Security Directory

K

KulturKirche2025 – Die Kirchen in der Kulturhauptstadtregion Chemnitz 2025

kulturkirche2025.de

45

KulturKirche2025 is a cultural initiative centered on churches in the Chemnitz region, aligned with the European Capital of Culture 2025 program. The website serves as a platform to promote cultural exhibitions, spiritual events, and community projects, targeting visitors, pilgrims, and local cultural participants. The business model is non-profit and community-focused, emphasizing cultural heritage and spiritual engagement. Technically, the site is built on WordPress with modern plugins such as Advanced Custom Fields Pro and WPML for multilingual support. The infrastructure is hosted on rzone.de nameservers, indicating a professional hosting environment. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks explicit security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is accessible, well-structured, and provides relevant cultural content but would benefit from enhanced privacy and security documentation.

Sozialpolitik aktuell is an academic and informational website operated by the Institut für Arbeit und Qualifikation (IAQ) at Universität Duisburg-Essen. It provides extensive, up-to-date information on social policy topics in Germany, including analyses, infographics, legislative updates, and reports. The site targets researchers, policymakers, students, and the interested public, positioning itself as a trusted source in the social policy domain. Technically, the website is built on the Contao CMS platform, uses common JavaScript libraries, and employs Matomo analytics with IP anonymization to respect user privacy. The site is well-structured, mobile-optimized, and includes a comprehensive cookie consent mechanism. Security posture is good with HTTPS enforced, though security headers are not explicitly detected. No direct contact emails or phone numbers are present, but a contact form is available. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

K

Katholische Akademie der Erzdiözese Freiburg

katholische-akademie-freiburg.de

38

The Katholische Akademie der Erzdiözese Freiburg is a regional non-profit educational and cultural institution affiliated with the Catholic Archdiocese of Freiburg, Germany. It organizes interdisciplinary events and discussions on theology, philosophy, ethics, church matters, and social topics, targeting interested individuals and the broader community. The website reflects a professional and consistent brand presence with a focus on event promotion and educational content. Technically, the website is built on the Edith CMS platform, utilizing jQuery, Bootstrap, and Matomo analytics for tracking. Hosting is provided by w-commerce.de, with multiple authoritative nameservers ensuring domain stability. The site is mobile-optimized with good navigation and SEO practices, although performance is moderate. From a security perspective, the site enforces HTTPS and uses Matomo with cookie disable options, indicating some privacy awareness. However, it lacks explicit privacy and cookie policies, security headers, and incident response information, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is safe, trustworthy, and professionally maintained but would benefit from enhanced privacy compliance and security best practices to strengthen user trust and regulatory adherence.

H

Heidelberg Materials

heidelbergmaterials.de

71

Heidelberg Materials is a leading global construction materials company with a strong market presence in Germany, particularly as the market leader in cement and ready-mixed concrete. The company offers a broad portfolio including cement, concrete, aggregates (sand, gravel), and precast concrete elements, with a strong focus on sustainability and innovation such as their evoZero® Carbon Captured Net-Zero Cement. The website reflects a mature enterprise with comprehensive product information, customer engagement through events and newsletters, and a consistent brand identity. Technically, the site is built on Drupal 11, leveraging modern web technologies and analytics tools, with good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

The website www.informationsportal.de is an official information portal operated by ITSG GmbH, providing comprehensive guidance to employers in Germany about their social security reporting obligations. It serves as a government-related resource offering question-answer catalogs, glossaries, brief profiles, and a document library to assist employers in compliance. The portal targets German employers and is positioned as a niche authoritative source in the social security domain. Technically, the site is built on WordPress with modern plugins such as Yoast SEO Premium and Borlabs Cookie for privacy compliance. It uses Matomo for analytics, ensuring user data is anonymized and GDPR compliant. The site is well-structured, mobile-optimized, and employs HTTPS with appropriate security headers, although some advanced headers could be added for enhanced security. No direct contact emails or phone numbers are published; contact is primarily via a form. No explicit security or incident response policies are published, which could be improved. Overall, the site demonstrates a good security posture, strong privacy compliance, and professional content quality, making it a trustworthy resource for its audience.

E

Elementare Vielfalt

periodensystem.de

47

The website www.periodensystem.de is a specialized educational platform offering a free interactive periodic table of elements aimed at students and professionals in chemistry-related fields. It is positioned as a niche resource within the German education sector, providing accessible and app-free learning tools. The site is powered by TYPO3 CMS and leverages modern JavaScript libraries to enhance user experience. Hosting is provided by SchlundTech, a reputable German hosting provider, ensuring reliable infrastructure. The site demonstrates good technical maturity with responsive design and SEO optimization. Security posture is solid with HTTPS enforced and GDPR-compliant cookie consent managed via Usercentrics, although some security headers are missing and no explicit security policies or incident response contacts are provided. Overall, the site is trustworthy, safe, and professionally maintained, with room for improvement in transparency and security documentation.

deponata GmbH & Co. KG is a German company specializing in environmental services, particularly the disposal and processing of mineral construction and production waste, soil material brokerage, and electronic waste tracking. The company is qualified for public procurement and actively engages in environmental sponsorships, positioning itself as a reliable and certified disposal specialist within the energy and environmental sector. The website content is professional, well-structured, and targeted primarily at public sector clients and environmental stakeholders. Technically, the website employs a moderate technology stack including jQuery, Google Fonts, and Google Analytics with IP anonymization, hosted likely by Prointernet. The site is served over HTTPS with basic mobile optimization and accessibility features. Consent management is implemented via a third-party platform, supporting GDPR compliance. SEO practices are good with proper meta tags and structured navigation. From a security perspective, the site benefits from HTTPS and privacy-conscious analytics but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The absence of a vulnerability disclosure policy or security.txt file is noted as an area for improvement. Overall, the website is trustworthy, professional, and compliant with privacy regulations, with a moderate security posture. Strategic recommendations include enhancing security headers, publishing security policies, and improving mobile optimization to further strengthen the digital maturity and trustworthiness of the company’s online presence.

C

CAL GmbH & Co. KG

cal-darmstadt.de

60

CAL GmbH & Co. KG is a German-based chemical analysis service provider established in 1984. The company specializes in precise chemical analyses for soil, water, dietary supplements, and cosmetics, targeting businesses requiring quality assurance in these sectors. Their website is professionally designed using the Contao CMS platform and modern JavaScript libraries, providing a good user experience with clear navigation and relevant content in German. The technical infrastructure is moderate in performance with good mobile optimization but lacks advanced security headers and cookie consent mechanisms. Security posture is basic with HTTPS enabled but missing several best practices such as security policies and incident response contacts. WHOIS data confirms the domain's legitimacy and consistency with the business history. Overall, the website is trustworthy and functional but could improve in privacy compliance and security transparency.

K

Koordinierungsstelle für Hospiz- u. Palliativversorgung in Deutschland

koordinierung-hospiz-palliativ.de

48

The website www.koordinierung-hospiz-palliativ.de serves as the official coordination center for hospice and palliative care services in Germany. It provides informational resources, including multilingual explanatory videos, targeting patients, relatives, healthcare institutions, and care providers. The site positions itself as a national non-profit entity focused on improving access and awareness of hospice and palliative care. Technically, the site is built on the Contao CMS platform, utilizing jQuery and jQuery UI for interactive elements. The infrastructure supports HTTPS with good SSL configuration, but lacks advanced security headers and cookie consent mechanisms. The content is well-structured, professionally presented, and accessible, though mobile optimization and accessibility could be improved. Security posture is solid with no visible vulnerabilities or exposed sensitive data, but the absence of a security policy and incident response contacts is noted. Overall, the site is trustworthy and credible, with clear contact information and consistent branding.

B

BDE Bundesverband der Deutschen Entsorgungs-, Wasser- und Kreislaufwirtschaft e. V.

bde.de

55

BDE Bundesverband der Deutschen Entsorgungs-, Wasser- und Kreislaufwirtschaft e. V. is a prominent German industry association representing Europe's largest network of private circular economy companies. The organization focuses on advocacy, information dissemination, training, and networking within the waste management, water, and recycling sectors. Their website reflects a professional and consistent brand image, targeting companies and stakeholders in the circular economy sector primarily in Germany and Europe. The business model centers on providing member services, industry representation, and policy influence. Technically, the website is built on a Django-based CMS platform, utilizing modern JavaScript libraries such as jQuery and Slick Carousel for interactive elements. The site is mobile-optimized with good SEO practices and moderate performance. Security measures include HTTPS enforcement and CSRF protection on forms, though additional security headers and explicit security policies are absent. The security posture is solid but could be enhanced by publishing incident response contacts and vulnerability disclosure policies. Privacy compliance is well addressed with a clear privacy policy, cookie consent banner, and GDPR adherence. Contact information is comprehensive, including multiple emails, phone numbers, and physical addresses, enhancing business credibility. Overall, the website is trustworthy, professionally maintained, and serves its target audience effectively. Strategic improvements in security transparency and accessibility could further strengthen its position.

N

Nordic CAMPUS Berufsbildungswerk Bremen gGmbH

bbw-bremen.de

56

Nordic CAMPUS Berufsbildungswerk Bremen gGmbH is a well-established non-profit vocational training institution in Germany focused on educating and supporting young people with disabilities. With over 40 years of experience and multiple locations, it offers a broad range of training programs, personal and health support services, and fosters inclusion through strong partnerships and community engagement. The website reflects a professional and inclusive brand with comprehensive content and clear navigation. Technically, the website uses a custom or unknown CMS with a technology stack including jQuery and responsive design elements. Hosting is provided by a German ISP (Ewetel). The site is mobile-optimized and SEO-friendly but lacks some modern security headers. Cookie consent mechanisms are implemented, supporting GDPR compliance. Security posture is moderate with HTTPS enforced and email obfuscation in place, but missing explicit security headers and incident response contacts. No vulnerabilities or malware indicators were found. Overall, the site is trustworthy and professionally maintained, with room for security enhancements. The risk level is low, with recommendations to improve security headers, publish a security policy, and enhance incident response transparency to further strengthen trust and compliance.

U

Unitus

unitus.it

56

The website www.unitus.it represents the official online presence of the Università degli Studi della Tuscia, a public university based in Italy. The site provides information about degree courses, research activities, and university life, targeting students, researchers, and the academic community. It holds a regional market position as an educational institution and offers key services related to higher education and research. Technically, the website is built on WordPress with multilingual support via WPML, utilizing common web libraries such as jQuery and DataTables. Google Analytics and Google Tag Manager are employed for user tracking and analytics. The site demonstrates moderate performance and good mobile optimization, with a professional design and clear navigation structure. Security-wise, HTTPS is enforced, and a cookie consent mechanism is implemented, indicating GDPR awareness. However, the absence of security headers and explicit security policies suggests room for improvement in security posture. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy and professionally maintained, though it lacks some compliance documentation such as privacy and terms of service pages. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving accessibility features.

T

Tourismuszentrale Fränkische Schweiz

fraenkische-schweiz.com

47

The website www.fraenkische-schweiz.com serves as the official tourism portal for the Fränkische Schweiz region in Bavaria, Germany. It provides comprehensive information on activities, accommodations, gastronomy, and events, targeting tourists and vacationers interested in this historic and scenic area. The site is well-structured, professionally designed, and optimized for mobile devices, reflecting a mature digital presence. Technically, it is built on the TYPO3 CMS platform and integrates modern JavaScript libraries and Google Analytics for tracking. Security measures include HTTPS and a cookie consent mechanism, though explicit security headers and detailed security policies are not evident. The absence of WHOIS registration data raises concerns about domain legitimacy, which should be verified to ensure full trust. Overall, the site is a reliable resource for regional tourism but would benefit from enhanced transparency in domain registration and security disclosures.

F

Das Fichtelgebirge: Fichtelgebirge

fichtelgebirge.bayern

47

The website www.fichtelgebirge.bayern serves as a regional tourism portal dedicated to the Fichtelgebirge region in Germany. It provides comprehensive information about accommodations, cultural events, outdoor activities, and regional specialties, targeting tourists and visitors interested in exploring the area. The site is multilingual, offering translations via Google Translate, enhancing accessibility for international visitors. Technically, the site is built on TYPO3 CMS, utilizing modern frontend libraries such as jQuery UI and Slick Carousel, and integrates Google Analytics for visitor tracking alongside a CookieFirst consent management system. Security-wise, the site enforces HTTPS and implements cookie consent, but lacks explicit security headers and vulnerability disclosure mechanisms. The WHOIS data is privacy protected, which is common for such regional tourism sites, and no suspicious patterns were detected. Overall, the site presents a professional and trustworthy digital presence for regional tourism promotion.

Kassensuche GmbH operates a German-language online portal focused on helping users find and compare statutory health insurance providers (gesetzliche Krankenkassen) in Germany. The website offers multiple tools including a contribution calculator, user-type based search, and detailed benefit comparisons. The portal targets insured individuals in Germany seeking optimal health insurance options. Technically, the site uses modern JavaScript modules, jQuery, and lazy loading techniques to enhance performance and user experience. The site is hosted with reputable DNS providers and uses HTTPS, ensuring secure connections. Security posture is adequate but could be improved by adding security headers and explicit incident response information. Privacy compliance is partially met with a clear privacy policy and terms of service, but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

H

Hamburger Verkehrsverbund

hvv.de

68

Hamburger Verkehrsverbund (hvv) operates as the primary public transportation network for Hamburg and its surrounding areas, providing comprehensive services including timetable information, ticket sales, and mobility consulting. The website serves as a digital portal for users to access schedules, purchase tickets, and stay informed about service updates. The platform targets public transit users in the Hamburg region and positions itself as a leading transportation provider with a strong regional presence. Technically, the website employs a modern JavaScript stack with libraries such as jQuery UI, GSAP, and Moment.js to enhance user experience and performance. It features responsive design and accessibility considerations, including keyboard navigation and ARIA roles. The site integrates tracking via etracker for analytics while maintaining GDPR compliance through cookie consent mechanisms and a detailed privacy policy. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, indicating attention to secure data handling. However, explicit security headers and a published security policy or vulnerability disclosure are absent, representing areas for improvement. No signs of WAF or blocking mechanisms were detected, allowing full content access. Overall, the website demonstrates a solid balance of usability, compliance, and security suitable for a public transportation entity. Strategic enhancements in security transparency and incident response readiness would further strengthen its posture.

B

Bergspiritualität: Endlich Pilgern

bergspiritualitaet.com

10

The website bergspiritualitaet.de is a German-language platform dedicated to spiritual mountain experiences, including retreats, pilgrimages, and mountain masses. It targets a broad audience interested in spirituality and nature, offering educational courses and community events. The site is built on TYPO3 CMS with a moderate technical infrastructure, incorporating common JavaScript libraries and a cookie consent mechanism. Security posture is adequate with HTTPS enforced, but lacks explicit security headers and incident response information. Privacy compliance is good with a clear privacy policy and cookie consent. Business credibility is moderate due to limited explicit company or contact information. Overall, the site is professionally presented with consistent branding and relevant content for its niche.

P

Papoo Software & Media GmbH

cmm-ehrenfeld.de

47

The website cmm-ehrenfeld.de hosts a login page for CCM19, a cookie consent management software developed by Papoo Software & Media GmbH. The platform targets businesses and website operators requiring tools to manage cookie consent and privacy compliance, offering multilingual support and user account management. The business operates in the technology sector, likely as a small-sized SaaS provider focused on privacy compliance solutions. Technically, the website uses standard web technologies including jQuery and CSS, with hosting DNS managed by GoDaddy's domaincontrol.com. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. No CMS or advanced frameworks are detected. The login form uses secure POST methods but lacks visible security headers and explicit SSL/TLS configuration details. From a security perspective, the site shows basic best practices such as password masking and form submission via POST. However, it lacks published privacy, cookie, or security policies, and no incident response or vulnerability disclosure information is available. WHOIS data is minimal but consistent with a legitimate domain, though registrant details are not disclosed. No WAF or blocking mechanisms are detected, and the content is fully accessible and safe. Overall, the website is functional but basic in content and security posture, with room for improvement in privacy compliance, security headers, and transparency. The risk level is moderate with no critical vulnerabilities detected but lacking in trust and compliance signals.

Gesetzlichekrankenkassen.de is an established German online comparison portal operated by Kassensuche GmbH, specializing in statutory health insurance providers. The site offers comprehensive price and service comparisons, membership application assistance, and detailed information on statutory health insurance benefits. It targets German residents seeking to compare and switch statutory health insurance providers, including employees, self-employed, retirees, and students. The platform leverages 25 years of experience and provides detailed, transparent data to help users make informed decisions.

V

Verband der Ersatzkassen e. V. (vdek)

vdek.com

62

The Verband der Ersatzkassen e. V. (vdek) is a prominent German non-profit association representing the interests of major statutory health insurance substitute funds such as TK, BARMER, DAK-Gesundheit, KKH, and hkk. The website serves as an information and service portal for healthcare stakeholders, policy makers, and insured persons in Germany, offering news, policy positions, and online tools related to healthcare and insurance. The organization holds a significant position in the German healthcare sector, advocating for reforms and providing data and publications relevant to statutory health insurance.

K

KREA DIGITAL s.r.o.

krea.com

59

KREA DIGITAL s.r.o. is a Slovak-based IT company specializing in the development of web and mobile applications, IT outsourcing, and business system solutions. With over 14 years of experience, the company serves a diverse client base including notable brands, positioning itself as a reliable IT partner for custom software development and IT professional outsourcing. The website reflects a professional and consistent brand image with clear service offerings and client references. Technically, the site employs modern web technologies such as Bootstrap, jQuery, and hCaptcha, ensuring responsive design and user-friendly navigation. Security measures include HTTPS enforcement and CAPTCHA integration on forms, although explicit security policies and headers could be improved. Privacy compliance is well addressed with comprehensive privacy and cookie policies and GDPR adherence. However, the absence of WHOIS data for the domain introduces some uncertainty regarding domain legitimacy. Overall, the company presents a credible and professional digital presence with room for enhanced security transparency and WHOIS data clarity.

ITNOMIC is a specialized Austrian web agency providing comprehensive digital services including website creation with Contao CMS, e-commerce solutions using PrestaShop, and SEO/SEA optimization. The company emphasizes economic IT solutions with over 15 years of experience, targeting businesses across Austria. Their technical infrastructure leverages modern open-source platforms and integrates Google marketing and analytics tools with a strong focus on privacy compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though additional security headers and incident response policies could enhance their security maturity. Overall, the website is professional, accessible, and trustworthy, supporting a positive business reputation despite the lack of publicly available WHOIS data.

M

Malu Wilz Beauty Centre

malu-wilz.de

50

Malu Wilz Beauty Centre operates an e-commerce platform specializing in beauty and skincare products, targeting consumers interested in cosmetics and personal care. The website offers a range of products including makeup, skincare collections, and accessories, with a focus on a professional and user-friendly online shopping experience. The business is positioned as a niche retailer within the German market, leveraging a multilingual website to reach both German and English-speaking customers. Technically, the website is built on the OXID eShop Community Edition platform, utilizing common JavaScript libraries such as jQuery and FlexSlider for enhanced user interaction. The site is mobile-optimized with good SEO practices and includes a cookie consent mechanism aligned with GDPR requirements. Performance is moderate, with room for improvement in accessibility features and security headers. From a security perspective, the site enforces HTTPS and uses secure login forms, but lacks visible HTTP security headers and published security policies or incident response contacts. No vulnerabilities or suspicious content were detected, and privacy compliance is well addressed through accessible privacy and cookie policies. The absence of direct contact emails or phone numbers reduces immediate contactability but is mitigated by a contact form. Overall, the website presents a trustworthy and professional e-commerce presence with solid privacy compliance and a moderate security posture. Strategic improvements in security headers, incident response transparency, and accessibility could enhance the site's resilience and user trust.

H

Hats-Trends

hats-trends.de

64

Hats-Trends is a small, established German retailer specializing in fashionable hats, beanies, caps, and related headwear for men, women, and children. Founded in 1992, the company operates an e-commerce platform powered by Jimdo CMS, complemented by presence on marketplaces such as Ebay and Amazon. The business emphasizes handmade quality and trendy designs, targeting fashion-conscious customers seeking affordable headwear. Technically, the website uses modern web technologies including jQuery UI and integrates Google Analytics and POWr.io widgets for analytics and marketing. The site is mobile-optimized with good navigation and content quality. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though some security headers could be improved. Privacy compliance is strong with clear policies and GDPR adherence. Overall, the site projects a trustworthy and professional image with positive trust signals such as Händlerbund membership and extensive customer reviews. No critical vulnerabilities or blocking mechanisms were detected.

L

Landkreisentsorgung Schwarzenberg GmbH

landkreisentsorgung.eu

52

Landkreisentsorgung Schwarzenberg GmbH operates as a regional waste disposal and recycling service provider primarily serving the Schwarzenberg/Erzgebirge area in Germany. The company offers a comprehensive range of services including municipal waste collection, bulky waste disposal, hazardous waste handling, wastewater services, document destruction, container rental, and city cleaning. Their market position is that of a trusted local service provider with a focus on environmental sustainability and compliance. Technically, the website is built on WordPress using common plugins such as WPBakery Page Builder and Ultimate VC Addons. The technology stack includes jQuery, Bootstrap, and Font Awesome, hosted likely via Variomedia AG. The site demonstrates moderate performance with good mobile optimization and basic accessibility features. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism via Borlabs Cookie. However, it lacks advanced security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is supported by a privacy policy and cookie banner, indicating GDPR awareness. Overall, the website is professional, trustworthy, and well-aligned with the business's regional service model. The absence of critical security issues and the presence of trust indicators such as certifications and clear contact information contribute to a strong credibility profile. Strategic improvements could focus on enhancing security headers and publishing explicit security policies to further strengthen the security posture.

W

Willy Böhme GmbH & Co. KG

willy-boehme.eu

47

Willy Böhme GmbH & Co. KG is a regional German company specializing in waste disposal, sewage services, and environmental cleaning. The company offers a broad range of services including waste recycling, document destruction, container rental, sewer cleaning, and street cleaning. Their website reflects a well-established business with a clear focus on environmental sustainability and service reliability. The target audience primarily includes regional businesses and municipalities in Germany. Technically, the website is built on WordPress using popular plugins such as WPBakery Page Builder, Contact Form 7, and Borlabs Cookie for privacy compliance. The site is moderately performant, mobile-optimized, and SEO-friendly. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit security policies. Overall, the domain registration and WHOIS data align with the business claims, indicating legitimacy and trustworthiness.

M

MMcom GmbH

mm-com.de

54

MMcom GmbH is a medium-sized IT service provider based in Hof, Germany, operating as a subsidiary of the M&M Militzer & Münch Gruppe, a large logistics company. The company specializes in IT projects, consulting, support, security, system integration, and hosting services, serving both the parent group and external clients. Their website reflects a professional and consistent brand image with clear contact information and compliance with GDPR and cookie regulations. Technically, the site is built on WordPress with modern plugins and frameworks, including reCAPTCHA for spam protection. Security posture is good with HTTPS enforced, though some HTTP security headers are missing and no explicit security policy or incident response contacts are published. Overall, the domain registration is consistent with the business claims, though WHOIS data is limited due to DENIC privacy policies. The website is accessible without WAF blocking and contains no suspicious or adult content.

Z

ZVEI e.V.

zvei.org

69

ZVEI e.V. is a prominent German industry association representing the electrical and digital industries. The organization positions itself as a leader in driving digitalization and technological progress within these sectors. Its website offers extensive content on industry topics, market data, and member services, targeting industry professionals and policymakers. The business model centers on advocacy, networking, and providing industry insights to its members. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and a consent-based analytics system (Matomo), reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, employs cookie consent mechanisms, and shows no evident vulnerabilities, though explicit security policies and incident response information are not publicly detailed. Overall, the site is professional, trustworthy, and well-structured, with a strong focus on compliance and user privacy. The lack of WHOIS data is mitigated by the site's evident legitimacy and privacy protection is justified for this type of organization.

German Software e.V. is a German initiative focused on promoting excellence in software engineering with an emphasis on IT security and data protection standards 'Made in Germany'. The website serves as a platform to highlight the quality and security of German IT products and companies, targeting primarily German IT firms and customers seeking secure and compliant software solutions. The business model is that of a non-profit initiative aiming to foster trust and quality in the German IT sector. Technically, the website is built on WordPress, utilizing common libraries such as jQuery and Matomo for analytics. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. Security posture is adequate with HTTPS enforced and spam protection via honeypot, but lacks advanced security headers and explicit security policies. Privacy compliance is partial, with a privacy policy linked externally but no cookie consent mechanism visible. Overall, the site is professional and trustworthy but could improve in privacy and security transparency.

I

ICOS-CAL

icos-cal.eu

54

ICOS-CAL operates as the Central Analytical Laboratories within the Integrated Carbon Observation System, providing critical calibration and analytical services to support greenhouse gas monitoring across Europe. The organization is affiliated with reputable research institutions such as the Max-Planck-Institute and the University of Heidelberg, positioning it as a key player in European climate research infrastructure. The website reflects this focus with detailed information about their mission, laboratories, and scientific activities, targeting researchers and monitoring stations. Technically, the website employs a moderately modern technology stack including jQuery, Bootstrap, and Piwik analytics. It is well-structured, mobile-optimized, and uses HTTPS to secure communications. However, some improvements could be made in accessibility and SEO optimization. The absence of advanced security headers and cookie consent mechanisms indicates room for enhancement in security and privacy compliance. From a security perspective, the site shows good practices such as HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. The lack of WHOIS data limits full trust verification, but the professional presentation and institutional affiliations support legitimacy. No signs of malware, phishing, or suspicious content were found. Privacy and terms policies are present, though cookie consent is missing. Overall, ICOS-CAL's website is a reliable and professional platform supporting a scientific research infrastructure. Strategic recommendations include implementing cookie consent, enhancing security headers, publishing a vulnerability disclosure policy, and improving accessibility to strengthen compliance and trust.

E

Elektro Schulz GmbH

elektro-schulz.de

52

Elektro Schulz GmbH is a German-based company specializing in the installation, project planning, and maintenance of electrical energy systems including substations, transformer stations, low-voltage switchgear, and energy management solutions. Established in 1991, the company serves industrial clients, public sector entities, and major customers such as Deutsche Bahn, with international operations in over 30 countries. Their business model focuses on delivering turnkey electrical infrastructure projects with a strong emphasis on quality, reliability, and customer-specific solutions. Technically, the website is built on the Contao CMS platform and employs modern web technologies including HTML5, CSS, JavaScript, and several jQuery-based libraries for enhanced user experience. The site is mobile-optimized with good accessibility and SEO practices. Hosting is provided via rzone.de, with secure HTTPS connections and no detected blocking or WAF interference. From a security standpoint, the website enforces HTTPS, includes privacy consent on its contact form, and avoids exposing sensitive data. However, it lacks explicit security headers and incident response contact information. Google Analytics is present but disabled, reflecting a privacy-conscious approach. The privacy policy is comprehensive and GDPR compliant, though no cookie consent banner is implemented. Overall, Elektro Schulz GmbH presents a professional and trustworthy online presence with strong business credibility and adequate technical and security measures. Recommendations include enhancing security headers, adding incident response details, and implementing cookie consent mechanisms to further improve compliance and security posture.

P

Pfarrei Evangelisch unter der Veste

evangelisch-gemeinsam.de

44

The website evangelisch-gemeinsam.de represents a regional non-profit religious community, specifically a parish composed of four evangelical-lutheran congregations in the Coburg area of Germany. It serves as an information portal for church services, events, groups, and community engagement, targeting local members and interested visitors. The site is built on Drupal 10, leveraging modern web technologies and includes a consent management system for GDPR compliance. The technical infrastructure is solid, hosted on a provider indicated by the nameservers kunde24.de, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforced and cookie consent implemented, though some security headers could be improved and no explicit security policy or incident response information is published. The website does not employ advertising or extensive tracking, enhancing privacy compliance. Overall, the site is trustworthy, professional, and well-aligned with its community-focused mission.

SOREA, spol. s r.o. operates a network of hotels across Slovakia, providing accommodation, wellness, and relaxation services primarily targeting tourists and travelers. The company maintains a professional online presence with a user-friendly reservation system and regularly updated promotional offers. Their market position is that of a well-established regional hospitality provider with a medium-sized business footprint. Technically, the website employs modern JavaScript libraries and frameworks such as jQuery, Flickity, and Fancybox, alongside Google Tag Manager and Facebook SDK for analytics and marketing. The site is mobile-optimized and demonstrates good SEO practices. Security-wise, the website enforces HTTPS and implements cookie consent mechanisms, though it lacks explicit security policy documentation and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

F

Fachkräfte für Mittelfranken

fachkraefte-mittelfranken.de

41

Fachkräfte für Mittelfranken is a regional information portal supported by the IHK Nürnberg für Mittelfranken, focusing on workforce development and HR topics relevant to the Mittelfranken region in Germany. The portal provides companies and HR professionals with practical examples, tools, events, and services to address challenges such as digital transformation, demographic changes, and international workforce integration. The website is well-branded, consistent, and leverages structured data and social media to enhance trust and visibility. Technically, the site is built on WordPress with a modern plugin ecosystem including Fusion Builder and Events Manager. It uses Matomo for privacy-respecting analytics and implements HTTPS with good SSL configuration. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. From a security perspective, the site enforces HTTPS and uses privacy-friendly embedded content. However, it lacks explicit security headers and a public security policy or incident response contact. No vulnerabilities or suspicious domains were detected. WHOIS data aligns well with the website's organizational claims, showing a consistent and legitimate registration history. Overall, the website presents a professional, trustworthy, and secure platform for its target audience. Strategic improvements could include enhanced security headers, explicit incident response information, and more visible contact details to further strengthen trust and compliance.

S

Stiftung der Metallindustrie im Nord-Westen (SMNW)

stiftung-nordwest.de

44

The Stiftung der Metallindustrie im Nord-Westen (SMNW) is a well-established non-profit foundation founded in 2007, focused on promoting education, science, culture, and social initiatives in the northwestern region of Germany. With a significant capital base, it plays an important role in supporting regional development and the metallurgical and electrical industries indirectly through its funding and projects. The website reflects a professional and consistent brand presence, targeting regional institutions and stakeholders with clear, relevant content and regular updates. Technically, the website is built on WordPress using common plugins such as Contact Form 7 and Autoptimize, with jQuery and jQuery UI libraries. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Hosting is managed via domaincontrol.com DNS, a common provider. The site uses HTTPS with strong SSL configuration but lacks some advanced security headers and cookie consent mechanisms. From a security perspective, the site demonstrates good baseline practices including HTTPS enforcement and no visible sensitive data exposure. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No WAF or blocking mechanisms are detected, and no suspicious or malicious content is present. Privacy compliance is basic with a privacy policy present but no cookie consent banner. Overall, the site is trustworthy and professional with a solid business credibility score. Recommendations include implementing cookie consent for GDPR compliance, adding security headers, publishing a security.txt file, and enhancing incident response transparency to improve security posture and compliance.

M

medi GmbH

medi.de

71

medi GmbH operates a professional website focused on medical compression stockings, orthopedic aids, and related sports and fashion products. The company is positioned as an established player in the healthcare sector in Germany, targeting patients, healthcare professionals, and consumers interested in medical and sportswear products. The website is built on TYPO3 CMS and leverages modern web technologies including jQuery UI and Bootstrap, with performance and mobile optimization rated as good. Security is robust with HTTPS enforced, strong security headers, and use of Cloudflare services. The site implements a comprehensive cookie consent mechanism compliant with GDPR, reflecting a mature privacy posture. However, explicit contact information and security policies are not prominently found, suggesting room for improvement in transparency and incident response readiness.

B

Bayerisches Staatsbad Bad Steben

bad-steben.de

51

Bayerisches Staatsbad Bad Steben operates a regional health and wellness spa specializing in radon and moor therapies located in the Naturpark Frankenwald, Germany. The website serves as an information and booking platform targeting tourists and patients seeking therapeutic and wellness services. The business holds a solid market position as a state-recognized spa with unique natural healing offerings. Technically, the site is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, and YouTube integration, hosted by Int-Tech. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS, security headers, and privacy compliance, though there is room for improvement in formal security policy publication and incident response readiness. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

N

National Association of German Cooperative Banks (BVR)

bvr.de

59

The National Association of German Cooperative Banks (BVR) serves as the umbrella organization for cooperative banks in Germany, providing strategic partnership, advocacy, and service provision to its members. The website reflects a well-established institution with a clear market position as a leading association in the German banking sector. Key services include lobbying, social engagement, and a protection scheme for cooperative banks. The target audience primarily consists of cooperative banks and financial stakeholders within Germany. Technically, the website is built on IBM Domino XPages technology, utilizing Dojo Toolkit and jQuery libraries, with additional components like Jssor Slider and Bootstrap Notify. The site demonstrates moderate performance and good mobile optimization, though some technologies are somewhat dated. SEO and accessibility are adequately addressed through structured data and meta tags. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a formal security policy or incident response contact. No vulnerability disclosure or security.txt file is present. Privacy compliance is mostly met with a comprehensive privacy policy, but no cookie consent mechanism is evident. Overall, the website is professional, trustworthy, and well-aligned with its business purpose. The security posture is adequate but could be improved with modern security best practices and enhanced privacy controls. The domain WHOIS data is consistent with the organization's identity, supporting legitimacy and trustworthiness.

B

Beckerbillett

ticketfritz.de

57

The website ticketfritz.de is an e-commerce platform operated by the company Beckerbillett, specializing in online ticket sales. The site targets a general audience primarily in Germany and offers multi-language support. The business model revolves around providing online shops for ticketing services, with a medium-sized operational scale. The website content is professionally presented with consistent branding and includes essential business information and contact details.

G

Gesamtverband Verkehrsgewerbe Niedersachsen (GVN) e. V.

gvn.de

46

Gesamtverband Verkehrsgewerbe Niedersachsen (GVN) e. V. is a regional non-profit association serving the transport and logistics industry in Niedersachsen, Germany. The website acts as a service and information portal for its members, offering legal advice, training, news, and networking opportunities. The organization targets transport companies and professionals within the region, positioning itself as a key industry representative with a focus on member services and sector-specific expertise. The site is professionally designed, with consistent branding and clear navigation, supporting a positive user experience.

E

European Ocean Biodiversity Information System (EurOBIS)

eurobis.org

52

EurOBIS operates as the European node of the Ocean Biodiversity Information System, providing a valuable open-access platform for marine species distribution data within European waters. The website serves primarily researchers, data providers, and policy makers interested in marine biodiversity. It offers dataset downloads, quality control information, and links to related marine data initiatives. The platform is managed by VLIZ, a reputable marine research institute in Belgium, reinforcing its credibility and scientific focus. Technically, the website employs standard web technologies such as HTML, CSS, JavaScript with jQuery, and Font Awesome for icons. The site is moderately optimized for performance and mobile use, with clear navigation and structured content. However, there is room for improvement in accessibility and SEO optimization. Hosting appears to be managed by a research institution, ensuring stable infrastructure but lacking advanced modern CMS or frameworks. From a security perspective, the site lacks visible security headers and DNSSEC is not enabled, which are areas for enhancement. No forms or analytics scripts reduce attack surface and privacy risks, but the absence of privacy and cookie policies indicates incomplete compliance with GDPR best practices. The domain registration is consistent and long-standing, supporting the site's legitimacy. No WAF or blocking mechanisms were detected, and the content is safe for general audiences. Overall, EurOBIS is a credible, scientifically focused data portal with good business credibility and content quality. Strategic improvements in security headers, privacy compliance, and technical modernization would enhance its security posture and user trust.

S

Stadtverwaltung Maxhütte-Haidhof

maxhuette-haidhof.de

63

The website www.maxhuette-haidhof.de serves as the official digital presence of the city administration of Maxhütte-Haidhof, Germany. It provides comprehensive municipal information, including city council details, local events, urban planning, and citizen services. The site targets residents and visitors, offering online portals for administrative tasks such as registrations and permits. The business model is that of a local government entity focused on public service delivery. Technically, the site is built on the IKISS CMS platform, utilizing legacy but functional JavaScript libraries like jQuery and Slick Carousel. Hosting is provided by Hetzner, a reputable German hosting provider. Accessibility is enhanced through Eye-Able assistive technology scripts, and cookie consent mechanisms comply with GDPR requirements. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. No advanced analytics or advertising scripts are present, reflecting a privacy-conscious approach. Overall, the site is professional, trustworthy, and well-aligned with its government function.

T

Tím Zones.sk

pscpsc.cz

45

The website pscpsc.cz is a Czech Republic focused postal code search service operated by Tím Zones.sk. It provides users with the ability to search postal codes by city, street, or postal code, and offers a list of popular postal codes. The site is positioned as a niche informational service targeting the general public in the Czech Republic. Technically, the site uses a custom or unknown CMS with common web technologies such as jQuery, Google Tag Manager, Google Adsense, and Facebook SDK. Hosting is provided by Websupport, a regional hosting provider. The site is mobile optimized and has good SEO and accessibility basics. Security posture is moderate with HTTPS enabled and a consent management platform for GDPR compliance, but lacks explicit security headers and detailed privacy or terms of service pages. No direct company contact emails or phone numbers are present on the site, but contact is available via the parent company Zones.sk. Overall, the site is professional, trustworthy, and safe for general audiences.

T

Team Zones.sk

capcap.it

57

capCAP.it is a specialized Italian website offering postal code (CAP) lookup services for cities and streets across Italy. The site targets Italian residents and users needing postal code information, providing a user-friendly search interface with autocomplete features and popular city CAP listings. The business model appears to be advertising-supported, leveraging Google Adsense and Google Tag Manager for monetization and analytics. The site is relatively new, established in 2022, and operated by Team Zones.sk, a company linked via contact and copyright references.

T

Team Zones.sk

plzplz.at

59

plzPLZ.at is a specialized online service providing postal code search functionality for cities and streets in Austria. The website is operated by Team Zones.sk and targets general users seeking postal code information. It offers autocomplete search features and lists popular postal codes, enhancing user convenience. The site is well-positioned in its niche market, focusing on Austrian postal code data with a clear and consistent branding approach. Technically, the website employs a modern tech stack including jQuery, jQuery UI, Google Fonts, Google Tag Manager, and Google Adsense for advertising and analytics. Hosting is provided by websupport.sk, a known hosting provider. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS and a comprehensive consent management platform to comply with GDPR cookie and tracking regulations. However, explicit security headers are not detected, and no formal security or incident response policies are published. The site does not expose sensitive data and uses secure forms for user input. Advertising partners and tracking vendors are numerous but transparently disclosed via the consent mechanism. Overall, the website presents a moderate risk profile with good privacy compliance and a solid technical foundation. Strategic improvements in security headers, explicit privacy and security policies, and enhanced contact information would strengthen trust and compliance. The domain registration is consistent and legitimate, supporting the website's credibility.

V

Verband der W. K. St. V. Unitas e.V.

unitas.org

10

The website www.unitas.org represents the Verband der Wissenschaftlichen Katholischen Studentenvereine Unitas e.V., the oldest Catholic student and academic association in Germany, founded in 1855. It serves as a community platform for Catholic students and alumni across 29 university locations, offering social, educational, and religious activities. The organization uniquely includes both male and female student associations and emphasizes lifelong connections and social responsibility through various projects and events. The site content is primarily in German and targets Catholic students and academics in Germany.

K

Kunstverein Friedberg

kunstverein-friedberg.de

64

Kunstverein Friedberg is a small non-profit art association based in Germany, founded in 1976, dedicated to presenting and promoting contemporary art. The organization offers exhibitions featuring both established and emerging artists, providing a cultural platform beyond commercial galleries and museums. The website serves as an information hub for members and art enthusiasts, promoting events, membership benefits, and regional art activities. Technically, the website is built on the Jimdo Creator CMS platform, hosted by Jimdo GmbH, and incorporates standard web technologies including jQuery UI and embedded widgets from POWr.io and Google services. The site is mobile-optimized and includes a cookie consent mechanism compliant with GDPR requirements. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and explicit incident response or security policies. Overall, the website is professional, trustworthy, and serves its target audience effectively, though there is room for improvement in security and compliance documentation.

N

Neuer Kunstverein Aschaffenburg e.V.

kunstlanding.de

65

The website kunstlanding.de represents Neuer Kunstverein Aschaffenburg e.V., a non-profit cultural association focused on contemporary art exhibitions and community engagement in Aschaffenburg, Germany. It offers a platform for artists and art enthusiasts, hosting exhibitions, events, and providing membership opportunities. The site is well-structured, primarily in German, and targets local and regional audiences interested in art and culture. Technically, the website is built on the Jimdo Creator CMS platform, utilizing standard web technologies including jQuery UI and embedded Google Maps. The site demonstrates moderate performance with good mobile optimization and basic accessibility features. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, additional security headers are missing, and no explicit security policies or incident response information is provided. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data aligns with the hosting and business information, indicating a legitimate domain registration. Overall, kunstlanding.de is a credible, well-maintained cultural website with good privacy compliance and moderate security posture. Strategic improvements in security headers and incident response transparency could enhance its security maturity.

KHG Erlangen is a small, non-profit community organization serving students and young academics in Erlangen, Germany. The website provides information about their spiritual, social, and support services including regular religious services, community events, counseling, and housing assistance. The organization positions itself as an inclusive and open community welcoming diverse backgrounds. Technically, the website is built on the Contao CMS platform with modern frontend libraries such as jQuery and Bootstrap, hosted on NSHost infrastructure. The site is mobile optimized and offers a good user experience with clear navigation and relevant content. Security posture is moderate with HTTPS enabled but lacks visible security headers and a public security policy. Privacy compliance is basic with a privacy policy page present but no cookie consent mechanism. Overall, the website is trustworthy and professional, serving its community effectively.

B

British Chamber of Commerce

bccequilibrium.cz

43

The website bccequilibrium.cz represents the Equilibrium Mentoring Programme operated by the British Chamber of Commerce in the Czech Republic. It focuses on empowering women in business and non-profit sectors through mentorship and community engagement. The programme has a well-established presence since 2011, boasting a large community of mentors and mentees. The website content is professionally presented, with detailed mentor profiles and programme statistics, targeting women seeking career development and leadership growth. Technically, the site is built on WordPress with the Avada theme and uses common plugins for e-commerce and event management. It is hosted via a Czech registrar and uses HTTPS, ensuring secure connections. However, the site lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security headers are not detected, and no explicit contact emails or phone numbers are found, which could affect user trust and compliance. Overall, the site is functional, professional, and safe for general audiences, but could improve in privacy transparency and security best practices.