Security Directory

H

Helmholtz KLIMA

helmholtz-klima.de

58

Helmholtz KLIMA operates as a Helmholtz-wide dialogue platform focused on climate-relevant research, bridging the Helmholtz community and political stakeholders. The platform provides expert networks, climate knowledge dissemination, and organizes events to foster dialogue on climate issues. It holds a recognized position within the German climate research ecosystem and targets policymakers, researchers, and the interested public. Technically, the website is built on Drupal 10, employs Matomo Analytics with privacy-conscious settings, and uses modern web technologies for performance and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security headers and published security policies. Overall, the site is professional, trustworthy, and compliant with GDPR, with clear contact information and active social media presence.

K

Katholische Jungschar Österreichs

jungschar.at

55

Katholische Jungschar Österreichs is a well-established non-profit organization affiliated with the Catholic Church in Austria, focusing on child and youth engagement through various programs such as youth groups, altar serving, holiday camps, and children's liturgy. The website reflects a strong community orientation with comprehensive content and clear navigation, targeting children, families, and church members. Technically, the site is built on TYPO3 CMS and integrates modern analytics and privacy tools, demonstrating digital maturity. Security posture is good with HTTPS enforced and privacy compliance evident through cookie consent mechanisms. However, the absence of visible WHOIS data limits domain trust analysis. Overall, the site presents a professional, trustworthy, and user-friendly platform for its audience.

W

Welthaus Österreich

welthaus.at

51

Welthaus Österreich is a non-profit consortium of seven Catholic development organizations operating across multiple Austrian regions. The website serves as an educational platform offering workshops, materials, and guest encounters focused on global justice and development policy. It targets educators, activists, and the general public interested in development issues. The organization is small-sized, founded in 2017, and maintains a consistent brand presence across its regional partners. Technically, the site is built on WordPress with modern plugins like Yoast SEO and Matomo analytics, ensuring good SEO and moderate performance. Mobile optimization and accessibility are adequate but could be improved. Security posture is solid with HTTPS and cookie consent implemented, though lacks explicit security policies and incident response information. Overall, the site is trustworthy, professional, and compliant with basic privacy standards, though it could enhance transparency and security documentation.

U

Universitätsklinikum Leipzig AöR

uniklinikum-leipzig.de

56

Universitätsklinikum Leipzig is a large, reputable university hospital in Germany providing comprehensive healthcare services, medical education, and research. The website serves multiple audiences including patients, students, and medical professionals, offering detailed information on clinical services, education programs, and research initiatives. The institution holds recognized certifications such as the lung cancer center certification, reinforcing its medical excellence. Technically, the website is built on Microsoft SharePoint with Bootstrap and jQuery, ensuring responsive design and moderate performance. Analytics are handled via Matomo with privacy-conscious settings disabling cookies. Security posture is strong with HTTPS enforced and secure form handling, though some security headers and explicit incident response policies are absent. Overall, the site is professional, trustworthy, and well-aligned with its institutional mission.

N

nd - Journalismus von links

nd-aktuell.de

49

nd-aktuell.de is a German left-wing news media website operated under a cooperative funding model. It provides political, cultural, and social news, podcasts, and newsletters targeting left-leaning audiences in Germany. The site is professionally designed, content-rich, and offers multiple subscription and donation options to sustain its operations. Technically, the site uses a custom CMS (KONTEXT-CMS by WARENFORM), integrates modern JavaScript libraries, and employs a consent management platform to comply with GDPR. Hosting is provided by SINMA, and analytics are handled via privacy-respecting Matomo. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. No explicit security policies or incident response contacts are published. WHOIS data is minimal but consistent with the CMS and hosting providers, indicating legitimacy. Overall, the site is trustworthy, well-maintained, and compliant with privacy regulations.

L

Leibniz-Institut für ökologische Raumentwicklung e. V.

ioer.info

54

The Leibniz-Institut für ökologische Raumentwicklung e. V. is a reputable German research institute specializing in ecological spatial development and urban planning. It operates under the Leibniz Association and is publicly funded by federal and state governments. The website reflects a mature digital presence with comprehensive content targeting researchers, policymakers, and urban development professionals. The institute offers research programs, data services, publications, and knowledge transfer activities. Technically, the site is built on TYPO3 CMS with modern frontend frameworks and privacy-conscious analytics (Matomo). Security posture is solid with HTTPS and privacy-respecting analytics configurations, though improvements are recommended in cookie consent and security policy disclosures. Overall, the site is professional, trustworthy, and well-aligned with its institutional mission.

L

Leibniz-Institut für ökologische Raumentwicklung e. V.

ioer-isbe.de

49

The website ioer-isbe.de represents the Leibniz-Institut für ökologische Raumentwicklung e. V., a German research institute focused on ecological spatial development. The site provides an information system centered on the built environment, emphasizing sustainability, resource management, and risk assessment related to natural hazards. It targets researchers, urban and regional planners, and industry stakeholders by offering data, publications, and tools related to building materials and environmental risks. Technically, the site is built on TYPO3 CMS with modern frontend frameworks like Bootstrap and jQuery, and uses Matomo analytics configured for privacy. Security posture is good with HTTPS and privacy-respecting analytics, but lacks some security headers and explicit incident response information. The site is accessible without WAF or blocking mechanisms and shows consistent branding and professional content.

L

Landesvertretung Brandenburg

landesvertretung-brandenburg.de

41

The Landesvertretung Brandenburg website serves as the official federal representation of the state of Brandenburg in Berlin. It functions as a governmental portal providing information about the state's interests at the federal level, including news, events, and political activities. The site targets politicians, citizens of Brandenburg, and stakeholders interested in regional federal affairs. The business model is public administration with a focus on political representation and communication. Technically, the website is built on WordPress using the Avada theme and several plugins such as Contact Form 7 and The Events Calendar. It is hosted on servers associated with kasserver.com and employs Matomo analytics for user tracking with privacy considerations. The site is mobile-optimized and demonstrates good SEO practices. From a security perspective, the site uses HTTPS and implements CAPTCHA on forms to prevent spam. However, explicit security headers are not detected, and there is no visible security policy or incident response contact information. No critical vulnerabilities or suspicious elements were found, but improvements in security headers and transparency are recommended. Overall, the website is professional, trustworthy, and compliant with GDPR regulations, with a good balance of content quality and technical implementation. The risk level is low, but enhancing security policies and disclosures would further strengthen its posture.

I

Improve Digital

improvedigital.com

64

Improve Digital is a well-established advertising technology company founded in 2007, offering a proprietary platform that automates the purchase and sale of digital advertising. Positioned as a medium-sized player within the technology and media sectors, it serves both media buyers and sellers with products such as Marketplace, Origin, and Extend. The company is part of the Azerion group, enhancing its market credibility and reach. The website reflects a professional digital presence with clear segmentation for its target audiences and comprehensive business descriptions. Technically, the site is built on WordPress with modern SEO and analytics tools like Yoast SEO and Matomo, hosted on AWS infrastructure. Mobile optimization and accessibility are adequately addressed, providing a good user experience. Security-wise, the site enforces HTTPS, uses cookie consent mechanisms, and maintains domain transfer protections, though it lacks published security policies or incident response contacts. Overall, the website is trustworthy, compliant with GDPR, and free from suspicious content or vulnerabilities, making it a reliable digital asset for the company.

K

Kinowerkstatt St. Ingbert

kinowerkstatt.de

57

Kinowerkstatt St. Ingbert is a small, non-commercial cultural cinema located in Saarland, Germany, focusing on showcasing culturally and historically significant films. Supported by public funding and local partners, it offers both in-person screenings and online viewing options. The website reflects a well-structured and professionally presented platform with clear navigation and relevant content for its target audience. Technically, the site uses modern web technologies such as Bootstrap and jQuery, and employs Matomo for privacy-conscious analytics. However, some security best practices like security headers and cookie consent mechanisms are missing, which could be improved to enhance compliance and security posture. Overall, the domain registration and website content are consistent and trustworthy, indicating a legitimate cultural institution.

Z

Zweckverband Elektronische Verwaltung im Saarland

ego-saar.de

52

Zweckverband Elektronische Verwaltung im Saarland (eGo Saar) is a government entity focused on supporting and modernizing digital administration for municipal governments and associations in the Saarland region of Germany. The organization acts as a service provider and consultant, offering secure infrastructure, shared specialized procedures, and digital services to streamline administrative workflows. Their market position is that of a regional competence center for digital transformation in public administration, targeting local government bodies and public sector organizations. Technically, the website is built on the Umbraco CMS platform, utilizing modern web technologies such as jQuery, Slider Revolution, and Font Awesome. The site is mobile-optimized with a professional design and clear navigation. Analytics are handled via Matomo, reflecting a privacy-conscious approach. However, the site lacks a cookie consent mechanism and visible security headers, which are areas for improvement. From a security perspective, the site enforces HTTPS and does not expose sensitive data in the HTML content. The presence of a dedicated information security page indicates awareness of security policies, though incident response contact details and vulnerability disclosure mechanisms are absent. The WHOIS data aligns well with the website's regional and organizational claims, supporting legitimacy. Overall, the website presents a trustworthy and professional digital presence for a government service provider. Strategic recommendations include implementing cookie consent, enhancing security headers, publishing incident response contacts, and improving accessibility features to further strengthen compliance and security posture.

W

Welthaus der Diözese Linz und Dreikönigsaktion der Katholischen Jungschar

epolmedia.at

48

The website epolmedia.at is a non-profit educational media library operated by Welthaus der Diözese Linz and Dreikönigsaktion der Katholischen Jungschar, focused on providing development policy and global learning materials. It serves educators, students, and development workers primarily in Austria. The site offers online catalog search, media lending, and registration services, cooperating with the Diözese Linz media lending service for film access. Technically, the site is built on Drupal 10 with modern libraries and uses Matomo analytics with privacy-conscious settings. Security posture is good with HTTPS and cookie consent implemented, though some security headers and policies are missing. WHOIS data is unavailable due to privacy protection but the site content and partner references indicate legitimacy. Overall, the site is professional, trustworthy, and well-suited for its educational mission.

H

Helmholtz-Zentrum für Infektionsforschung (HZI)

helmholtz-hzi.de

60

The Helmholtz-Zentrum für Infektionsforschung (HZI) is a prominent German research institution specializing in infection biology and related scientific fields. Affiliated with the Helmholtz Association, it operates multiple locations across Germany and focuses on understanding infectious diseases and their defense mechanisms. The website serves as a comprehensive portal for scientific publications, career opportunities, public events, and knowledge transfer initiatives, targeting researchers, students, and healthcare professionals. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries such as Masonry and Leaflet for layout and mapping functionalities. It employs Matomo for analytics, indicating a privacy-conscious approach. The site is well-optimized for mobile devices, accessible, and SEO-friendly, with structured data and Open Graph metadata enhancing discoverability. From a security perspective, the site enforces HTTPS and uses secure forms but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with no visible privacy or cookie policies or consent mechanisms, which could be improved to meet GDPR standards fully. Overall, the website reflects a high level of professionalism, trustworthiness, and technical maturity, suitable for a large research institution. Strategic improvements in privacy disclosures and security transparency would further enhance its compliance and user trust.

H

Helmholtz Association

hifis.net

67

HIFIS (Helmholtz Federated IT Services) is a specialized IT service provider focused on delivering digital infrastructure and software services to the Helmholtz Association, a major German research organization. The website presents a professional and comprehensive overview of their offerings including cloud services, identity management, software consulting, and training. The target audience primarily includes scientists, software engineers, cloud service providers, and IT support experts within the Helmholtz ecosystem. The organization is well positioned as a key facilitator of research IT services within Germany's scientific community. Technically, the website is built with modern web standards including HTML5, CSS3, and JavaScript, leveraging libraries such as FontAwesome and Modernizr for enhanced UI/UX. Hosting is provided by DESY, a reputable Helmholtz research center, ensuring reliable infrastructure. The site is mobile optimized, fast loading, and accessible, with good SEO practices. Analytics are implemented via Matomo with cookies disabled, reflecting a privacy-conscious approach. From a security perspective, the site uses HTTPS and shows no signs of exposed sensitive data or vulnerabilities. However, it lacks visible security headers and a cookie consent mechanism, which are recommended for GDPR compliance and enhanced security. There is no published security policy or incident response information, which could be improved to strengthen trust and preparedness. Overall, the website is trustworthy, professional, and well-aligned with its institutional backing. The domain registration data corroborates the legitimacy and consistency of the service. Strategic improvements in privacy compliance and security transparency would further enhance the site's security posture and user trust.

F

Falling Walls Foundation

falling-walls.com

62

The Falling Walls Foundation is a well-established non-profit organization based in Germany, focused on fostering interdisciplinary communication and innovation in science. It organizes the annual Falling Walls Science Summit, attracting global science leaders, Nobel laureates, and policymakers. The foundation's website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content about its events, partners, and activities. Technically, the site is built on Drupal 10 with modern frameworks and includes privacy-respecting analytics and consent management. Security posture is good with HTTPS and cookie consent, though some security headers could be improved. Overall, the foundation demonstrates strong business credibility and compliance with GDPR. No critical security or content safety issues were detected.

S

Sandstein Kultur

sandstein-kultur.de

51

Sandstein Kultur is a specialized agency and publishing house based in Dresden, Germany, focusing on cultural and art-related publications such as exhibition catalogs and museum catalogs. The company targets cultural institutions, museums, and art enthusiasts, offering both publishing and agency services including campaigns and promotional materials. The website reflects a niche market position within the German cultural media sector, supported by a professional and consistent brand presentation. Technically, the website is built on Craft CMS and uses modern web technologies including SVG graphics and Matomo analytics with cookies disabled, indicating a moderate level of digital maturity and privacy awareness. Hosting is provided by SchlundTech, a reputable German hosting provider. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site enforces HTTPS and uses CSRF tokens for form submissions, but lacks explicit security headers and a published security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is supported by a clear privacy policy and terms of service, though a cookie consent mechanism is missing. Overall, the website is safe, professional, and trustworthy with a good balance of content quality and technical implementation. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance the security posture and compliance further.

E

Europäischer Wettbewerb

europaeischer-wettbewerb.de

49

The Europäischer Wettbewerb website serves as the official platform for a long-standing educational competition in Germany, targeting students and schools nationwide. It is positioned as a reputable and historic institution fostering creativity and European awareness among young participants. The website is built on WordPress using the Divi theme, incorporating standard web technologies and Matomo analytics for user tracking. While the site offers good content quality and user experience, it lacks explicit privacy, cookie, and security policies, which are critical for compliance and trust. Security posture is moderate with no advanced headers or incident response information evident. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security measures.

U

Universität des Saarlandes

uni-saarland.de

64

The Universität des Saarlandes website serves as the official digital presence of a large public university in Germany, offering accredited degree programs, research initiatives, and international academic services. The site targets prospective and current students, alumni, academic staff, and international partners. It provides comprehensive navigation to academic offerings, research profiles, campus life, and international cooperation. Technically, the website is built on TYPO3 CMS, employs Matomo for privacy-conscious analytics, and enforces HTTPS for secure communications. The design is professional, mobile-optimized, and accessible, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and formal privacy and security policies are not evident in the provided content. WHOIS data confirms domain legitimacy and consistency with the university's identity. Overall, the site demonstrates a high level of professionalism and trustworthiness appropriate for an educational institution.

The website represents the official municipal portal for the city of Neu-Ulm, Germany. It provides information about city politics, services, and citizen engagement. The site is powered by TYPO3 CMS and integrates accessibility tools to support users with disabilities, reflecting a commitment to inclusivity. The use of Matomo analytics hosted on their own domain indicates a privacy-conscious approach to user data. However, explicit privacy and cookie policies are not found in the provided content, which is a gap in compliance. The site is well-structured, mobile-optimized, and professionally designed, targeting residents and visitors of Neu-Ulm.

D

Donaubüro Ulm/Neu-Ulm

donaubuero.de

63

Donaubüro Ulm/Neu-Ulm is a non-profit organization established in 2002, acting as a regional cooperation hub for the Danube area, focusing on projects, networking, and cultural events such as the International Donaufest. The website is built on WordPress with the Divi theme and uses modern plugins for multimedia and multilingual support. The technical infrastructure is solid with HTTPS and Cloudflare DNS/CDN, but lacks some security headers and formal privacy and cookie policies. No contact emails or phone numbers are explicitly listed on the main page. The site content is professional, relevant, and well-structured, targeting regional stakeholders and cultural participants.

D

Deutscher Engagementpreis

deutscher-engagementpreis.de

54

The Deutscher Engagementpreis website represents a well-established non-profit award platform dedicated to recognizing outstanding civic engagement in Germany. Supported by reputable partners including the Deutsche Stiftung für Engagement und Ehrenamt and government bodies, it serves as a central hub for nominations, jury decisions, public voting, and award ceremonies. The site targets engaged individuals, initiatives, and the general public interested in volunteerism and social contribution. Technically, the site is built on TYPO3 CMS, employs modern web technologies, and integrates Matomo analytics and Google reCAPTCHA for security and user tracking. Privacy compliance is robust with a comprehensive cookie consent mechanism and a detailed privacy policy. Security posture is strong with HTTPS and secure voting mechanisms, though additional security headers and a formal security policy could enhance trust further. Overall, the site is professional, trustworthy, and well-positioned in its niche.

L

Legacoop Produzione e Servizi

lps.coop

54

Legacoop Produzione e Servizi is an Italian cooperative association representing worker cooperatives across multiple sectors including construction, logistics, manufacturing, and services. Founded in 2022, it serves as an important national body promoting cooperative values and supporting its members through representation, sector-specific initiatives, and participation in European projects. The website reflects a professional and consistent brand presence with active social media engagement and structured content aimed at cooperative stakeholders. The technical infrastructure is based on WordPress with a modern tech stack including popular plugins for SEO, sliders, and analytics. The site is mobile optimized and performs moderately well, with good SEO practices and structured data implementation. Analytics are handled via Matomo and WP Statistics, indicating moderate user tracking. Security posture is adequate with HTTPS enabled and some security plugins in use, but there are areas for improvement such as enabling DNSSEC, adding security headers, and publishing formal security and privacy policies. No WAF or blocking mechanisms were detected, and the WHOIS data is consistent with the business identity, supporting legitimacy. Overall, the website is a credible and professional platform for the cooperative association, but it would benefit from enhanced security policies, privacy documentation, and incident response information to strengthen trust and compliance.

P

Palvelualojen työnantajat PALTA ry

palta.fi

70

Palvelualojen työnantajat PALTA ry is a prominent Finnish employer association representing service sector employers. The organization acts as a key influencer and negotiator in labor market agreements, serving approximately 2600 members and holding a significant position as the second largest member union in the Confederation of Finnish Industries (EK). Their website reflects a professional and well-structured digital presence, offering comprehensive information about their sectors, services, and events, targeting employers and decision-makers in Finland's service industries. The site is bilingual, primarily in Finnish with English alternatives, enhancing accessibility for international visitors. Technically, the website is built on WordPress with modern JavaScript frameworks like React and uses analytics tools such as Matomo and Google Tag Manager. The site employs hCaptcha for bot protection and demonstrates good mobile optimization and accessibility standards. While the site uses HTTPS and some security best practices, explicit security headers and a formal security policy are not evident, indicating room for improvement in security posture. Security-wise, the site shows no signs of vulnerabilities or exposed sensitive data. However, it lacks a published incident response or vulnerability disclosure policy, which could enhance trust and preparedness. Privacy compliance is partially addressed with a privacy and cookie policy present, though no active cookie consent mechanism is detected. Contact information is primarily via contact forms, with no direct emails or phone numbers visible on the main page. Overall, the website is trustworthy, professional, and well-aligned with the organization's business objectives. Strategic recommendations include enhancing security headers, publishing security and vulnerability disclosure policies, implementing cookie consent mechanisms, and providing clearer direct contact channels for security and privacy inquiries.

M

Mairie de Troinex

troinex.ch

55

The website troinex.ch serves as the official digital presence for the commune of Troinex in Switzerland, providing residents and visitors with comprehensive information about municipal services, local news, events, environmental initiatives, and administrative procedures. The site targets local citizens and stakeholders, offering a user-friendly platform to access government resources and community updates. The business model is that of a government entity focused on public service and community engagement. Technically, the website is built on WordPress CMS, utilizing modern web technologies such as Bootstrap for responsive design, Gravity Forms for data collection, and analytics tools including Matomo, Google Analytics, and Facebook Pixel. The site demonstrates good digital maturity with mobile optimization, accessibility features, and SEO best practices, although hosting provider details are not explicitly identified. From a security perspective, the site enforces HTTPS, implements cookie consent mechanisms, and uses nonce tokens in forms to prevent CSRF attacks. However, it lacks explicit security policies, incident response contacts, and advanced security headers, which are recommended for enhanced protection. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, troinex.ch is a trustworthy and professional government website with high content quality and user experience. It complies with GDPR requirements and provides clear contact information. Strategic recommendations include publishing a dedicated security policy, incident response details, and adopting additional security headers to strengthen the security posture further.

F

filmkids+

filmkidsplus.ch

67

filmkids+ is a Swiss-based digital platform dedicated to providing children and youth with access to films, educational content about filmmaking, games, and community interaction features. The platform leverages WordPress with modern plugins and themes to deliver a rich multimedia experience. It positions itself as a niche educational and entertainment service with a focus on fostering creativity and learning in young audiences. Technically, the site uses a solid tech stack including WordPress, Elementor, Smart Slider 3, and Matomo analytics, ensuring a good balance between functionality and privacy. Security posture is adequate with HTTPS and privacy-respecting analytics, though some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, but contact and incident response information are limited. Overall, filmkids+ presents a trustworthy and professional platform with a strong focus on content quality and user engagement for its target audience.

L

LamaPoll

lamapoll.de

62

LamaPoll is a German-based technology company specializing in providing a comprehensive online survey tool designed for businesses, research institutes, public sector entities, as well as students and educational users. The platform emphasizes ease of use, versatility, and strong data protection compliance, including GDPR adherence and certifications such as ISO 27001 and TISAX. With over 10,000 companies using their services, LamaPoll holds a strong market position in Germany's survey software sector. Technically, the website employs a modern yet stable technology stack including jQuery and Matomo analytics configured for privacy. The site is well-optimized for mobile devices and accessibility, with a clean, professional design and clear navigation. Hosting is supported by German-based providers with DNS managed via Google Domains, ensuring reliability and compliance with data residency requirements. From a security perspective, LamaPoll demonstrates a mature security posture with multiple certifications, regular penetration testing, full encryption of data in transit and at rest, and strict hosting policies. The website itself respects user privacy by avoiding tracking cookies and third-party trackers. However, some improvements could be made by adding explicit security headers and a public vulnerability disclosure policy. Overall, LamaPoll presents a trustworthy, professional, and secure online survey platform with strong compliance and privacy practices. The risk level is low, and the company is well-positioned to serve privacy-conscious clients in regulated industries. Strategic recommendations include enhancing transparency around incident response and security disclosures to further build trust.

Y

Yiannis Girod Informatique

ygi.ch

55

Yiannis Girod Informatique is a small, Geneva-based individual IT business with 25 years of experience specializing in IT training and WordPress website creation and maintenance. The company positions itself as a local expert and official partner of Infomaniak, targeting individuals, groups, and businesses seeking WordPress-related services and training. The website is professionally designed with clear navigation, good mobile optimization, and relevant content focused on WordPress and IT education. Technically, the site runs on WordPress CMS with modern plugins including Matomo for analytics and Complianz for GDPR cookie consent, hosted likely via Infomaniak. Security posture is strong with HTTPS enforced, consent-based tracking, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies in French, including user consent management. However, no explicit terms of service or security policy pages were found, and no direct contact emails or phone numbers are listed, only a contact form. Overall, the site is trustworthy, compliant, and professionally maintained, suitable for its niche market.

S

Steiermärkische Krankenanstaltengesellschaft m.b.H.

krankenhaushygiene.at

76

The Institut für Krankenhaushygiene und Mikrobiologie (IKM) operates as a specialized healthcare institute under the Steiermärkische Krankenanstaltengesellschaft m.b.H., focusing on hospital hygiene and microbiology services. It serves healthcare professionals, partners, and patients primarily in Austria, offering laboratory analyses, professional guidelines, and career opportunities. The website reflects a solid market position within the regional healthcare sector, emphasizing patient-centered services and clinical relevance. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and integrating privacy-conscious analytics via Matomo. The site is mobile-optimized, well-structured, and provides clear navigation and content relevant to its audience. Cookie consent mechanisms and HTTPS usage demonstrate compliance with privacy regulations. From a security perspective, the site employs HTTPS and cookie consent but lacks explicit security policies or incident response information. No critical vulnerabilities or suspicious elements were detected. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business entity. Overall, the website presents a trustworthy, professional digital presence with good privacy and security practices, suitable for its healthcare audience. Strategic improvements could include publishing security and incident response policies and enhancing security headers to further strengthen its posture.

S

Steiermärkische Krankenanstaltengesellschaft m.b.H.

palliativbetreuung.at

69

The website www.palliativbetreuung.at serves as the official coordination platform for palliative care in the Steiermark region of Austria, operated by the Steiermärkische Krankenanstaltengesellschaft m.b.H. It provides comprehensive information on palliative care services for adults, children, and youth, including support teams, educational opportunities, and contact details. The site targets patients, families, healthcare professionals, and interested parties within the regional healthcare ecosystem. Technically, the site is built on TYPO3 CMS, employs Matomo for privacy-conscious analytics, and integrates a cookie consent mechanism compliant with GDPR. The design is professional, mobile-optimized, and user-friendly, with clear navigation and relevant content. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy policies and cookie management are well implemented, reflecting strong compliance. Overall, the site demonstrates a mature digital presence aligned with its healthcare mission and regional service role.

Z

Zentralverband der deutschen Werbewirtschaft e. V.

zaw.de

61

The Zentralverband der deutschen Werbewirtschaft e. V. (ZAW) is a leading industry association representing the German advertising sector. The organization advocates for balanced political and economic frameworks supporting the advertising industry, publishes market data, and supports self-regulation efforts. The website targets stakeholders in the advertising, media, and political sectors within Germany. Technically, the site is built on WordPress with Yoast SEO, uses Cookiebot for cookie consent, and Matomo for analytics, reflecting a moderate to good digital maturity. Security posture is solid with HTTPS and privacy mechanisms, though lacks explicit security policies and incident response information. Overall, the site is professional, well-branded, and trustworthy, with room for improvement in security transparency and policy disclosures.

B

BNP Paribas

histoire.bnpparibas

69

The website 'Source d'Histoire BNP Paribas' serves as a corporate heritage platform showcasing two centuries of BNP Paribas' archives and history through diverse media such as articles, podcasts, videos, and documents. It targets a general audience interested in the bank's historical narrative and brand legacy. The site is professionally designed, well-branded, and consistent with BNP Paribas' corporate identity, reflecting its position as a major player in the global finance industry. Technically, the site is built on WordPress with modern plugins and frameworks, offering good mobile optimization and SEO practices. Security posture is solid with HTTPS and nonce usage, though some advanced security headers and policies are missing. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. No direct contact emails or phone numbers are publicly listed, but contact forms and social media links provide communication channels. Overall, the site is trustworthy, professional, and well-maintained, supporting BNP Paribas' brand storytelling and heritage preservation.

C

Commune de Laconnex

laconnex.ch

56

The website www.laconnex.ch serves as the official online presence for the Commune de Laconnex, a local government entity in the Canton of Geneva, Switzerland. It provides residents and visitors with practical information, municipal news, political and social updates, local services, and community event agendas. The site targets the local population and stakeholders interested in the commune's administrative and social affairs. The business model is that of a governmental public service platform, focusing on transparency and citizen engagement. Technically, the website is built on the WordPress CMS platform, leveraging popular plugins such as Yoast SEO for search optimization, Events Calendar Pro for event management, and Complianz GDPR for privacy compliance. The site uses modern web technologies including jQuery and Matomo analytics for user tracking. The design is responsive and optimized for mobile devices, with good SEO and accessibility practices, though some accessibility features could be enhanced. From a security perspective, the website enforces HTTPS with good SSL configuration and includes standard security headers. It employs cookie consent mechanisms aligned with GDPR requirements. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure information, which are recommended for improving security posture. Overall, the website is trustworthy, professional, and compliant with privacy regulations. It effectively serves its purpose as a municipal information portal. Strategic recommendations include publishing a dedicated security policy, incident response information, and a vulnerability disclosure program to enhance transparency and security readiness.

A

AT-Rack

at-rack.co.uk

74

AT-Rack Limited is a UK-based specialist in mobile data destruction solutions, focusing on secure on-site hard drive degaussing and destruction services. Founded in 2020, the company targets enterprises across sectors such as data centres, healthcare, government, and financial institutions. Their flagship product, the Mobile Destruction System (MDS), enables organizations to securely erase data onsite, ensuring compliance with data privacy regulations including GDPR. The company positions itself as a trusted provider with a strong emphasis on security, compliance, and customer assurance, supported by multiple client testimonials and a professional online presence. Technically, the website is built on WordPress using the Mesmerize Pro theme, integrated with modern analytics tools like Google Analytics and Matomo, and marketing tools such as Zoho SalesIQ. The site is well-optimized for SEO and mobile devices, with secure HTTPS implementation and CAPTCHA-protected contact forms enhancing security. While explicit security headers are not fully detailed, the overall security posture is strong with no evident vulnerabilities or exposed sensitive data. Security-wise, AT-Rack demonstrates good practices including encrypted communications, secure form handling, and compliance with privacy regulations. However, the absence of a dedicated security policy or incident response page suggests room for improvement in transparency and readiness. The domain registration is consistent with the company's founding date and business claims, reinforcing legitimacy. Overall, AT-Rack presents a credible, professional, and secure digital footprint suitable for its target market. Strategic enhancements in security policy publication and accessibility could further strengthen trust and compliance.

P

Post-SV Tübingen

nikolauslauf-tuebingen.de

45

The website represents the 50th itdesign-Nikolauslauf Tübingen, a local half marathon event organized by Post-SV Tübingen. It targets runners and sports enthusiasts in the Tübingen region, providing event information, registration, and promotional content. The site is well-positioned as a regional sports event organizer with a clear focus on community engagement and event promotion. Technically, the website is built on WordPress using the Enfold theme, enhanced with Yoast SEO for search optimization and Real Cookie Banner Pro for privacy compliance. It integrates multiple third-party services such as Matomo for analytics, Google Maps for location display, and social media embeds from Facebook, Instagram, YouTube, and Spotify, reflecting a mature digital presence. Security-wise, the site enforces HTTPS, employs standard security headers, and implements cookie consent mechanisms, indicating a good security posture. However, it lacks a dedicated security policy or incident response information, which could be improved. Overall, the website is professional, trustworthy, and compliant with GDPR, serving its audience effectively with moderate technical performance and good user experience.

I

Internationaler Bund (IB)

ib.de

68

Internationaler Bund (IB) is a large German non-profit organization focused on social work and education, supporting children, youth, and adults nationwide. Their services span social assistance, vocational training, refugee aid, and international cooperation. The website is professionally designed using TYPO3 CMS, with good mobile optimization and user experience. Technical infrastructure includes reputable hosting with Deutsche Telekom, integration of Matomo analytics respecting user consent, and Cookiebot for cookie management. Security posture is solid with HTTPS and consent-based tracking, though improvements in security headers and explicit security policies are recommended. Overall, the website reflects a trustworthy and established organization with a clear social mission.

D

Dachverband Deutscher Avifaunisten (DDA)

dda-web.de

57

The Dachverband Deutscher Avifaunisten (DDA) is a German non-profit umbrella organization representing regional and state ornithological associations, serving approximately 10,000 field ornithologists and bird watchers. The website provides comprehensive information about bird monitoring activities, data collection, and publications such as bird atlases. The target audience includes ornithologists, environmental researchers, and bird enthusiasts in Germany. The organization positions itself as a leading national entity in the ornithological community. Technically, the website employs modern JavaScript libraries including jQuery, GSAP, and Vue.js components, along with Matomo for analytics and Leaflet for mapping functionalities. Hosting is provided by manitu.net, a reputable German hosting provider. The site is mobile-optimized with good SEO and basic accessibility features, though some improvements could be made in accessibility and performance. From a security perspective, the site enforces HTTPS, uses security headers, and includes CSRF tokens, indicating a solid security posture. Privacy and cookie policies are present and GDPR compliant, with a named data protection officer contact. However, no explicit security policy or vulnerability disclosure mechanisms were found, which could be areas for enhancement. Overall, the website is professional, trustworthy, and well-aligned with its non-profit mission. The risk level is low, with recommendations focusing on enhancing security transparency and accessibility. The domain registration is consistent with the business type, though registrant details are minimal. The site is safe for general audiences with no adult or questionable content.

M

Medizinische Universität Graz

medunigraz.at

57

Medizinische Universität Graz is a prominent medical university in Austria focused on research, education, and patient care. The website reflects a well-established institution with a large community of staff and students engaged in innovative medical research and education. The university positions itself as a leading center for health and well-being in the region. Technically, the website is built on TYPO3 CMS with modern frontend technologies like Bootstrap and jQuery, and uses Matomo for privacy-conscious analytics. The site is well-structured, mobile-optimized, and accessible, with comprehensive content and clear navigation. Security posture is good with HTTPS and privacy-respecting analytics, though some security headers and cookie consent mechanisms could be improved. Overall, the domain registration and WHOIS data align well with the university's identity, indicating legitimacy and trustworthiness.

S

Steiermärkische Krankenanstaltengesellschaft m.b.H.

kages.at

76

Steiermärkische Krankenanstaltengesellschaft m.b.H. (KAGes) is a large, established healthcare organization operating the regional hospital and nursing home network in Styria, Austria. The website serves patients, relatives, healthcare partners, and job seekers with comprehensive information and services. The digital infrastructure is built on TYPO3 CMS with modern web technologies and includes privacy-respecting analytics (Matomo). The site is well-designed, mobile-optimized, and accessible, reflecting a mature digital presence. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response contacts are not published. Privacy compliance is robust with clear cookie consent and GDPR-aligned privacy policy. Overall, the website demonstrates high professionalism, trustworthiness, and business credibility.

S

Steiermärkische Krankenanstaltengesellschaft m.b.H.

uniklinikumgraz.at

76

The Universitätsklinikum Graz is a large, well-established university hospital in Austria, affiliated with the Medical University of Graz and the Steiermärkische Krankenanstaltengesellschaft m.b.H. It provides comprehensive patient care, medical education, and research services. The website reflects a professional healthcare institution with a strong regional presence and a large workforce. Technically, the site is built on TYPO3 CMS, uses Matomo for analytics, and complies with GDPR through a comprehensive privacy and cookie policy. Security posture is good with HTTPS enforced and no critical vulnerabilities detected. Overall, the site is trustworthy, well-branded, and user-friendly, targeting patients, medical partners, and students.

B

brite

britehealth.com

71

brite is a digital health companion platform focused on supporting therapy through expert knowledge, progress tracking, and reminders, targeting German-speaking patients. The website is professionally designed using modern web technologies such as Webflow CMS, Matomo analytics, and Cookiebot for GDPR-compliant cookie management. The technical infrastructure is solid with HTTPS enforced and a cookie consent mechanism in place, though some security headers are missing. The absence of WHOIS data raises concerns about domain registration legitimacy, which should be further investigated. Overall, the site demonstrates good privacy compliance and user experience but lacks explicit contact and legal pages.

M

medizinfuchs GmbH

medizinfuchs.de

63

medizinfuchs GmbH operates a professional online price comparison platform specializing in medications, health supplements, and cosmetic products primarily targeting consumers in Germany and Austria. The website offers a comprehensive service that includes price comparisons from over 180 verified shipping pharmacies, user reviews, and a mobile app to facilitate on-the-go access. The company positions itself as a leading player in the German healthcare e-commerce sector, emphasizing cost savings and convenience for its users. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, with analytics powered by Matomo, Google Tag Manager, and Bing Ads tracking. Hosting is managed via Amazon AWS infrastructure, ensuring reliable performance and scalability. The site demonstrates good mobile optimization and SEO practices, although some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and manages user consent effectively for cookies and tracking, aligning with GDPR requirements. However, explicit security headers such as Content-Security-Policy and X-Frame-Options are not clearly present, and no public security policy or incident response contacts are found. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, medizinfuchs.de presents a trustworthy and user-friendly platform with strong business credibility and compliance posture. Strategic improvements in security headers and incident response transparency would further strengthen its security stance and user trust.

NABU - Naturschutzbund Deutschland e.V. is a well-established German non-profit organization dedicated to nature conservation and environmental protection. The website focuses on public awareness campaigns such as the 'Bird of the Year 2026' featuring the Rebhuhn (partridge), highlighting endangered species and promoting biodiversity. NABU enjoys a strong market position in Germany with a large membership base and extensive volunteer network. The site offers rich content, educational resources, and engagement opportunities for the general public and conservation enthusiasts. Technically, the website is built on the IMPERIA CMS platform, utilizing modern web technologies including Bootstrap, jQuery, and privacy-respecting analytics tools like Matomo. The site is mobile-optimized, accessible, and SEO-friendly. Cookie consent is managed via Klaro, ensuring GDPR compliance. The infrastructure appears stable with European-based DNS and hosting. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms. However, explicit security headers are not visible in the HTML source, and no public security policy or incident response contacts are provided. No vulnerabilities or suspicious content were detected. The site integrates tracking pixels from major platforms (Meta, TikTok, Google Ads) with user consent. Overall, NABU's website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. It effectively serves its mission to educate and engage the public in environmental conservation. Strategic improvements could include publishing a dedicated security policy and enhancing security header implementation to further strengthen its security posture.

C

CCC München - Comprehensive Cancer Center

ccc-muenchen.de

67

CCC München is a comprehensive cancer center jointly operated by the Ludwig-Maximilians-Universität München and the Technische Universität München. Established in 2014 and recognized as an oncological excellence center by Deutsche Krebshilfe, it provides advanced cancer patient care, clinical research, and educational events for medical professionals. The website targets patients, healthcare providers, and researchers, offering detailed information about services, events, and collaborations. Technically, the website is built on the Scrivito CMS platform, hosted on AWS infrastructure, and uses modern web technologies including JavaScript, Matomo analytics for privacy-conscious tracking, and Leaflet for interactive maps. The site is mobile-optimized and SEO-friendly, with a moderate performance profile. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and implements cookie consent mechanisms. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. It effectively supports its healthcare mission but could improve by publishing more detailed security and incident response information.

T

Technische Hochschule Mannheim

th-mannheim.de

65

Technische Hochschule Mannheim is a well-established public technical university in Germany offering a wide range of Bachelor and Master degree programs with innovative study concepts. The institution targets students, prospective students, employees, and companies, providing education, research, transfer services, and international exchange opportunities. The website reflects a strong market position as a regional technical university with comprehensive academic and research offerings. Technically, the website is built on TYPO3 CMS with modern frontend technologies like Bootstrap and jQuery, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS, cookie consent mechanisms, and no visible vulnerabilities, although some security headers could be improved. Privacy compliance is robust with clear GDPR-aligned policies and cookie management. Overall, the website is professional, trustworthy, and user-friendly, supporting the institution's credibility and outreach.

S

SZA Schilling, Zutt & Anschütz Rechtsanwaltsgesellschaft mbH

sza.de

64

SZA Schilling, Zutt & Anschütz is a reputable German law firm specializing in economic and corporate law, including M&A, capital markets, litigation, compliance, and other legal fields. The firm serves national and international corporate clients and is recognized by prestigious legal directories such as Chambers Global and Legal500. The website reflects a professional and modern digital presence built on Nuxt.js and Vue.js frameworks, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some enhancements in HTTP security headers and explicit security policies could improve resilience. Overall, the site demonstrates strong business credibility, privacy compliance, and user experience, making it a trustworthy digital asset for the firm.

S

Stiftung Preußische Schlösser und Gärten Berlin-Brandenburg (SPSG)

spsg.de

59

The Stiftung Preußische Schlösser und Gärten Berlin-Brandenburg (SPSG) operates as a government-affiliated non-profit foundation managing over 30 museum palaces and park sites in the Berlin-Brandenburg region, including notable landmarks such as Schloss Sanssouci and Schloss Charlottenburg. The website serves as an official portal providing comprehensive information about cultural heritage sites, exhibitions, events, educational programs, and visitor services. It targets a broad audience including tourists, families, schools, and cultural enthusiasts. The business model focuses on cultural preservation, public engagement, and educational outreach, supported by government funding and partnerships. Technically, the website is built on the TYPO3 CMS platform, utilizing modern JavaScript libraries such as Leaflet for mapping and Swiper for interactive carousels. It employs Matomo analytics configured for privacy-conscious, cookie-less tracking. The site demonstrates good mobile optimization, accessibility features, and SEO practices, reflecting a mature digital infrastructure. Performance is moderate with a professional and consistent design. From a security perspective, the site enforces HTTPS and provides a cookie consent mechanism aligned with GDPR requirements. However, it lacks explicit security policy documentation, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is minimal but consistent with the official nature of the site, with no privacy protection or suspicious patterns. Overall, the website presents a high level of professionalism, trustworthiness, and compliance with privacy standards. Strategic improvements could include publishing detailed security policies and incident response information to enhance transparency and trust further.

H

HDG

hangar.it

48

Hangar Design Group (HDG) is an established integrated creative agency and design consultancy based in Italy, with a strong market presence and a portfolio of notable clients and projects. The company focuses on branding, storytelling, and digital presence to help businesses evolve and succeed. The website reflects a professional and consistent brand image, supported by ISO 9001:2015 certification and a multilingual WordPress platform. The technical infrastructure includes modern web technologies such as jQuery, Swiper.js, and privacy-focused analytics tools like Matomo alongside Google Analytics. Privacy compliance is robust, featuring Iubenda cookie management and GDPR adherence. Security posture is strong with HTTPS, DNSSEC, and cookie consent mechanisms, though additional security headers could enhance protection. Overall, the site is well-designed, user-friendly, and trustworthy, with no critical vulnerabilities detected.

T

Technische Universität Braunschweig

tu-bs.de

64

Technische Universität Braunschweig is a well-established German technical university offering a wide range of educational and research services primarily in engineering and natural sciences. The website serves students, researchers, and academic staff with comprehensive information about study programs, research projects, and international cooperation. The university maintains a professional online presence with consistent branding and a clear navigation structure. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and uses Matomo analytics configured to disable cookies, reflecting a privacy-conscious approach. Security posture is moderate with HTTPS enforced but lacks visible security headers and formal vulnerability disclosure mechanisms. Privacy compliance is limited due to absence of explicit privacy and cookie policies in the accessible content. Overall, the site is trustworthy and professionally maintained but could improve transparency and security practices.

R

Radio Chablais

radiochablais.ch

58

Radio Chablais is a well-established regional media company based in Switzerland, providing radio broadcasting services, regional news, sports coverage, and thematic web radios. The website reflects a mature digital presence with a clear focus on serving the French-speaking audience in the Chablais, Riviera, and Pays-d'Enhaut regions. Their business model revolves around media broadcasting and advertising, supported by a medium-sized operation with a strong local market position and over 40 years of history. Technically, the website is built on Joomla CMS using the Helix Ultimate framework and Bootstrap 5, incorporating modern JavaScript libraries and analytics tools such as Matomo and Google Analytics. The site is mobile-optimized, has good SEO practices, and includes user-friendly features like search autocomplete and a cookie consent mechanism, indicating a good level of digital maturity. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks some advanced security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is strong with clear policies and GDPR adherence. The business credibility is supported by certifications, transparent contact information, and consistent branding. Overall, Radio Chablais presents a trustworthy and professional online presence with moderate to good security posture and privacy compliance. Strategic improvements in security headers and incident response transparency would further enhance their security maturity and trustworthiness.

S

Saarpfalz-Kreis

saarpfalz-kreis.de

67

The Saarpfalz-Kreis website serves as the official digital portal for the regional government district in Germany, providing residents and visitors with access to a wide range of public services, news, events, and administrative information. The site targets local citizens and stakeholders, offering key services such as vehicle registration, consultation centers, career opportunities, and public announcements. The business model is that of a governmental public service provider with a medium-sized operational scope within the German government sector. Technically, the website is built on the ionas4 CMS platform, leveraging modern JavaScript frameworks and libraries including SystemJS and jQuery. It employs Cloudflare for DNS and CDN services, ensuring good performance and security. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate loading speed and comprehensive metadata including Open Graph and JSON-LD structured data. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms compliant with GDPR, and integrates Matomo analytics with privacy considerations. While security headers and best practices are generally observed, explicit security policies and vulnerability disclosure mechanisms are absent, representing areas for improvement. No vulnerabilities or suspicious patterns were detected, and the WHOIS data aligns well with the site's governmental nature. Overall, the website presents a professional, trustworthy, and user-friendly interface with strong privacy compliance and a solid security posture. Strategic recommendations include publishing explicit security and incident response policies, implementing a vulnerability disclosure program, and enhancing security headers to further strengthen the site's defense and transparency.