Security Directory

S

Sportjugend Berlin

sportjugend-berlin.de

46

Sportjugend Berlin is a well-established youth sports organization affiliated with the Landessportbund Berlin, focusing on youth social work, educational programs, youth travel, volunteer services, and youth engagement within Berlin. The organization targets youth, sports clubs, volunteers, educators, and families, providing a broad range of community and sports-related services. The website reflects a professional and consistent brand image, with clear contact information and a strong social media presence. Technically, the website is built on TYPO3 CMS with modern frontend technologies including Bootstrap 5 and Font Awesome 6. It is hosted on Microsoft Online infrastructure and incorporates accessibility tools such as eyeAble, demonstrating a commitment to inclusive design. The site performs moderately well with good mobile optimization and SEO practices. From a security perspective, the site uses HTTPS with a good SSL configuration and disables cookies in Matomo analytics to enhance privacy. However, it lacks some security headers and does not publish a security policy or incident response contacts, which are areas for improvement. Privacy compliance is generally good with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a minor gap. Overall, the website is trustworthy, professional, and serves its community effectively. Strategic improvements in security policies and privacy consent mechanisms would further strengthen its posture.

M

MUKS Museum Kultur und Spiel Riehen

muks.ch

11

MUKS Museum Kultur und Spiel Riehen is a small cultural museum located in Riehen, Switzerland, focusing on exhibitions and programs related to local culture, history, and play. The website presents a professional and well-structured digital presence, offering detailed information about exhibitions, events, and visitor services. The museum targets a broad audience including families, children, students, and cultural visitors, operating primarily as a non-profit institution. Technically, the site is built on Drupal 10 with modern JavaScript libraries and includes privacy-conscious analytics via Matomo. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security policy and incident response information. Overall, the domain registration aligns well with the museum's identity, supporting trustworthiness and legitimacy.

H

Hochschule für Technik und Wirtschaft des Saarlandes

wissenwasverbindet.de

67

The Hochschule für Technik und Wirtschaft des Saarlandes (htw saar) is a well-established higher education institution in Germany, specializing in dual study programs that combine academic learning with practical work experience. The website effectively communicates its educational offerings, cooperation with industry partners, and benefits for students. It targets prospective students and companies interested in dual education partnerships. The institution holds multiple certifications and maintains an active social media presence, reinforcing its credibility and market position. Technically, the website is built on TYPO3 CMS and employs Matomo for analytics, reflecting a modern and privacy-conscious infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. However, there is room for improvement in security headers and cookie consent mechanisms to enhance privacy compliance. From a security perspective, the site uses HTTPS with a strong SSL configuration and shows no signs of exposed sensitive data or vulnerable libraries. The absence of explicit security policies and incident response information suggests an opportunity to strengthen transparency and preparedness. Overall, the website demonstrates a solid security posture but could benefit from additional security best practices and compliance features. The overall risk assessment is low, with no critical vulnerabilities detected. Strategic recommendations include implementing security headers, adding cookie consent for GDPR compliance, publishing security policies, and establishing a vulnerability disclosure process to further enhance trust and security culture.

G

GSUB - Gesellschaft für soziale Unternehmensberatung MbH

teilhabeberatung.de

61

The website www.teilhabeberatung.de represents the Ergänzende unabhängige Teilhabeberatung (EUTB®), a German non-profit advisory service supporting people with disabilities and their relatives regarding rehabilitation and participation. Operated by GSUB - Gesellschaft für soziale Unternehmensberatung MbH, the site offers comprehensive advisory services, publications, and a dedicated app for appointment scheduling. The organization holds recognized accessibility certification (BIK - BITV-konform) and maintains a professional online presence with clear navigation and content relevance. Technically, the site is built on Drupal 10, leveraging modern web technologies including Matomo for privacy-conscious analytics and ReadSpeaker for accessibility. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Security posture is solid with HTTPS enforced and secure form handling, though explicit security headers and incident response policies are not published. No blocking mechanisms or WAF challenges were detected, allowing full content access. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, no direct contact emails or phone numbers are publicly listed, relying on contact forms for communication. Overall, the website is trustworthy, professionally managed, and aligned with its non-profit mission. Recommendations include enhancing security headers, publishing security and incident response policies, and considering a vulnerability disclosure program to further strengthen trust and security posture.

VDMA is a prominent German and European industry association representing approximately 3,600 companies in the machinery and plant engineering sector. The organization focuses on innovation, export orientation, and supporting medium-sized enterprises. Their website reflects a mature digital presence with comprehensive content, professional design, and clear navigation tailored to industry professionals and stakeholders. The technical infrastructure is based on the Liferay CMS platform, leveraging modern JavaScript frameworks and analytics tools, ensuring a responsive and accessible user experience. Security posture is strong with HTTPS enforcement, consent management, and use of security best practices, although explicit security headers could be enhanced. Overall, the site demonstrates compliance with GDPR and provides clear contact and privacy information, supporting trust and credibility.

K

kv.digital GmbH

kv.digital

58

kv.digital GmbH is a medium-sized digital healthcare company based in Germany, fully owned by the Kassenärztliche Bundesvereinigung (KBV). It specializes in providing secure medical communication solutions, including KIM services and the 116117 appointment service software, serving healthcare providers and software manufacturers. The company acts as a central innovation platform and competence center for digitalization in ambulatory healthcare. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and includes a GDPR-compliant cookie consent mechanism. The presence of ISO 27001 certification demonstrates a strong commitment to information security. Security posture is robust with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the website is professional, trustworthy, and well-structured, supporting the company's credibility in the healthcare technology sector.

CIRS dent operates as a specialized error reporting and learning platform targeted at dental practices in Germany. The website provides anonymous and sanction-free reporting of undesired events in dental practice workflows, aiming to improve patient safety and professional learning. The project is supported by reputable German dental organizations BZÄK and KZBV and collaborates with medical experts, enhancing its credibility and niche market position. The platform offers services such as report creation, database search, publications, and user feedback mechanisms, positioning itself as a valuable resource in healthcare quality management for dentists. Technically, the website employs a traditional web stack with jQuery and Matomo analytics, hosted on German infrastructure (netcologne.de). The site is mobile-optimized with clear navigation and a cookie consent mechanism, reflecting moderate digital maturity. Security posture is adequate but could be improved by implementing security headers and explicit incident response policies. Privacy compliance is basic but present, with a GDPR-compliant privacy policy and cookie banner. Overall, the website is professional, trustworthy, and aligned with its healthcare mission.

D

Deutscher Verkehrssicherheitsrat

dvr.de

55

The Deutscher Verkehrssicherheitsrat (DVR) is a leading independent German organization dedicated to road traffic safety. The website serves as an authoritative platform providing information on traffic safety topics, prevention campaigns, policy advocacy, and training programs. It targets the general public, policymakers, and traffic safety professionals, positioning itself as a key competence center in the transportation safety sector. The business model is non-profit, focusing on education, advocacy, and safety improvements.

Jobbnorge.no is a Norwegian online recruitment platform focused on connecting job seekers with employers across Norway. The website offers job search functionality and recruitment tools, positioning itself as an important player in the Norwegian recruitment market. The platform targets both job seekers and employers, providing a streamlined experience for finding and posting jobs. The business model revolves around providing digital recruitment services and tools to facilitate hiring processes. Technically, the website employs modern technologies including ASP.NET, Matomo analytics, and Cloudflare for hosting and security. It features a comprehensive cookie consent mechanism compliant with GDPR, enhancing user privacy and transparency. Security posture is strong with HTTPS enforced and device fingerprinting used for security purposes, although some security headers could be improved. Overall, the website is professional, well-branded, and trustworthy, with good mobile optimization and accessibility. However, the lack of publicly available WHOIS data slightly reduces trust but is likely due to privacy protection. Strategic recommendations include publishing a privacy policy page, terms of service, and a vulnerability disclosure policy to further enhance compliance and trust.

D

Datawrapper GmbH

datawrapper.de

61

Datawrapper GmbH operates a professional SaaS platform focused on enabling users to create interactive and responsive data visualizations such as charts, maps, and tables without coding. The company serves a broad audience including media organizations, enterprises, and public service entities, with a strong market position evidenced by notable clients like the UN and New York Times. The website is well-designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the site is built on WordPress with modern performance optimizations and privacy-conscious analytics (Matomo). Security posture is strong with HTTPS enforced and privacy policies clearly presented, though some security headers could be improved. Overall, the domain registration and hosting setup are consistent and trustworthy. The site demonstrates good compliance with GDPR and cookie consent requirements, supporting a high level of business credibility.

K

Knipp Medien und Kommunikation GmbH

irondns.net

67

ironDNS® is a specialized DNS service provider operated by Knipp Medien und Kommunikation GmbH, established in 2009 in Germany. The company focuses on delivering secure and compliant DNS infrastructure services to corporates, registrars, and registries. Their offerings include DNS provisioning APIs (SOAP and REST), control panel access, DNSSEC support, and advanced DNS features such as Zone Lock and ANAME records. The website reflects a professional and consistent brand presence with clear navigation and relevant business content.

T

Talus Informatik AG

talus.ch

73

Talus Informatik AG is a Swiss IT service provider specializing in comprehensive IT solutions for municipalities, communities, and energy supply companies. The company positions itself as a one-stop provider for IT total solutions, focusing on sectors such as energy and municipal administration. Their website reflects a professional and consistent brand image, targeting primarily Swiss municipal and energy sector clients. Technically, the website is built on the Weblication® CMS platform and utilizes modern web technologies including Font Awesome and Matomo analytics for user tracking. While the site is well-structured and mobile-optimized, it lacks explicit privacy and cookie policies, as well as visible security headers and incident response information, which are important for compliance and trust. The security posture is moderate due to these omissions, but no critical vulnerabilities or blocking mechanisms were detected. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security transparency.

D

DFL Stiftung

dfl-stiftung.de

71

DFL Stiftung is a well-established German non-profit foundation founded in 2008, focused on supporting children, youth, and young sports talents through social and sports-related projects. The foundation leverages a strong network and expertise from professional football to promote social participation, healthy development, and elite sports success. The website reflects a professional and consistent brand presence with comprehensive content in German and English, targeting a broad audience interested in youth development and sports. Technically, the site is built on WordPress with modern plugins and frameworks, hosted on AWS infrastructure, and employs SEO and analytics tools such as Yoast SEO, Google Tag Manager, and Matomo. Security posture is good with HTTPS enforced, though some security headers and explicit policies are missing. Privacy compliance is adequate with a comprehensive privacy and cookie policy but lacks a cookie consent mechanism. Overall, the site is trustworthy, well-maintained, and aligned with its mission.

G

GKV-Spitzenverband

qs-reha.de

63

QS-Reha® is a government-backed quality assurance platform operated by the GKV-Spitzenverband, focusing on medical rehabilitation quality in Germany. The website provides comprehensive information about the quality assurance procedures, methodologies, and results for various medical indications, targeting healthcare providers and rehabilitation facilities. The platform serves as an official resource for quality data and facility comparisons, supporting transparency and improvement in rehabilitation services. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with Matomo analytics hosted on their own domain to ensure privacy compliance. The site is mobile-optimized, accessible, and uses HTTPS with a cookie consent mechanism that respects GDPR requirements. Hosting appears to be managed by ITSG or GKV-Spitzenverband infrastructure, ensuring stable and secure delivery. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent management. However, it lacks explicit security policies, incident response contacts, and advanced security headers, which could enhance its security posture. No vulnerabilities or suspicious elements were detected in the content or scripts. Overall, the website is trustworthy, professional, and compliant with privacy regulations, serving its government-mandated role effectively. Strategic improvements in security transparency and incident response readiness are recommended to further strengthen trust and resilience.

G

GKV-Spitzenverband

gkv-gamsi.de

62

The website www.gkv-gamsi.de serves as the official portal for the GKV-Spitzenverband's pharmaceutical quick information service, providing detailed reports and data visualizations on pharmaceutical expenditures within the German statutory health insurance system. It targets healthcare professionals, policymakers, and stakeholders involved in the German healthcare sector. The site offers quarterly reports, procedural information, and regional target agreements, positioning itself as a trusted governmental information source in the healthcare domain. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, jQuery, and integrates Tableau Public for interactive data visualizations. It uses Matomo analytics hosted on its own servers, enhancing privacy compliance. The site is moderately optimized for mobile devices and accessibility, with a clear navigation structure and cookie consent mechanisms aligned with GDPR requirements. From a security perspective, the site enforces HTTPS, uses cookie consent with opt-in for statistics, and applies SameSite cookie attributes. However, it lacks explicit security headers and does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website's governmental nature, indicating high legitimacy and trustworthiness. Overall, the website demonstrates a strong business credibility and technical foundation with good privacy compliance. Strategic improvements could include publishing a security policy, incident response information, and implementing additional security headers to enhance the security posture further.

G

GKV-Spitzenverband

gkv-datenaustausch.de

63

The GKV-Datenaustausch website is an official information portal operated by the GKV-Spitzenverband, the central association for statutory health insurance in Germany. It provides comprehensive and up-to-date information on electronic data exchange procedures and technical standards for healthcare providers, employers, and other stakeholders involved in the statutory health insurance system. The portal serves as a trusted resource for technical documentation, procedural guidance, and updates via RSS feeds, positioning itself as a key authoritative source in the healthcare data exchange domain. Technically, the website employs standard web technologies including JavaScript, jQuery, and Matomo analytics hosted on its own domain, reflecting a privacy-conscious approach to user tracking. The site is hosted on servers associated with ITSG, a recognized service provider for statutory health insurance IT services. The site demonstrates moderate performance and basic mobile optimization, with good accessibility and SEO practices. The presence of a cookie consent banner with granular options aligns with GDPR compliance requirements. From a security perspective, the site enforces HTTPS and uses secure cookie attributes, but lacks explicit security headers such as Content-Security-Policy or X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. However, the absence of published security policies or incident response contacts suggests room for improvement in transparency and readiness. Overall, the security posture is solid but could be enhanced with additional best practices. The website is fully accessible without any WAF or blocking mechanisms, and the WHOIS data confirms the domain's legitimacy and consistency with the GKV-Spitzenverband organization. No suspicious patterns or privacy protections obscure the domain registration. The site does not contain any adult or questionable content and is suitable for a general audience. Strategic recommendations include publishing security and incident response policies, improving mobile optimization, and adding advanced security headers to strengthen the security posture further.

G

GKV-Spitzenverband

gkv-90prozent.de

64

The website www.gkv-90prozent.de serves as the official e-magazine platform for the GKV-Spitzenverband, a key organization in the German statutory health insurance system. It provides comprehensive information on healthcare topics, policy updates, research, and care-related issues targeted at insured persons, healthcare professionals, and policymakers. The site is professionally designed with clear navigation and regularly updated content, reflecting a strong market position as an authoritative source in the healthcare sector. Technically, the website employs standard modern web technologies including HTML5, CSS3, and JavaScript, with Matomo analytics hosted on their own domain to ensure privacy compliance. The site is mobile-optimized and accessible, with proper meta tags supporting SEO. While no CMS or hosting provider details are explicitly identified, the infrastructure appears stable and performant. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism aligned with GDPR requirements. However, it lacks explicit security headers and published security policies or incident response contacts, which could be improved to enhance trust and resilience. No vulnerabilities or suspicious content were detected. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include enhancing security headers, publishing security policies, and providing clearer contact information to further strengthen user trust and compliance posture.

G

GKV-Spitzenverband, DVKA

dvka.de

66

The DVKA website represents the Deutsche Verbindungsstelle Krankenversicherung – Ausland, a key department within the GKV-Spitzenverband, Germany's central association for statutory health and nursing care insurance. The site serves as an authoritative portal for international social security coordination, providing comprehensive information and services to insured persons, employers, healthcare providers, and international partners. The content is well-structured, professionally designed, and available primarily in German with English options, targeting a broad audience involved in cross-border social security matters. Technically, the website employs modern web standards with responsive design, accessibility considerations, and uses Matomo analytics hosted on its own domain to ensure privacy compliance. The site enforces HTTPS and implements a clear cookie consent mechanism distinguishing necessary and statistical cookies. However, no explicit security policy or incident response information is published, and security headers beyond HTTPS are not evident. From a security perspective, the site demonstrates good practices such as secure cookie handling and consent management, but could improve by publishing formal security policies and adding security headers. The WHOIS data aligns well with the official German social security infrastructure, reinforcing the site's legitimacy. No suspicious or privacy-protected WHOIS data is present, appropriate for a government entity. Overall, the DVKA website is a trustworthy, professional government resource with strong content quality and privacy compliance. Strategic improvements in security transparency and incident response readiness would further enhance its security posture and user trust.

S

Sozialhelden e.V.

sozialhelden.de

68

Sozialhelden e.V. is a German non-profit organization dedicated to promoting inclusion and accessibility for people with disabilities. Founded in 2004 by Raúl Krauthausen and others, the organization engages in political campaigns, app development, consulting, and empowerment initiatives. Their website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content focused on their mission. The target audience includes people with disabilities, companies, media professionals, and the general public interested in disability mainstreaming. Technically, the site is built on Webflow CMS, hosted via Cloudflare, and uses modern web technologies including Matomo for analytics and Klaro for cookie consent, ensuring GDPR compliance. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the website is trustworthy, well-maintained, and aligned with the organization's mission.

G

GKV-Spitzenverband - Abteilung DVKA

eu-patienten.de

58

EU-PATIENTEN.DE is a German government-affiliated platform operated by the GKV-Spitzenverband - Abteilung DVKA, serving as the national contact point for cross-border healthcare information between Germany and other EU countries. The website provides comprehensive information for patients, healthcare providers, and health insurers about planned and unplanned treatments both in Germany and abroad. It holds a strong market position as an official source for EU cross-border healthcare guidance. Technically, the site uses standard web technologies with a focus on accessibility, mobile optimization, and privacy-compliant analytics via Matomo. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though it lacks explicit security policy and incident response contact details. Overall, the site is trustworthy, professional, and well-aligned with its governmental healthcare mission.

K

Kassenärztliche Bundesvereinigung (KBV)

116117-termine.de

34

The website www.116117-termine.de serves as the official appointment booking platform for statutory health insured patients in Germany, operated under the auspices of the Kassenärztliche Bundesvereinigung (KBV). It provides a trusted and user-friendly service for booking, viewing, and canceling medical appointments with general practitioners and specialists. The platform is recognized as a Stiftung Warentest Testsieger in 2021, underscoring its market credibility and user trust. The target audience is primarily German statutory health insured patients seeking quick and reliable access to healthcare appointments. Technically, the website is built on the TYPO3 CMS framework, leveraging modern web technologies including JavaScript and CSS. It integrates Matomo analytics with a clear cookie consent mechanism, ensuring compliance with GDPR and privacy best practices. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Hosting appears to be managed by kv.digital GmbH, a technology partner closely affiliated with the KBV. From a security perspective, the site enforces HTTPS and employs cookie consent for tracking, minimizing privacy risks. However, explicit security headers such as Content Security Policy and HSTS are not evident, and no formal security or incident response policies are published. No vulnerabilities or exposed sensitive data were detected in the analysis. The WHOIS data is limited but does not raise concerns, and the domain appears legitimate and consistent with the official nature of the service. Overall, the website presents a professional, secure, and privacy-conscious platform that effectively supports its public healthcare mission. Strategic improvements could include publishing a security policy, adding security headers, and providing clearer contact information for incident response. These enhancements would further strengthen trust and compliance in an increasingly regulated digital environment.

Horizons by heise is a well-established German conference platform focusing on digital transformation, AI, data-driven organizations, and the future of work. It is backed by the reputable heise medien group and targets decision-makers and digital change agents. The website provides comprehensive event information, speaker profiles, and additional content such as podcasts and online meetups. Technically, the site uses modern JavaScript libraries like Swiper and Fancybox, and employs Matomo for privacy-conscious analytics. The hosting is consistent with the domain's WHOIS data, indicating a legitimate and professional setup. Security posture is good with HTTPS enforced and no visible vulnerabilities, though the site lacks some security headers and a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-positioned in its niche.

B

Bundesinstitut für Öffentliche Gesundheit (BIÖG)

kindergesundheit-info.de

65

The website kindergesundheit-info.de is an authoritative German government-backed portal operated by the Bundesinstitut für Öffentliche Gesundheit (BIÖG). It provides comprehensive, scientifically grounded information and resources on child health and development for children aged 0 to 6 years. The portal targets parents, healthcare professionals, and community workers, offering materials such as brochures, infographics, films, and practical tools like the U-Termin-Rechner for appointment scheduling. The business model is non-commercial, focusing on public health education and support. Technically, the site is built on TYPO3 CMS, employs Matomo for privacy-conscious analytics, and demonstrates good mobile optimization, accessibility, and SEO practices. The infrastructure appears stable and well-maintained, with local hosting of analytics in Germany and no detected blocking or WAF interference. The site uses HTTPS with excellent SSL configuration, though it lacks some security headers and explicit published security policies. From a security and privacy perspective, the website shows strong GDPR compliance with a clear privacy policy, cookie consent banner, and anonymized data collection. However, it lacks explicit incident response contacts, vulnerability disclosure mechanisms, and security policy documentation. No exposed vulnerabilities or suspicious domains were detected, and no commercial tracking or advertising networks are present. Overall, the site is trustworthy, professional, and safe for general audiences, particularly parents and professionals seeking child health information. Strategic improvements could include publishing security policies, adding security headers, and providing explicit incident response contacts to enhance transparency and security posture.

C

Collectivité européenne d'Alsace

alsace.eu

68

The Collectivité européenne d'Alsace (CeA) is a regional governmental entity serving the Alsace region in France. The website provides comprehensive information about public services, social aid, cultural events, transport, environment, and education, targeting residents and stakeholders of Alsace. The site is well-branded, consistent, and professionally maintained, reflecting its official government status. Technically, the website uses modern web standards including HTML5, CSS3, and JavaScript, with privacy-conscious analytics via Matomo and a cookie consent mechanism powered by OreJime. The site is mobile-optimized and accessible, with good SEO practices and structured data for enhanced search engine understanding. From a security perspective, the site enforces HTTPS and uses script integrity checks but lacks some recommended security headers such as Content-Security-Policy and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with GDPR-aligned policies and clear cookie consent. Overall, the website presents a low risk profile with high trustworthiness and professionalism. The lack of WHOIS data is due to EURid privacy policies and is typical for .eu domains. Strategic improvements include adding security headers and publishing a security policy or vulnerability disclosure to enhance transparency and security posture.

S

Stadtwerke Rheinfelden (Baden)

stadtwerke-rheinfelden.de

52

Stadtwerke Rheinfelden (Baden) is a regional municipal utility company providing essential water and heat supply services to the Rheinfelden community in Germany. The website clearly communicates their role as a reliable local service provider focused on citizen welfare. Their business model is that of a municipal utility, serving residential and commercial customers with sustainable and efficient energy and water solutions. The site features clear navigation, relevant content, and partner affiliations that reinforce their local market position. Technically, the website is built on the cEasy CMS platform and incorporates modern JavaScript libraries such as jQuery and Slick Carousel for UI elements. It uses Matomo for privacy-conscious analytics and includes accessibility features and mobile optimization. Hosting is managed via domaincontrol.com DNS, typical for small to medium enterprises. Performance is moderate with good SEO and metadata implementation. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR. However, it lacks a publicly available security policy and incident response contacts, which are recommended for enhanced transparency and trust. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is minimal but consistent with the business identity, supporting legitimacy. Overall, the website presents a professional and trustworthy digital presence for a small municipal utility. Strategic improvements include publishing a dedicated security policy, incident response information, and enhancing security headers to strengthen the security posture further.

A

Abfallwirtschaft Landkreis Lörrach

abfallwirtschaft-loerrach-landkreis.de

51

Abfallwirtschaft Landkreis Lörrach is a government-operated waste management service provider serving the Landkreis Lörrach region in Germany. The website offers comprehensive information on waste collection schedules, container ordering, recycling, hazardous waste disposal, and related public services. It targets residents and businesses within the local jurisdiction, providing essential public service functions with a focus on environmental sustainability and regulatory compliance. The site is well-structured with clear navigation and relevant content tailored to its audience.

G

GKV-Spitzenverband

gkv-spitzenverband.de

66

The GKV-Spitzenverband website serves as the official portal for Germany's statutory health and long-term care insurance umbrella organization. It provides comprehensive information on health insurance, care insurance, policy updates, research, and services for insured persons and healthcare providers. The site is well-structured, professionally designed, and offers content in German and English, targeting insured individuals, healthcare professionals, policymakers, and the public. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and Matomo analytics with a strong emphasis on privacy and consent. Security posture is robust with HTTPS enforcement and cookie consent mechanisms, though formal security policies and incident response contacts are not explicitly published. Overall, the site reflects a mature digital presence consistent with a large, government-related healthcare entity.

Alois Denzel KG operates as one of the largest wood wholesalers in southern Germany, providing a wide range of wood products and services to customers in trade, industry, and craftsmanship. Founded in 1938, the company has grown into a large enterprise with extensive warehousing and a dedicated fleet of trucks, emphasizing sustainability and customer-centric service. Their website reflects a mature digital presence with comprehensive product information, online tools, and certifications that reinforce their market position. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Contact Form 7, ensuring good SEO and user experience. The site is mobile-optimized, accessible, and integrates Matomo for privacy-conscious analytics. Security posture is solid with HTTPS and secure form handling, though some security headers could be improved. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the security posture is strong with no evident vulnerabilities or exposed sensitive data. The domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness. The site is safe for general audiences with no adult or questionable content. Strategic recommendations include enhancing security headers, adding explicit security policies, and considering a vulnerability disclosure policy to further strengthen trust. This analysis indicates a professionally managed business website with strong compliance and security awareness, suitable for its industry and customer base.

E

Evolutrans

evolutrans.fr

56

Evolutrans is a French network of transporters and logisticians providing comprehensive transport and logistics solutions across France. The website positions the company as a national group serving the transportation sector with a focus on logistics services. The digital infrastructure is built on WordPress using the Divi theme and Smart Slider 3 plugin, indicating a modern and flexible content management system. The site is well-structured with good SEO and mobile optimization, though some accessibility features could be improved. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies. The absence of WHOIS data for the domain reduces trust slightly but the professional presentation and clear contact information mitigate concerns. Overall, the site is functional and professional, serving its business purpose effectively.

G

GKV-Bündnis für Gesundheit

gkv-buendnis.de

59

The GKV-Bündnis für Gesundheit website represents a collaborative initiative of statutory health insurance funds in Germany focused on advancing health promotion and prevention across various life settings such as communities, schools, and care facilities. The site provides practical resources and information targeting health professionals and stakeholders involved in these sectors. The business model is non-profit and government-related, emphasizing public health improvement. Technically, the website employs modern web standards with responsive design, accessibility features, and uses Matomo analytics with a consent mechanism, reflecting a privacy-conscious approach. Hosting and DNS infrastructure align with official statutory health insurance IT services, indicating a stable and trustworthy technical foundation. From a security perspective, the site enforces HTTPS, uses cookie consent, and avoids exposing sensitive data. However, it lacks explicit security policy documentation and incident response contacts, which could be improved to enhance transparency and trust. No vulnerabilities or suspicious elements were detected. Overall, the website is professional, trustworthy, and well-aligned with its public health mission. Strategic recommendations include publishing dedicated security and incident response policies, enhancing security headers, and providing clearer contact information to strengthen user trust and compliance.

B

Bundesinstitut für Öffentliche Gesundheit (BIÖG)

j1-info.de

65

The website www.j1-info.de is an official public health information portal managed by the Bundesinstitut für Öffentliche Gesundheit (BIÖG) in Germany. It provides comprehensive information about the J1 health check for adolescents aged 12 to 14, including educational content, appointment scheduling assistance, and a doctor search feature. The site targets youth, their parents, and healthcare professionals, positioning itself as a trusted government resource in the healthcare sector. The content is well-structured, multilingual, and includes accessible media, enhancing user engagement and inclusivity. Technically, the site is built on TYPO3 CMS, employs Matomo for privacy-conscious analytics, and uses modern web technologies including accessible video players and responsive design. The website demonstrates good performance and SEO practices, with strong accessibility features. Hosting details are not explicitly disclosed, but data processing for analytics is localized in Germany, aligning with GDPR requirements. From a security perspective, the site enforces HTTPS, anonymizes IP addresses in analytics, and implements a clear cookie consent mechanism. While some security headers like Content-Security-Policy are not explicitly found, the overall posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is excellent, with detailed policies and user consent mechanisms in place. Overall, the website presents a low-risk profile with high trustworthiness, serving as a professional and reliable source of health information for its audience. Strategic recommendations include enhancing security headers and publishing explicit security policies to further strengthen trust and compliance.

K

Komm.ONE

komm.one

73

Komm.ONE is a public law institution and IT service provider dedicated to supporting municipalities across Baden-Württemberg, Germany. The organization develops and operates software and IT services tailored for local government administration, positioning itself as a key regional player in the public sector IT market. Their offerings include consulting, cloud services, security, innovation management, and training, targeting municipal administrations and public entities. The website reflects a professional and consistent brand image aligned with their mission. Technically, the website is built on a modern stack including jQuery, Bootstrap, and specialized CMS templates, with good mobile optimization and accessibility features. The presence of a cookie consent mechanism and Matomo analytics indicates a mature digital infrastructure with privacy considerations. Performance is moderate, and SEO practices are well implemented. From a security perspective, the site enforces HTTPS and uses cookie consent controls but lacks explicit published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable, likely due to privacy protection, but the domain and website content strongly indicate legitimacy as a public institution. Overall, Komm.ONE presents a trustworthy and professional online presence with room for improvement in transparency around security policies and incident response. The risk level is low, and the site is suitable for its target audience of public sector entities.

V

Ville de Saint-Louis

saint-louis.fr

66

The website www.saint-louis.fr is the official digital presence of the city of Saint-Louis in Alsace, France. It serves as a comprehensive portal for residents and visitors, offering municipal information, public services, event announcements, and cultural activities. The site targets local citizens and tourists, positioning itself as a key communication channel for the municipal government. The business model is that of a government entity providing essential public services and information without commercial intent. Technically, the site is built on the CMS I3C platform and leverages modern web technologies including jQuery, Bootstrap, CKEditor, and Matomo analytics configured with privacy in mind. The site is mobile-optimized and features a clear navigation structure with multiple service categories. Performance is moderate, with room for optimization. The presence of cookie consent mechanisms and disabled tracking cookies reflects a commitment to user privacy. From a security perspective, the site enforces HTTPS and uses privacy-focused analytics. However, it lacks several security headers and does not publicly provide a privacy policy or incident response contacts, which are areas for improvement. The absence of WHOIS data limits domain trust verification, though the site content and branding strongly indicate legitimacy. Overall, the website is a well-maintained municipal portal with good content quality and user experience. Strategic recommendations include publishing a comprehensive privacy policy, enhancing security headers, and providing clear contact information for security and privacy matters to strengthen trust and compliance.

S

Stadt Rheinfelden (Baden)

rheinfelden.de

49

Stadt Rheinfelden (Baden) operates an official municipal website providing extensive information and services to residents and visitors. The site covers a broad range of topics including citizen services, cultural events, urban planning, and tourism. The website is well-structured, professionally designed, and primarily targets local citizens and tourists. Technically, the site uses the cEasy CMS platform and integrates Matomo analytics for privacy-conscious user tracking. The infrastructure is modern with HTTPS enforced, but lacks some advanced security headers and cookie consent mechanisms. Security posture is moderate with no critical vulnerabilities detected. Overall, the site reflects a mature municipal digital presence with room for improvement in privacy compliance and security best practices.

L

Landkreis Lörrach

loerrach-landkreis.de

49

Landkreis Lörrach operates as a regional government authority in Germany, providing a broad range of public services including transportation, economic development, social and family support, environmental initiatives, and tourism promotion. The website serves residents and visitors with comprehensive information and digital services, reflecting a mature public sector entity with a consistent brand and professional presentation. Technically, the site is built on the cEasy CMS platform, employs modern web technologies, and integrates privacy-conscious analytics via Matomo. The site is well-optimized for mobile and accessibility standards, ensuring a good user experience. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the website demonstrates a trustworthy and professional digital presence aligned with its governmental role.

C

Collectivité européenne d'Alsace

haut-rhin.fr

68

The Collectivité européenne d'Alsace operates as a regional government entity providing a comprehensive range of public services and information to residents and stakeholders in the Alsace region of France. The website serves as an official portal with detailed information on social services, culture, transport, environment, and citizen engagement. It maintains a strong market position as the authoritative regional government body with a clear focus on transparency and public communication. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with privacy-conscious analytics via Matomo and a cookie consent mechanism powered by OreJime. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure suitable for a government portal. From a security perspective, the site enforces HTTPS and demonstrates good security hygiene with no exposed sensitive data or vulnerable libraries detected. However, it lacks explicit security headers and a published security policy or incident response contact, which are recommended for enhanced security posture. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. The absence of WHOIS data is standard for .eu domains and does not detract from the legitimacy of the site. Strategic recommendations include implementing security headers, publishing a security policy, and adding a vulnerability disclosure channel to further strengthen trust and security.

S

Swiss Institute for Art Research (SIK-ISEA)

sikart.ch

10

The Swiss Institute for Art Research (SIK-ISEA) operates a specialized research portal focused on Swiss art and art history. The website serves as an authoritative platform offering access to the SIKART Lexicon, catalogues raisonnés, and collections/projects, targeting researchers, academics, and art enthusiasts. The business model is non-profit and research-oriented, positioning the institute as a key resource in the cultural heritage sector in Switzerland. Technically, the site employs modern web technologies including React and Font Awesome, with Matomo analytics for user tracking. The site is mobile-optimized and demonstrates good design and navigation clarity. Security posture is solid with HTTPS enforced and cookie consent implemented, though lacks visible advanced security headers and formal privacy or security policies. Overall, the site is trustworthy and professionally maintained, but could improve transparency by publishing privacy and terms of service documents.

H

Historisches Lexikon der Schweiz (HLS)

hls-dhs-dss.ch

10

The Historisches Lexikon der Schweiz (HLS) is a reputable, multilingual, scientific online lexicon dedicated to Swiss history, serving both the general public and researchers. It is uniquely positioned as the only scientific lexicon published simultaneously in the four Swiss national languages. The website is affiliated with the Swiss Academy of Humanities and Social Sciences, enhancing its credibility and trustworthiness. The platform offers a rich array of content including articles, multimedia, projects, and newsletters, emphasizing open access and scientific rigor. Technically, the website is built on the XWiki platform with a modern tech stack including RequireJS, jQuery, Bootstrap, and Matomo for privacy-conscious analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. Security posture is strong with HTTPS enforced and no exposed sensitive data, but could be improved by adding explicit security headers and vulnerability disclosure mechanisms. Overall, the site maintains a high level of professionalism and trustworthiness, with comprehensive content and consistent branding. However, it lacks explicit cookie consent mechanisms and published security policies, which are recommended for enhanced compliance and user trust. The domain registration aligns well with the website's academic nature, supporting its legitimacy.

C

Coopfond

coopfond.com

68

Coopfond is a mutualistic fund affiliated with Legacoop, dedicated to promoting cooperation and supporting the creation and sustainable growth of cooperatives in Italy. The organization has a strong market position with over 30 years of history, offering financial and strategic support to cooperatives, emphasizing sustainability, innovation, and solid growth. The website reflects a mature digital infrastructure built on WordPress with modern plugins and analytics tools, demonstrating a good level of digital maturity. Security posture is solid with HTTPS enforced and privacy compliance mechanisms in place, including cookie consent and GDPR-aligned policies. No critical vulnerabilities or blocking mechanisms were detected, indicating a secure and trustworthy online presence. Overall, Coopfond presents as a credible and professional organization with a clear mission and well-implemented digital presence.

B

Bad Egelsee

badegelsee.ch

60

Bad Egelsee is a public family and sports swimming facility located in Kreuzlingen, Switzerland, offering a variety of aquatic and wellness services including sport pools, family pools, saunas, and steam baths. The website presents a professional and consistent brand image targeting families, sports swimmers, and wellness seekers in the local community. The business model focuses on providing recreational and health-related aquatic services with a clear emphasis on family-friendly and sports-oriented offerings. Technically, the website uses modern JavaScript frameworks such as Alpine.js and integrates Matomo for analytics, indicating a moderate level of digital maturity. The site is mobile-optimized and SEO-friendly with good accessibility features, although some accessibility aspects could be improved. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks published security policies or incident response information. Overall, the website is trustworthy and professionally maintained with no signs of malicious activity or content safety concerns.

P

Paprec Group

paprec.com

65

Paprec Group is a leading French company specializing in waste management and recycling services. Established in 1994, it has grown into a major player in the environmental sector, serving both industrial clients and local authorities with a comprehensive range of services including waste collection, sorting, recycling, and energy valorization. The company emphasizes sustainability and circular economy principles, positioning itself as a key contributor to environmental preservation in France. The website reflects a mature digital presence with multilingual support and rich content aimed at educating and engaging its audience. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, and Matomo analytics. It demonstrates good performance, mobile optimization, and accessibility features. Security best practices are observed with HTTPS enforcement and security headers, although public security policies and incident response information are not explicitly published. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. However, the WHOIS data for the domain is missing or not publicly available, which raises minor concerns about domain registration transparency but does not detract significantly from the overall legitimacy given the professional website and business presence. Overall, Paprec Group's website is professional, secure, and compliant, supporting its position as a trusted leader in the recycling industry. Strategic recommendations include publishing explicit security and incident response policies and improving domain registration transparency.

A

ARAG SE

arag-karriere.de

64

ARAG SE is a well-established German insurance company specializing in legal protection insurance and related services, with a strong market position as the largest family-owned insurer in Germany and a global leader in its niche. The website serves as a professional career portal targeting job seekers interested in joining ARAG, featuring comprehensive content about company values, culture, and job opportunities. Technically, the site uses modern web technologies including jQuery, Google Tag Manager, Matomo analytics, and a proprietary recruitment platform by talentsconnect, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS enforcement, cookie consent mechanisms, and privacy compliance, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR, with no signs of blocking or suspicious activity.

F

Forschungsnetzwerke Energie

forschungsnetzwerke-energie.de

63

Forschungsnetzwerke Energie is a German government-supported platform facilitating exchange among energy experts, researchers, and policymakers. It provides comprehensive information on energy research networks, events, publications, and webinars, positioning itself as a key knowledge hub in the German energy research sector. The platform is professionally designed, well-branded, and offers clear navigation primarily in German with English options. Technically, the website employs modern JavaScript libraries such as jQuery and Bootstrap, integrates Matomo analytics with privacy-conscious settings, and uses HTTPS with good security practices. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the site is trustworthy, compliant with GDPR, and serves its target audience effectively.

G

Genossenschaft Getränkekollektiv

getraenkekollektiv.ch

47

Genossenschaft Getränkekollektiv operates a sustainable and fair beverage delivery and retail business based in Basel, Switzerland. The company targets private customers, offices, event organizers, and the hospitality sector with a focus on regional and environmentally friendly products. Their business model includes direct delivery via cargo bike or van, subscription options, and an online shop. The website is built on WordPress with Elementor and integrates privacy-conscious tools like Matomo analytics and hCaptcha for form security. Contact information and social media presence support customer engagement and trust. Security posture is adequate with HTTPS and basic protections, but lacks published security policies and advanced headers. Privacy compliance is partial, missing a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-aligned with the business's local and sustainable ethos.

N

nextron internet team GmbH

nextron.ch

11

nextron internet team GmbH is a Swiss web agency based in Basel, established in 1996. The company specializes in web development, web design, and hosting services, targeting primarily medium-sized businesses and organizations in Basel and across Switzerland. Their offerings include custom web applications, WordPress and WooCommerce solutions, and various hosting options including ColdFusion and vServer hosting. The website reflects a mature market position with a professional and consistent brand presence supported by client references and social media engagement. Technically, the website is built on WordPress CMS with modern technologies such as jQuery, FontAwesome, and animation libraries. It integrates analytics tools like Google Analytics and Matomo for user tracking and performance insights. The site is mobile-optimized, fast-loading, and SEO-friendly, indicating a high level of digital maturity. From a security perspective, the site uses HTTPS with good SSL configuration and employs some security best practices such as honeypot anti-spam measures. However, it lacks explicit security headers like Content-Security-Policy and does not provide a security policy or incident response contact information. No vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy, professional, and safe for general audiences. The main areas for improvement include implementing a cookie consent mechanism to enhance privacy compliance and publishing a security policy and incident response contacts to strengthen security posture and transparency.

S

Schweizer Agrarmedien AG

tierwelt.ch

66

TierWelt is a Swiss-based animal and nature magazine operated by Schweizer Agrarmedien AG, targeting readers interested in animals, nature, and environmental topics. The website offers rich editorial content, subscription services, classifieds, and e-paper access, positioning itself as a reputable media outlet in Switzerland. The business model combines content publishing with advertising and subscription revenue streams. Technically, the site is built on TYPO3 CMS with a modern tech stack including jQuery, Flipster, and multiple analytics and advertising integrations. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is strong with HTTPS, security headers, CAPTCHA protections, and cookie consent mechanisms, although explicit security policies and incident response contacts are not published. WHOIS data confirms the legitimacy and consistency of the domain registration with the business identity. Overall, the website is professional, trustworthy, and compliant with privacy regulations.

É

État de Vaud - Direction générale de l’enseignement supérieur (DGES)

hev.ch

63

The Direction générale de l’enseignement supérieur (DGES) is a governmental entity under the Canton of Vaud, Switzerland, responsible for the strategic oversight and policy development of higher education institutions within the canton. It supports education, research, and innovation, focusing on optimizing conditions for universities and specialized schools. The website serves as an official communication channel providing detailed information on missions, projects, legal frameworks, and contact points for stakeholders including students, academic institutions, and government partners. Technically, the website is built on TYPO3 CMS with modern frameworks like Bootstrap, and integrates analytics tools such as Matomo, Mouseflow, and Google Tag Manager. The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital infrastructure suitable for a public sector organization. From a security perspective, the site enforces HTTPS and uses some security headers, though explicit security policies and incident response contacts are not published. No vulnerabilities or suspicious content were detected. Privacy compliance is basic, with cookie consent mechanisms and a privacy policy present, but GDPR compliance is not explicitly stated. Overall, the website is trustworthy, professional, and well-maintained, with a strong alignment between domain registration and organizational identity. Strategic recommendations include enhancing security header implementation, publishing security and incident response policies, and improving privacy compliance transparency.

T

Team Deutschland Paralympics

teamdeutschland-paralympics.de

45

Team Deutschland Paralympics is the official German Paralympic team website, providing comprehensive information about athletes, events, news, and partners related to Paralympic sports in Germany. The site serves as an authoritative platform for fans, athletes, and stakeholders interested in Paralympic activities. It is supported by official government and sports federation entities, enhancing its credibility and trustworthiness. Technically, the website is built on TYPO3 CMS and employs modern front-end libraries and privacy-conscious analytics (Matomo) with GDPR compliance. The site is well-structured, mobile-optimized, and accessible, offering a professional user experience. Security posture is good with HTTPS enforced and privacy mechanisms in place, though some security headers could be improved. No critical vulnerabilities or suspicious patterns were detected. Overall, the website demonstrates a mature digital presence suitable for its non-profit, government-affiliated sports mission.

D

Deutsche Krebshilfe

bewegung-bei-krebs.org

65

The website bewegung-bei-krebs.org is a specialized German-language informational platform focused on the role of sport and physical activity in cancer therapy and rehabilitation. It is supported and funded by the reputable Deutsche Krebshilfe and is part of the IMPLEMENT project. The platform targets cancer patients, their relatives, and healthcare professionals, providing scientifically validated content, therapy offers, and free sports counseling. The site demonstrates a clear mission to support oncological rehabilitation through movement therapy, positioning itself as a trusted resource in this niche healthcare segment. Technically, the website uses modern web technologies including the Scrivito CMS, Bootstrap for styling, and Matomo for privacy-conscious analytics. Hosting appears to be on AWS infrastructure, and the site is mobile-optimized with good SEO practices. However, some security enhancements such as enabling DNSSEC and adding security headers could improve the overall security posture. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. Cookie consent mechanisms are implemented, and privacy policies are present and GDPR compliant. No critical vulnerabilities or suspicious content were detected. The absence of a security policy or incident response contact is noted as an area for improvement. Overall, the website scores well on content quality, business credibility, and privacy compliance, with moderate scores in technical implementation and security posture. It is a professionally maintained, trustworthy platform serving a sensitive healthcare niche with a clear non-profit orientation.

S

Sparkassen in Hessen und Thüringen

ps-los-sparen.de

66

The website www.ps-los-sparen.de represents a regional lottery savings product offered by the Sparkassen financial institutions in Hessen and Thüringen, Germany. The business model combines savings with lottery participation, offering cash and prize draws while supporting social projects. The site targets local savers and lottery participants, positioning itself as a trusted regional financial service with strong branding consistency aligned with the Sparkassen group. Technically, the site is built on Concrete CMS with modern frontend technologies including jQuery, Bootstrap, and Vue.js. It employs Matomo analytics for privacy-conscious user tracking and integrates a cookie consent mechanism, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though explicit security headers and published security policies are absent. The site is accessible without WAF or blocking mechanisms and shows no signs of malicious content or vulnerabilities. Overall, the website demonstrates good content quality, technical implementation, and business credibility, suitable for its regional financial service role.