Security Directory

V

Verband der Unternehmerinnen in Deutschland e.V. (VdU)

vdu.de

56

Verband der Unternehmerinnen in Deutschland e.V. (VdU) is a well-established non-profit association founded in 1954, dedicated to representing and supporting women entrepreneurs across Germany. The organization advocates for increased female entrepreneurship, leadership roles for women, and improved economic conditions for women in business. Their services include advocacy, networking, mentoring, events such as the she succeeds award, and publications. The website reflects a mature digital presence built on TYPO3 CMS, with modern cookie consent management and a clear structure optimized for user experience and accessibility. Security posture is solid with HTTPS and cookie consent, though some security headers could be improved. The domain registration is consistent with the organization's profile, enhancing trustworthiness. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

S

scio s.r.o.

scioskola.cz

66

ScioŠkoly is a Czech Republic-based network of innovative primary and secondary schools focused on preparing students for the challenges of the 21st century. The organization operates multiple schools across the country, emphasizing freedom, responsibility, and modern educational methods. The website reflects a mature and well-established educational institution with a strong market position supported by accreditations and positive community feedback. Technically, the site uses modern web technologies including Umbraco CMS, Bootstrap, and Google Tag Manager for analytics and consent management. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers and incident response information are missing. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

S

SCIO

scioexams.com

51

SCIO is a well-established educational organization based in the Czech Republic, specializing in university admission exams, national comparative exams, and various educational projects including a network of schools and educational toys. The website reflects a professional and consistent brand with a clear focus on education and services for students, parents, and educational institutions. The technical infrastructure uses modern web technologies including Google Tag Manager and CookieHub for analytics and cookie consent management, ensuring GDPR compliance. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is generally strong with HTTPS enforced and no visible vulnerabilities, though the absence of a published security policy and incident response information is a gap. The lack of WHOIS data for the domain is a concern for transparency but does not currently undermine the legitimacy of the business based on website content and external references. Overall, SCIO presents a trustworthy and professional online presence in the education sector.

S

SCIO

scio.sk

52

SCIO is a well-established educational organization based in Slovakia, specializing in the development and administration of national comparative exams for university entrance, educational projects for schools, and research-driven innovations in education since 1995. The website reflects a professional and consistent brand presence targeting students, teachers, and educational institutions. Technically, the site uses modern JavaScript frameworks, Google Tag Manager for analytics, and CookieHub for cookie consent management, ensuring compliance with privacy regulations. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though formal security policies and incident response contacts are absent. Overall, the site is trustworthy, well-maintained, and compliant with GDPR, supporting SCIO's credibility in the education sector.

O

OFFENE-TÜRE.de

offenetuere.de

57

OFFENE-TÜRE.de is a specialized small business based in Germany offering professional 360° virtual tours, Google Street View entries, and digital twin services primarily targeting companies seeking to enhance their online visibility and customer engagement. The website presents a clear business model focused on digital marketing enhancement through immersive virtual experiences. Technically, the site uses a modern but basic technology stack including Bootstrap and jQuery, hosted on German servers with no detected content blocking or WAF interference. The site is mobile optimized and SEO friendly with good content quality and clear navigation. Security posture is moderate with some concerns such as the use of GET method for login forms and lack of explicit security headers. Privacy compliance is good with a cookie consent banner and a dedicated DSGVO page, though no terms of service or security policy pages are found. Overall, the site is trustworthy but could improve security and compliance aspects.

J

JOBST

jobst.de

61

JOBST is a well-established brand specializing in compression therapy products for lymphatic and venous diseases. The company operates under the parent company Essity and targets patients and healthcare professionals seeking effective medical compression solutions. The website reflects a professional and consistent brand image with a focus on product comfort and therapeutic efficacy. Technically, the site employs modern JavaScript libraries, Google Tag Manager, and OneTrust for consent management, indicating a mature digital infrastructure. Security-wise, the site uses HTTPS and Content Security Policy headers, but lacks some advanced security headers and a dedicated security policy page. Privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms. Overall, the website is trustworthy, well-maintained, and suitable for its healthcare audience.

T

TUI

tui.com

72

TUI.com is the official website of TUI, a leading European travel and tourism company offering a wide range of services including package holidays, hotel bookings, flights, cruises, car rentals, and additional travel-related services. The website is professionally designed, mobile-optimized, and provides a comprehensive user experience targeting a general audience interested in travel. Technically, the site employs modern web technologies such as Web Components, asynchronous JavaScript loading, and integrates third-party services like Tealium for tag management and Gigya for customer identity management. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies are not fully confirmed in the provided data. Privacy compliance is moderate due to the absence of clearly identified privacy and cookie policies in the analyzed content. WHOIS data is unavailable, which limits domain registration verification, but the website's professional presentation and branding strongly indicate legitimacy. Overall, TUI.com represents a mature, enterprise-level digital platform in the hospitality sector with good security and technical implementation but could improve transparency around privacy and security policies.

P

purposia.com - Wirke als der Mensch, der du bist.

purposia.com

58

The website purposia.com presents itself as a personal or motivational platform with content primarily in German. It is hosted on the Wix platform, utilizing standard Wix scripts and polyfills, indicating a basic digital infrastructure. The site lacks comprehensive business information, contact details, and privacy or cookie policies, which limits its credibility and compliance posture. The absence of WHOIS registration data for the domain is a significant concern, suggesting the domain may not be properly registered or the data is withheld, which impacts trustworthiness. Security configurations appear minimal, with no advanced headers or policies detected. Overall, the site is accessible and safe for general audiences but lacks critical elements for business credibility and regulatory compliance.

C

corporate benefits Benelux BV

corporate-benefits.be

62

Corporate Benefits Benelux BV operates as a European market leader in employee benefits solutions, providing tailored discount platforms and attractive offers from strong brands to over 40,000 companies and 15.6 million registered users. Their business model focuses on B2B and B2C services targeting employers, retailers, and employees across multiple European countries. The website is professionally designed, multilingual, and built on TYPO3 CMS, indicating a mature digital infrastructure with moderate performance and good mobile optimization. Security posture is adequate with cookie consent mechanisms and secure form validations, though lacking explicit security headers and vulnerability disclosures. WHOIS data is restricted, limiting domain ownership verification, but the overall trust indicators such as TÜV IT certification and consistent branding support legitimacy. The site integrates Google Tag Manager and analytics for marketing and tracking purposes with GDPR-compliant consent.

B

buechler.pro gmbh

buechler.pro

46

buechler.pro gmbh is a specialized TYPO3 CMS agency based in Switzerland, offering professional web development, web application development, and agency services. The company positions itself as a partner for digital projects and transformation, targeting businesses and agencies seeking high-quality TYPO3 solutions. Their market position is supported by certifications such as TYPO3 Certified Developer and TYPO3 Bronze Membership, along with a portfolio of client references. Technically, the website is built on TYPO3 CMS with Bootstrap and modern web technologies, delivering a responsive and accessible user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers are missing and no explicit incident response or security policies are published. Privacy compliance is partially addressed with a privacy policy present but lacking cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-structured, though WHOIS data is unavailable, slightly reducing domain trustworthiness.

The website kunde24.de presents a minimalistic login interface with no publicly accessible content or business information. The absence of privacy policies, contact details, or terms of service limits transparency and user trust. Technically, the site relies on outdated JavaScript libraries such as jQuery 1.3.2, which introduces security vulnerabilities. There is no visible enforcement of HTTPS or security headers, which further weakens the security posture. The domain WHOIS data is heavily redacted due to DENIC policies, providing no registrar, creation, or expiry dates, which complicates trust assessment. Overall, the site appears to be a small-scale or internal service portal with limited external exposure or business presence.

P

Partnerschaften für Demokratie der Landkreise Wunsiedel i. Fichtelgebirge, Tirschenreuth, Hof und Stadt Hof

demokratie-leben-in-der-mitte-europas.de

42

The website demokratie-leben-in-der-mitte-europas.de serves as an informational and funding portal for democracy promotion projects in the German regions of Wunsiedel i. Fichtelgebirge, Tirschenreuth, Hof, and the city of Hof. It operates under the federal program "Demokratie leben!" supported by the German Ministry for Family Affairs. The site provides resources for project funding, event announcements, and contact information for coordination offices. Technically, the site is built on WordPress 6.8.3, with a modern responsive design and good accessibility features. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers and incident response policies are absent. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professionally maintained, serving a small regional government/non-profit audience.

U

USU Software AG

usu.com

66

USU Software AG is a technology company specializing in IT service management, IT asset management, and AI-driven enterprise solutions. The company positions itself as a leader in optimizing IT operations and elevating service delivery through innovative cloud, risk management, and cost control solutions. Their website reflects a mature digital presence with comprehensive product offerings and resources targeting IT professionals and enterprise decision makers. Technically, the site is built on HubSpot CMS with extensive use of modern analytics and marketing tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS data for the domain introduces some uncertainty about domain registration legitimacy, but the professional branding and external references support the company's credibility. Overall, USU demonstrates a robust business and technical foundation with room for improvement in transparency around security and domain registration details.

Z

Zentrum Verkündigung der EKHN

zentrum-verkuendigung.de

59

Zentrum Verkündigung der EKHN is a non-profit religious organization affiliated with the Evangelische Kirche in Hessen und Nassau, providing a broad range of church-related services including publications, events, spiritual resources, and music programs. The website serves as an important regional hub for church members, volunteers, and stakeholders, offering comprehensive content and resources tailored to their needs. The organization maintains a clear and consistent brand presence with good content quality and user experience. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and integrating Matomo for analytics. Hosting is provided by SchlundTech, a reputable provider. The site demonstrates good mobile optimization, accessibility, and SEO practices, ensuring a positive digital maturity level. From a security perspective, the site uses HTTPS with a solid SSL configuration and secure form handling. However, it lacks explicit security policies and incident response information publicly available, which could be improved. Privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms in place. No critical vulnerabilities or suspicious activities were detected. Overall, the website presents a trustworthy and professional digital presence for a religious non-profit entity, with recommendations to enhance security headers and publish security-related policies to further strengthen its posture.

I

Interkulturell Evangelisch in Bayern

interkulturell-evangelisch.de

55

Interkulturell Evangelisch in Bayern is a small non-profit organization focused on promoting intercultural church development, multilingual worship services, and diversity-sensitive pastoral care within Bavaria. The website serves as an informational platform providing resources and links related to anti-discrimination and ecumenical cooperation among international congregations. The organization targets church communities and intercultural groups, positioning itself as a niche regional entity within the non-profit sector. Technically, the website is built on the Wix platform, utilizing Wix's Thunderbolt framework and standard JavaScript libraries. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO features. The presence of a cookie consent banner indicates some level of privacy compliance, although explicit privacy policies and terms of service are absent. From a security perspective, the site enforces HTTPS and includes scripts to harden fetch and XHR requests. However, it lacks explicit security headers and does not provide incident response or vulnerability disclosure information. No critical vulnerabilities or suspicious patterns were detected, and the site is accessible without WAF or security challenges. Overall, the website presents a moderate risk profile with room for improvement in privacy compliance, security best practices, and contact transparency. Strategic enhancements in these areas would strengthen trust and compliance posture.

E

Evangelische Hochschule Nürnberg

evhn.de

48

The Evangelische Hochschule Nürnberg is a state-recognized higher education institution affiliated with the Evangelical Lutheran Church in Bavaria. It offers a range of degree programs primarily in social work, health and nursing, education, management, and church-diaconal studies. The institution targets students, prospective students, and professionals seeking further education in related fields. The website reflects a well-established regional educational provider with a strong focus on social and church-related disciplines. Technically, the website is built on Drupal 10, utilizing modern JavaScript libraries such as Splide.js for UI components and Usercentrics for GDPR-compliant cookie consent management. Analytics are handled via Matomo, indicating a preference for privacy-conscious tracking. The site is hosted on servers associated with m-online.net, with multiple nameservers indicating a robust DNS setup. Performance and mobile optimization are good, with accessibility and SEO features well implemented. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security policy pages or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The domain WHOIS data aligns with the website content, supporting legitimacy and trustworthiness. Overall, the site demonstrates a mature security posture appropriate for an educational institution. The risk profile is low, with no signs of malicious activity or suspicious domains. Recommendations include publishing a formal security policy, incident response contacts, and adding security headers to enhance protection. The website is suitable for general audiences, with no adult or questionable content detected.

R

Religionspädagogisches Zentrum der Evangelisch-Lutherischen Kirche in Bayern

rpz-heilsbronn.de

46

The Religionspädagogisches Zentrum Heilsbronn is a specialized non-profit educational institution affiliated with the Evangelisch-Lutherische Kirche in Bayern. It focuses on religious pedagogy, offering training, materials, and event hosting primarily for educators and church workers in Bavaria. The website reflects a well-structured, content-rich platform with clear navigation and a professional design, targeting religious educators and related audiences. Technically, the site is built on TYPO3 CMS, uses modern web technologies, and integrates Piwik (Matomo) analytics for user tracking. Security posture is solid with HTTPS and no exposed sensitive data, though improvements are recommended in security headers and privacy compliance mechanisms such as cookie consent. The domain WHOIS data is minimal but consistent with a legitimate small non-profit entity. Overall, the website presents a trustworthy and professional digital presence with room for enhanced privacy and security practices.

Wirkstatt evangelisch is a newly established institution within the Evangelical Lutheran Church in Bavaria, formed by merging three church departments to provide consolidated support, training, and consulting services to church employees and communities. The website presents a clear mission focused on collaboration, spirituality, and organizational efficiency within the church context. Technically, the site is built on WordPress with a modern theme, showing good mobile optimization and accessibility, though some SEO and security header improvements are possible. Security posture is solid with HTTPS and no visible vulnerabilities, but lacks some advanced security headers and a cookie consent mechanism. Overall, the site is trustworthy, compliant with GDPR, and professionally presented, reflecting its non-profit church affiliation.

L

Landesverband für Evangelische Kindergottesdienstarbeit in Bayern

kirche-mit-kindern.de

49

The website www.kirche-mit-kindern.de represents the Landesverband für Evangelische Kindergottesdienstarbeit in Bayern, a non-profit organization dedicated to supporting children's church services in Bavaria, Germany. It offers educational resources, training programs, newsletters, and event information tailored to church workers and families involved in religious education for children. The organization holds a regional leadership position within its niche. Technically, the site is built on TYPO3 CMS, a professional and mature content management system, with responsive design and good accessibility features. The website employs HTTPS with strong SSL configuration and includes a cookie consent mechanism compliant with GDPR. However, no advanced security headers or explicit security policies are published. From a security perspective, the site shows good practices such as encrypted connections and no visible vulnerabilities or exposed sensitive data. The absence of a formal security policy or incident response contact is noted as an area for improvement. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the website is trustworthy, professionally maintained, and suitable for its target audience. Strategic recommendations include enhancing security transparency, publishing incident response details, and adding security headers to further strengthen the security posture.

B

BelWü-Koordination

belwue.de

60

BelWü is a regional data network provider serving scientific and educational institutions in Baden-Württemberg, Germany. It connects universities, colleges, schools, and public libraries, offering a range of network and internet services tailored to the academic sector. The website presents a clear and professional overview of its services and organizational structure, targeting institutional users within the region. Technically, the website is built with standard HTML, CSS, and JavaScript, featuring a responsive design and clear navigation, though it lacks advanced frameworks or CMS indications. Security posture is moderate with HTTPS assumed but missing explicit security headers and cookie consent mechanisms. The WHOIS data aligns with the academic nature of the service, using university name servers and Deutsche Telekom infrastructure, supporting legitimacy. Overall, the site is trustworthy and functional but could improve privacy compliance and security best practices.

W

webfactory GmbH

webfactory.de

59

webfactory GmbH is a well-established German web agency founded in 1997, specializing in custom websites and web applications primarily for companies, organizations, and public institutions. The company emphasizes long-term partnerships and high-quality, sustainable digital solutions. Their market position is strong within the German-speaking market, supported by a portfolio of reputable clients and projects. Technically, the website uses a modern stack including PHP, Symfony, and a proprietary CMS called wfDynamic, with privacy-conscious analytics via Matomo. The site is well-optimized for performance, accessibility, and mobile devices. Security posture is solid with HTTPS and privacy-respecting analytics, though some security policy disclosures and cookie consent mechanisms could be improved. Overall, the business credibility and professionalism are high, with clear contact information and consistent branding.

D

Deutsche Forschungsgemeinschaft e.V.

gerit.org

56

GERiT is a comprehensive information portal operated by the Deutsche Forschungsgemeinschaft (DFG) in partnership with DAAD and HRK, providing detailed data on over 33,000 German research institutions. It serves students and researchers domestically and internationally, offering institutional profiles, job listings, doctoral program information, and links to DFG-funded projects. The portal is bilingual and well-structured, reflecting a mature digital presence. Technically, the site uses modern web technologies including React and integrates search capabilities via Apache Lucene/Solr. It employs Google Maps API for geolocation features and maintains good mobile responsiveness and accessibility standards. While no explicit CMS is detected, the platform appears custom-built for its specialized content. Security posture is solid with HTTPS enforced and cookie consent implemented, though improvements could be made by enabling DNSSEC and adding security headers. No vulnerabilities or malicious content were detected. Privacy compliance is strong, with a clear and comprehensive privacy policy and cookie management. Overall, GERiT represents a trustworthy, authoritative resource in the German academic research sector. Strategic recommendations include enhancing DNS security, publishing a formal security policy, and adding vulnerability disclosure mechanisms to further strengthen trust and security.

O

Orchestre de Paris

monsieur-onde.com

48

Monsieur Onde is a culturally focused website dedicated to promoting classical music and the repertoire of the Orchestre de Paris through interactive games, videos, and educational content. The site targets a general audience interested in music education and classical symphonic works. The business model appears to be educational and promotional, leveraging multimedia content to engage users and enhance their knowledge of classical music. The website is professionally designed with consistent branding aligned with the Orchestre de Paris, indicating a strong association with this reputable cultural institution. Technically, the website uses modern web technologies including HTML5, CSS3, JavaScript, Google Tag Manager, and Google Analytics. It is hosted by OVH sas, a well-known hosting provider. The site is mobile optimized and includes SEO best practices such as meta tags and Open Graph data. However, there is room for improvement in accessibility and security headers implementation. Performance is moderate, and the site is fully accessible without any blocking or WAF challenges. From a security perspective, the site uses HTTPS and protects the domain with registrar status flags. However, it lacks security headers and a cookie consent mechanism, which are important for GDPR compliance and overall security posture. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is transparent and consistent with the website's claims, enhancing trustworthiness. Overall, the website presents a moderate risk profile with good business credibility but some gaps in privacy compliance and security best practices. Strategic improvements in cookie consent, security headers, and contact transparency would enhance trust and compliance.

O

Orchestre de Paris

orchestredeparis.com

58

Orchestre de Paris is a prestigious French symphony orchestra presenting concerts primarily at the Philharmonie de Paris. The organization offers a rich cultural experience with over 150 years of history and a roster of 120 musicians. Their services include live concerts, subscription sales, educational outreach, and digital concert streaming. The website reflects a mature digital presence with professional design, clear navigation, and integration with social media and ticketing partners. Technically, the site uses modern web technologies and includes cookie consent and privacy policies, indicating awareness of GDPR compliance. Security posture is generally good with HTTPS enforced, though the absence of visible security headers suggests room for improvement. The WHOIS data for the domain is missing or unavailable, which is unusual and slightly reduces trustworthiness, but the overall content and external affiliations support legitimacy. No adult or explicit content is present, making the site safe for general audiences.

T

The Wallet Crew

neostore.cloud

62

The Wallet Crew is a French technology company specializing in providing a white-label Wallet as a Service platform that enables brands to digitalize loyalty cards, tickets, coupons, and other passes into Apple and Google Wallet. The company targets businesses seeking to enhance customer engagement through mobile wallet solutions, offering API integrations, real-time notifications, and a scalable platform hosted on Microsoft Azure. The website is professionally designed, mobile-optimized, and rich in content including client testimonials and case studies, indicating a mature digital presence. Technically, the site leverages modern web technologies such as Webflow CMS, Google Tag Manager, and cookie consent tools, ensuring good performance and user experience. Security posture is solid with HTTPS and signed passes, though explicit security headers and policies are lacking. The absence of WHOIS registration data is a concern for domain legitimacy but does not detract from the professional business presentation. Overall, the site demonstrates a good balance of business credibility and technical maturity with room for improvement in privacy and security transparency.

C

Aktuelle COVID-19 Zahlen weltweit | corona-zahlen-heute.de

corona-zahlen-heute.de

65

The website corona-zahlen-heute.de is a German-language informational portal focused on providing up-to-date COVID-19 statistics worldwide and detailed data for Germany. It aggregates official data sources and presents them with visualizations and detailed regional breakdowns. The site targets the general public interested in pandemic tracking and health data. Technically, the site uses modern web technologies including JavaScript, SVG for maps, Google Fonts, and Google Adsense for monetization. Hosting is via Cloudflare, providing performance and security benefits. Security posture is strong with HTTPS enforced and Content-Security-Policy headers present, though additional headers could improve security further. Privacy compliance is moderate; a cookie consent mechanism is implemented, but no explicit privacy policy or terms of service pages were found in the provided content. No direct contact information or incident response contacts are visible. Overall, the site is professional, trustworthy, and safe for general audiences, with a moderate AI score reflecting good content and technical implementation but some gaps in privacy and contact transparency.

A

Ambulante Ethikberatung für Hochfranken e.V.

ethikberatung-hochfranken.de

44

Ambulante Ethikberatung für Hochfranken e.V. is a small non-profit association founded in 2022, providing ambulatory ethics consultation services in the Hochfranken region of Germany. The organization focuses on supporting patients, their families, and healthcare professionals in ethical decision-making related to end-of-life care. The website presents a professional and consistent brand image, with clear contact information and detailed descriptions of services and team members. Technically, the site uses modern web technologies including Bootstrap and jQuery, hosted by a regional provider, and is mobile-optimized with good SEO practices. Security posture is moderate with HTTPS implied but lacking explicit security headers and policies. Privacy compliance is good with a privacy policy available, though no cookie consent mechanism is present. Overall, the website is trustworthy and well-suited for its target audience.

T

TFG ONLINE PLUS

tfgonlineplus.de

56

The website 'TFG ONLINE PLUS' appears to be a business-oriented platform hosted in Germany, utilizing a mobile-friendly jQuery Mobile framework. The site enforces HTTPS via client-side redirection and integrates a Usercentrics cookie consent mechanism, indicating some level of GDPR compliance. However, the content is minimal and lacks explicit business descriptions, contact information, or legal disclosures, which limits the ability to fully assess the business model or market position. Technically, the site uses standard JavaScript libraries and is hosted by Adacor, a reputable hosting provider. Security posture is moderate with HTTPS enabled but missing important HTTP security headers and no visible incident response or security policies. Privacy compliance is partial due to the presence of a cookie consent but absence of a privacy policy. Overall, the site is functional but would benefit from enhanced transparency and security hardening.

F

Fachstelle für katholische Kinder- und Jugendarbeit im Dekanat Hof/ BDKJ-Regionalverband Hof-Kulmbach

jugend-im-dekanat-hof.de

57

The website represents a regional Catholic youth pastoral office and youth organization in the Hof and Kulmbach areas of Germany, affiliated with the Erzdiözese Bamberg. It provides information on youth work, events, subsidies, and contact details for local offices. The site targets youth, volunteers, and community members involved in church-related youth activities. Technically, the site is built on the Alkacon Mercury CMS platform, uses Matomo for privacy-respecting analytics, and integrates accessibility features effectively. The site is well-structured, mobile-optimized, and includes GDPR-compliant privacy and cookie policies. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. No incident response or vulnerability disclosure policies are found. Overall, the site is trustworthy, professional, and safe for general audiences.

C

Caritas gGmbH St. Heinrich und Kunigunde

caritasheim-hof.de

62

Caritas gGmbH St. Heinrich und Kunigunde is a well-established non-profit organization providing comprehensive social care services in Bavaria, Germany. Their offerings include senior care, disability support, childcare, and educational services, positioning them as a regional leader in healthcare and social services. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to seniors, people with disabilities, children, and youth. Technically, the site uses modern JavaScript libraries, consent management tools, and tracking services, hosted likely on infrastructure associated with Deutsche Telekom AG. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and privacy disclosures are lacking. Overall, the site is trustworthy and serves its audience effectively but would benefit from enhanced privacy compliance and security transparency.

K

Katholische Kindertagesstätte St. Klara Schwarzenbach

kiga-schwarzenbach.de

60

Katholische Kindertagesstätte St. Klara Schwarzenbach is a small, community-focused Catholic childcare institution located in Schwarzenbach/Saale, Germany. The website provides comprehensive information about their childcare services including nursery (Krippe), kindergarten, and school-age child care, targeting parents and guardians in the local area. The institution is affiliated with the Archdiocese of Bamberg, which supports its legitimacy and trustworthiness. The website content is well-structured, accessible, and includes detailed contact information and privacy policies, reflecting a professional and community-oriented organization. Technically, the website is built on the alkacon Mercury CMS platform, utilizing JavaScript, Matomo analytics for privacy-conscious tracking, and OpenStreetMap for location services. The site is mobile-optimized and includes strong accessibility features, enhancing usability for a broad audience. Performance is moderate, with room for optimization, but overall the technical infrastructure supports the business needs effectively. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism compliant with GDPR. However, explicit security headers are not detected, and there is no dedicated security or incident response policy page. No vulnerabilities or exposed sensitive data were found, indicating a solid security posture for a small institution. The absence of a security.txt file or incident response contacts suggests areas for improvement in transparency and readiness. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic recommendations include enhancing security headers, publishing incident response information, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

K

Kindergarten und Kinderkrippe "Regenbogen" Naila

kiga-regenbogen-naila.de

59

Kindergarten und Kinderkrippe "Regenbogen" Naila is a small, community-focused childcare and educational institution located in Naila, Germany. Affiliated with the Catholic Archdiocese of Bamberg, it provides kindergarten and nursery services with a strong emphasis on pedagogical concepts, parental cooperation, and community engagement. The website serves as an information portal for parents and guardians, detailing operational hours, fees, registration procedures, and educational philosophy. Technically, the website is built on the alkacon Mercury CMS platform, leveraging modern web technologies including HTML5, CSS3, JavaScript, and Matomo analytics for privacy-conscious user tracking. The site is well-optimized for mobile devices and accessibility, featuring a cookie consent mechanism and structured data for enhanced SEO and user experience. From a security perspective, the site enforces HTTPS and employs cookie consent for external content, but lacks explicit security headers and incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with a comprehensive privacy policy and GDPR-aligned cookie management. Overall, the website presents a trustworthy, professional, and user-friendly digital presence for a local educational institution. Strategic improvements could focus on enhancing security headers, publishing a security policy, and adding incident response contacts to further strengthen trust and compliance.

Junge Aktion der Ackermann-Gemeinde is a small non-profit Catholic youth organization based in Germany, focused on fostering German-Czech and broader Central European cultural exchange through youth projects and international encounters. The website is built on TYPO3 CMS with Bootstrap, providing a modern and mobile-optimized user experience. The organization maintains an active social media presence and offers newsletter subscriptions to engage its audience. Security posture is adequate with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies could be improved. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, though it lacks explicit terms of service and detailed security policies.

R

Referat Freiwilliges Soziales Jahr und Bundesfreiwilligendienst

fsj-bfd-bamberg.de

56

The Referat Freiwilliges Soziales Jahr und Bundesfreiwilligendienst website serves as an official regional government/non-profit portal providing comprehensive information and support for voluntary social service programs in Bamberg, Germany. It targets young individuals interested in FSJ and BFD programs, offering details on application processes, educational seminars, and partner organizations. The site is well-branded, consistent, and supported by recognized government and church entities, reflecting a trustworthy and established presence. Technically, the website is built on the Alkacon Mercury CMS platform, hosted on infrastructure related to the Archdiocese of Bamberg. It employs modern web technologies including JavaScript, Matomo analytics for privacy-conscious tracking, and accessibility tools such as the Eye-Able plugin. The site is mobile-optimized and demonstrates good SEO and accessibility practices. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive privacy policy and cookie banner. Overall, the website presents a low-risk profile with a solid business credibility and technical foundation. Strategic improvements in security headers and incident response transparency would further enhance its security posture and trustworthiness.

D

Durchstarter - Freiwilliges Schuljahr

freiwilligennet.de

41

Durchstarter - Freiwilliges Schuljahr is a German non-profit educational initiative aimed at engaging students from the 8th grade onwards in voluntary social and active school year programs. The website serves as an informational and engagement platform, offering a variety of social, cultural, and ecological volunteer opportunities in cooperation with local organizations. The platform targets young students seeking meaningful extracurricular experiences and supports partnerships with local social institutions. Technically, the website is built on a modern stack including Vue.js, Bootstrap, and Pimcore CMS, with privacy-conscious analytics via Matomo and a compliant cookie consent mechanism. Security posture is adequate with HTTPS enforced and privacy best practices observed, although explicit security headers and incident response policies are not published. Overall, the site is professional, accessible, and trustworthy, with a clear focus on educational and social engagement.

F

FiZ gGmbH

fiz-hof.de

57

FiZ gGmbH is a social enterprise based in Hof, Germany, providing ambulatory assistance services to families and adults. The organization positions itself as a local non-profit entity focused on social support. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies such as JavaScript and CSS. The site is moderately optimized for mobile devices and offers a good user experience with clear navigation and relevant content. However, it lacks comprehensive privacy and cookie policies, terms of service, and incident response information, which are critical for compliance and trust. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and formal policies. Overall, the site is functional and professional but would benefit from enhanced privacy and security measures to strengthen user trust and regulatory compliance.

I

INES Berlin

ines-berlin.de

41

INES Berlin is an independent research institute based in Berlin-Mitte, specializing in empirical social and economic research with a focus on labor market policy, education, and personnel research in Germany and Europe. The website presents a professional and consistent brand image, targeting academic and policy audiences interested in social sciences. Key services include data analysis, survey design, and qualitative research. The market position is that of a specialized, small-sized research entity within the education sector. Technically, the website is built using AngularJS and FontAwesome, hosted likely on rzone.de servers. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. No CMS or advanced analytics tools are detected, indicating a straightforward technical infrastructure. From a security perspective, the site uses HTTPS (assumed from standard practice though not explicitly confirmed), but lacks visible security headers and cookie consent mechanisms. No forms or contact emails are present on the homepage, limiting data collection risks but also reducing direct contact options. The WHOIS data is minimal but consistent with the hosting provider, with no suspicious patterns detected. Overall, the security posture is moderate with room for improvement in policy transparency and technical safeguards. The overall risk is low given the nature of the business and content, but strategic recommendations include implementing cookie consent, publishing security and incident response policies, and enhancing security headers to improve trust and compliance.

N

neuwaerts GmbH

neuwaerts.de

64

neuwaerts GmbH is a creative agency based in Hannover, Germany, specializing in brand development, communication consulting, and integrated marketing campaigns. With over 15 years of experience, they serve clients primarily in the German-speaking region, offering a blend of traditional print and modern digital services. Their market position is that of a well-established regional agency with a strong focus on innovation and client collaboration. Technically, the website is built on the Webflow platform, utilizing modern JavaScript libraries such as GSAP and Alpine.js for interactive features. The site is well-optimized for performance, mobile responsiveness, and accessibility, with a comprehensive cookie consent mechanism powered by CookieHub. SEO and structured data are properly implemented, enhancing discoverability and trust. From a security perspective, the site enforces HTTPS and employs cookie consent best practices. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced trust and compliance. No critical vulnerabilities or exposed sensitive data were detected. Overall, neuwaerts GmbH presents a professional, trustworthy, and user-friendly online presence with strong privacy compliance and business credibility. Strategic improvements in security transparency and policy publication could further strengthen their security posture and client confidence.

O

OceanWP

oceanwp.org

71

OceanWP is a well-established WordPress theme provider founded in 2016, offering a flexible and feature-rich multi-purpose theme that integrates seamlessly with popular page builders like Elementor and WooCommerce. The company has a strong market position with over 8.9 million downloads and a large user base, supported by a comprehensive suite of premium extensions and optimization tools such as Site Booster. The website demonstrates a mature digital infrastructure leveraging WordPress CMS, modern JavaScript libraries, and integrations with marketing and analytics platforms including Facebook Pixel, Google Tag Manager, and Mailerlite. Security posture is solid with HTTPS enabled and domain registration protections, though there is room for improvement in publishing explicit privacy and security policies. Overall, the site is professional, user-friendly, and trustworthy, targeting WordPress users from beginners to professionals seeking customizable and performance-optimized themes.

C

Diese Webseite befindet sich im Aufbau

commonworks.de

35

The website commonworks.de is currently under construction and presents only a placeholder page with minimal content. There is no business description, contact information, or legal policies available, which limits the ability to assess the company's market position or services. The site uses basic HTML, CSS, and JavaScript with custom fonts and canvas effects, hosted on cloudpit servers. No CMS or advanced frameworks are detected. Security posture is weak due to lack of HTTPS information, security headers, and privacy compliance indicators. No forms or data collection mechanisms are present, and no analytics or tracking scripts are detected. Overall, the site is in an early development stage with low trust and credibility indicators.

D

DbjE WEB EFFECTIVE Digitalagentur

dbje.de

44

DbjE WEB EFFECTIVE Digitalagentur is a small technology-focused digital agency based in Hannover, Germany. They specialize in web design, marketing, TYPO3 CMS development, digital strategy, and AI consulting services. The company targets businesses seeking comprehensive digital agency solutions with a regional focus. Their website is professionally designed, consistent in branding, and provides clear contact information and service descriptions. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and includes privacy-conscious analytics and cookie consent mechanisms. Security posture is adequate but could be improved with explicit security policies and headers. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy.

N

Sign in - Matomo

netpiloten.de

46

The website netpiloten.de hosts a Matomo analytics platform login page, indicating it is used for web analytics data collection and reporting. The platform is open-source and free/libre, targeting users who require detailed visitor tracking and analytics. The site itself is primarily a login portal without public-facing business content, policies, or contact information. Technically, the site uses Matomo's standard JavaScript and PHP backend, served over HTTPS, ensuring encrypted communication. However, the absence of security headers and limited visible security controls suggest room for improvement in hardening the platform. Privacy compliance is minimal, with no visible privacy or cookie policies, which is a significant gap given the nature of data analytics services. The WHOIS data is sparse, showing only domain status and name servers, with no registrant details, which limits trust assessment. Overall, the site appears functional for its purpose but lacks transparency and comprehensive compliance documentation.

The website airserbia.com is currently inaccessible due to a Cloudflare security challenge page employing Turnstile captcha, which prevents access to actual website content. This limits the ability to analyze the site's privacy policies, contact information, business descriptions, and other critical data. The domain is registered with NameCheap, Inc. since 2004, indicating a long-standing presence consistent with an established airline business. The use of Cloudflare as a security and performance provider is standard for high-profile websites. Due to the blocking, no direct evidence of privacy compliance, security policies, or business details could be extracted. The site appears to be well-protected but inaccessible for detailed analysis.

G

Gehrmeyer Orthopädie- und Rehatechnik GmbH

gehrmeyer.com

61

Gehrmeyer Orthopädie- und Rehatechnik GmbH is a medium-sized healthcare company based in Osnabrück, Germany, specializing in orthopedics, rehabilitation technology, and home care services. The company offers a broad range of services including modern rehabilitation technology, pediatric care, mobility aids for the elderly, compression therapy, and pregnancy care. Their website reflects a professional and consistent brand presence targeting patients, healthcare providers, and elderly or disabled individuals. The business model focuses on providing specialized medical devices and support services regionally, supported by partnerships with recognized suppliers. Technically, the website is built on the Umbraco CMS platform and employs modern web technologies such as JavaScript, jQuery, FontAwesome, and integrates Google Analytics and FriendlyCaptcha for analytics and bot protection. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. From a security perspective, the site enforces HTTPS, uses CSRF tokens in forms, and implements captcha protection to mitigate automated abuse. However, the absence of explicit security headers and a visible security policy or incident response contact reduces the overall security maturity. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is missing, which is unusual and slightly reduces trust, but the active and professional website presence supports legitimacy. Overall, Gehrmeyer demonstrates a solid digital presence with good privacy and security practices, though improvements in security header implementation and transparency around incident response would enhance their security posture. The missing WHOIS data warrants monitoring but does not currently indicate malicious intent.

M

MagicLine GmbH

magicline.com

74

MagicLine GmbH operates a comprehensive SaaS platform tailored for gym and fitness studio management, offering a wide range of features including lead management, training scheduling, payment processing, and integrations with industry partners. The company is positioned as a significant player in the fitness technology sector with over 8,000 customers worldwide and is a subsidiary of Sport Alliance GmbH. The website demonstrates a high level of professionalism, with excellent content quality, clear navigation, and strong branding consistency. Technically, the website employs modern JavaScript libraries and tracking tools such as Google Tag Manager and StatusPal for status monitoring. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced, cookie consent mechanisms, and a dedicated security problem reporting page, although some security headers could be improved. The absence of WHOIS data limits transparency but does not detract from the overall legitimacy of the business, which is supported by consistent business information, social media presence, and customer testimonials. Privacy compliance is well addressed with GDPR-aligned policies and cookie management. Overall, MagicLine GmbH presents a mature digital presence with a strong market position in gym management software, supported by a robust technical infrastructure and a proactive approach to security and privacy.

D

DEKRA

dekra.de

73

DEKRA is a globally recognized expert organization specializing in vehicle inspection, expert reports, and various technical services related to transportation. With over 47,000 employees operating in more than 50 countries, DEKRA holds a strong market position as a leading service provider in the transportation sector. The website reflects a professional and consistent brand image targeting both private and business customers. Technically, the site employs modern JavaScript frameworks such as Vue.js and Nuxt.js, ensuring a responsive and user-friendly experience. Analytics are handled via Matomo, indicating a moderate level of user tracking. Security posture is adequate with HTTPS enabled and strict referrer policies, but lacks explicit security headers and published security policies. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the website is trustworthy and professionally maintained, suitable for its enterprise scale and industry.

P

Pulary Group s.r.o.

pulary.cz

43

Pulary Group s.r.o. is a Czech-based marketing and communication agency with a long-standing tradition of over 30 years, offering professional services in communication, marketing, advertising, and public relations. The company focuses on activating marketing tools to enhance client effectiveness and strengthen brand performance in performance marketing. The website is professionally designed, mobile-optimized, and built on WordPress, hosted by WEDOS, a Czech hosting provider. Social media presence on Facebook and Instagram supports their digital footprint. However, the site lacks explicit privacy and cookie policies, security headers, and incident response information, which are important for compliance and security transparency. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and stability.

P

PURPOSIA Group a.s.

purposia.eu

47

PURPOSIA Group a.s. is a well-established European investment holding company with Czech origins, managing a diversified portfolio of 42 companies primarily in the construction and real estate sectors. The group offers comprehensive services covering the entire lifecycle of construction projects, including design, property management, industrial flooring, aluminium systems, and manufacturing of concrete prefabricates. Their operations span multiple European countries, reflecting a strong regional presence and market leadership. The website presents a professional and consistent brand image with clear business information and subsidiary links. Technically, the website employs modern web technologies such as Swiper.js for interactive content and Bootstrap components for responsive design. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, there is a lack of visible privacy and cookie policies, which is a compliance gap. Security headers are not evident, and no explicit vulnerability disclosure or incident response information is provided. The security posture is moderate with HTTPS usage implied but no detailed security headers or policies visible. No forms collect sensitive data, reducing immediate risk, but improvements in security best practices and compliance documentation are recommended. The WHOIS data is not publicly available due to EURid privacy policies for .eu domains, which is typical and does not raise suspicion. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional and trustworthy from a business perspective but would benefit from enhanced privacy compliance and security transparency to improve its risk profile and user trust.

F

Fonds citoyen franco-allemand

fondscitoyen.eu

54

The Fonds citoyen franco-allemand is a non-profit organization dedicated to advising, networking, and financing projects that highlight Franco-German friendship and European cooperation. The website is professionally designed using Drupal CMS and modern front-end technologies, providing a good user experience and mobile optimization. The presence of Cookiebot for cookie consent and Google Tag Manager for analytics indicates a mature digital infrastructure. Security posture is solid with HTTPS and Cloudflare protection, although some security headers and policies could be improved. The lack of explicit privacy policy and contact information slightly reduces trust but overall the site appears legitimate and compliant with GDPR. Strategic recommendations include publishing clear privacy and security policies, adding contact details, and enhancing security headers.

Y

YES Forum

yes-forum.eu

46

YES Forum is a European non-profit network dedicated to empowering young people with fewer opportunities by promoting social inclusion and professional skill development. The organization operates primarily in Germany and targets youth organizations, social workers, and policymakers across Europe. Their services include advocacy, project coordination, publications, and membership networking. The website reflects a professional and consistent brand image with clear contact information and social media presence, supporting their legitimacy and trustworthiness. Technically, the website uses standard web technologies (HTML5, CSS3, JavaScript) with no explicit CMS detected. It is mobile-optimized and performs moderately well, though accessibility features are basic. The site uses HTTPS with no visible security vulnerabilities but lacks some security headers and a cookie consent mechanism, which are recommended for enhanced security and GDPR compliance. From a security perspective, the site shows a good posture with encrypted connections and no exposed sensitive data. However, the absence of published security policies, incident response contacts, and vulnerability disclosure mechanisms indicates room for improvement. The WHOIS data is unavailable due to privacy protection, which is common for non-profits but slightly reduces trust signals. Overall, YES Forum's website is a credible and professional platform supporting its mission, with moderate technical maturity and a solid security baseline. Strategic improvements in privacy compliance and security transparency would further enhance trust and compliance.