Security Directory

N

naturstrom AG

naturstrom.de

51

Naturstrom AG operates as a renewable energy provider in Germany, offering green electricity, green gas, heating solutions, and electric mobility services. The company positions itself as a leading supplier in the sustainable energy sector with a broad product portfolio aimed at private customers and businesses committed to the energy transition. The website reflects a mature digital presence with a professional design and clear messaging focused on sustainability and customer engagement. Technically, the website is built on TYPO3 CMS and integrates modern analytics and consent management tools such as Matomo, Etracker, and Cookiebot. The site demonstrates good mobile optimization, accessibility, and SEO practices, ensuring a positive user experience across devices. Hosting is provided by Schlundtech, a reputable German hosting provider, supporting the site's performance and reliability. From a security perspective, the site enforces HTTPS and employs consent-based loading of tracking scripts, respecting user privacy and GDPR requirements. However, explicit security policies and incident response contacts are not published, which could be improved to enhance transparency and trust. No critical vulnerabilities or suspicious patterns were detected in the analysis. Overall, Naturstrom.de presents a trustworthy and professional online presence with strong privacy compliance and a solid technical foundation. Strategic improvements in security policy disclosure and contact information could further strengthen its credibility and user trust.

B

Bundesstiftung Baukultur

bundesstiftung-baukultur.de

49

Bundesstiftung Baukultur is a German independent foundation dedicated to promoting architectural culture and quality in the built environment. Established in 2007, it operates as a non-profit entity offering publications, events, competitions, and networking opportunities to professionals, students, and the public. The website is well-structured, professionally designed, and provides comprehensive information about its mission, activities, and contact details. Technically, the site runs on TYPO3 CMS, uses Matomo analytics with privacy-conscious settings, and implements GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the domain and website appear legitimate and trustworthy, serving a government-related non-profit sector in Germany.

F

Finanční správa České republiky

finfoveskole.cz

61

The website finfoveskole.gov.cz is an official Czech government educational portal dedicated to supporting financial literacy and tax education for students and teachers. It is a collaborative project between the Financial Administration and Customs Administration of the Czech Republic, providing comprehensive information and resources related to taxes and customs. The site is well-structured, professionally designed, and targets primarily educational institutions and individuals seeking knowledge in financial matters. The presence of official government domains and partner links reinforces its legitimacy and authoritative position in the market. From a technical perspective, the website employs modern web technologies including HTML5, CSS3, JavaScript, Google Fonts, and integrates Cookiebot for cookie consent management and Matomo for privacy-conscious analytics. The site is mobile optimized, accessible, and demonstrates good SEO practices. However, there is no detected CMS or explicit hosting provider information. Performance is moderate, with room for optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of security headers and explicit security or incident response policies publicly available suggests areas for improvement. The lack of WHOIS data is notable but likely due to registry policies for government domains rather than malicious intent. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and improving transparency around contact information for security matters.

A

Arbeitsgemeinschaft der Evangelischen Jugend in Deutschland e. V. (aej)

evangelische-jugend.de

52

The Arbeitsgemeinschaft der Evangelischen Jugend in Deutschland e. V. (aej) operates as a national umbrella organization for Protestant youth work in Germany. Their website serves as a comprehensive portal offering resources, advocacy information, funding guidance, and project details targeted at children, youth, and professionals in youth work. The organization maintains a strong presence with clear contact channels, social media engagement, and a newsletter subscription service. Technically, the site is built on TYPO3 CMS with modern frontend technologies including jQuery and FontAwesome, supported by Matomo analytics for privacy-conscious tracking. The site is well-structured, mobile-optimized, and accessible, reflecting a mature digital infrastructure.

VetroSwiss operates as a key organization managing glass recycling processes and fees in Switzerland, focusing on the administration of the 'vorgezogene Entsorgungsgebühr' (VEG) for glass beverage packaging. The website targets business partners involved in fee payments and compensation, providing a user-friendly customer portal and extensive informational resources about glass recycling. The organization positions itself as a central authority in the Swiss glass recycling ecosystem, emphasizing efficiency and digital transformation. Technically, the website is built on WordPress 6.6.4 with the Yoast SEO plugin, leveraging UIkit for frontend components and Matomo for privacy-respecting analytics. The site is well-structured with multi-language support (German, French, Italian), good SEO practices, and a cookie consent mechanism, reflecting a moderate to advanced digital maturity. Hosting details are not explicit but suggest a professional setup possibly involving Cubetech services. From a security perspective, the site enforces HTTPS and implements cookie consent but lacks explicit security headers and incident response information. No vulnerabilities or exposed sensitive data were detected. The absence of a vulnerability disclosure policy or security.txt file indicates room for improvement in transparency and security communication. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, with a strong focus on business credibility and user experience. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility to further strengthen the security posture and compliance.

The website www.lausanne.ch is the official municipal portal for the City of Lausanne, Switzerland, serving as a comprehensive resource for residents, visitors, and businesses. It provides extensive information on municipal services, cultural events, social assistance, urban planning, and public participation. The site is well-branded and professionally designed, reflecting its authoritative government status. Technically, it employs modern web technologies including jQuery, Bootstrap Icons, Google Maps API, and Matomo analytics, indicating a mature digital infrastructure. Security measures such as HTTPS enforcement, security headers, and CSRF protections are in place, contributing to a strong security posture. However, explicit privacy policies, terms of service, and incident response information are not clearly linked or found, representing areas for improvement. Overall, the site is trustworthy, user-friendly, and well-optimized for mobile and accessibility standards.

C

CFL

cfl.lu

19

CFL is the national railway company of Luxembourg, providing passenger and freight transport services along with mobility solutions such as carsharing, bicycles, tram, and funicular. The website serves as a comprehensive travel portal offering timetable searches, ticket bookings (both national and international), travel packages, and customer services. The company holds a strong market position in Luxembourg's transportation sector with a large operational scale and multiple subsidiaries. Technically, the website employs modern frameworks like Bootstrap and FontAwesome, integrates Google Tag Manager and Matomo for analytics, and is optimized for mobile and accessibility. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response contacts are not found. Privacy compliance is good with privacy and cookie policies and consent mechanisms in place. Overall, the website is professional, trustworthy, and user-friendly, though the lack of WHOIS data slightly reduces trustworthiness from a domain registration perspective.

S

S-Bahn Berlin GmbH

s-bahn-berlin.de

68

S-Bahn Berlin GmbH operates the official website for Berlin's urban rail transit system, providing comprehensive services including timetable information, ticket sales, route planning, and customer support. The website targets commuters, tourists, and residents in Berlin, offering multilingual content and extensive travel-related resources. The company holds a strong market position as a key public transportation provider in Germany's capital. Technically, the website is built on TYPO3 CMS and integrates modern tools such as Matomo for analytics and Usercentrics for consent management, reflecting a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, ensuring a positive user experience across devices. From a security perspective, the site enforces HTTPS, employs domain transfer locks, and uses consent management for cookies, indicating good security hygiene. However, DNSSEC is not enabled, and no explicit security or incident response policies are published, suggesting areas for improvement. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, with no signs of malicious activity or content blocking. Strategic enhancements in DNS security and public security policies could further strengthen its posture.

Nechtovyobchodik.sk is a Slovak-based e-commerce retailer specializing in professional beauty salon products and cosmetics. The website offers a wide range of products including professional cosmetics, salon equipment, and accessories, targeting beauty salons and individual consumers interested in beauty care. The business appears to be a small but established player in the regional beauty retail market, with a clear focus on quality and customer engagement through blogs and newsletters. Technically, the website is built on a custom e-commerce platform hosted likely by eshop-rychle.cz, utilizing modern web technologies such as Matomo for analytics and Swiper.js for UI components. The site is mobile-optimized and provides a good user experience with clear navigation and structured content. SEO practices are well implemented, although accessibility features are basic. From a security perspective, the site enforces HTTPS and uses consent mechanisms for analytics tracking, reflecting a good privacy posture. However, it lacks explicit cookie consent banners and security.txt files, and does not publicly disclose incident response contacts or security policies. Security headers are partially implemented, and no critical vulnerabilities were detected in the provided content. Overall, the website presents a trustworthy and professional online presence with moderate technical maturity and good business credibility. Strategic improvements in privacy compliance and security transparency could further enhance trust and regulatory adherence.

E

Evangelische Freiwilligendienste gGmbH

ev-freiwilligendienste.de

49

Evangelische Freiwilligendienste gGmbH operates as a central coordinating body for evangelical voluntary services in Germany and abroad, offering programs such as the Freiwilliges Soziales Jahr, Diakonisches Jahr, Bundesfreiwilligendienst, and international volunteer programs. The organization serves volunteers and partner organizations, providing consulting and placement services. The website is built on TYPO3 CMS, hosted on securehost.de, and uses Matomo analytics with privacy-respecting opt-in/out features. Security measures include HTTPS and Content Security Policy, though CSP could be improved by removing unsafe directives. Contact information is clearly presented, supporting trust and transparency. However, the site lacks a cookie consent banner and explicit terms of service or security policy pages, which are areas for compliance improvement.

A

ATR International AG

atr.de

45

ATR International AG operates as a global trade cooperation entity for leading distributors in the independent automotive aftermarket. Founded in 1967 and headquartered in Denkendorf, Germany, ATR facilitates collaboration among automotive spare parts distributors, manufacturers, suppliers, and independent multi-brand garages. The company focuses on purchasing coordination, digital transformation, workshop concepts, sustainable aftermarket initiatives, and steering committees to strengthen the independent aftermarket and drive collective growth. The website reflects a mature organization with a consistent brand presence and a clear business model centered on trade cooperation rather than direct retail. Technically, the website is built on TYPO3 CMS with Bootstrap 5 and incorporates modern JavaScript libraries such as jQuery and Photoswipe. It uses Matomo for analytics, demonstrating a preference for privacy-conscious tracking. The site is mobile-optimized, accessible, and SEO-friendly, with a cookie consent mechanism that complies with GDPR requirements. No blocking or WAF challenges were detected, allowing full content access. From a security perspective, the site enforces HTTPS and employs cookie consent with opt-in and revocation capabilities. However, it lacks explicit security policy documentation and incident response contact details, which are recommended for enhanced transparency and trust. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, ATR International AG presents a professional, trustworthy online presence aligned with its business objectives. Strategic improvements include publishing a dedicated security policy, incident response contacts, and implementing additional security headers to further strengthen its security posture.

I

Interreg MED Programme

interreg-med.eu

48

The Interreg MED Programme website represents a European transnational cooperation initiative focused on sustainable growth in the Mediterranean region. It serves as an information and project support portal for 13 European countries collaborating on innovative and resource-conscious projects. The site targets public sector entities, project partners, and stakeholders involved in regional development. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and includes privacy-conscious analytics via Matomo and a robust cookie consent mechanism. Security posture is solid with HTTPS and RSA encryption for login forms, though it lacks explicit published security policies and advanced HTTP headers. Overall, the site is professional, well-structured, and trustworthy, with a clear focus on transparency and compliance. Strategic recommendations include enhancing security disclosures and incident response readiness to further strengthen trust and compliance.

M

Meister ConCept GmbH

meister-concept.ch

10

Meister ConCept GmbH is a Swiss-based small enterprise specializing in society and association management as well as congress and event organization. Established since 2010, the company leverages expertise and personalized service to cater to business clients primarily in the Aarau region. Their key offerings include congress organization, event management, association management, and consulting services. The website reflects a professional and consistent brand image targeting organizations seeking comprehensive event and association management solutions. Technically, the site employs modern web technologies including Matomo analytics and Typekit fonts, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and formal security policies suggests room for improvement. Privacy compliance is basic, lacking cookie consent mechanisms and detailed GDPR indicators. Overall, the website is trustworthy and well-structured, supporting the company's credibility in its niche market.

B

Bundesamt für Justiz

bundesjustizamt.de

11

The Bundesamt für Justiz (BfJ) is a large German federal government agency operating under the Federal Ministry of Justice. It serves as a central service provider for the justice system and international legal cooperation, offering a wide range of services including issuance of criminal records certificates, management of various legal registers, consumer protection, and judicial training. The website is professionally designed, accessible, and provides comprehensive information targeted at citizens, consumers, companies, courts, and authorities. Multilingual support and clear navigation enhance user experience. Technically, the site is built on the Government Site Builder CMS, uses modern web technologies including SVG graphics and JavaScript bundles, and is optimized for mobile devices. The presence of Matomo analytics indicates a privacy-conscious approach to user tracking. However, explicit security headers and cookie consent mechanisms are not evident, suggesting areas for improvement in security and privacy compliance. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. There is no visible incident response or vulnerability disclosure information, which could be enhanced to improve transparency and trust. The WHOIS data shows partial consistency with the official nature of the domain, and no suspicious patterns were detected. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with government standards, though it could benefit from enhanced security headers and explicit privacy consent mechanisms.

H

Handelsverband Deutschland (HDE)

handelsverband.de

54

Handelsverband Deutschland (HDE) is the leading national trade association representing the German retail sector. The website serves as an authoritative platform for industry news, policy advocacy, publications, and event information targeted at retail stakeholders and policymakers in Germany. The site is professionally designed, content-rich, and regularly updated, reflecting a mature digital presence. Technically, the site is built on Joomla CMS with modern frontend frameworks like Bootstrap and jQuery, and it employs Matomo analytics with privacy-conscious configurations. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and vulnerability disclosures are absent. Overall, the site demonstrates high business credibility and trustworthiness with no signs of malicious content or blocking mechanisms.

I

IBA Group

iba-worldwide.com

68

IBA Group is a globally recognized leader in particle accelerator technology, specializing in healthcare and industrial applications. Their business focuses on innovative solutions for cancer diagnosis and treatment, including proton therapy, dosimetry, radiopharma, and industrial sterilization. The company targets healthcare providers and industrial clients with a B2B model, supported by multiple specialized subsidiary domains. Technically, the website is built on Drupal 10 with modern analytics and consent management tools, offering a professional and mobile-optimized user experience. Security posture is good with HTTPS and privacy compliance, though lacks explicit security policies and incident response information. The WHOIS data is missing or unavailable, which raises some concerns about domain registration legitimacy despite the professional web presence. Overall, the site is trustworthy, well-branded, and content-rich, suitable for its target audience.

FOFR is a Czech logistics and transportation company specializing in parcel and freight delivery services across the Czech Republic and internationally. The company offers a broad range of services including express delivery, oversized cargo transport, ADR transport for dangerous goods, warehousing, and logistics solutions. Their market position is that of a national provider with extensive coverage and a focus on reliability and speed. The website is professionally designed with clear navigation and good content quality, targeting businesses and individuals needing transportation services. Technically, the website uses a custom CMS platform with a technology stack including jQuery, Google Tag Manager, Google Analytics, Matomo, and Google reCAPTCHA. The site is mobile responsive and uses HTTPS with good SSL configuration. However, some JavaScript libraries are outdated, and accessibility features are basic. The site employs cookie consent mechanisms and tracking scripts with opt-out capabilities. From a security perspective, the website enforces HTTPS and uses CAPTCHA on forms, but lacks explicit security policies, incident response contacts, and advanced security headers. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces domain trustworthiness, but the website content and contact information support legitimacy. Overall, FOFR presents a solid business and digital presence with room for improvement in privacy policy transparency, security documentation, and WHOIS data availability. Strategic enhancements in these areas would strengthen trust and compliance.

L

Lufthansa Industry Solutions

lufthansa-industry-solutions.com

75

Lufthansa Industry Solutions is a large, well-established IT consulting firm specializing in digital transformation services for enterprises, particularly in sectors such as energy, logistics, and aviation. The company is part of the Lufthansa Group, which enhances its market credibility and trustworthiness. Their website is professionally designed, content-rich, and optimized for user experience, targeting business clients seeking advanced IT solutions. Technically, the site is built on TYPO3 CMS with a modern tech stack including Matomo analytics and Google Tag Manager, although it uses an older jQuery version which may require updating. Security posture is strong with HTTPS, cookie consent management, and multiple ISO certifications prominently displayed, but lacks explicit security headers and a public vulnerability disclosure policy. WHOIS data is unavailable, which slightly reduces transparency but does not detract significantly from the site's legitimacy given the strong branding and trust signals. Overall, the website demonstrates a mature digital presence with good privacy compliance and business credibility.

G

Greenbone AG

greenbone.net

77

Greenbone AG is a German-based cybersecurity company specializing in open source vulnerability management solutions that comply with GDPR. Their offerings include automated and customizable vulnerability scanning products such as OPENVAS SCAN and Greenbone Cloud Service, targeting IT security professionals across sectors including public, healthcare, and education. The company positions itself as a trusted provider with a strong emphasis on compliance and automation. Technically, the website is built on WordPress using a professional theme and SEO plugins, with modern analytics tools like Matomo and Google Tag Manager implemented. The site is mobile-optimized and accessible, reflecting a mature digital presence. Security-wise, the site enforces HTTPS and uses security hardening plugins, though some security headers could be improved and explicit incident response information is lacking. The WHOIS data is not publicly available, which reduces transparency but may be justified for privacy reasons. Overall, the website is professional, trustworthy, and well-structured, with room for improvement in domain transparency and security disclosures.

X

xpecto AG

xpecto.de

71

xpecto AG is a German software company specializing in digital solutions for managing real assets and financial products such as bonds, subordinated loans, ELTIFs, AIFs, tokenized securities, and derivatives. Established since 1982, the company positions itself as a leading provider in the niche market of real asset management software, serving over 150 client companies with 40 years of market experience. Their offerings include modules for investor and sales management, controlling, reporting, risk management, asset and portfolio management, and digital portals for investors and sales partners. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence.

M

Muench energie

muench-energie.de

54

Münch Energie is a leading decentralized energy producer in Germany, specializing in sustainable and innovative energy solutions such as photovoltaic and wind power plants, battery storage, and hybrid commercial electricity. Founded in 2004, the company targets municipalities, industries, and individual consumers with a full-service business model focused on the energy transition. The website reflects a mature digital presence built on WordPress with advanced optimization and modern technologies, ensuring fast performance and excellent mobile experience. Security posture is strong with HTTPS and secure coding practices, though explicit security policies and incident response contacts are absent. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the site projects high professionalism and trustworthiness with clear contact information and multiple certifications.

E

ECOSOLAR e.K.

ecosolar.de

11

ECOSOLAR e.K. is a German-based company specializing in the design, sales, and installation of photovoltaic systems and energy storage solutions. Established in 1990, the company positions itself as a premium provider with a strong commitment to sustainability, quality, and customer satisfaction. Their market focus includes residential and commercial clients seeking renewable energy solutions. The website reflects a mature digital presence built on WordPress with modern technologies such as Bootstrap and Matomo analytics, indicating a good level of digital maturity. Security posture is solid with HTTPS and no visible critical vulnerabilities, though some advanced security headers and incident response information are missing. Overall, the company demonstrates high business credibility with certifications, strong customer reviews, and clear contact information.

D

Deutscher Hebammenverband (DHV)

hebammenforum.de

59

Hebammenforum.de is the official website of the Hebammenforum magazine, the leading professional publication for midwives in Germany affiliated with the Deutscher Hebammenverband (DHV). The site offers rich content including news, subscription options, job listings, and digital app access, targeting approximately 23,000 DHV members. The business model centers on providing specialized media content and advertising opportunities within the midwifery sector. Technically, the site is built on WordPress with modern plugins and privacy-respecting analytics (Matomo), showing a mature digital infrastructure with good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, though explicit security policies and incident response information are not published.

N

Neuroförbundet

neuro.se

57

Neuroförbundet is a well-established Swedish non-profit organization dedicated to supporting individuals with neurological diagnoses. Founded in 1995, it operates nationally with a focus on membership services, advocacy, and providing information and support to its target audience. The website reflects a professional and consistent brand presence, targeting primarily Swedish-speaking users with some English language support. The organization leverages modern digital tools such as Umbraco CMS, Matomo analytics, and Cookiebot for consent management, indicating a mature technical infrastructure. The website's technical infrastructure is solid, with HTTPS enforced and a moderate performance profile. The use of Umbraco CMS and integration with third-party services like Hotjar and Cookiebot demonstrates a commitment to user experience and privacy compliance. Mobile optimization and accessibility are rated good, supporting a broad user base. From a security perspective, the site employs best practices such as anti-CSRF cookies and cookie consent mechanisms. However, there is room for improvement in DNS security (DNSSEC is not enabled) and the implementation of comprehensive security headers. No critical vulnerabilities or exposed sensitive data were detected. The absence of explicit security policies or incident response contacts suggests an opportunity to enhance transparency and preparedness. Overall, Neuroförbundet's website presents a trustworthy and professional digital presence with strong privacy compliance and a good security posture. Strategic improvements in security headers, DNS security, and published security policies would further strengthen its risk profile and user trust.

E

Enasis

enasis.fr

42

Enasis.fr is a specialized educational platform serving the fire and rescue services sector in France. It provides a Moodle-based learning environment with training resources and consortium collaboration tools. The platform targets professionals and organizations within emergency services, positioning itself as a niche government or public sector educational service. The website is well-branded, consistent, and offers multilingual support with a focus on French and English. Technically, it leverages mature open-source technologies such as Moodle, YUI, and jQuery, hosted on OVH infrastructure, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and privacy-conscious analytics via Matomo, though it lacks explicit security headers and published security policies. Privacy compliance is supported by visible cookie consent and GDPR-aligned privacy policies. Overall, the site is professional, trustworthy, and safe for general audiences.

F

Fondation Entreprendre

fondation-entreprendre.org

60

Fondation Entreprendre is a French non-profit foundation recognized as a public utility, dedicated to promoting entrepreneurship as a lever for social emancipation and inclusion. The foundation supports a network of associations and philanthropic partners to foster an entrepreneurial ecosystem focused on equality of opportunity and sustainable societal impact. Key services include research and innovation programs (Le Lab), collective innovation initiatives (La Réponse Collective), and strategic development support (L'Accélérateur). The foundation maintains a strong presence in the French social entrepreneurship sector with reputable partnerships and transparent financial reporting. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and uses privacy-respecting analytics via Matomo. It implements cookie consent management through Tarteaucitron.js and maintains good mobile optimization and accessibility standards. The site is served over HTTPS with no detected blocking or WAF interference, indicating a mature digital infrastructure. From a security perspective, the site enforces HTTPS and cookie consent but lacks explicit security headers and published incident response or vulnerability disclosure policies. No exposed sensitive data or vulnerabilities were detected. WHOIS data is unavailable due to privacy protection, which is typical for non-profit organizations and does not detract from the site's legitimacy. Overall, Fondation Entreprendre presents a professional, trustworthy, and privacy-conscious online presence aligned with its mission. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining regular audits of third-party scripts to further strengthen security posture.

W

WEBPHORMAT Internetagentur

webphormat.de

44

WEBPHORMAT Internetagentur is a small, established internet agency based in Germany, specializing in TYPO3 CMS programming, WordPress, and Shopware online shops. With over 20 years of experience and more than 200 successful projects, the company serves businesses and advertising agencies primarily in the Saarland and Rheinland-Pfalz regions. Their service offerings include consulting, web design, development, hosting, maintenance, and SEO optimization. The website reflects a professional and consistent brand image with clear contact information and a portfolio of references. Technically, the website is built on TYPO3 CMS with Bootstrap and uses modern web technologies including FontAwesome and Google Fonts. Hosting is provided by SchlundTech, and the site employs Matomo analytics for privacy-conscious user tracking. The site is mobile optimized, accessible, and SEO friendly, with a moderate performance profile. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks explicit security headers and does not provide visible security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is good but could be improved with additional headers and documented policies. The overall risk assessment is low, with no signs of malicious activity or content safety concerns. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

K

Koch Haustechnik GmbH

koch-schmelz-dbg.de

58

Koch Haustechnik GmbH, represented on the die-badgestalter.de platform, is a specialized service provider in bathroom and heating solutions located in Schmelz, Germany. The company offers personalized bathroom design, complete project management, fixed pricing, and deadline guarantees, targeting homeowners and property developers seeking high-quality bathroom and heating services. The website is part of the SHK eG cooperative network, indicating a regional market presence with trusted affiliations. Technically, the website is built on TYPO3 CMS, uses Matomo for analytics with GDPR-compliant cookie consent, and integrates Google Maps for location services. The site is well-structured, mobile-optimized, and professionally designed, reflecting good digital maturity. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though it lacks explicit security policies or incident response contacts. Overall, the site is trustworthy, compliant, and serves its business purpose effectively.

K

Kantonales Gesundheitszentrum Appenzell

gzai.ch

49

The Kantonales Gesundheitszentrum Appenzell is a public healthcare institution providing comprehensive health and elderly care services to the population of Appenzell Innerrhoden, Switzerland. The website clearly communicates its role as a central health center offering ambulatory care, short-term and transitional care, and specialized services such as telemedicine emergency practice (MEAS). The institution targets local residents and patients requiring various levels of healthcare and support. The business model is focused on delivering reliable, community-centered healthcare services with a strong local presence. Technically, the website employs modern web technologies including JavaScript, asynchronous loading of analytics scripts (Matomo, Facebook Pixel, LinkedIn Insight Tag), and Google Maps API integration. The CMS used is Pimcore, indicating a professional content management approach. The site is mobile-optimized with good navigation and SEO practices, although accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS with excellent SSL configuration, but lacks visible security headers such as Content-Security-Policy or X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial; a comprehensive privacy policy is available, but no cookie consent mechanism or terms of service page was found. Incident response and vulnerability disclosure information are absent, suggesting areas for improvement. Overall, the website is trustworthy, professional, and well-aligned with the business it represents. The domain registration data supports legitimacy and consistency with the healthcare sector. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing security and incident response policies to strengthen compliance and trust.

S

Stadtwerke Ahlen

baedergesellschaft-ahlen.de

56

The website represents Bädergesellschaft Ahlen, a municipal company under Stadtwerke Ahlen, providing public swimming pools, sauna, and related leisure services in Ahlen, Germany. It targets local residents and visitors seeking recreational bathing and sauna experiences. The business operates with a clear local focus and offers key services including Parkbad, Parksauna, Freibad, and an online shop. The website is professionally designed with consistent branding and good content quality, supporting a positive user experience. Technically, the site is built on the Neos CMS platform using PHP and JavaScript frameworks, including Flow and Bot Framework Webchat. It integrates Matomo analytics for privacy-conscious visitor tracking and employs a cookie consent mechanism compliant with GDPR. Hosting appears stable with legitimate nameservers. The site is mobile optimized and accessible, with good SEO practices. From a security perspective, the site uses HTTPS and has implemented cookie consent, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or suspicious content were detected. WHOIS data aligns well with the business claims, showing a consistent and legitimate registration. Overall, the website demonstrates a solid digital presence with good privacy compliance and business credibility. Strategic improvements could include enhancing security headers and publishing a vulnerability disclosure policy to further strengthen trust and security posture.

V

VOIS

vois.org

10

VOIS is a German software provider specializing in modular solutions for municipal administration, focusing on integrating various specialized procedures into a unified platform. Their software targets a wide range of municipalities, from small villages to large data centers, aiming to improve citizen services and administrative efficiency. The website is professionally designed, primarily in German, and demonstrates a clear focus on government and public sector clients. Technically, the website is built on WordPress using the Elementor page builder, incorporating modern JavaScript libraries such as jQuery and Swiper.js. It employs Matomo analytics with a cookie consent mechanism, reflecting a privacy-conscious approach. The site is mobile-optimized and shows good SEO and accessibility practices, though some security headers are missing. From a security perspective, the site uses HTTPS with a good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in transparency and security maturity. Overall, the domain WHOIS data is unavailable or privacy-protected, which is common for this business type but limits registration transparency. The website content and structure indicate a legitimate and professional operation with a moderate to good security posture. Strategic recommendations include enhancing security headers, publishing security and privacy policies, and improving contact transparency to strengthen trust and compliance.

K

Koch Haustechnik GmbH

koch-schmelz.de

43

Koch Haustechnik GmbH is a well-established small business specializing in heating, sanitary, and bathroom planning services based in Schmelz, Saarland, Germany. Founded in 1976, the company offers a broad range of heating technologies including heat pumps, pellet heating, oil and gas heating, and solar technology, alongside comprehensive bathroom design and implementation services. The website reflects a professional and regionally focused business with clear contact channels and a customer-oriented approach. Technically, the site is built on TYPO3 CMS with modern frameworks like Bootstrap and uses Matomo for analytics, indicating a moderate level of digital maturity. Security posture is adequate but could be improved by implementing security headers and explicit privacy compliance mechanisms. Overall, the site is trustworthy, well-branded, and provides a good user experience with clear navigation and relevant content.

D

DIE BADGESTALTER LS & H e.K.

luna-obertshausen-dbg.de

10

DIE BADGESTALTER LS & H e.K. is a specialized service provider in bathroom renovation and design based in Obertshausen, Germany. The company offers personalized consultation and comprehensive project management from planning to completion, emphasizing individual customer needs, fixed pricing, and guaranteed deadlines. It operates as part of a larger network of over 130 affiliated specialist companies across Germany and Austria, positioning itself as a trusted brand in the bathroom renovation sector. The website reflects a professional and customer-focused approach with clear contact details and positive customer reviews certified by Meinungsmeister.

A

Appelhoff GmbH & Co. KG

appelhoff-unna-dbg.de

10

Appelhoff GmbH & Co. KG, operating under the DIE BADGESTALTER brand, is a specialized service provider in bathroom renovation and heating system installation based in Holzwickede, Germany. The company offers comprehensive services including planning, execution, and coordination with a focus on individual customer needs, fixed pricing, and guaranteed deadlines. As part of a larger network of over 130 specialized firms, it holds a strong regional market position with a professional and customer-centric approach. Technically, the website is built on the Marcapo Websitemanager CMS, employs modern web technologies, and integrates privacy-conscious analytics (Matomo) and user consent mechanisms. Security posture is solid with HTTPS and cookie consent but lacks explicit security policy documentation and security headers. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

V

Voigt GmbH

voigt-sanitaer.de

10

Voigt GmbH, operating under the brand DIE BADGESTALTER in Geesthacht, Germany, specializes in personalized bathroom renovations and heating system installations. The company emphasizes comprehensive customer service from initial consultation through project completion, offering fixed pricing and guaranteed deadlines. As part of a larger network of over 130 specialized firms under SHK eG, Voigt GmbH benefits from strong brand recognition and a broad partnership ecosystem. The website targets private customers seeking tailored bathroom and heating solutions, positioning itself as a trusted regional expert with a focus on quality and customer satisfaction. Technically, the website is built on the Marcapo Websitemanager CMS, employs Matomo for privacy-conscious analytics, and integrates third-party content such as Google Maps and YouTube videos with explicit user consent mechanisms. The site is mobile-optimized and well-structured, providing a good user experience and clear navigation. Security-wise, the site uses HTTPS and cookie consent but lacks explicit security headers and published incident response policies, indicating room for improvement in security transparency and hardening. Overall, the website and business present a credible, professional image with strong privacy compliance and moderate technical sophistication.

P

Pruns & Harms GmbH

pruns-harms.de

10

Pruns & Harms GmbH operates as a specialized service provider in bathroom renovation and heating system installation, offering comprehensive project management from planning to execution. The company is part of the larger SHK eG network, which enhances its market presence and credibility. Their website reflects a professional and customer-focused approach with clear communication of services, guarantees, and contact options. Technically, the site uses modern web technologies including Matomo for privacy-conscious analytics and provides a cookie consent mechanism aligned with GDPR requirements. Security posture is solid with HTTPS and anonymized analytics, though some security headers could be improved. Overall, the site is well-structured, accessible, and trustworthy, supporting the company's business goals effectively.

B

Bernd Himmels GmbH

himmels-heinsberg-dbg.de

10

Bernd Himmels GmbH operates as a specialist in bathroom renovation and heating system installation, providing comprehensive services from initial consultation to project completion. The company is part of the larger DIE BADGESTALTER brand network, which includes over 130 specialized firms across Germany and Austria, positioning it as a trusted local expert in Heinsberg. The website reflects a strong focus on personalized customer service, fixed pricing, and guaranteed deadlines, catering primarily to private and commercial customers seeking tailored bathroom and heating solutions. Technically, the website employs modern web technologies including Matomo analytics with privacy-conscious IP anonymization, Google Maps integration, and embedded YouTube videos, all managed via the Marcapo Websitemanager CMS. The site is mobile-optimized, accessible, and SEO-friendly, with a clear cookie consent mechanism and comprehensive privacy policy, indicating good compliance with GDPR requirements. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though additional security headers and explicit security policies could enhance protection. Overall, the site presents a professional, trustworthy, and user-friendly digital presence aligned with the company's business objectives.

E

Ed. Züblin AG

zueblin-tunnelling.com

65

Ed. Züblin AG is a leading German construction and engineering company specializing in high and civil engineering projects, including tunnel construction, bridge building, and infrastructure development. The company positions itself as the number one in the German market, offering a broad range of services from turnkey construction to sustainable building solutions. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to expert and professional audiences. Technically, the site leverages modern JavaScript libraries, Bootstrap framework, and is hosted on AWS infrastructure, indicating a robust and scalable platform. Security-wise, the website enforces HTTPS, employs cookie consent mechanisms compliant with GDPR, and uses Matomo for analytics, demonstrating a good security posture. However, there is room for improvement in implementing additional security headers and publishing explicit security policies. Overall, the site is trustworthy, compliant, and well-maintained, supporting the company's enterprise-level stature.

Praktikum FLSL operates a regional internship platform focused on connecting students, school pupils, and volunteers with companies in the Flensburg and Schleswig-Flensburg area. The website offers a broad range of internship opportunities including voluntary social, ecological, cultural years, and federal volunteer service. It serves both internship seekers and companies looking to post offers, positioning itself as a key regional educational resource. The platform is supported by local economic development organizations and cooperates with related internship initiatives, enhancing its market presence. Technically, the website is built on the Contao Open Source CMS, leveraging modern web technologies such as jQuery, Foundation framework, and FontAwesome for UI elements. It employs Matomo Analytics with privacy-conscious settings like Do Not Track enabled. The site is mobile optimized and demonstrates good SEO practices, although some accessibility features could be improved. Hosting appears stable with multiple nameservers, indicating reliable infrastructure. From a security perspective, the site uses HTTPS with excellent SSL configuration and implements a cookie consent mechanism compliant with GDPR. However, explicit security headers are not detected, and no published security or incident response policies are found. No vulnerabilities or exposed sensitive data were identified. Privacy compliance is strong, with clear privacy and cookie policies. Overall, the website is professional, trustworthy, and safe for general audiences. It effectively serves its educational mission with good content quality and user experience. Strategic improvements in security headers, incident response transparency, and contact information visibility would enhance its security posture and business credibility.

S

Střední odborná škola Říčany s.r.o.

sosricany.cz

41

Střední odborná škola Říčany s.r.o. is a small, family-character educational institution in the Czech Republic focused on vocational secondary education. The school emphasizes close cooperation with parents and practical training workplaces, offering various specialized programs including culinary arts, food technology, and a new economic lyceum program integrating AI and project work. The website is professionally designed with good navigation and mobile responsiveness, leveraging modern JavaScript libraries and privacy-conscious analytics (Matomo). Security posture is solid with HTTPS and reCAPTCHA, though improvements in security headers and incident response transparency are recommended. The absence of WHOIS data reduces domain trust but the website content and contact information are consistent with a legitimate educational entity.

E

Ed. Züblin AG

strabag-teamconcept.com

61

Ed. Züblin AG operates the TEAMCONCEPT® platform, a pioneering construction partnering model in Germany with over 25 years of experience. The company focuses on holistic project planning, digital innovation, transparency, trust, and sustainability to deliver efficient construction projects. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting construction industry stakeholders. Technically, the site uses modern JavaScript libraries, privacy-conscious analytics (Matomo), and a robust cookie consent mechanism (OneTrust), hosted on AWS infrastructure. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the domain and website content are consistent with the business claims, indicating a trustworthy and professional online presence.

F

Forschungszentrum Inklusive Bildung (FZIB)

fzib.at

10

The Forschungszentrum Inklusive Bildung (FZIB) is a collaborative research center affiliated with Universität Graz, Pädagogische Hochschule Steiermark, and Private Pädagogische Hochschule Augustinum. It focuses on research in inclusive education and digitalization, supporting scientific youth and practical applications through its Digital Lab for Inclusion. The website reflects a well-established academic entity with a clear mission and target audience in education and research sectors. Technically, the site is built on TYPO3 CMS with Angular components, uses modern web standards, and integrates analytics tools like Matomo and Google Analytics with privacy considerations such as IP anonymization and cookie consent. Security posture is strong with HTTPS and no visible vulnerabilities, though formal security policies and incident response contacts are absent. Overall, the site is professional, trustworthy, and compliant with GDPR, serving its academic and public audience effectively.

Č

České priority

pank.cz

46

PANK is a specialized research and advisory project operated by the Czech non-profit organization České priority, focusing on enhancing knowledge work and informed decision-making within Czech public administration. The website serves as a resource hub offering guides, case studies, and recommendations tailored for teams in government organizations. The project is supported by the Technological Agency of the Czech Republic, indicating credible backing and alignment with national research priorities. Technically, the website is built using modern frameworks such as Quarto and Bootstrap, with privacy-conscious analytics via Matomo configured to respect DoNotTrack and disable cookies. The site is well-structured, mobile-optimized, and provides a professional user experience with clear navigation and relevant content. Security posture is good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data, though explicit security headers and formal policies like privacy and cookie policies are missing, representing areas for improvement. Overall, the domain registration data is consistent with the website's purpose and origin, supporting legitimacy and trustworthiness.

S

Service-Bund GmbH & Co. KG

servicebund.de

58

Service-Bund GmbH & Co. KG is a well-established family-owned group founded in 1973, specializing in wholesale food and non-food products for professional kitchens, including gastronomy, hotels, and large-scale catering. The company operates through a consortium of regional subsidiaries across Germany and Austria, providing tailored delivery services and an online webshop. Their market position is strong within the hospitality sector, emphasizing quality, regional partnerships, and flexible service. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, with modern JavaScript and Matomo analytics integration. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies could be improved. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the website is professional, trustworthy, and business-focused, with clear contact information and comprehensive structured data.

INVOICEX is a well-established Italian software company specializing in invoicing, warehouse management, and internal accounting solutions tailored for small and medium enterprises, freelancers, and artisans. The company, TNX s.r.l., has over 20 years of experience and a strong client base exceeding 10,000 active users annually. Their product offers multi-platform compatibility and a free version with upgrade options, supported by professional technical assistance and continuous updates. The website reflects a mature digital presence with comprehensive content and clear business positioning. Technically, the website employs modern JavaScript libraries such as jQuery and Bootstrap, integrates multiple analytics and tracking tools including Google Analytics, Matomo, and Facebook Pixel, and uses HTTPS with good SSL configuration. The site is mobile-optimized and features a cookie consent mechanism compliant with GDPR. However, some security headers like Content-Security-Policy and X-Frame-Options are not detected, representing an area for improvement. From a security perspective, the site demonstrates good practices such as secure login forms and data backup options but lacks explicit security policy documentation and incident response contacts. No vulnerabilities or exposed sensitive data were found in the HTML content. The domain registration data is consistent with the business claims, enhancing trustworthiness. Overall, the website scores well in content quality, technical implementation, privacy compliance, and business credibility, with moderate security posture. Strategic recommendations include enhancing HTTP security headers, publishing security policies, and improving accessibility features to further strengthen the site's security and compliance posture.

E

Extellio

extellio.com

72

Extellio is a technology company offering a comprehensive, GDPR-compliant web analytics platform designed for web teams, marketers, and UX professionals. Their platform integrates analytics, surveys, heatmaps, and session recordings to provide actionable user insights. The website is professionally designed, mobile-optimized, and built on HubSpot CMS with Matomo analytics integration, reflecting a modern digital infrastructure. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security headers and incident response contacts are absent. The lack of WHOIS data introduces some uncertainty about domain legitimacy, but the overall professional presentation and compliance focus mitigate this risk. Strategic recommendations include enhancing security headers, publishing a security.txt file, and providing clearer contact information to improve trust and compliance.

R

Region Skåne

skane.se

54

Region Skåne operates as the regional government authority responsible for healthcare, regional development, culture, and political governance in the Skåne region of Sweden. The website serves as a comprehensive portal providing information and services related to health care, job opportunities, education, politics, and regional initiatives. It targets residents, healthcare professionals, and stakeholders within the region. The business model is that of a public sector entity delivering essential services to the community.

D

Diakonisches Werk evangelischer Kirchen in Niedersachsen e.V.

diakonie-nds.de

52

Diakonie in Niedersachsen is a well-established non-profit welfare association operating as the regional branch of the Diakonie in Lower Saxony, Germany. The organization focuses on providing social support services, advocacy, and assistance to individuals in need, including specialized services such as support for victims of sexualized violence and coordination of various social welfare federations. The website reflects a professional and consistent brand presence, targeting both members and the general public seeking social services or career opportunities within the organization. The content is comprehensive and relevant, with clear navigation and mobile optimization.

A

a.b.media.gmbh Webdesign Hameln Shopsysteme

abmedia-online.de

9

a.b.media.gmbh is a small technology service provider specializing in web design, CMS, software development, app development, and time tracking solutions primarily targeting businesses in the Hameln and Berlin regions of Germany. The company positions itself as a niche provider with specialized products such as Benchmark Shopsystem and Workinapp for time tracking in the service and craft sectors. The website demonstrates good technical maturity with modern frameworks like Bootstrap and uses Matomo for analytics, indicating a moderate level of digital sophistication. However, the absence of explicit privacy and cookie policies and lack of visible security headers suggest room for improvement in compliance and security posture. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.