization aims to improve quality of life and the environment by managing and distributing grant funds and implementing local development strategies. Their website reflects a community-oriented approach with detailed information on organizational structure, strategies, and projects. Technically, the website uses modern responsive design with Bootstrap 5 and SVG graphics, but lacks explicit CMS identification and advanced technical optimizations. Security posture is weak due to absence of security headers, privacy policies, and incident response information, which are critical for compliance and trust. Overall, the website is accessible and informative but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

A

Asociace regionálních značek, z.s.

regionalni-znacky.cz

44

Asociace regionálních značek, z.s. is a Czech non-profit association dedicated to certifying and promoting regional products, services, and experiences with guaranteed quality and origin. Operating since 2005, it manages 32 regional quality brands across 31 Czech regions, serving both consumers interested in authentic regional goods and producers seeking certification and cooperation. The website offers rich content including product categories, regional information, news, and event calendars, supported by an e-shop partner site. Technically, the site uses modern frontend technologies such as Bootstrap, Swiper.js, Leaflet.js, and Google Analytics, providing a responsive and user-friendly experience. Security posture is adequate with HTTPS and cookie consent mechanisms, though lacking some advanced security headers and explicit security policies. The absence of WHOIS data reduces domain registration trust but does not detract from the legitimacy of the business itself. Overall, the site is professional, trustworthy, and well-positioned in its niche.

M

MAS Holicko o.p.s.

holicko.cz

47

MAS Holicko o.p.s. is a small non-profit organization focused on regional development and community cooperation in the Holicko region of the Czech Republic. Established in 2006, it supports local projects and social services through collaboration with municipalities, entrepreneurs, and citizens. The website reflects this mission with clear content and links to partner organizations. Technically, the site is built on Joomla CMS using modern frameworks like Helix Ultimate and Bootstrap 5, with Google Analytics integrated for visitor tracking. The site is mobile-optimized and presents a professional design with good navigation. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks security headers and published privacy or terms documents. WHOIS data is unavailable, limiting domain trust verification. Overall, the site is safe, trustworthy, and serves its community purpose effectively.

E

Evangelische Kirche der Pfalz

raeume-fuer-morgen.de

10

The website 'Räume für morgen' is a project initiative by the Evangelische Kirche der Pfalz focused on the sustainable and future-oriented use of church buildings. It aims to reduce CO2 emissions and optimize building usage through community engagement and innovative concepts. The site targets church communities and stakeholders interested in ecological and social aspects of church infrastructure. Technically, the site is built on TYPO3 CMS with modern frontend technologies like Bootstrap 5 and jQuery, providing a responsive and user-friendly experience. The cookie consent mechanism is well implemented, supporting GDPR compliance. Security posture is solid with HTTPS and cookie management, though explicit security policies and incident response information are absent. Overall, the site is professional, trustworthy, and serves its niche audience effectively.

S

SCHWING America Inc.

schwing.com

46

SCHWING America Inc. is a well-established manufacturer specializing in truck-mounted concrete pumps, trailer pumps, and line pumps, serving primarily the construction industry in the United States. The company maintains a strong market position as a leading manufacturer with a comprehensive product portfolio and related services including spare parts and training seminars. The website reflects a mature digital presence built on TYPO3 CMS with modern front-end technologies and integrates multiple analytics and marketing tools. Security posture is adequate with HTTPS and domain transfer protections in place, but lacks advanced security headers and visible incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional, trustworthy, and content-rich, supporting the company's credibility and business operations.

S

Schwing GmbH

schwing-auftragsfertigung.at

50

Schwing GmbH is a medium-sized manufacturing company based in Austria specializing in steel constructions, hydraulic cylinders, and key machine components. The company positions itself as a reliable industrial partner offering comprehensive production services including cutting, welding, mechanical manufacturing, surface technology, and assembly. Their website reflects a professional and consistent brand image with clear targeting of industrial decision-makers such as owners, technical managers, and quality managers. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and frameworks, ensuring good performance and mobile optimization. Security posture is solid with HTTPS, cookie consent, and anonymized analytics, though some security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie management. Overall, the website is trustworthy and professionally maintained, supporting the company's market position in the manufacturing sector.

O

on-collect solutions AG

on-collect.de

39

on-collect solutions AG operates a legaltech cloud platform specializing in debt collection and receivables management, primarily serving companies in the energy sector in Germany. The company combines software as a service with consulting and legal expertise to optimize the entire customer lifecycle in receivables management. Their platform integrates seamlessly with ERP systems and offers automated processing, digital file management, and comprehensive reporting. The website positions on-collect as a pioneer in legaltech with over 200 customers using their SaaS solution. Technically, the website is built on WordPress with Elementor and Bootstrap, leveraging modern JavaScript libraries and Matomo for privacy-conscious analytics. The site is mobile-optimized and demonstrates good SEO practices, though some accessibility features could be enhanced. Security posture is solid with HTTPS enforced and no obvious vulnerabilities, but lacks some security headers and formal security policies. Overall, the security posture is good but could be improved by adding explicit privacy and cookie policies, incident response information, and security headers. The domain WHOIS data is consistent with the business claims, supporting legitimacy. No blocking or WAF challenges were detected, allowing full content analysis. Strategic recommendations include enhancing privacy compliance, publishing security and incident response policies, and implementing security headers to strengthen trust and compliance with GDPR and related regulations.

E

e-rechtsanwälte.eu

e-rechtsanwaelte.de

42

e-rechtsanwälte.eu is a specialized legal consultancy firm focusing on energy law, IT law, internet law, and data protection, primarily serving energy suppliers and medium-sized industries in Germany. The website presents a professional image with clear navigation and a modern design, leveraging WordPress with Elementor and Bootstrap frameworks. The firm offers a range of legal services including contract law, insolvency law, and organizational liability. Technically, the site uses HTTPS, Matomo analytics with cookies disabled, and a cookie consent mechanism, indicating a moderate level of digital maturity. However, the absence of a published privacy policy and terms of service pages suggests room for improvement in compliance transparency. Security posture is generally good with no visible vulnerabilities or exposed sensitive data, but the lack of security headers is a minor concern. Overall, the website is trustworthy and professional, though enhancing privacy and security disclosures would strengthen its compliance and user trust.

T

Toyota Tsusho Europe

toyota-tsusho-europe.com

72

Toyota Tsusho Europe is a well-established trading company within the Toyota Motor Group, focusing on energy, automotive, and sustainability sectors. The company operates globally with a strong presence in Europe, offering key services such as battery projects, hydrogen solutions, and green infrastructure. The website reflects a professional corporate image with consistent branding and relevant business content targeting partners and customers in the energy and transportation industries. Technically, the site uses Joomla CMS with modern frameworks like Bootstrap and integrates Google Analytics and Tag Manager for tracking. The site is mobile-optimized and performs moderately well. Security posture is good with HTTPS enforced and cookie consent implemented, though improvements like DNSSEC and CSP headers are recommended. Overall, the domain registration is consistent with the business profile, indicating legitimacy and trustworthiness.

P

Powerment GmbH & Co. KG

powerment.de

45

Powerment GmbH & Co. KG is a German-based specialist company focused on the acquisition and marketing of by-products from coal-fired power plants, such as fly ash, REA gypsum, and boiler sand, primarily serving the construction and building materials industry. The company benefits from strong partnerships with its parent companies EP Power Minerals and EnBW Energie Baden-Württemberg, positioning it as a reliable intermediary ensuring quality products and logistics. The website is professionally designed using TYPO3 CMS and Bootstrap, offering good content quality and clear navigation in German. Privacy compliance is well addressed with a cookie consent banner and detailed privacy policy. However, explicit security policies and incident response information are not present, and security headers are not detected, indicating room for improvement in security posture. Overall, the website is trustworthy, accessible, and well-aligned with its business objectives.

J

Jugendhaus St. Kilian

jugendhaus-st-kilian.de

49

Jugendhaus St. Kilian is a non-profit youth and educational center located in Miltenberg, Germany, affiliated with the Diocese of Würzburg. The organization provides accommodation, conference facilities, catering, and educational programs primarily targeting school classes, families, and youth groups. The website is professionally designed using Joomla CMS with modern frameworks such as Bootstrap and UIkit, and integrates privacy-compliant tools like Usercentrics for consent management and Matomo for analytics. Contact information and legal disclosures are clearly presented, enhancing trust and transparency. The domain registration and DNS setup are consistent with the organization's regional and operational profile, indicating legitimacy and stability. Technically, the website employs a modern tech stack and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent mechanism in place. No incident response or security policy pages were found, suggesting an area for improvement. Overall, the website presents a trustworthy and professional digital presence for a regional non-profit organization focused on youth services and education. The risk profile is low, with no indications of malicious activity or content safety concerns.

B

bvse-Bundesverband Sekundärrohstoffe und Entsorgung e.V.

bvse.de

54

The bvse-Bundesverband Sekundärrohstoffe und Entsorgung e.V. is a well-established German industry association representing approximately 1,000 medium-sized companies in the secondary raw materials, recycling, and waste disposal sectors. It holds a leading market position as the largest industry association in Germany and Europe for this sector. The organization provides a range of services including market news, seminars, quality seals, and political advocacy to support its members and promote sustainable circular economy practices. The website content is professionally presented in German, targeting industry professionals and stakeholders in the recycling and waste management fields. Technically, the website is built on Joomla CMS with modern frontend technologies such as Bootstrap 5 and jQuery, ensuring good mobile responsiveness and accessibility. The site uses HTTPS with strong SSL configuration and includes a cookie consent mechanism that limits cookie usage to essential session cookies. No major security vulnerabilities or tracking technologies were detected, indicating a privacy-conscious and secure digital infrastructure. From a security perspective, while HTTPS and secure login forms are implemented, the site lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced trust and compliance. The WHOIS data aligns well with the website's business claims, showing consistent domain registration and no privacy protection, supporting legitimacy. Overall, the site is professional, secure, and compliant with GDPR requirements, serving as a credible resource for the recycling industry. Strategic improvements in security transparency and incident response readiness would further strengthen its posture.

N

Norsk Biologforening

bio.no

51

Norsk Biologforening is a well-established Norwegian non-profit organization focused on biology education and community engagement. Founded in 1981, it serves a niche audience of biology professionals and enthusiasts through memberships, conferences, publications, and expert Q&A services. The website reflects a consistent brand and provides relevant content and contact information, supporting its credibility. Technically, the site is built on Joomla CMS with Gantry 5 framework and uses modern frontend libraries, offering a good user experience and mobile optimization. However, the site lacks visible privacy and cookie policies, security headers, and explicit security or incident response policies, indicating areas for compliance and security improvement. No blocking or WAF mechanisms were detected, and the domain age supports legitimacy. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy compliance measures.

Gemeindewerke Kahl Versorgungsgesellschaft mbH is a regional utility provider based in Kahl am Main, Germany, offering electricity, gas, and water supply services. The company emphasizes sustainable energy solutions, including 100% certified hydropower electricity and climate-neutral gas options. Their market position is that of a trusted local supplier with a focus on environmental responsibility and customer service. The website targets residential and commercial customers in the region, providing online contract management, energy-saving tips, and services related to electromobility and photovoltaics. Technically, the website is built using modern web technologies including Bootstrap 5 and jQuery, hosted on rzone.de servers. It is mobile-optimized with good accessibility and SEO practices. The site includes interactive elements such as a tariff calculator form and a well-structured navigation menu. However, no CMS or advanced platform is explicitly detected. From a security perspective, the site uses HTTPS and secure form inputs but lacks visible security headers and explicit incident response or vulnerability disclosure policies. No cookie consent mechanism was detected, which may pose GDPR compliance risks. The WHOIS data is consistent with the website content and business legitimacy, with no suspicious patterns. Overall, the website is professional, trustworthy, and well-suited for its business purpose. Strategic improvements in security headers, privacy compliance, and incident response transparency would enhance its security posture and regulatory adherence.

E

EMB Energieversorgung Miltenberg-Bürgstadt GmbH & Co. KG

we-are-energy.de

54

EMB Energieversorgung Miltenberg-Bürgstadt GmbH & Co. KG is a regional energy and utility provider based in Miltenberg, Germany. The company offers a range of services including electricity, water, gas supply, parking, e-mobility, and heat supply, positioning itself as a sustainable and customer-focused provider in its local market. The website reflects a professional and comprehensive digital presence with clear business information, active social media engagement, and customer service portals.

B

Bundesverband des Schornsteinfegerhandwerks

schornsteinfeger.de

65

The Bundesverband des Schornsteinfegerhandwerks is a German national trade association representing the chimney sweep industry. The website provides comprehensive information about the trade, including services, regulations, partner organizations, and regional contact points. It targets homeowners, industry professionals, and partners with a focus on safety, environmental protection, and energy efficiency. Technically, the site is built on Drupal 10 with modern frontend technologies and integrates Matomo analytics and YouTube video content with a cookie consent mechanism. Security posture is good with HTTPS and cookie management, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

株

株式会社ZEエナジー

ze-energy.net

47

株式会社ZEエナジー is a Japanese company specializing in biomass energy solutions aimed at achieving a sustainable society. Their core business involves developing and operating biomass power generation systems that convert waste and thinning wood into energy through carbonization and gasification processes. The company positions itself as an environmental consulting group focused on renewable energy and waste management, targeting enterprises and government bodies concerned with environmental issues. Their product lineup includes various biomass gasification and carbonization devices, supported by consulting and service offerings. The website is professionally designed, bilingual (Japanese and English), and provides comprehensive company and contact information, reflecting a credible and established business presence since 2011. Technically, the website is built on WordPress CMS, utilizing modern libraries such as jQuery, Bootstrap 5, Slick Carousel, and Font Awesome 6. It employs Google Analytics for user tracking and is hosted under a registrar known for domain services in Japan. The site is mobile-optimized with good SEO practices but lacks some advanced accessibility features. Performance is moderate, with no critical technical debt observed. From a security perspective, the site uses HTTPS with a valid SSL certificate, ensuring encrypted communications. However, it lacks DNSSEC and security headers like Content-Security-Policy or X-Frame-Options, which are recommended for enhanced protection. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is partial; a privacy policy is present, but no cookie consent mechanism or GDPR-specific indicators were found. Incident response contacts and vulnerability disclosure policies are absent, representing areas for improvement. Overall, the website demonstrates a solid business credibility and technical foundation with room for security and privacy enhancements. The risk profile is low, with no signs of malicious activity or content safety concerns. Strategic recommendations include implementing DNSSEC, adding security headers, deploying cookie consent tools, and publishing incident response information to strengthen trust and compliance.

S

Stiftung Gesundheit

arzt-auskunft.de

57

Stiftung Gesundheit operates the Arzt-Auskunft platform, a comprehensive German healthcare provider search service established in 1997. The platform enables patients to find doctors, clinics, therapists, and pharmacies nearby, offering features such as online appointment booking and information on barrier-free practices. The website is well-positioned in the German healthcare information market with a large user base and a strong reputation as a non-profit entity. Technically, the website employs modern frontend technologies including Vue.js, Bootstrap, jQuery, and Choices.js, ensuring a responsive and user-friendly experience across devices. Hosting is managed via Schlundtech, a reputable provider. The site demonstrates good SEO and accessibility practices, though performance is moderate. From a security perspective, the site uses HTTPS and deferred script loading, but lacks explicit security headers and a visible security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive GDPR-compliant privacy policy, though no cookie consent mechanism was observed. Overall, the website presents a low-risk profile with high trustworthiness and professionalism. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing incident response details to further strengthen security posture and compliance.

H

HealthforAnimals

healthforanimals.org

50

HealthforAnimals is a global industry association representing the animal health sector, including manufacturers of veterinary pharmaceuticals, vaccines, and other animal health products. The organization acts as a representative body for companies and associations at national and regional levels, positioning itself as a key stakeholder in the animal health industry. The website reflects a professional and consistent brand image, targeting industry stakeholders and members. Technically, the website is built on WordPress with Bootstrap and FontAwesome, hosted by OVH sas, and demonstrates moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain protection statuses set, but lacks advanced DNS security (DNSSEC) and security headers. Privacy and compliance documentation such as privacy policy, cookie policy, and terms of service are not found, indicating room for improvement in regulatory compliance. Social media presence is well integrated, enhancing business credibility. Overall, the website is functional and professional but would benefit from enhanced security practices and privacy compliance to strengthen trust and regulatory adherence.

A

ARCHE Thomas Tschechne

archeholz.com

53

Archeholz is a specialized retailer and manufacturer of solid wood flooring, terrace wood, and wood facades, focusing on ethically sourced native woods from Europe and North America. Established in 1985, the company serves end customers, trade professionals, and wood dealers with a direct-to-customer e-commerce model that emphasizes personalized offers and factory-direct pricing. The website is professionally designed, multilingual, and provides detailed product information and customer reviews, enhancing trust and user engagement. Technically, the website runs on a customized modified eCommerce platform based on xt:Commerce, utilizing modern technologies such as Bootstrap 5 and jQuery. It features responsive design, accessibility considerations, and cookie consent mechanisms aligned with GDPR requirements. Performance is moderate, with lazy loading for images and a clean navigation structure. Security posture is strong with HTTPS enforced and secure form handling, though the absence of HTTP security headers and incident response contacts suggests room for improvement. The lack of WHOIS registration data for the domain is a notable concern, potentially impacting trustworthiness despite the professional web presence. Overall, Archeholz presents a credible and well-maintained online presence for its niche market, but should address domain registration transparency and enhance security headers to strengthen its security and compliance posture.

T

Textilakademie NRW

textilakademie.de

53

Textilakademie NRW is a specialized educational institution focused on textile and clothing technology training and professional development in the North Rhine-Westphalia region of Germany. The website offers comprehensive information about their vocational school, continuing education programs, seminars, and dual study options, targeting professionals and trainees in the textile industry. The organization holds a reputable position regionally, supported by recognitions such as IHK awards and governmental funding acknowledgments. Technically, the website is built on WordPress with modern plugins like Event Espresso for event management and Borlabs Cookie for GDPR-compliant cookie consent. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and loads external resources from trusted CDNs. Performance is moderate with good SEO and accessibility basics. From a security perspective, the site enforces HTTPS and implements a robust cookie consent mechanism. However, it lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or sensitive data exposures were detected in the HTML content. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the website presents a professional, trustworthy, and secure digital presence suitable for its educational mission. Strategic improvements could include enhancing security headers, publishing a security policy, and adding incident response contacts to further strengthen trust and compliance.

Z

ZiTex – Textil & Mode NRW

zitex.de

53

ZiTex – Textil & Mode NRW is a well-established cluster organization serving the textile and clothing industry in North Rhine-Westphalia, Germany. Founded in 2004, it operates as a neutral industry representative jointly managed by employer associations and trade unions, providing a unique cooperative structure in the German textile sector. The website reflects this professional positioning with clear business descriptions, event information, and partner references. Technically, the site is built on WordPress with modern plugins such as Event Espresso for event management and Borlabs Cookie for GDPR-compliant cookie consent. The infrastructure is hosted on RZone.de, with HTTPS enforced and no visible security vulnerabilities in the HTML content. Privacy compliance is well implemented, with clear privacy and cookie policies and consent mechanisms. Contact information is complete and professionally presented, enhancing business credibility.

K

Kirche und Tourismus in Bayern | Kirche & Tourismus in Bayern

kirche-tourismus-bayern.de

44

The website kirche-tourismus-bayern.de serves as an informational and promotional platform dedicated to church-related tourism and spiritual activities in Bavaria, Germany. It aggregates and links to various partner organizations offering services such as mountain church services, open churches, pilgrimage routes, church music events, and group accommodations. The target audience primarily includes tourists and visitors interested in religious and spiritual tourism within the Bavarian region. The business model is informational, supporting regional church tourism initiatives and community engagement. Technically, the site is built on Drupal 10 CMS, leveraging modern web technologies including jQuery, Bootstrap 5, and various Drupal modules for menus and sliders. The site is hosted on servers associated with kunde24.de, indicating a professional hosting environment. The website demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and published security or incident response policies. There is no cookie consent mechanism detected, which may affect GDPR compliance. No analytics or tracking scripts are present, indicating minimal user tracking. Contact information is limited to a contact form, with no direct emails or phone numbers provided. Overall, the website is trustworthy and professional, with a clear focus on its niche market. Strategic improvements include implementing cookie consent, enhancing security headers, publishing security policies, and providing clearer contact details to improve compliance and user trust.

M

MapLibre Organization

maplibre.org

51

MapLibre Organization operates as an umbrella entity for open-source mapping libraries, providing tools such as MapLibre GL JS for web vector tile rendering, MapLibre Native for mobile and desktop applications, and Martin for tile generation. The organization targets developers and companies seeking performant, GPU-accelerated mapping solutions. Their market position is that of a recognized open-source alternative in the geospatial technology sector, with a focus on community-driven development and transparency. Technically, the website leverages modern frameworks including Astro and Bootstrap, and the projects themselves utilize TypeScript, C++, and Rust, indicating a mature and modern technology stack. Hosting is provided by Cloudflare, ensuring good performance and availability. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses domain transfer protections but lacks DNSSEC and security headers. No privacy or cookie policies are published, and no incident response or vulnerability disclosure information is provided, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. Overall, the website is professional and trustworthy with good content quality and technical implementation. However, the absence of privacy and security policies and contact information slightly reduces compliance and trust scores. Strategic improvements in these areas would enhance the organization's security posture and user trust.

Hanau engagiert is an official government information portal operated by the City of Hanau, Germany, aimed at providing Ukrainian refugees with comprehensive support and integration services. The website offers detailed guidance on housing, medical care, education, employment, and volunteer opportunities, positioning itself as a trusted local government resource. The platform is well-branded with consistent city logos and maintains an active social media presence to engage its target audience effectively. Technically, the website leverages a modern tech stack including Bootstrap 5, jQuery, and Matomo analytics with a strong emphasis on user privacy through explicit cookie consent mechanisms. It is hosted on servers managed by aspiria.de, with DNS and WHOIS data consistent with a legitimate government service. The site is mobile-optimized and provides a good user experience with clear navigation and multilingual support. From a security perspective, the site enforces HTTPS and employs privacy-conscious analytics but lacks explicit security headers and a public security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with GDPR-aligned policies and cookie management in place. Overall, Hanau engagiert demonstrates a solid digital maturity for a government service portal, with good content quality, technical implementation, and privacy compliance. Strategic improvements could focus on enhancing security headers, publishing security policies, and establishing a vulnerability disclosure process to further strengthen trust and resilience.

I

IMU Institut GmbH

imu-institut.de

46

IMU Institut GmbH is a German-based independent research and consulting organization specializing in labor-oriented research, business consulting, and training with a focus on economic, organizational, and technological matters. With over 40 years of experience, the institute serves members of works councils, personnel councils, economic committees, supervisory boards, and companies, providing research projects, advisory services, seminars, and publications. The website is professionally designed, well-structured, and targets a German-speaking audience interested in workplace transformation and labor relations. Technically, the website is built on TYPO3 CMS using Bootstrap 5 and modern JavaScript libraries such as jQuery and Photoswipe. It is hosted on servers managed via DomainControl nameservers. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Security posture is good with HTTPS enforced and secure form handling, but lacks explicit security headers and incident response information. The security evaluation shows no critical vulnerabilities or exposed sensitive data. Privacy compliance is strong with a comprehensive privacy policy, but the absence of a cookie consent mechanism and security.txt file are noted gaps. Contact information is clearly presented with multiple channels including email, phone, and a contact form. Social media presence on Facebook and LinkedIn supports trust and outreach. Overall, IMU Institut GmbH's website reflects a credible, professional, and secure online presence suitable for its business domain. Strategic improvements in cookie consent, security headers, and incident response disclosures would enhance compliance and security posture further.

M

Messer SE & Co. KGaA

gasesforlife.de

53

Messer SE & Co. KGaA operates the website gasesforlife.de, which serves as an informational and promotional platform for their industrial and specialty gases business. The company is a large, established player in the manufacturing and energy sectors, providing gases for diverse applications including healthcare, environmental protection, food industry, and scientific research. The website is well-structured, professionally designed, and targets industrial clients and related sectors. Technically, the site is built on TYPO3 CMS with modern libraries and frameworks, offering good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response contacts are absent. Overall, the site demonstrates high business credibility and compliance with privacy regulations, though it lacks a terms of service page and vulnerability disclosure information.

S

Stiftung Rheinland-Pfalz für Kultur

kulturstiftung-rlp.de

58

The Stiftung Rheinland-Pfalz für Kultur is a regional cultural foundation in Germany focused on supporting and promoting cultural activities within Rheinland-Pfalz. The website highlights key cultural projects such as the Kultursommer Rheinland-Pfalz and the Künstlerhaus Edenkoben, positioning itself as a non-profit organization dedicated to cultural enrichment. The site is built on TYPO3 CMS with Bootstrap framework, indicating a modern but straightforward technical infrastructure. The website is mobile optimized and provides a good user experience with clear navigation and relevant content for its target audience. However, it lacks visible contact information, privacy policy, and terms of service pages, which are important for transparency and compliance. Security posture is moderate with cookie consent implemented but missing security headers and no visible incident response or security policies. Overall, the website is functional and professional but could improve in privacy compliance and security best practices.

H

HBS Firmengruppe

hbs-group.de

47

HBS Firmengruppe is a family-owned group of companies specializing in electrical and planning services with multiple subsidiaries distributed across Germany and one in Poland. The group combines craftsmanship with innovative planning, serving a professional audience in the energy sector. Their website is built on TYPO3 CMS and employs modern frontend technologies, offering a good user experience with mobile optimization and clear navigation. Social media presence is strong, supporting brand visibility and engagement. Security posture is solid with HTTPS enforced and secure forms, though explicit security headers and policies are absent. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy or terms of service pages. Overall, the website reflects a professional medium-sized enterprise with a consistent brand and trustworthy online presence.

A

ASCA® GmbH & Co. KG

asca.com

48

ASCA® GmbH & Co. KG is a German-based company specializing in organic photovoltaic (OPV) solar films that enable flexible, lightweight, and transparent solar energy solutions. Positioned as a world market leader in OPV technology, ASCA® serves sectors including architecture, mobility, and smart products with custom solar solutions. The company operates under the HERING group umbrella and maintains a professional digital presence with a modern TYPO3 CMS-based website. The website is well-designed, mobile-optimized, and rich in relevant content, targeting architects, designers, and sustainability-focused businesses. Technically, the site uses modern frameworks and analytics tools but lacks some security headers and a cookie consent mechanism, which are recommended for compliance and security enhancement. WHOIS data is unavailable, which slightly reduces transparency but does not detract significantly from the company's credibility given the professional presentation and clear contact information.

The Landkreisjugendarbeit und Kreisjugendring Kulmbach website serves as the official online presence for the regional youth work and youth council in Kulmbach, Germany. It provides information, event announcements, and resources targeted at children, youth, families, and youth workers in the community. The organization operates under the Landratsamt Kulmbach, emphasizing community engagement and youth development. The website is well-structured, content-rich, and professionally presented, reflecting a stable regional public service entity. Technically, the site is built on WordPress 6.7.4 with Bootstrap and FontAwesome, ensuring modern design and mobile responsiveness. Hosting appears to be with Deutsche Telekom, indicated by the nameservers. The site loads with moderate performance and includes accessibility and SEO best practices, though some improvements could be made in accessibility and security headers. From a security perspective, the site uses HTTPS with a good SSL configuration and does not expose sensitive data or vulnerable libraries. However, it lacks security headers and a cookie consent mechanism, which are recommended for GDPR compliance and enhanced security. No incident response or security policies are published, which could be improved to increase trust and preparedness. Overall, the website is trustworthy, safe, and professionally managed, with minor gaps in privacy compliance and security best practices. Strategic improvements in cookie consent, security headers, and published security policies would enhance the site's compliance and security posture.

A

Ambulante Ethikberatung für Hochfranken e.V.

ethikberatung-hochfranken.de

44

Ambulante Ethikberatung für Hochfranken e.V. is a small non-profit association founded in 2022, providing ambulatory ethics consultation services in the Hochfranken region of Germany. The organization focuses on supporting patients, their families, and healthcare professionals in ethical decision-making related to end-of-life care. The website presents a professional and consistent brand image, with clear contact information and detailed descriptions of services and team members. Technically, the site uses modern web technologies including Bootstrap and jQuery, hosted by a regional provider, and is mobile-optimized with good SEO practices. Security posture is moderate with HTTPS implied but lacking explicit security headers and policies. Privacy compliance is good with a privacy policy available, though no cookie consent mechanism is present. Overall, the website is trustworthy and well-suited for its target audience.

K

KKV Aktuell

kkv-aktuell.de

54

KKV Aktuell is a German non-profit association website providing current information about the KKV Bundesverband. The site targets members and potential members interested in the organization's activities and membership opportunities. The business model is focused on community engagement and information dissemination within a niche non-profit sector. Technically, the website is built on WordPress with modern plugins and frameworks such as Bootstrap and jQuery, offering a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but lacks explicit security headers and incident response information. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is functional and professional but could improve in privacy and security transparency.

H

HBS Elektrobau GmbH

hbs-elektrobau.de

10

HBS Elektrobau GmbH is a German company specializing in electrical installation services, training, and maintenance, operating under the umbrella of the HBS Gruppe. The company positions itself as a quality and reliable provider in the energy and transportation sectors, offering a broad range of services including Anlagenbau, Bahntechnik, Elektrotechnik, and Sicherheitstechnik. The website is professionally designed using TYPO3 CMS and modern frontend technologies, providing good user experience and mobile optimization. Social media integration is strong, enhancing brand presence. Security posture is adequate with HTTPS enabled, but lacks explicit security headers and detailed privacy or incident response policies. No blocking or WAF challenges were detected, allowing full content access. Overall, the site reflects a medium-sized, established business with consistent branding and good technical implementation.