Security Directory

S

sinma GmbH

sinma.de

60

sinma GmbH is a small German telecommunications company specializing in providing full-service internet solutions tailored for business customers. Their offerings include fiber optic leased lines, DSL with fixed IPs, web hosting, server housing, virtual servers, backup solutions, VPN networks, and related services such as domain management and firewalls. The company emphasizes high availability and security in their network solutions and has been operating since 1991, indicating a long-standing presence in the market. The website reflects a professional and consistent brand image with clear navigation and relevant business content targeting German business clients. From a technical perspective, the website employs basic web technologies including JavaScript and CSS without modern frameworks or CMS detected. The site is moderately optimized for performance and accessibility but lacks advanced mobile optimization. There is no evidence of analytics or tracking scripts, which suggests minimal user tracking. However, the absence of security headers and explicit SSL/TLS information indicates room for improvement in technical security measures. Security posture evaluation reveals gaps such as missing privacy and cookie policies, lack of security headers, and limited contact information. No incident response or vulnerability disclosure information is provided, which could impact trust and compliance. The WHOIS data shows partial consistency with the website's claims but lacks detailed registrant information, limiting full legitimacy verification. Overall, the site is accessible without WAF or blocking mechanisms, and content safety is rated safe with no adult or questionable content. The overall risk assessment suggests the company maintains a moderate security and compliance posture suitable for its business scale but should prioritize implementing privacy policies, enhancing security headers, and expanding contact information to improve trust and regulatory compliance. Strategic recommendations include publishing comprehensive privacy and cookie policies with consent mechanisms, enforcing HTTPS with proper security headers, and establishing clear incident response and vulnerability disclosure channels.

The website bettinivideo.com is currently inaccessible beyond a security check page that performs a browser integrity test and automatic redirect. The visible content is minimal and primarily serves as a gatekeeper, indicating the presence of a Web Application Firewall or similar security mechanism, likely BitNinja as referenced by the external link. The site appears to be running outdated CMS platforms (Joomla 1.5 and WordPress 2.5), which are no longer supported and pose significant security risks. No business, contact, or policy information is available on the accessible page, limiting the ability to assess the company's market position or services. The technical infrastructure shows signs of legacy technology with poor mobile optimization and accessibility.

B

birdingtours GmbH

birdingtours.de

57

birdingtours GmbH operates as Germany's leading specialist in birdwatching travel, offering a wide range of guided tours across Germany, Europe, Africa, Asia, and the Americas. The company targets both novice and experienced birdwatchers, providing expert-led tours, educational content, and a dedicated shop for birdwatching equipment. Their market position is strong within the niche ecotourism and nature travel sector, supported by partnerships with conservation organizations and a loyal customer base. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates standard marketing and analytics tools with user consent mechanisms. Security posture is solid with HTTPS enforced and consent management implemented, though explicit security headers could be improved. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, reflecting a mature digital presence for a medium-sized travel business.

Festo Inc. is a globally recognized enterprise specializing in industrial automation technology and training services. The company operates a comprehensive multilingual and multinational website infrastructure, serving a broad industrial customer base worldwide. Their digital presence reflects a mature and professional business with a strong emphasis on localized content and compliance with international data protection regulations such as GDPR. Technically, the website leverages modern web technologies including React.js and integrates a professional consent management platform (Didomi) to manage user privacy preferences effectively. Security posture is strong with HTTPS enforcement, domain transfer protection, and a well-managed domain registration history, although DNSSEC is not enabled. The absence of explicit security policies or incident response contacts suggests room for improvement in transparency and security communication. Overall, the website is well-designed, user-friendly, and trustworthy, supporting Festo's position as a leader in the manufacturing and automation sector.

F

Frank Carius

msxfaq.de

61

MSXFAQ is a specialized knowledge resource and FAQ website focused on Microsoft Exchange, Skype for Business, Teams, Office 365, and Outlook technologies. It serves a professional and expert audience primarily in Germany, providing technical guides, news updates, and tools related to Microsoft enterprise communication platforms. The website is authored and maintained by Frank Carius, with a long operational history dating back to 2004, indicating a stable and trusted source of information in its niche. Technically, the website uses a straightforward HTML/CSS/JavaScript stack with Google Tag Manager for analytics. It is hosted with domain control services typical for small to medium-sized websites. The site is moderately optimized for mobile and SEO, with basic accessibility features. Security practices include HTTPS enforcement, iframe embedding prevention, and privacy-conscious referrer policies, though there is room for improvement in security headers and explicit vulnerability disclosure. The security posture is solid for a content-focused site, with no detected vulnerabilities or exposed sensitive data. Privacy compliance is basic, with privacy and cookie policies present but lacking active consent mechanisms. Contact information is limited to a contact form, with no direct emails or phone numbers visible. Social media presence is active across multiple platforms, enhancing trust and engagement. Overall, MSXFAQ presents a professional, trustworthy, and technically sound resource for its target audience. Strategic improvements in privacy compliance, security policy transparency, and incident response readiness would further enhance its security posture and user trust.

P

Pro-Linux

pro-linux.de

58

Pro-Linux is a well-established German online magazine focused on Linux, Open Source, and related technologies. It offers a broad range of content including news, articles, workshops, program version updates, job listings, and community forums. The site targets technology enthusiasts, IT professionals, and developers primarily in the German-speaking market. Its business model revolves around content publishing supported by advertising and community engagement. The website is hosted by Schlundtech and uses a proprietary CMS (nb3 system v1.6). The technical infrastructure is moderate with standard web technologies and Google AdSense for monetization. Security posture is adequate with HTTPS enabled and secure login forms, but lacks advanced security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected, which may pose GDPR compliance risks. Overall, the site is credible and trustworthy with a strong niche presence but could improve in privacy and security practices.

F

Factorial

factorial.it

69

Factorial is an Italian-based technology company founded in 2019, specializing in all-in-one business management software with a focus on HR automation and workforce management. The company targets small to medium-sized enterprises and HR professionals, offering services such as payroll automation, time tracking, employee scheduling, and document management. Their SaaS business model and consistent branding position them as a competitive player in the HR software market. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content to its target audience. Technically, the site leverages modern frameworks like React and Next.js, integrates reputable analytics and marketing tools, and maintains good performance and SEO practices. Security-wise, the site enforces HTTPS, uses DNSSEC, and implements key security headers, although it lacks a publicly available security policy or incident response information. Privacy compliance is strong, with comprehensive privacy and cookie policies and consent mechanisms in place. Overall, Factorial demonstrates a mature digital presence with a solid security posture and trustworthy business credibility.

F

Factorial MX

factorial.mx

67

Factorial MX is a well-established HR software provider founded in 2016, offering a comprehensive SaaS platform that centralizes human resources processes for businesses, primarily targeting Spanish-speaking markets. Their platform includes modules for time management, talent management, payroll, financial management, and employee self-service, positioning them as a leading player in the HR technology sector in Mexico and Latin America. The website reflects a mature digital presence with professional design, clear navigation, and extensive use of modern web technologies including React and Next.js, supported by advanced analytics and optimization tools such as Google Analytics 4 and Visual Website Optimizer.

A

Arbeit und Leben gGmbH

berufssprachkurse-mainz.info

61

The website berufssprachkurse-mainz.info represents a vocational language course offering operated by Arbeit und Leben gGmbH under commission from the German Federal Office for Migration and Refugees (BAMF). The courses target migrants and individuals seeking to improve their German language skills for professional integration and recognition, particularly in healthcare professions. The site is hosted on WordPress.com and uses standard WordPress technologies with Jetpack and other common plugins. The content is professionally presented with relevant images and course descriptions, targeting a German-speaking audience. Technically, the site is well-structured, mobile-optimized, and uses HTTPS, but lacks some advanced security headers and a visible privacy policy page. No contact emails or phone numbers are directly provided on the main pages, which slightly reduces transparency. The WHOIS data is privacy protected by Identity Digital Inc., which is common and justified for this type of non-profit educational site. Overall, the site is legitimate, secure, and serves its educational purpose effectively.

Ö

Österreichische Apothekerkammer

ballderpharmazie.at

10

The website www.ballderpharmazie.at serves as the official online presence for the Ball der Pharmazie, an annual cultural event targeting pharmacists and pharmaceutical professionals in Austria. It is organized under the auspices of the Österreichische Apothekerkammer and the federal state of Styria. The site provides event information, ticket purchasing links, and social media integration, positioning itself as a niche event platform within the healthcare sector. The business model centers on event organization and ticket sales, catering primarily to a professional and culturally engaged audience. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies including Bootstrap for responsive design and JavaScript for interactivity. The site demonstrates good mobile optimization and moderate performance, with proper meta tags and SEO considerations. Hosting details are not explicitly disclosed, but third-party cookie consent and tracking services are employed, indicating a moderate level of digital maturity. From a security perspective, the site enforces HTTPS and implements GDPR-compliant cookie consent mechanisms. However, it lacks explicit security headers and published security policies or incident response contacts, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data aligns well with the website's claims, showing consistent registration details and high legitimacy. Overall, the website presents a professional and trustworthy front for its event, with good content quality and user experience. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and adding terms of service to improve compliance and trust further.

R

Regionalwerke Baden

rwb-kundenportal.ch

59

Regionalwerke Baden operates as a regional energy utility provider in Switzerland, offering a secure customer portal for managing energy consumption, invoices, contracts, and meter readings. The website is professionally designed with clear navigation and is optimized for mobile devices. The technical infrastructure includes modern web technologies and analytics tools such as Matomo and Siteimprove, indicating a moderate to advanced digital maturity. Security measures include HTTPS enforcement and CSRF protection on login forms, with recommendations for multi-factor authentication to enhance account security. Privacy compliance is addressed with accessible privacy and cookie policies and a consent mechanism. Overall, the website demonstrates a strong security posture and business credibility appropriate for a utility provider.

The website www.oberwil.ch serves as the official digital portal for the municipality of Oberwil in Switzerland. It provides comprehensive information and services to residents, including news updates, event calendars, municipal services, and contact details. The site targets local citizens and stakeholders seeking access to government resources and community information. The business model is centered on public service delivery and community engagement, positioning the municipality as a transparent and accessible local government entity. Technically, the website is built on the iCMS platform, a Swiss municipal content management system, utilizing modern web technologies such as JavaScript, CSS, and HTML5. The site demonstrates good mobile optimization, accessibility, and SEO practices, with moderate performance and a clean, professional design. Hosting is provided by a Swiss provider, ensuring local data handling. From a security perspective, the site uses HTTPS and secure form submissions but lacks explicit security headers and a published security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and appear GDPR compliant, with minimal user tracking via Swiss-based analytics. Overall, the website is trustworthy, professional, and well-maintained, suitable for its public service role. Strategic improvements include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to strengthen security posture and user trust.

S

Sportzentrum Herisau

sportzentrum-herisau.ch

61

Sportzentrum Herisau is a well-established local sports and wellness center in Switzerland offering a broad range of services including ice skating, swimming pools, sauna, massage, fitness courses, and event spaces. The website reflects a mature digital presence with clear navigation, comprehensive service descriptions, and multiple contact channels. The technical infrastructure is based on a Swiss CMS platform with modern web technologies and good mobile and accessibility support. Security posture is solid with HTTPS and basic security best practices, though there is room for improvement in explicit security headers and published security policies. Privacy compliance is addressed with visible privacy and cookie policies and consent mechanisms. Overall, the site presents a trustworthy and professional image suitable for its community-focused business model.

A

Alterszentrum Rubiswil

alterszentrum-schwyz.ch

57

Alterszentrum Rubiswil is a Swiss senior care center providing comprehensive residential, hospice, and support services for elderly residents and their families. The website reflects a well-established local institution with a clear focus on healthcare and community engagement. The site is professionally designed, accessible, and regularly updated with relevant news and events, targeting elderly individuals, their relatives, and healthcare professionals. Technically, the site uses a custom CMS (iCMS) with modern frontend technologies and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and secure form handling, though it lacks explicit published security policies or incident response information. Privacy compliance is evident through a GDPR-compliant cookie consent mechanism and a clear privacy policy. Overall, the website presents a trustworthy and credible digital presence for a healthcare institution in Switzerland.

S

Stadt Rapperswil-Jona

rapperswil-jona.ch

54

Stadt Rapperswil-Jona operates as the official municipal government website for the city of Rapperswil-Jona, Switzerland. It provides a wide range of public services, information on city administration, events, and community engagement tools. The site targets residents, visitors, and local businesses, offering online services such as an online counter, event information, and contact options. The website holds a strong market position as the authoritative source for municipal information and services in the region. Technically, the website is built on a modern infrastructure using i-web CMS, Bootstrap framework, and JavaScript technologies. It employs Matomo for analytics, ensuring privacy-conscious data collection. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Hosting is provided by a Swiss hosting provider, enhancing data sovereignty and reliability. From a security perspective, the website enforces HTTPS and uses secure forms for user login. While no critical vulnerabilities or exposed sensitive data were detected, the absence of security headers and a formal security policy or incident response contact suggests room for improvement. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms aligned with GDPR requirements. Overall, the website demonstrates a high level of professionalism, trustworthiness, and user-centric design. Strategic recommendations include implementing security headers, publishing a security policy and incident response contacts, and adding a security.txt file to facilitate vulnerability disclosures. These steps would further enhance the site's security posture and trustworthiness.

S

Schule Uitikon

schule-uitikon.ch

61

Schule Uitikon is a local public educational institution serving the community of Uitikon, Switzerland. The website provides comprehensive information about the school, including educational offerings, administrative contacts, extracurricular activities, and community engagement. The site targets parents, students, staff, and local residents, offering services such as primary and secondary education, student care, adult education, and school administration. The institution positions itself as a trusted local school with a focus on community and educational quality. Technically, the website is built on the i-web.ch CMS platform, utilizing modern web technologies such as JavaScript, CSS, and HTML5. It incorporates accessibility features and responsive design, ensuring usability across devices. The site uses Owl Carousel for interactive content presentation and hosts images and scripts primarily on Swiss domains, indicating local hosting. Performance is moderate with good SEO and mobile optimization. From a security perspective, the website enforces HTTPS and includes secure login forms for user authentication. It employs a consent mechanism for anonymized web statistics, demonstrating privacy awareness. However, it lacks explicit published security policies, incident response contacts, and security.txt files. No critical vulnerabilities or exposed sensitive data were detected. Security headers appear limited, suggesting room for improvement in hardening. Overall, the website is trustworthy, professional, and well-maintained, with strong alignment between WHOIS registration data and website content. The risk level is low, but strategic enhancements in security policy transparency and incident response readiness are recommended to strengthen the security posture and compliance further.

G

Gemeindewerke Villmergen

gwv.ch

55

Gemeindewerke Villmergen is a Swiss municipal utility company providing essential services including electricity, water, and heat supply, along with complementary services such as electrical installations, e-mobility charging solutions, and photovoltaic system planning and installation. The company positions itself as a local energy provider focused on sustainable and future-oriented energy solutions, targeting private customers, businesses, and large clients within the Villmergen region. Their digital presence reflects a well-structured and professionally designed website with clear navigation and comprehensive service offerings. Technically, the website is built on a Swiss CMS platform (i-web.ch) utilizing modern frontend technologies such as JavaScript, CSS, and Swiper.js for interactive elements. The site is mobile-optimized, accessible, and performs moderately well. Privacy compliance is strong, with a clear privacy and cookie policy including a consent mechanism. Analytics are handled via a custom anonymized web statistics service hosted in Switzerland, ensuring user privacy. From a security perspective, the site enforces HTTPS with excellent SSL configuration but lacks explicit security headers and publicly available security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the business claims, indicating a legitimate and trustworthy domain registration. Overall, the website demonstrates a solid digital maturity level with good business credibility and privacy compliance. Strategic improvements could include publishing a formal security policy, adding security headers, and providing a vulnerability disclosure channel to enhance trust and security posture further.

W

Weggis Schule

schule-weggis.ch

59

Weggis Schule is a public educational institution located in Weggis, Switzerland, providing comprehensive education services from kindergarten through secondary school. The website serves as an information hub for students, parents, and staff, detailing school cycles, leadership, social services, and community engagement. The school positions itself as a vibrant and diverse learning environment benefiting from the region's favorable climate and community support. Technically, the website is built on a modern CMS platform (i-web.ch), utilizing responsive design, JavaScript frameworks like Swiper.js for interactive elements, and standard web technologies. Privacy compliance is addressed with clear privacy and cookie policies, including user consent mechanisms for anonymized web statistics. Security posture is adequate with HTTPS usage and secure login forms, though additional security headers and incident response information could enhance trust. Overall, the domain registration aligns with the school's identity, indicating legitimacy and consistency. The site is safe for general audiences with no adult or questionable content.

B

Bundesministerium für Umwelt, Klimaschutz, Naturschutz und nukleare Sicherheit

bmuv.de

75

The Bundesministerium für Umwelt, Klimaschutz, Naturschutz und nukleare Sicherheit (BMUKN) is the official German federal government ministry responsible for environment, climate protection, nature conservation, and nuclear safety. The website serves as a comprehensive information portal providing policy updates, public funding programs, event announcements, and opportunities for public participation. It targets citizens, environmental professionals, and policymakers. The ministry holds a strong market position as a key governmental authority in Germany with a large organizational size and a focus on sustainability and environmental governance. Technically, the website is built on TYPO3 CMS, a robust open-source content management system, and employs modern web technologies including HTML5, CSS, and JavaScript. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Security-wise, the site enforces HTTPS and follows several best practices, though it lacks some advanced security headers and explicit security policy disclosures. Overall, the security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Contact is primarily via a contact form, with no direct emails or phone numbers publicly listed. The site maintains a professional and trustworthy appearance with consistent branding and official social media channels. The risk assessment is low, with recommendations to enhance security headers, publish a vulnerability disclosure policy, and provide incident response contact information to further strengthen trust and security culture.

A

austria.com/plus

mocafirst.at

61

austria.com/plus is a leading premium digital advertising marketer in Austria, offering a wide range of services including programmatic advertising, premium storytelling, targeting, and native advertising. The company serves advertisers and media partners with a strong national and regional reach, boasting over 11 million unique clients as per recent Austrian Web Analysis data. The website demonstrates a mature digital infrastructure with modern technologies such as WordPress CMS, Yoast SEO, Cookiebot for consent management, and integration with Mailchimp for newsletters. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is well addressed with comprehensive privacy and cookie policies and active consent mechanisms. Overall, the website is professional, trustworthy, and well-optimized for SEO and user experience.

A

Atikon EDV & Marketing GmbH

atikon.de

67

Atikon EDV & Marketing GmbH is a specialized marketing and advertising agency serving tax consultants primarily in Austria. Established since 2000, the company offers a comprehensive suite of marketing services including online marketing, SEO, social media advertising, and graphic design tailored to the needs of tax consultancy firms. The website reflects a mature digital presence with professional design, clear navigation, and strong branding consistency. Technically, the site employs modern analytics tools such as Matomo, Hotjar, and Google GTag, alongside a GDPR-compliant cookie consent mechanism, indicating a good level of digital maturity and privacy awareness. Security posture is solid with HTTPS enforced and no obvious vulnerabilities, though some security headers could be improved. The absence of WHOIS registration data is a notable concern, suggesting either privacy protection or a domain registration issue, which slightly impacts the trustworthiness assessment. Overall, the site is professional, secure, and compliant, serving a niche market effectively.

R

Redcare Apotheke

redcare-apotheke.ch

73

Redcare Apotheke is a well-established online pharmacy serving the Swiss market, offering a wide range of health, beauty, and wellness products. It operates under the parent company Shop Apotheke Europe N.V., positioning itself as a trusted and certified provider with strong customer service and secure transaction processes. The website demonstrates a mature digital infrastructure using modern web technologies such as React and Next.js, ensuring good performance and mobile optimization. Security posture is robust, supported by ISO certifications and secure payment options, although explicit incident response contacts and vulnerability disclosure mechanisms could be enhanced. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie regulations.

S

Shop-Apotheke Österreich

shop-apotheke.at

74

Shop-Apotheke Österreich is a leading online pharmacy serving the Austrian market since 2001. It offers a wide range of pharmaceutical and health products including medicines, baby and family care, beauty and wellness, and veterinary products. The company emphasizes customer service with free consultation, secure payment options, and express delivery services. It holds multiple certifications such as Trusted Shops and TÜV ISO 27001, reinforcing its market credibility and trustworthiness. Technically, the website is built on modern frameworks like Next.js and React, optimized for performance and mobile devices, with strong SEO and accessibility features. Security posture is robust with HTTPS, security headers, and no detected vulnerabilities. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the site presents a professional, trustworthy, and user-friendly e-commerce platform for healthcare products.

F

filmfriend

filmfriend.ch

58

filmfriend.ch is a Swiss-based streaming platform offering feature films, documentaries, and kids movies accessible via library cards. The service targets a general audience including families, providing ad-free content on multiple devices. Technically, the website is built on Angular 18.2.8 and uses CDN hosting for content delivery, ensuring moderate performance and good mobile optimization. Security posture is strong with HTTPS and secure forms, but lacks explicit privacy and cookie policies. No contact or incident response information is provided, which could impact user trust and compliance. Overall, the platform is professional and trustworthy with room for improvement in privacy compliance and transparency.

L

LFK – Die Medienanstalt für Baden-Württemberg

lfk.de

58

LFK – Die Medienanstalt für Baden-Württemberg is a regional media regulatory authority focused on ensuring diversity and compliance in private broadcasting and internet offerings within Baden-Württemberg. The organization also promotes media competence, youth protection, media quality, and media pedagogy through research and educational initiatives. The website reflects a professional and comprehensive digital presence, built on TYPO3 CMS, with a clear structure and good accessibility. It uses privacy-conscious analytics (Matomo) and implements GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS and secure script loading, though explicit security policies and incident response contacts are not publicly detailed. Overall, the domain registration and hosting align with the institutional nature of the entity, supporting high legitimacy and trust.

E

easyCredit

easycredit.de

66

easyCredit is a German financial services provider specializing in instant credit and loan products, serving over one million customers. The website is professionally designed using WordPress and optimized with Yoast SEO, targeting German-speaking consumers seeking simple and fast financing solutions. The technical infrastructure is standard with modern web technologies, but lacks visible advanced security headers and explicit privacy or cookie policies in the provided content. Security posture is moderate with room for improvement in policy transparency and incident response readiness. Overall, the website is trustworthy and well-positioned in the finance sector but should enhance privacy compliance and security practices to meet higher standards.

U

Union Investment Service Bank AG

fondssparen-mit-plan.de

53

The website fondssparen-mit-plan.de is associated with Union Investment Service Bank AG, a reputable financial institution in Germany specializing in investment products such as Fondssparpläne (fund savings plans). The site currently serves a 404 error page, indicating the requested content is not available. The business focus is on long-term wealth accumulation through personalized investment strategies. The branding is consistent with Union Investment, but the content is minimal and lacks essential pages such as privacy policy, cookie policy, terms of service, and contact information. From a technical perspective, the site uses Cloudflare DNS services and standard web technologies including CSS, JavaScript, and SVG graphics. However, there is no evidence of advanced frameworks or CMS usage. The site shows basic mobile optimization and accessibility but poor SEO due to the 404 status and meta robots directives preventing indexing. Security posture is limited based on the provided data. No explicit security headers or HTTPS details were found, and no incident response or security policies are disclosed. The absence of privacy and cookie policies indicates non-compliance with GDPR best practices. No forms or data collection mechanisms are present on the analyzed page, reducing immediate data protection risks but also limiting user engagement. Overall, the website appears legitimate and aligned with a known financial entity but is currently non-functional for end users due to the 404 error. Strategic improvements should focus on restoring content, implementing privacy and cookie policies, enhancing security headers, and providing clear contact and incident response information to improve trust and compliance.

E

EVIE – Engagement, Vielfalt und Integration im Ehrenamt

phronesis-bildung.de

58

The website 'EVIE – Engagement, Vielfalt und Integration im Ehrenamt' is a German non-profit focused on promoting volunteer engagement, diversity, and integration within community and neighborhood projects. It offers educational training programs such as 'Fortbildung für Vereinsmitglieder', 'Train the Trainer', and 'Nachbarschafts-Coach'. The site is built on the Squarespace platform, leveraging modern web technologies and hosting infrastructure, providing a moderate performance and good mobile optimization. Security posture is strong with HTTPS and HSTS enabled, but lacks explicit privacy and cookie policies, which impacts compliance. Contact information is not clearly provided, limiting direct communication channels. Overall, the site is professional and trustworthy within its niche but could improve privacy compliance and user contact accessibility.

B

Biosphären-VHS St. Ingbert

vhs-igb.de

43

Biosphären-VHS St. Ingbert is a municipal adult education provider offering a wide range of courses and cultural events to the citizens of St. Ingbert, Germany. The website reflects a well-structured and content-rich platform targeting community education, integration, health, languages, and digital literacy. The institution holds a solid local market position as a trusted public education entity. Technically, the site uses a proprietary CMS (CMX) with modern web technologies, delivering a good user experience with mobile optimization and accessibility features. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though improvements are recommended in cookie consent and security policy transparency. Overall, the website is professional, trustworthy, and compliant with GDPR, though it lacks some advanced privacy and security disclosures.

The website bond.de represents 'bond' Software-Entwicklung GmbH, a German IT service provider specializing in cross-platform IT solutions including IT consulting, support, software development, and internet services. With over 30 years of experience, the company targets medium-sized enterprises, large corporations, and government agencies primarily in Germany. Their market position is that of a seasoned, trusted IT partner with strategic partnerships such as with Imprivata for healthcare security solutions. Technically, the website is built using SIQUANDO Web 10 CMS with jQuery and custom JavaScript for enhanced user interaction such as AJAX search. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. No modern frameworks or analytics tools are detected, indicating a relatively simple but functional technical infrastructure. From a security perspective, the website lacks visible security headers and cookie consent mechanisms, which are important for GDPR compliance and overall security posture. The SSL configuration could not be verified from the data provided. No incident response or vulnerability disclosure policies are publicly available, which suggests room for improvement in security transparency and readiness. Overall, the website is professional and trustworthy with good business credibility but would benefit from enhanced security practices and privacy compliance measures to reduce risk and improve user trust.

S

Studierendenwerk Kaiserslautern

studierendenwerk-kaiserslautern.de

48

Studierendenwerk Kaiserslautern operates as a regional non-profit organization providing essential student services including housing, dining, childcare, and counseling for approximately 20,000 students across multiple campuses in Germany. The website reflects a well-structured and professional digital presence, leveraging TYPO3 CMS and modern cookie consent management via Usercentrics, ensuring compliance with GDPR regulations. The content is relevant and targeted to the student community, with clear navigation and multilingual support (German and English). Security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website demonstrates a mature digital infrastructure suitable for its institutional role.

A

AD4NET s.r.o.

ad4net.eu

65

AD4NET s.r.o. is a small media services company specializing in digital advertising product optimization primarily serving the DACH region. Their website presents a professional image with clear descriptions of their services including job advertisements, media design, and typesetting. The company positions itself as a leading provider in its niche with a focus on quality and flexible resources. Technically, the website is built on TYPO3 CMS, employs modern web technologies, and includes a cookie consent mechanism compliant with GDPR. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. The absence of public WHOIS data is due to EURid privacy policies, which is common and justified for this business type. Overall, the website is trustworthy and well-maintained.

The FAIR GmbH operates an international accelerator research center in Darmstadt, Germany, focusing on antiproton and ion research to explore fundamental physics. The website serves a diverse audience including researchers, students, partners, and the public, providing scientific information, career opportunities, and news updates. The organization holds a strong market position as a major European research initiative with international collaborations. Technically, the site is built on TYPO3 CMS, uses Matomo for analytics, and implements GDPR-compliant privacy and cookie policies with consent mechanisms. The site is well-structured, mobile-optimized, and professionally designed, supporting good user experience and trust. Security posture is adequate with HTTPS and privacy controls, but lacks some advanced security headers and explicit incident response information. Overall, the website is trustworthy, safe, and aligned with its scientific mission.

H

Helmholtz-Institut Mainz

hi-mainz.de

56

The Helmholtz-Institut Mainz website represents a reputable scientific research institute specializing in physics and chemistry of superheavy elements and related fields. The site is professionally designed using TYPO3 CMS and integrates cookie consent management via Cookiebot, reflecting a mature digital presence. The content is targeted primarily at the scientific community, academics, and students, with clear navigation and multilingual support. Technically, the site employs modern web standards with HTTPS enforced, though lacks some advanced security headers. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and accessible platform. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, the absence of explicit contact emails, phone numbers, and security policies suggests areas for improvement in transparency and incident response readiness. Overall, the website demonstrates a solid security posture and business credibility consistent with a medium-sized research institution in Germany.

A

ALEX Berlin

alex-berlin.de

64

ALEX Berlin operates the digital media platform 'ALEX Kosmos', providing livestreams of TV and radio, podcasts, videos, and community-driven content primarily targeting the Berlin region. The platform positions itself as a creative and participatory media hub for an urban audience, offering crossmedia content accessible 24/7. The business model revolves around media streaming and community engagement, supported by a modern web infrastructure and compliance with European data protection laws. Technically, the website leverages modern JavaScript frameworks, a consent management platform for GDPR compliance, and is hosted on a reputable provider with HTTPS enforced, ensuring secure user interactions. The site demonstrates good mobile optimization and accessibility features, though some advanced security headers could be improved. Security posture is strong with no visible vulnerabilities or exposed sensitive data, but lacks explicit published security policies or incident response contacts. Overall, the platform is trustworthy, professionally designed, and compliant with privacy regulations, making it a reliable media service for its audience.

Die Nacht der 1000 Lichter is a well-established non-profit religious event organized primarily by the Katholische Jugend der Diözese Innsbruck and other Austrian dioceses. The website serves as an informational and engagement platform for a liturgical event held annually on October 31st, attracting tens of thousands of visitors across Austria and South Tyrol. It provides event details, multimedia content, and contact information for organizers across multiple dioceses. The target audience includes youth groups, church communities, and the general public interested in religious and cultural events. The business model is community and event-driven without commercial intent, focusing on spiritual and social engagement.

The CISPA Helmholtz Center for Information Security is a prominent German national research institution specializing in cybersecurity, privacy, and trustworthy artificial intelligence. It operates as a Big Science institution within the Helmholtz Association and collaborates with academic and industry partners, including the Technical University of Munich. The website presents a professional and content-rich platform highlighting research achievements, faculty insights, and technology transfer initiatives, positioning CISPA as a leading global research center in its domain. Technically, the website employs modern web technologies such as JavaScript and CSS with responsive design and good accessibility features. However, there is limited evidence of advanced security configurations such as security headers or explicit SSL/TLS details in the provided data. The absence of visible privacy, cookie, and terms of service policies indicates areas for compliance improvement, especially concerning GDPR requirements. From a security posture perspective, while the site is accessible and professional, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The WHOIS data is minimal but does not raise significant legitimacy concerns given the institutional context. Overall, the site demonstrates a strong business credibility and content quality but requires enhancements in privacy compliance and security transparency. Strategically, CISPA should prioritize publishing comprehensive privacy and cookie policies, implementing cookie consent mechanisms, and enhancing security headers and incident response information to strengthen trust and compliance. These improvements will support its reputation as a leading cybersecurity research institution and ensure alignment with regulatory standards.

I-ST.net is a German system house providing IT services and products primarily targeting business customers. The company has a long-established domain since 1997, indicating a stable presence in the IT sector. The website offers customer login functionality and support modules, reflecting a service-oriented business model. However, the site content is basic and lacks modern design and mobile optimization. Technically, the site uses standard HTML, CSS, and JavaScript with external scripts for chat and remote support. Security posture is weak due to lack of HTTPS, missing security headers, and insecure login form implementation. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the business credibility is moderate given the domain age and contact transparency, but technical and security improvements are needed.

C

chiliSCHARF GmbH

chilischarf.com

63

chiliSCHARF GmbH is a professional internet agency based in Austria with offices in Linz and Vienna, specializing in digital communication, online marketing, and e-commerce solutions. Their expertise includes TYPO3 CMS, Shopware, Magento, and xtCommerce platforms, complemented by video production and photography services. The company targets businesses seeking comprehensive digital presence and marketing support. The website demonstrates a mature digital infrastructure with modern technologies, consent management, and accessibility features, reflecting a high level of digital maturity. Security posture is solid with HTTPS and privacy tools, though some security headers and policies could be improved. Overall, the site is professional, trustworthy, and well-positioned in its market niche.

U

Universität des Saarlandes

uni-saarland.de

64

The Universität des Saarlandes website serves as the official digital presence of a large public university in Germany, offering accredited degree programs, research initiatives, and international academic services. The site targets prospective and current students, alumni, academic staff, and international partners. It provides comprehensive navigation to academic offerings, research profiles, campus life, and international cooperation. Technically, the website is built on TYPO3 CMS, employs Matomo for privacy-conscious analytics, and enforces HTTPS for secure communications. The design is professional, mobile-optimized, and accessible, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and formal privacy and security policies are not evident in the provided content. WHOIS data confirms domain legitimacy and consistency with the university's identity. Overall, the site demonstrates a high level of professionalism and trustworthiness appropriate for an educational institution.

B

Bundesakademie für musikalische Jugendbildung Trossingen

bundesakademie-trossingen.de

52

The Bundesakademie für musikalische Jugendbildung Trossingen is a German educational institution specializing in music pedagogy and professional development for music educators. The website serves as an informational portal for courses, events, and professional training opportunities in the music education sector. The site is built on TYPO3 CMS, indicating a mature and stable technical infrastructure. The design is professional and mobile-optimized, providing a good user experience for its target audience. However, the website lacks explicit privacy, cookie, and terms of service policies, which are critical for compliance with GDPR and other data protection regulations. Security posture is moderate with no advanced security headers detected and no visible vulnerability disclosure or incident response information. Overall, the site is functional and credible but would benefit from enhanced privacy and security measures to improve trust and compliance.

The website represents the official municipal portal for the city of Neu-Ulm, Germany. It provides information about city politics, services, and citizen engagement. The site is powered by TYPO3 CMS and integrates accessibility tools to support users with disabilities, reflecting a commitment to inclusivity. The use of Matomo analytics hosted on their own domain indicates a privacy-conscious approach to user data. However, explicit privacy and cookie policies are not found in the provided content, which is a gap in compliance. The site is well-structured, mobile-optimized, and professionally designed, targeting residents and visitors of Neu-Ulm.

H

Hrvatski ceh zaštitara

hcz.hr

45

Hrvatski ceh zaštitara is a professional chamber representing security guards in Croatia, established since 2004. The website serves as an informational platform for members and stakeholders in the security profession, providing industry news and organizational information. The site is built on WordPress using the Divi theme, hosted under Croatian academic network infrastructure, indicating a local and official presence. Technically, the website employs standard web technologies but lacks advanced security headers and privacy compliance features. No explicit contact information or privacy policies were found, which may impact user trust and regulatory compliance. The security posture is basic, with room for improvement in SSL configuration and security best practices. Overall, the site is legitimate and consistent with its stated purpose but would benefit from enhanced privacy, security, and user engagement features.

C

Commune de Meyrin

meyrin.ch

48

The Commune de Meyrin website serves as the official digital presence for the municipal government of Meyrin, Switzerland. It provides comprehensive information about local administration, public services, cultural activities, environmental initiatives, and economic development. The site targets residents and visitors, offering clear navigation and relevant content in French. The business model is typical of a public sector entity focused on community engagement and service delivery. Technically, the site is built on Drupal 10, leveraging modern web standards and responsive design to ensure accessibility across devices. Security posture is strong with HTTPS enforcement, security headers, and GDPR-compliant cookie consent mechanisms, although explicit security and incident response policies are not prominently published. Overall, the site demonstrates a mature digital infrastructure with good content quality and trust indicators, supporting its role as a reliable municipal resource.

C

Commune de Gy

mairie-gy.ch

58

The website www.mairie-gy.ch serves as the official online presence for the Commune de Gy, a small municipal government entity in Switzerland. It provides residents and visitors with access to local government services, news, events, and administrative resources. The site is well-structured, professionally designed, and optimized for mobile devices, reflecting a moderate level of digital maturity appropriate for a local government. The technical infrastructure leverages modern web technologies and a specialized CMS platform (i-web.ch), ensuring a functional and accessible user experience. Security posture is adequate with HTTPS enforced and secure login mechanisms, though there is room for improvement in implementing security headers and explicit security policies. Privacy compliance is addressed with clear privacy and cookie policies, including user consent mechanisms. Overall, the website demonstrates high business credibility and trustworthiness consistent with its public sector role.

D

dishcounter

dishcounter.de

60

Dishcounter.de is a German e-commerce platform specializing in the rental and sale of dishware, cutlery, glasses, and dishwashing machines. The business targets event organizers and catering companies requiring large quantities of dishware, emphasizing sustainability, hygiene, and competitive pricing. The website is built on Wizmo CMS, hosted on rzone.de, and uses modern web technologies including JavaScript and Google Analytics with IP anonymization. While the site is well-designed and mobile-optimized, it lacks explicit privacy and terms of service pages, as well as clear contact information, which impacts its privacy compliance and business credibility scores. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosures. No WAF or blocking mechanisms are detected, and the content is safe for general audiences.

M

MINTvernetzt

mint-vernetzt.de

46

MINTvernetzt is a German non-profit educational platform serving as the umbrella organization for out-of-school MINT education. It is funded by the German Federal Ministry of Education and Research and implemented by a consortium of reputable organizations. The website offers a comprehensive range of services including a community platform, events, news, blog articles, and data analytics to support MINT education, with a special focus on gender-sensitive approaches and diversity. The platform targets educators, MINT professionals, and young women and girls interested in STEM fields. Technically, the website is built on WordPress with Yoast SEO plugin, uses HTTPS, and integrates Matomo analytics. The design is professional, mobile-optimized, and accessible, with clear navigation and rich content. However, explicit privacy and cookie policies are not found, and no direct contact information or security headers are visible, which are areas for improvement. The domain registration data is consistent and supports the legitimacy of the platform.

D

DigiMINTKids

digimintkids.de

56

DigiMINTKids is a focused educational initiative promoting early STEM education for children aged 2 to 10 years in Germany. The project emphasizes creative, playful, and everyday integrated learning approaches, collaborating with partners such as Stiftung Kinder forschen and DigiMINTNetzwerk Amberg-Weiden. The website is professionally designed on the Squarespace platform, providing a clear presentation of its mission and projects, targeting families and educators interested in early childhood STEM development. Technically, the site uses modern web technologies with good mobile optimization and secure HTTPS hosting. However, it lacks explicit privacy and cookie policies, as well as visible contact information, which impacts its privacy compliance score. Security posture is strong with HTTPS and HSTS enabled, but additional security headers and policies could enhance protection. Overall, the site is trustworthy and well-positioned within its niche educational sector but would benefit from improved compliance and contact transparency.

F

Factorial Portugal

factorialhr.pt

64

Factorial Portugal operates as a comprehensive SaaS provider specializing in enterprise management software with a strong focus on human resources, finance, and operational automation. Founded in 2016, the company has established itself as a significant player in the Portuguese and broader Portuguese-speaking markets, serving over 13,000 companies. Their platform integrates AI capabilities to streamline administrative tasks, enabling businesses to focus on team growth and operational efficiency. The website reflects a mature digital presence with modern technologies and consistent branding, targeting businesses seeking centralized management solutions. Technically, the site leverages Next.js and React frameworks, ensuring fast performance and excellent mobile optimization. Security posture is robust with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response information are not publicly disclosed. Overall, the domain registration data aligns well with the business claims, reinforcing legitimacy. Strategic recommendations include enhancing privacy and security disclosures to improve compliance and trust further.

S

Steiermärkische Krankenanstaltengesellschaft m.b.H.

krankenhaushygiene.at

76

The Institut für Krankenhaushygiene und Mikrobiologie (IKM) operates as a specialized healthcare institute under the Steiermärkische Krankenanstaltengesellschaft m.b.H., focusing on hospital hygiene and microbiology services. It serves healthcare professionals, partners, and patients primarily in Austria, offering laboratory analyses, professional guidelines, and career opportunities. The website reflects a solid market position within the regional healthcare sector, emphasizing patient-centered services and clinical relevance. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and integrating privacy-conscious analytics via Matomo. The site is mobile-optimized, well-structured, and provides clear navigation and content relevant to its audience. Cookie consent mechanisms and HTTPS usage demonstrate compliance with privacy regulations. From a security perspective, the site employs HTTPS and cookie consent but lacks explicit security policies or incident response information. No critical vulnerabilities or suspicious elements were detected. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business entity. Overall, the website presents a trustworthy, professional digital presence with good privacy and security practices, suitable for its healthcare audience. Strategic improvements could include publishing security and incident response policies and enhancing security headers to further strengthen its posture.