Security Directory

B

Bichinger Software & Consulting

jobboersencheck.de

0

Jobboersencheck.de is a German-language online platform specializing in the comparison and evaluation of job boards. It provides independent employer and applicant reviews, enabling users to make informed decisions about where to post or search for jobs. The platform is developed by Bichinger Software & Consulting and features a modern, user-friendly interface with a focus on job market transparency in German-speaking regions. Technically, the site employs React components, Cookiebot for GDPR-compliant cookie management, and Google Tag Manager for analytics, reflecting a moderate level of digital maturity. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms but lacks visible advanced security headers and explicit security policies, indicating room for improvement. Overall, the website is professional, trustworthy, and safe for general audiences, with a moderate risk profile primarily due to missing explicit privacy and security documentation.

S

Studierendenwerk Kaiserslautern

studierendenwerk-kaiserslautern.de

0

Studierendenwerk Kaiserslautern operates as a regional non-profit organization providing essential student services including housing, dining, childcare, and counseling for approximately 20,000 students across multiple campuses in Germany. The website reflects a well-structured and professional digital presence, leveraging TYPO3 CMS and modern cookie consent management via Usercentrics, ensuring compliance with GDPR regulations. The content is relevant and targeted to the student community, with clear navigation and multilingual support (German and English). Security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website demonstrates a mature digital infrastructure suitable for its institutional role.

S

Studierendenwerk Vorderpfalz

stw-vp.de

0

Studierendenwerk Vorderpfalz is a regional non-profit organization providing social support services to students across multiple universities in the Vorderpfalz region of Germany. Their services include meals, student housing, counseling, nursery, cultural funding, financial aids, and international affairs support. The website is professionally designed, mobile-optimized, and provides detailed information about their offerings, including meal menus with allergen information and job postings. Technically, the site uses a modern CMS (platoCMS) and popular JavaScript libraries, hosted on domaincontrol.com nameservers. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and GDPR-aligned cookie consent. No contact emails or phone numbers were found in the provided content, which could be improved for better user support. Overall, the site is trustworthy, safe, and well-maintained.

C

Chamaeleon AG

chamaeleon.de

0

Chamaeleon AG is a German-based technology company specializing in advanced content management systems (CMS) and digital solutions for enterprises and public administration. Their flagship product, the ionas CMS, offers WYSIWYG editing optimized for web and mobile platforms. The company positions itself as 'Die Webarchitekten' (The Web Architects), emphasizing tailored digital architecture and support services. The website reflects a medium-sized business with a clear focus on B2B clients in both private and governmental sectors. Technically, the website is built on a modern CMS platform (ionas4) with JavaScript frameworks and uses SystemJS for module loading. Hosting appears to be provided by Deutsche Telekom, inferred from the nameservers. The site is mobile-optimized and includes SEO best practices such as meta tags and canonical URLs. Performance is moderate with no major technical issues detected. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, explicit security headers (e.g., CSP, HSTS) are not detected, and no published security or incident response policies are found. No vulnerabilities or exposed sensitive data were identified in the HTML content. The absence of direct contact emails or phone numbers suggests a preference for contact via web forms. Overall, the website demonstrates a professional and trustworthy digital presence with good privacy compliance and a solid technical foundation. Strategic improvements could include publishing formal security policies, adding security headers, and providing direct contact information for incident response. These enhancements would strengthen the security posture and business credibility further.

1

10x Founders

10xfounders.com

0

10x Founders is a venture capital firm focused on early-stage investments in ambitious technology startups, primarily in Europe. The company positions itself as a leading early-stage investor with a strong network of over 200 entrepreneurs and investors, supporting founders to build global tech giants. Their portfolio includes notable companies such as Simpleclub and Ivy, and they emphasize their experience backing unicorns and successful exits. The website reflects a professional and modern digital presence built on Webflow, with fast performance and mobile optimization. Security posture is generally good with HTTPS enforced, but lacks some security headers and cookie consent mechanisms. WHOIS data is unavailable, which raises some concerns about domain registration transparency. Overall, the business appears credible and well-positioned in the venture capital sector, but domain registration status should be monitored for legitimacy.

The FAIR GmbH operates an international accelerator research center in Darmstadt, Germany, focusing on antiproton and ion research to explore fundamental physics. The website serves a diverse audience including researchers, students, partners, and the public, providing scientific information, career opportunities, and news updates. The organization holds a strong market position as a major European research initiative with international collaborations. Technically, the site is built on TYPO3 CMS, uses Matomo for analytics, and implements GDPR-compliant privacy and cookie policies with consent mechanisms. The site is well-structured, mobile-optimized, and professionally designed, supporting good user experience and trust. Security posture is adequate with HTTPS and privacy controls, but lacks some advanced security headers and explicit incident response information. Overall, the website is trustworthy, safe, and aligned with its scientific mission.

H

Helmholtz-Institut Mainz

hi-mainz.de

0

The Helmholtz-Institut Mainz website represents a reputable scientific research institute specializing in physics and chemistry of superheavy elements and related fields. The site is professionally designed using TYPO3 CMS and integrates cookie consent management via Cookiebot, reflecting a mature digital presence. The content is targeted primarily at the scientific community, academics, and students, with clear navigation and multilingual support. Technically, the site employs modern web standards with HTTPS enforced, though lacks some advanced security headers. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and accessible platform. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, the absence of explicit contact emails, phone numbers, and security policies suggests areas for improvement in transparency and incident response readiness. Overall, the website demonstrates a solid security posture and business credibility consistent with a medium-sized research institution in Germany.

H

Helmholtz-Institut Jena

hi-jena.de

0

The Helmholtz-Institut Jena website represents a reputable scientific research institute affiliated with the GSI Helmholtzzentrum and the Helmholtz-Gemeinschaft. The institute focuses on advanced research in high-power lasers and particle accelerators, supporting major scientific projects such as FAIR and DESY. The website content is well-structured, professionally presented, and targets academic and scientific audiences including researchers and students. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries, delivering a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit incident response policies are absent. Privacy compliance is adequate with a comprehensive privacy policy and cookie policy present, but lacking an explicit cookie consent mechanism. Overall, the site is trustworthy, professional, and aligned with its institutional mission.

T

Thüringen

thueringen.de

0

The website thueringen.de is the official online presence of the German federal state of Thuringia, providing governmental information and services. However, the current content is inaccessible due to an HTTP 403 Forbidden error, indicating that access is blocked, likely by security configurations. The site is protected by Link11, a cybersecurity provider, which suggests active web application firewall (WAF) measures are in place. The lack of accessible content, privacy policies, contact information, or terms of service on the error page limits the ability to fully assess the website's compliance and user engagement features. The domain registration data aligns with the governmental nature of the site, hosted by reputable providers, confirming legitimacy.

P

Physikalisch-Technische Bundesanstalt

ptb.de

0

The Physikalisch-Technische Bundesanstalt (PTB) is Germany's national metrology institute, operating under the Federal Ministry for Economic Affairs and Climate Action. It provides high-precision measurement services, research, and development in metrology, calibration, conformity assessments, and international cooperation. The PTB serves a broad audience including scientists, industry, policymakers, and the public, positioning itself as a key authority in measurement science both nationally and internationally. The website reflects a mature, professional organization with comprehensive content and a clear focus on its core mission. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries such as jQuery and Bootstrap. It demonstrates good mobile optimization, accessibility, and SEO practices. The site is well-structured with clear navigation and up-to-date content including news, events, and publications. No blocking or WAF challenges were detected, indicating full accessibility. From a security perspective, the site uses HTTPS with strong SSL configuration and follows quality management and ISO 27001 frameworks. However, there is room for improvement in implementing security headers, cookie consent mechanisms, and publishing incident response or vulnerability disclosure information. No vulnerabilities or exposed sensitive data were found. Overall, the PTB website is trustworthy, professional, and secure, with minor gaps in privacy compliance and security best practices. Strategic recommendations include enhancing privacy consent, adding security headers, and publishing clear incident response contacts to further strengthen trust and compliance.

A

ALEX Berlin

alex-berlin.de

0

ALEX Berlin operates the digital media platform 'ALEX Kosmos', providing livestreams of TV and radio, podcasts, videos, and community-driven content primarily targeting the Berlin region. The platform positions itself as a creative and participatory media hub for an urban audience, offering crossmedia content accessible 24/7. The business model revolves around media streaming and community engagement, supported by a modern web infrastructure and compliance with European data protection laws. Technically, the website leverages modern JavaScript frameworks, a consent management platform for GDPR compliance, and is hosted on a reputable provider with HTTPS enforced, ensuring secure user interactions. The site demonstrates good mobile optimization and accessibility features, though some advanced security headers could be improved. Security posture is strong with no visible vulnerabilities or exposed sensitive data, but lacks explicit published security policies or incident response contacts. Overall, the platform is trustworthy, professionally designed, and compliant with privacy regulations, making it a reliable media service for its audience.

Evangelium Tag für Tag is a small non-profit religious organization providing daily gospel readings, prayers, and saint information primarily to German-speaking Christian audiences. The website serves as a digital platform for delivering religious content via web and mobile apps, supported by donations and subscription services. The domain has been registered since 2002, indicating a stable and long-term presence in its niche. Technically, the website is built on Angular 9 framework, uses Google Fonts, and integrates Google Tag Manager for analytics. It supports mobile optimization and progressive web app features. Hosting is provided by OVH sas, a reputable provider. Performance is moderate with basic SEO and accessibility features. From a security perspective, the site uses HTTPS with a good SSL configuration and domain status protections. However, DNSSEC is not enabled, and there is no visible security policy or incident response information. No vulnerability disclosure or security.txt file is present. Privacy compliance is basic with a GDPR cookie banner and a privacy policy located in the legal notice. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic improvements in security headers, DNSSEC, and transparency around security policies would enhance its security posture and compliance maturity.

E

Erzabtei St. Martin Beuron

erzabtei-beuron.de

0

Erzabtei St. Martin Beuron is a historic Benedictine abbey located in the scenic Upper Danube valley in Germany. With a history spanning approximately 900 years, it serves as a spiritual center and cultural landmark, offering religious services, hospitality for guests, cultural events, and retail through its monastery shop. The website reflects a well-established non-profit religious institution with a focus on community, spirituality, and cultural heritage. Technically, the site is built on WordPress using modern plugins and themes, optimized for SEO and mobile responsiveness. Security posture is strong with HTTPS, security headers, and obfuscated contact information, though it lacks a cookie consent mechanism and explicit incident response details. Overall, the site is professional, trustworthy, and well-maintained, supporting the abbey's mission and outreach effectively.

The Ökumenisches Heiligenlexikon is a well-established German-language informational website dedicated to providing comprehensive biographies, historical data, and religious context about saints from various Christian denominations. Founded in 1988 and online since 1998, it holds a strong market position as the most visited German site on this topic. The site offers rich content including calendars, patron saints, glossaries, and multimedia resources, targeting a general audience interested in religious and historical education. Technically, the website employs a custom-built infrastructure using standard web technologies such as HTML5, CSS3, JavaScript, Google Fonts, and jQuery. It integrates Google Analytics and Adsense for tracking and monetization. The hosting appears to be with 1&1 IONOS, providing moderate performance and good mobile optimization. SEO and accessibility are adequately addressed, though some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. While some security headers are not explicitly detected, no critical vulnerabilities or exposed sensitive data were found. Privacy policies are comprehensive and clearly presented, supporting GDPR compliance. Contact information is limited to email addresses, with no phone or physical address provided. Overall, the website demonstrates a solid security posture and high content quality, with no signs of blocking or WAF interference. It is safe for general audiences with no adult or NSFW content. Strategic recommendations include enhancing security headers, adding incident response contacts, and improving accessibility to further strengthen trust and compliance.

The CISPA Helmholtz Center for Information Security is a prominent German national research institution specializing in cybersecurity, privacy, and trustworthy artificial intelligence. It operates as a Big Science institution within the Helmholtz Association and collaborates with academic and industry partners, including the Technical University of Munich. The website presents a professional and content-rich platform highlighting research achievements, faculty insights, and technology transfer initiatives, positioning CISPA as a leading global research center in its domain. Technically, the website employs modern web technologies such as JavaScript and CSS with responsive design and good accessibility features. However, there is limited evidence of advanced security configurations such as security headers or explicit SSL/TLS details in the provided data. The absence of visible privacy, cookie, and terms of service policies indicates areas for compliance improvement, especially concerning GDPR requirements. From a security posture perspective, while the site is accessible and professional, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The WHOIS data is minimal but does not raise significant legitimacy concerns given the institutional context. Overall, the site demonstrates a strong business credibility and content quality but requires enhancements in privacy compliance and security transparency. Strategically, CISPA should prioritize publishing comprehensive privacy and cookie policies, implementing cookie consent mechanisms, and enhancing security headers and incident response information to strengthen trust and compliance. These improvements will support its reputation as a leading cybersecurity research institution and ensure alignment with regulatory standards.

H

Helmholtz-Zentrum für Infektionsforschung (HZI)

helmholtz-hzi.de

0

The Helmholtz-Zentrum für Infektionsforschung (HZI) is a prominent German research institution specializing in infection biology and related scientific fields. Affiliated with the Helmholtz Association, it operates multiple locations across Germany and focuses on understanding infectious diseases and their defense mechanisms. The website serves as a comprehensive portal for scientific publications, career opportunities, public events, and knowledge transfer initiatives, targeting researchers, students, and healthcare professionals. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries such as Masonry and Leaflet for layout and mapping functionalities. It employs Matomo for analytics, indicating a privacy-conscious approach. The site is well-optimized for mobile devices, accessible, and SEO-friendly, with structured data and Open Graph metadata enhancing discoverability. From a security perspective, the site enforces HTTPS and uses secure forms but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with no visible privacy or cookie policies or consent mechanisms, which could be improved to meet GDPR standards fully. Overall, the website reflects a high level of professionalism, trustworthiness, and technical maturity, suitable for a large research institution. Strategic improvements in privacy disclosures and security transparency would further enhance its compliance and user trust.

H

Helmholtz Association

hifis.net

0

HIFIS (Helmholtz Federated IT Services) is a specialized IT service provider focused on delivering digital infrastructure and software services to the Helmholtz Association, a major German research organization. The website presents a professional and comprehensive overview of their offerings including cloud services, identity management, software consulting, and training. The target audience primarily includes scientists, software engineers, cloud service providers, and IT support experts within the Helmholtz ecosystem. The organization is well positioned as a key facilitator of research IT services within Germany's scientific community. Technically, the website is built with modern web standards including HTML5, CSS3, and JavaScript, leveraging libraries such as FontAwesome and Modernizr for enhanced UI/UX. Hosting is provided by DESY, a reputable Helmholtz research center, ensuring reliable infrastructure. The site is mobile optimized, fast loading, and accessible, with good SEO practices. Analytics are implemented via Matomo with cookies disabled, reflecting a privacy-conscious approach. From a security perspective, the site uses HTTPS and shows no signs of exposed sensitive data or vulnerabilities. However, it lacks visible security headers and a cookie consent mechanism, which are recommended for GDPR compliance and enhanced security. There is no published security policy or incident response information, which could be improved to strengthen trust and preparedness. Overall, the website is trustworthy, professional, and well-aligned with its institutional backing. The domain registration data corroborates the legitimacy and consistency of the service. Strategic improvements in privacy compliance and security transparency would further enhance the site's security posture and user trust.

F

Falling Walls Foundation

falling-walls.com

0

The Falling Walls Foundation is a well-established non-profit organization based in Germany, focused on fostering interdisciplinary communication and innovation in science. It organizes the annual Falling Walls Science Summit, attracting global science leaders, Nobel laureates, and policymakers. The foundation's website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content about its events, partners, and activities. Technically, the site is built on Drupal 10 with modern frameworks and includes privacy-respecting analytics and consent management. Security posture is good with HTTPS and cookie consent, though some security headers could be improved. Overall, the foundation demonstrates strong business credibility and compliance with GDPR. No critical security or content safety issues were detected.

The website hzbblog.de is the official blog platform of the Helmholtz-Zentrum Berlin, a large and reputable research institution in Germany focused on energy materials and scientific research. The blog serves as an informational and educational resource targeting researchers, students, and the scientific community, providing insights into research activities, events, and community engagement. The site is built on WordPress with modern SEO and social media integration, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and explicit incident response policies are missing. Overall, the site is trustworthy, professionally maintained, and compliant with GDPR requirements.

Z

Zentrum für Data-driven Empowerment, Leadership und Advocacy (zedela) gUG (haftungsbeschränkt)

zedela.org

0

zedela is a small non-profit think tank and research organization based in Germany, specializing in data-driven empowerment, leadership, and advocacy with a focus on anti-racism and BIPoC leadership. Their services include community-based research, representation and anti-discrimination data collection, leadership training programs such as the RISE Leadership Program, and advocacy to influence policy and organizational change. The organization is relatively new, founded in 2023, and is supported by reputable German federal ministries and foundations. Technically, the website is built using modern frameworks Astro and Svelte, with privacy-respecting analytics via Plausible. The site is well-designed, mobile-optimized, and accessible, reflecting a professional and trustworthy presence. Security posture is good with HTTPS and secure forms, though improvements like DNSSEC and security headers are recommended. Contact is primarily via email and social media, with no phone or physical address listed. Overall, zedela presents a credible, focused, and professional digital footprint aligned with its mission and audience.

R

Robert Bosch Stiftung (RBSG) in cooperation with Türkische Gemeinde in Deutschland (TGD) and neue deutsche organisationen (ndo)

lets-level-up.de

0

The website lets-level-up.de represents a non-profit empowerment program called “LEVEL up!” focused on supporting migrant and new German organizations in Germany to enhance their societal impact and participation. The program is backed by reputable partners including the Robert Bosch Stiftung, Türkische Gemeinde in Deutschland, and neue deutsche organisationen. The site provides detailed information about the program's goals, funding, coaching, and networking activities. Technically, the site is built on WordPress with a modern theme and optimized for performance and mobile use. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie management. No critical security or privacy issues were detected. Overall, the site is professional, trustworthy, and well-aligned with its non-profit mission.

S

Stifterverband

stifterverband.org

0

Stifterverband is a well-established German non-profit organization focused on improving the education and science system through community engagement and networking. The website is professionally designed using Drupal 10 and incorporates modern technologies such as lazy loading and consent management via Usercentrics. Analytics are handled through a self-hosted Matomo instance and LinkedIn Insight Tag, indicating moderate user tracking. Security posture is generally good with HTTPS enforced and domain registration consistent and transparent; however, DNSSEC is not enabled and security headers are not detected, which are areas for improvement. No explicit privacy or cookie policies were found in the provided content, which impacts privacy compliance scoring. Overall, the website is safe, professional, and trustworthy, targeting a general audience interested in education and science.

S

Sandstein Kultur

sandstein-kultur.de

0

Sandstein Kultur is a specialized agency and publishing house based in Dresden, Germany, focusing on cultural and art-related publications such as exhibition catalogs and museum catalogs. The company targets cultural institutions, museums, and art enthusiasts, offering both publishing and agency services including campaigns and promotional materials. The website reflects a niche market position within the German cultural media sector, supported by a professional and consistent brand presentation. Technically, the website is built on Craft CMS and uses modern web technologies including SVG graphics and Matomo analytics with cookies disabled, indicating a moderate level of digital maturity and privacy awareness. Hosting is provided by SchlundTech, a reputable German hosting provider. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site enforces HTTPS and uses CSRF tokens for form submissions, but lacks explicit security headers and a published security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is supported by a clear privacy policy and terms of service, though a cookie consent mechanism is missing. Overall, the website is safe, professional, and trustworthy with a good balance of content quality and technical implementation. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance the security posture and compliance further.

E

European XFEL GmbH

xfel.eu

0

European XFEL GmbH operates a leading European research facility specializing in X-ray free-electron laser technology. The 3.4 km long facility generates intense X-ray flashes used globally by researchers to study atomic and molecular processes. The website serves a diverse audience including scientists, users, visitors, and educational groups, providing comprehensive information about the facility, instruments, user policies, and events. The business model is non-profit, focused on enabling cutting-edge scientific research. Technically, the website is built on modern web standards with a CMS likely based on Zope/ZMS, featuring responsive design and good accessibility. Security posture is solid with HTTPS and no exposed sensitive data, though improvements are recommended in security headers and incident response transparency. Privacy compliance is partially addressed with a detailed privacy policy but lacks cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-positioned in its niche, with room for enhanced security and privacy practices.

E

Europäischer Wettbewerb

europaeischer-wettbewerb.de

0

The Europäischer Wettbewerb website serves as the official platform for a long-standing educational competition in Germany, targeting students and schools nationwide. It is positioned as a reputable and historic institution fostering creativity and European awareness among young participants. The website is built on WordPress using the Divi theme, incorporating standard web technologies and Matomo analytics for user tracking. While the site offers good content quality and user experience, it lacks explicit privacy, cookie, and security policies, which are critical for compliance and trust. Security posture is moderate with no advanced headers or incident response information evident. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security measures.

I-ST.net is a German system house providing IT services and products primarily targeting business customers. The company has a long-established domain since 1997, indicating a stable presence in the IT sector. The website offers customer login functionality and support modules, reflecting a service-oriented business model. However, the site content is basic and lacks modern design and mobile optimization. Technically, the site uses standard HTML, CSS, and JavaScript with external scripts for chat and remote support. Security posture is weak due to lack of HTTPS, missing security headers, and insecure login form implementation. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the business credibility is moderate given the domain age and contact transparency, but technical and security improvements are needed.

R

Real Life Interaction GmbH

talque.com

0

Real Life Interaction GmbH operates the Talque platform, a virtual event solution designed for digital, hybrid, and onsite events. With over a decade of platform development, Talque targets event organizers and attendees globally, offering a comprehensive SaaS model that supports event planning, marketing, and execution. The company is positioned as a specialized technology provider within the event management sector, emphasizing flexibility and user-centric features. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and WPBakery, integrating Google Tag Manager and Cookiebot for analytics and privacy compliance. The site demonstrates good mobile optimization and SEO practices, although some security headers could be enhanced. Security posture is solid with HTTPS and consent mechanisms, but lacks explicit security policies or vulnerability disclosure channels. Overall, the domain WHOIS data is unavailable for the subdomain, but the website content and business information indicate a legitimate and professional operation. Strategic recommendations include improving security headers, publishing security policies, and enhancing privacy compliance documentation.

A

agzente plus

agzente.de

0

agzente plus is a local community magazine serving the residents of Ulm, Germany, focusing on sustainability, social engagement, and local news. It operates as a non-profit initiative in partnership with lokale agenda ulm 21 and engagiert in ulm, providing regularly updated content, event information, and advertising opportunities for local businesses. The website is built on Drupal 10 and hosted via 1und1, employing modern web technologies and maintaining a good level of mobile optimization and user experience. From a security perspective, the site uses HTTPS with good SSL configuration and includes a GDPR-compliant cookie consent banner with opt-in mechanisms. Google Analytics and Tag Manager are used with IP anonymization to respect user privacy. However, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which could be improved to enhance trust and compliance. Overall, the website is professional, trustworthy, and well-maintained, with clear contact information and consistent branding. The domain WHOIS data is limited but consistent with a legitimate small local media outlet. No critical security issues or suspicious content were detected, and the site is safe for general audiences.

U

Universität des Saarlandes

uni-saarland.de

0

The Universität des Saarlandes website serves as the official digital presence of a large public university in Germany, offering accredited degree programs, research initiatives, and international academic services. The site targets prospective and current students, alumni, academic staff, and international partners. It provides comprehensive navigation to academic offerings, research profiles, campus life, and international cooperation. Technically, the website is built on TYPO3 CMS, employs Matomo for privacy-conscious analytics, and enforces HTTPS for secure communications. The design is professional, mobile-optimized, and accessible, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and formal privacy and security policies are not evident in the provided content. WHOIS data confirms domain legitimacy and consistency with the university's identity. Overall, the site demonstrates a high level of professionalism and trustworthiness appropriate for an educational institution.

L

Land der Ideen Management GmbH

ostdeutscheswirtschaftsforum.de

0

The Ostdeutsches Wirtschaftsforum (OWF) is a prominent platform dedicated to the economic development of East Germany. It serves as a key networking and discussion forum for stakeholders from business, politics, and academia, focusing on structural transformation and economic opportunities in the region. The OWF organizes an annual flagship conference in Bad Saarow, attracting thought leaders and decision-makers. The website is professionally designed, leveraging WordPress and modern plugins to deliver content and manage user consent effectively. Hosting is provided by Hetzner, a reputable German hosting provider, ensuring reliable infrastructure. Security measures include HTTPS enforcement, Google reCAPTCHA for form protection, and a comprehensive cookie consent mechanism compliant with GDPR. While no explicit security or incident response policies are published, the site demonstrates a solid security posture with no critical vulnerabilities detected. Overall, the OWF website reflects a trustworthy and professional digital presence aligned with its business objectives.

B

Bundesakademie für musikalische Jugendbildung Trossingen

bundesakademie-trossingen.de

0

The Bundesakademie für musikalische Jugendbildung Trossingen is a German educational institution specializing in music pedagogy and professional development for music educators. The website serves as an informational portal for courses, events, and professional training opportunities in the music education sector. The site is built on TYPO3 CMS, indicating a mature and stable technical infrastructure. The design is professional and mobile-optimized, providing a good user experience for its target audience. However, the website lacks explicit privacy, cookie, and terms of service policies, which are critical for compliance with GDPR and other data protection regulations. Security posture is moderate with no advanced security headers detected and no visible vulnerability disclosure or incident response information. Overall, the site is functional and credible but would benefit from enhanced privacy and security measures to improve trust and compliance.

The website represents the official municipal portal for the city of Neu-Ulm, Germany. It provides information about city politics, services, and citizen engagement. The site is powered by TYPO3 CMS and integrates accessibility tools to support users with disabilities, reflecting a commitment to inclusivity. The use of Matomo analytics hosted on their own domain indicates a privacy-conscious approach to user data. However, explicit privacy and cookie policies are not found in the provided content, which is a gap in compliance. The site is well-structured, mobile-optimized, and professionally designed, targeting residents and visitors of Neu-Ulm.

L

Lokale Agenda Ulm 21

ulm-agenda21.de

0

Lokale Agenda Ulm 21 is a local non-profit initiative based in Ulm, Germany, focused on promoting sustainability, climate protection, and community engagement. The organization collaborates with the city administration, citizens, associations, and companies, primarily on a voluntary basis, to advance ecological, social, and economic sustainability aligned with the 17 Sustainable Development Goals. The website serves as an information hub for sustainable topics, events, and publications such as the agzente+ magazine, targeting the general public and local stakeholders. Technically, the website is built on WordPress using the Divi theme and Yoast SEO plugin, hosted likely by netcup. It demonstrates moderate performance and good mobile optimization with structured data for SEO. Security posture is adequate with HTTPS usage but lacks explicit security headers and formal privacy or cookie policies. No WAF or blocking mechanisms are detected, and no adult or questionable content is present, making the site safe for general audiences. Overall, the site reflects a credible and professional local initiative with room for improvement in privacy compliance and security best practices.

D

Donaubüro Ulm/Neu-Ulm

donaubuero.de

0

Donaubüro Ulm/Neu-Ulm is a non-profit organization established in 2002, acting as a regional cooperation hub for the Danube area, focusing on projects, networking, and cultural events such as the International Donaufest. The website is built on WordPress with the Divi theme and uses modern plugins for multimedia and multilingual support. The technical infrastructure is solid with HTTPS and Cloudflare DNS/CDN, but lacks some security headers and formal privacy and cookie policies. No contact emails or phone numbers are explicitly listed on the main page. The site content is professional, relevant, and well-structured, targeting regional stakeholders and cultural participants.

N

neue deutsche organisationen – das postmigrantische netzwerk e.V.

neuedeutsche.org

0

Neue Deutsche Organisationen (ndo) is a German nationwide non-profit network comprising over 200 associations, organizations, and projects focused on postmigrant activism against racism and for an inclusive Germany. The organization offers networking, events, political advocacy, expert databases, and leadership programs, positioning itself as a key voice in social justice and anti-racism within Germany. The website is professionally designed using WordPress, featuring modern technologies such as Splide Carousel and Google Analytics, and is optimized for mobile and accessibility. Security posture is solid with HTTPS enabled, but lacks published security policies, security headers, and vulnerability disclosure mechanisms. Privacy compliance is limited due to absence of privacy and cookie policies. Overall, the site is trustworthy and credible, serving a medium-sized non-profit audience effectively.

F

Fundraiser-Magazin

fundraiser-magazin.de

0

Fundraiser-Magazin is a German-language niche publication specializing in social marketing, fundraising, and non-profit sector news. It targets professionals and organizations involved in social causes, donations, associations, and foundations. The website leverages WordPress CMS with a modern tech stack including Yoast SEO, email marketing integrations via Sendinblue (Brevo), and push notifications through WonderPush. The site is well-structured with good SEO and mobile optimization, providing relevant content for its audience. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks published privacy policies and security headers, which are areas for improvement. No signs of content blocking or WAF interference were detected, and the site is safe for general audiences.

D

Deutscher Engagementpreis

deutscher-engagementpreis.de

0

The Deutscher Engagementpreis website represents a well-established non-profit award platform dedicated to recognizing outstanding civic engagement in Germany. Supported by reputable partners including the Deutsche Stiftung für Engagement und Ehrenamt and government bodies, it serves as a central hub for nominations, jury decisions, public voting, and award ceremonies. The site targets engaged individuals, initiatives, and the general public interested in volunteerism and social contribution. Technically, the site is built on TYPO3 CMS, employs modern web technologies, and integrates Matomo analytics and Google reCAPTCHA for security and user tracking. Privacy compliance is robust with a comprehensive cookie consent mechanism and a detailed privacy policy. Security posture is strong with HTTPS and secure voting mechanisms, though additional security headers and a formal security policy could enhance trust further. Overall, the site is professional, trustworthy, and well-positioned in its niche.

B

Bündnis für Gemeinnützigkeit

buendnis-gemeinnuetzigkeit.org

0

Bündnis für Gemeinnützigkeit is a German non-profit coalition representing the third sector, including culture, sports, nature conservation, and welfare organizations. It acts as a collective voice advocating for civic engagement and democratic participation in society. The organization is well-established since 2010 and collaborates with leading umbrella organizations and civil society experts. The website provides information about its mission, members, positions, and events, targeting stakeholders in the non-profit and civic sectors in Germany. Technically, the site is built on WordPress with modern plugins and frameworks, offering good SEO and mobile optimization. Security posture is solid with HTTPS and domain transfer protection, but lacks DNSSEC and some security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact is primarily via email and a contact form, with no phone numbers or social media links visible. Overall, the site is professional, trustworthy, and serves its audience effectively.

S

SC Heroldstatt

sc-heroldstatt.de

0

SC Heroldstatt is a local German sports club offering various sports activities including football, tennis, shooting, and skiing. The website serves as an information hub for members and the community, providing news, event results, and membership details. The club positions itself as a community-oriented non-profit organization fostering sports and social engagement. Technically, the website is built on WordPress with a modern theme and plugins supporting events, membership management, and cookie compliance. The site is mobile-optimized and includes structured data for SEO. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site is trustworthy and professionally maintained, suitable for its community-focused purpose.

D

dishcounter

dishcounter.de

0

Dishcounter.de is a German e-commerce platform specializing in the rental and sale of dishware, cutlery, glasses, and dishwashing machines. The business targets event organizers and catering companies requiring large quantities of dishware, emphasizing sustainability, hygiene, and competitive pricing. The website is built on Wizmo CMS, hosted on rzone.de, and uses modern web technologies including JavaScript and Google Analytics with IP anonymization. While the site is well-designed and mobile-optimized, it lacks explicit privacy and terms of service pages, as well as clear contact information, which impacts its privacy compliance and business credibility scores. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosures. No WAF or blocking mechanisms are detected, and the content is safe for general audiences.

H

Häussler Leihservice

haeussler-leihservice.de

0

Häussler Leihservice is a German-based company specializing in rental services for table culture and event equipment, catering to both private and commercial customers. The company operates multiple physical locations and offers a wide range of products including crockery, cutlery, glasses, furniture, and gastronomy equipment. Their website reflects a professional and consistent brand image with detailed product information and customer service options. Technically, the website is built on the Contao Open Source CMS platform and utilizes modern JavaScript libraries such as jQuery and Google Tag Manager for analytics. The site is moderately optimized for performance and mobile devices, with good SEO and basic accessibility features. Hosting is provided via rzone.de, as indicated by the nameservers. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and published security or incident response policies, which are areas for improvement. Privacy compliance is partially met with a privacy policy present, but no cookie consent mechanism is detected, which may pose GDPR compliance risks. Overall, the website is trustworthy and professionally maintained, with a solid business presence. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance their security posture and compliance standing.

H

Helbling Holding AG

helbling.de

0

Helbling Holding AG is a well-established consultancy firm specializing in business advisory, technology development, and sustainability consulting. The company serves a broad range of industries including energy, real estate, manufacturing, and technology, positioning itself as a leader in innovation and sustainable business practices. Their website reflects a mature digital presence with comprehensive service descriptions and a clear focus on client engagement. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, supported by modern JavaScript libraries and Google Tag Manager for analytics. The site is hosted on Hostpoint servers, ensuring reliable performance and fast loading times. Mobile optimization and accessibility are well addressed, providing a seamless user experience across devices. From a security perspective, the site enforces HTTPS and employs consent management for cookies, demonstrating compliance with GDPR. While explicit security headers are not fully visible in the HTML, the overall posture is strong with no exposed vulnerabilities or sensitive data leaks. The absence of a dedicated security policy or incident response page is noted as an area for improvement. Overall, Helbling's website is professional, trustworthy, and aligned with industry best practices, supporting its market position as a credible and innovative consultancy. The domain registration data corroborates the legitimacy and consistency of the business identity.

A

Arbeit und Leben

queerinderausbildung.de

0

The website 'Queer im dualen System – Queer in der Ausbildung' is a well-established non-profit project operated under the umbrella of 'Arbeit und Leben', a recognized German educational organization. It focuses on supporting queer apprentices and fostering inclusive, discrimination-free vocational training environments. The site offers information, networking, and training opportunities, targeting apprentices, training companies, vocational schools, and allied professionals. The project is supported by reputable German institutions, enhancing its credibility and market position within the non-profit educational sector. Technically, the website is built on a modern WordPress platform using Elementor and related plugins, ensuring a responsive and user-friendly experience. The site employs GDPR-compliant cookie consent mechanisms and uses HTTPS for secure communications. While performance is moderate, the site is well-optimized for mobile devices and SEO. The technical stack is current and maintained, with no evident vulnerabilities or security misconfigurations. From a security perspective, the website demonstrates good practices including HTTPS enforcement, cookie consent, and email obfuscation to reduce scraping risks. However, explicit security headers and incident response policies are not evident, suggesting room for improvement in security hardening and transparency. No vulnerabilities or malicious indicators were detected. Overall, the website presents a low-risk profile with strong compliance to privacy regulations and a clear, trustworthy business model. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining regular updates to sustain security posture and trustworthiness.

A

ARBEIT & LEBEN gGmbH

arbeit-und-leben.de

0

ARBEIT & LEBEN gGmbH is a German non-profit organization specializing in consulting, project, and organizational services primarily for trade unions, works councils, public institutions, and companies. The organization focuses on educational services including labor-related education, language education, diversity, and political education. Their market position is that of an established regional non-profit with a clear mission to support workforce development and social integration. The website is professionally designed, mobile-optimized, and uses TYPO3 CMS with modern frontend technologies. It integrates GDPR-compliant cookie consent management and anonymized Google Analytics tracking, reflecting a mature digital infrastructure. Security posture is good with HTTPS and privacy mechanisms in place, though some security headers and explicit policies could be improved. Overall, the site is trustworthy, content-rich, and well-aligned with its business purpose.

M

MINTvernetzt

mint-vernetzt.de

0

MINTvernetzt is a German non-profit educational platform serving as the umbrella organization for out-of-school MINT education. It is funded by the German Federal Ministry of Education and Research and implemented by a consortium of reputable organizations. The website offers a comprehensive range of services including a community platform, events, news, blog articles, and data analytics to support MINT education, with a special focus on gender-sensitive approaches and diversity. The platform targets educators, MINT professionals, and young women and girls interested in STEM fields. Technically, the website is built on WordPress with Yoast SEO plugin, uses HTTPS, and integrates Matomo analytics. The design is professional, mobile-optimized, and accessible, with clear navigation and rich content. However, explicit privacy and cookie policies are not found, and no direct contact information or security headers are visible, which are areas for improvement. The domain registration data is consistent and supports the legitimacy of the platform.

D

DigiMINTKids

digimintkids.de

0

DigiMINTKids is a focused educational initiative promoting early STEM education for children aged 2 to 10 years in Germany. The project emphasizes creative, playful, and everyday integrated learning approaches, collaborating with partners such as Stiftung Kinder forschen and DigiMINTNetzwerk Amberg-Weiden. The website is professionally designed on the Squarespace platform, providing a clear presentation of its mission and projects, targeting families and educators interested in early childhood STEM development. Technically, the site uses modern web technologies with good mobile optimization and secure HTTPS hosting. However, it lacks explicit privacy and cookie policies, as well as visible contact information, which impacts its privacy compliance score. Security posture is strong with HTTPS and HSTS enabled, but additional security headers and policies could enhance protection. Overall, the site is trustworthy and well-positioned within its niche educational sector but would benefit from improved compliance and contact transparency.

L

LamaPoll

lamapoll.de

0

LamaPoll is a German-based technology company specializing in providing a comprehensive online survey tool designed for businesses, research institutes, public sector entities, as well as students and educational users. The platform emphasizes ease of use, versatility, and strong data protection compliance, including GDPR adherence and certifications such as ISO 27001 and TISAX. With over 10,000 companies using their services, LamaPoll holds a strong market position in Germany's survey software sector. Technically, the website employs a modern yet stable technology stack including jQuery and Matomo analytics configured for privacy. The site is well-optimized for mobile devices and accessibility, with a clean, professional design and clear navigation. Hosting is supported by German-based providers with DNS managed via Google Domains, ensuring reliability and compliance with data residency requirements. From a security perspective, LamaPoll demonstrates a mature security posture with multiple certifications, regular penetration testing, full encryption of data in transit and at rest, and strict hosting policies. The website itself respects user privacy by avoiding tracking cookies and third-party trackers. However, some improvements could be made by adding explicit security headers and a public vulnerability disclosure policy. Overall, LamaPoll presents a trustworthy, professional, and secure online survey platform with strong compliance and privacy practices. The risk level is low, and the company is well-positioned to serve privacy-conscious clients in regulated industries. Strategic recommendations include enhancing transparency around incident response and security disclosures to further build trust.

B

Bixa TechnoConsulting

bixa.eu

0

Bixa TechnoConsulting is a small German IT consulting company specializing in virtualization, server management, and Drupal hosting services. The website provides technical blog content and company information primarily targeting IT professionals and businesses needing specialized IT consulting. The site is built on Drupal CMS and integrates Google Analytics for visitor tracking. While the website is functional and content-rich, it lacks critical privacy and security disclosures such as privacy policies, cookie consent mechanisms, and security headers. The login form is present but lacks advanced security features like multi-factor authentication or CAPTCHA. No direct contact information or social media presence is visible, which may limit user engagement and trust. Overall, the website demonstrates moderate technical maturity but requires improvements in privacy compliance and security posture.

B

Bilthouse-Gruppe

bilthouse.com

0

Bilthouse-Gruppe is a well-established German company specializing in independent real estate financing brokerage, combining digital tools with personal advisory services. The group consolidates several brands including Baufi24, Hüttig & Rompf, Creditweb, Kredit24, and the fintech CRM FinLink, serving a large customer base with a significant financing volume annually. The website reflects a professional and consistent brand image with clear business focus and target audience. Technically, the site uses modern frameworks and platforms such as Bootstrap and HubSpot, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and domain transfer protections, though improvements like DNSSEC and security headers are recommended. Privacy compliance is well addressed with a GDPR-compliant privacy policy and cookie consent mechanism. Overall, the site is trustworthy and professionally maintained, supporting the company's market position.

I

Internationales Filmfestival Mannheim-Heidelberg

iffmh.de

0

The Internationales Filmfestival Mannheim-Heidelberg (IFFMH) is a well-established cultural institution operating since 1952, serving as a prominent platform for film art and cultural dialogue in Germany. The website effectively communicates the festival's offerings, including film programs, accreditation for professionals, ticket sales, and talent development initiatives. The target audience includes film enthusiasts, industry professionals, press representatives, and students. The festival operates as a non-profit entity within the media and cultural sector, maintaining a strong market position as an internationally recognized event. Technically, the website employs modern web technologies such as jQuery, Font Awesome, Adobe Fonts, and integrates Google Tag Manager and Analytics for performance and user behavior insights. The hosting is managed via Namesecure, and the site demonstrates good mobile optimization, accessibility, and SEO practices. The presence of structured data (JSON-LD) enhances search engine understanding and trust. From a security perspective, the site enforces HTTPS with excellent SSL configuration and implements cookie consent mechanisms aligned with GDPR requirements. While explicit security headers are not fully confirmed, the site shows no signs of exposed sensitive data or vulnerable libraries. No incident response or security policy pages were found, suggesting room for improvement in transparency and readiness. Overall, the website presents a low-risk profile with high professionalism, strong compliance, and trustworthy domain registration. Strategic recommendations include enhancing security header implementation, publishing a vulnerability disclosure policy, and improving incident response contact visibility to further strengthen security posture and user trust.