Security Directory

K

Kinderregion

kinderregion.ch

46

Kinderregion is a Swiss regional platform dedicated to providing families with children ideas for excursions, family-friendly events, and regional information to facilitate leisure planning. The website targets families seeking engaging activities and cultural experiences in their local area. Technically, the site is built on WordPress, leveraging modern front-end technologies such as Lottie animations and slick carousels, and integrates Google Tag Manager and Analytics for tracking. The site demonstrates good digital maturity with mobile optimization and SEO best practices. Security posture is solid with HTTPS enforced and standard security headers present, though explicit security policies and incident response contacts are absent. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism, indicating GDPR awareness. Overall, the site is professional, trustworthy, and well-suited for its niche audience.

N

Notenpunkt AG

noten.ch

58

Notenpunkt AG operates a specialized music retail business primarily serving the Swiss market through both physical stores and an online e-commerce platform. The company offers a wide range of music sheets, books, blockflutes, and musical accessories, targeting musicians, educators, and music enthusiasts. The website reflects a well-established regional presence with clear branding and consistent business information. Technically, the site uses a proprietary CMS (NImQ Enterprise Shop Edition) with common JavaScript libraries such as jQuery and slick carousel for UI enhancements. Mobile optimization and user experience are good, supporting a broad customer base. Security posture is adequate with HTTPS and form validation, but lacks some advanced security headers and cookie consent mechanisms, which are recommended for GDPR compliance. Overall, the domain registration and WHOIS data align well with the business claims, supporting legitimacy and trustworthiness.

B

Bundesinstitut für Öffentliche Gesundheit (BIÖG)

kinderstarkmachen.de

62

Kinder stark machen is a German government-backed public health initiative operated by the Bundesinstitut für Öffentliche Gesundheit (BIÖG). The website provides comprehensive educational resources, tips, and support materials aimed at early addiction prevention for children starting from age four. It targets parents, families, schools, kindergartens, and sports clubs, offering interactive activities, training, and informational campaigns to strengthen children's development and resilience against addiction. The initiative holds a strong market position as a trusted government program in Germany.

M

My Blog

world-of-leading-golf.com

47

The website 'Exploring Golf: Legends and Iconic Tournaments' is a small-scale WordPress blog dedicated to providing educational content about golf history, legendary players, major tournaments, and related cultural aspects. It targets golf enthusiasts and general sports fans seeking knowledge about the sport's heritage. The site offers well-structured, relevant content with good design and navigation, optimized for mobile devices. Technically, it uses a modern WordPress stack with popular libraries and frameworks such as Bootstrap and jQuery, ensuring a moderate performance and good SEO practices. Security-wise, the site enforces HTTPS and avoids exposing sensitive data but lacks important security headers and formal privacy or cookie policies, which impacts compliance and trust. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency. Overall, the site is functional and informative but would benefit from enhanced privacy compliance, security hardening, and clearer business contact information to improve trust and credibility.

M

MoneyGuide, Inc.

moneyguidepro.com

71

MoneyGuide, Inc., a subsidiary of Envestnet, is a leading provider of financial planning software designed to empower financial advisors and their clients through personalized, goal-based planning solutions. The website showcases a comprehensive platform with multiple configurable products such as MoneyGuide, MyBlocks, and Wealth Studios, targeting financial professionals seeking scalable and interactive planning tools. The company positions itself strongly in the finance sector with a medium-sized business profile and consistent branding across its digital presence. Technically, the website employs a mature digital infrastructure with modern marketing and analytics technologies including Google Tag Manager, Marketo, Salesforce LiveAgent, and multiple tracking pixels, indicating a high level of digital marketing sophistication. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the website enforces HTTPS and implements cookie consent mechanisms, though HTTP security headers are not explicitly detected in the source. No critical vulnerabilities or exposed sensitive data were found. WHOIS data is unavailable or protected, which is common for commercial entities but reduces transparency. Overall, the website demonstrates a strong security posture and privacy compliance with room for improvement in explicit security header implementation and incident response disclosures. Strategic recommendations include enhancing security headers, publishing incident response contacts, and improving accessibility compliance to further strengthen trust and security culture.

A

AISLA APS

aisla.it

70

AISLA APS is a reputable Italian non-profit association dedicated to supporting individuals affected by Amyotrophic Lateral Sclerosis (SLA). The organization provides patient assistance, funds research, disseminates information, and advocates for patient rights. Their website reflects a well-structured and content-rich platform targeting patients, caregivers, healthcare professionals, and donors. The association maintains a strong presence through social media and events, reinforcing its market position as a leading SLA support entity in Italy. Technically, the website is built on WordPress with a variety of plugins and modern web technologies, offering a good user experience and mobile optimization. Security measures include HTTPS and Google reCAPTCHA, though improvements are recommended in security headers and library updates. Privacy compliance is robust with clear policies and consent mechanisms. Overall, AISLA demonstrates a trustworthy and professional digital presence aligned with its mission.

Z

Zimmerer Westfalen

zimmerer-westfalen.de

51

Zimmerer Westfalen is a trade association representing 20 carpentry and wood construction guilds in the Westfalen region of Germany, forming the third largest carpentry association in the country. The organization provides member services including representation, training, information dissemination, and industry events. Their website is professionally designed using WordPress with Elementor and Astra theme, featuring modern SEO and privacy compliance tools such as Rank Math and Complianz. The site is well-structured, mobile-optimized, and provides clear contact information and active social media engagement. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response details are not publicly available. Overall, the domain registration and website content are consistent and trustworthy, supporting a medium-sized regional trade association.

W

Wohlfahrtswerk für Baden-Württemberg

wohlfahrtswerk.de

54

Wohlfahrtswerk für Baden-Württemberg is a large non-profit organization specializing in elderly care, volunteer services (FSJ/BFD), and educational programs. It holds a strong market position as one of the largest elderly care providers in the Baden-Württemberg region of Germany. The website reflects a professional and consistent brand image, targeting elderly individuals, volunteers, job seekers, and donors. Technically, the site is built on TYPO3 CMS with modern front-end technologies and integrates consent-based Google Analytics and Usercentrics for privacy compliance. Security posture is solid with HTTPS and consent management, though it lacks explicit security policies and incident response contacts. Overall, the website is trustworthy, well-structured, and compliant with GDPR requirements.

F

Fachagentur Nachwachsende Rohstoffe e. V. (FNR)

kiwuh.de

43

The website www.kiwuh.de serves as the Kompetenz- und Informationszentrum Wald und Holz, operated by the Fachagentur Nachwachsende Rohstoffe e. V. (FNR), a German non-profit agency. It provides comprehensive information, research support, and project funding related to sustainable forestry, wood utilization, and climate protection. The site targets forestry professionals, researchers, policymakers, and the general public interested in forest and wood topics. It holds an important position as a governmental/non-profit information hub in Germany's forestry sector. Technically, the website is built on TYPO3 CMS with modern frontend technologies including jQuery, Slick Carousel, and Lightbox2. It uses Matomo for privacy-respecting analytics. The site is mobile-optimized, accessible, and SEO-friendly, hosted likely by agenturserver. Performance is moderate with good user experience and professional design. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and does not publish explicit security or incident response policies. GDPR compliance is partially met with a privacy policy present but no cookie consent mechanism detected. The WHOIS data is minimal but consistent with professional hosting, and no suspicious patterns are found. Overall, the website is trustworthy, professional, and well-maintained, with minor recommendations to enhance security posture and privacy compliance for improved user trust and regulatory adherence.

F

Fachagentur Nachwachsende Rohstoffe e. V. (FNR)

fnr.de

11

Fachagentur Nachwachsende Rohstoffe e. V. (FNR) is a German government-affiliated project management agency under the Federal Ministry of Agriculture, Food and Homeland (BMLEH). It focuses on promoting renewable raw materials, bioenergy, and sustainability through project funding, research support, and public information. The agency holds a strong market position as a key national entity in renewable resource management and sustainability initiatives. The website targets researchers, policymakers, industry stakeholders, and the general public interested in sustainable development and renewable resources. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries such as jQuery and Slick Carousel for UI components. It uses Matomo analytics configured to disable cookies, reflecting a privacy-conscious approach. The site is mobile-optimized, accessible, and SEO-friendly with clear navigation and professional design. Hosting appears to be under German research network infrastructure, consistent with its government affiliation. Security posture is good with HTTPS enforced and no exposed sensitive data. However, the site lacks visible security headers and a cookie consent mechanism, which are areas for improvement. No public vulnerability disclosure or incident response information is available, which could be enhanced to improve trust and security readiness. Overall, the website is professional, trustworthy, and well-aligned with its mission. Strategic recommendations include implementing security headers, adding cookie consent, publishing a vulnerability disclosure policy, and providing incident response contacts to strengthen security and compliance further.

I

Instructure

learnplatform.com

72

Instructure operates a professional and enterprise-grade educational technology platform focused on evidence-based management of K–12 edtech investments. The website demonstrates a mature digital infrastructure leveraging Drupal 10 CMS, modern JavaScript libraries, and extensive marketing and analytics tools such as Google Tag Manager, Marketo, and Microsoft Clarity. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and policies are not visible in the provided content. The absence of WHOIS data is a notable anomaly but does not detract from the professional presentation and comprehensive service offerings. Overall, Instructure presents as a credible and established player in the education technology sector with a focus on compliance, safety, and data-driven decision-making.

I

Instructure

portfolium.com

73

Instructure is a leading educational technology company specializing in learning management systems (LMS) and edtech solutions for K–12, higher education, and business sectors. Their flagship product, Canvas LMS, is widely adopted and supported by a robust ecosystem of partners and community engagement. The company positions itself as a comprehensive provider of digital learning tools that empower educators and learners alike. Technically, the website is built on Drupal 10 CMS and leverages a modern technology stack including Google Tag Manager, Marketo, Microsoft Clarity, and various front-end libraries for performance and user experience. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs multiple security headers, and integrates cookie consent mechanisms indicating GDPR compliance. Certifications such as SOC 2 and ISO 27001 further demonstrate a commitment to security standards. However, the absence of a publicly accessible security policy and incident response contact details suggests room for improvement in transparency and readiness. Overall, Instructure's website reflects a professional, trustworthy, and well-maintained digital presence aligned with its enterprise market position. The missing WHOIS data is a notable anomaly but does not significantly detract from the overall credibility given the strong branding and operational indicators.

I

Instructure

kimonocloud.com

72

Instructure is a prominent education technology company offering a comprehensive ecosystem of tools for K-12, higher education, and business sectors, including the well-known Canvas LMS platform. Their website demonstrates a mature digital presence with extensive use of modern marketing and analytics technologies, indicating a strong digital marketing strategy and customer engagement focus. However, the absence of publicly available WHOIS data and lack of visible privacy and terms of service policies on the analyzed page present some concerns regarding transparency and compliance. The website is well-designed, mobile-optimized, and provides a professional user experience aligned with enterprise standards.

Radio1 AG operates a regional adult-oriented radio station based in Zürich, Switzerland, providing live radio streaming, podcasts, events, and promotional activities. The website is professionally designed with clear navigation and content targeted at mature audiences. The business maintains a consistent brand presence and provides transparent contact information, enhancing trust and credibility. Technically, the site uses modern web technologies such as jQuery and Slick Carousel, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced and cookie consent implemented, though security headers are absent and no formal security policy or incident response contacts are published. Overall, the domain registration aligns well with the business claims, indicating legitimacy and trustworthiness.

A

ASKO - NÁBYTEK

asko-nabytek.cz

59

ASKO - NÁBYTEK is a prominent Czech furniture retailer offering a wide range of furniture and home accessories through its e-commerce platform. The website presents a comprehensive catalog of products including beds, chairs, tables, wardrobes, sofas, and various home textiles and decorations, targeting general consumers seeking quality home furnishings. The company appears to have a large market presence in the Czech Republic with a well-structured online shopping experience. Technically, the website employs modern JavaScript libraries such as jQuery, Splide, and Slick for UI components and galleries, alongside Google Tag Manager for analytics and marketing. The site is mobile-optimized and includes cookie consent mechanisms, indicating a moderate level of digital maturity. However, the absence of detailed WHOIS data limits the ability to fully verify domain legitimacy and ownership. From a security perspective, the site enforces HTTPS and includes basic security headers, but lacks advanced headers like Content-Security-Policy and HSTS. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is basic, with cookie consent present but no explicit privacy policy or terms of service found in the analyzed content. Overall, the website is professionally designed and functional, with a good user experience and clear navigation. The lack of WHOIS transparency and limited privacy documentation are areas for improvement. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and terms policies, and improving accessibility features to strengthen compliance and trust.

The Middle East Waste & Recycling Awards (MEWAR Awards) website serves as a professional platform to recognize and celebrate excellence in waste management and recycling within the Middle East region. Established in 2018, the awards event is organized by Waste & Recycling magazine and hosts industry leaders, sponsors, and partners to promote sustainable environmental practices. The website provides information about the awards, categories, key dates, sponsors, and media content such as videos and galleries. The target audience includes professionals and organizations involved in waste management and recycling sectors. Technically, the website employs a modern front-end stack including Bootstrap, jQuery, and popular UI libraries like Slick Carousel and Flickity for interactive elements. It integrates Google Analytics and Google Tag Manager for user tracking and analytics. The site is mobile responsive and has a moderate performance profile. However, it lacks a known CMS and some advanced SEO and accessibility features. From a security perspective, the website uses HTTPS but lacks DNSSEC and important security headers, which are recommended for enhanced protection. No privacy, cookie, or terms of service policies are published, which impacts compliance and user trust. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. The domain registration is consistent with the business timeline and shows no suspicious patterns, indicating legitimacy. Overall, the website is functional and professional but would benefit from improved privacy compliance, security hardening, and clearer contact information to enhance trust and regulatory adherence.

B

Built Environment

cm-today.com

61

Built Environment is a specialized media publication serving the GCC and Middle East real estate, property management, community management, and PropTech sectors. It offers a comprehensive range of services including news, expert talks, exclusive content, events, and multimedia such as podcasts and videos. The website demonstrates a professional and consistent brand presence with active social media engagement and digital magazine offerings. Technically, the site employs modern web technologies including AMP, jQuery, Bootstrap, and integrates multiple analytics and marketing tools such as Google Analytics, Google Tag Manager, LinkedIn Insight, and OneSignal push notifications. Security posture is generally good with HTTPS enforced and reCAPTCHA implemented on forms, though the absence of security headers and vulnerability disclosure mechanisms suggests room for improvement. The missing WHOIS registration data is a notable concern, slightly reducing trustworthiness, but the overall digital footprint and content quality support legitimacy. Privacy compliance is basic with a privacy and cookie policy present along with a consent mechanism. Overall, the site is well-positioned as a regional media leader in its niche with moderate technical maturity and a solid security baseline.

The website represents the Global Elevator Exhibition (GEE), a major trade fair event dedicated to elevators, escalators, moving walkways, and components, organized by Fiera Milano S.p.A. It targets industry professionals, exhibitors, and visitors interested in the vertical transportation sector. The site provides comprehensive event information, exhibitor services, visitor ticketing, and news updates, positioning itself as a key industry hub in Italy. Technically, the website is built on Adobe Experience Manager (AEM) with modern front-end technologies including Bootstrap, jQuery, and carousel libraries. It integrates Google Tag Manager and Iubenda for analytics and cookie consent management, reflecting a mature digital infrastructure. The site is mobile-optimized and well-structured for user experience. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms but lacks visible security headers and incident response information. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data for the domain is a notable anomaly, slightly reducing trust but mitigated by the professional presentation and association with Fiera Milano. Overall, the website is professional, secure, and compliant with privacy regulations, serving its business purpose effectively. Strategic improvements in security headers, incident response transparency, and WHOIS data clarity are recommended to enhance trust and security posture.

The Collegio degli Ingegneri e Architetti di Milano is a historic and reputable cultural association founded in 1563, dedicated to promoting the professional culture of engineers and architects in Milan. The organization offers professional training courses, events, publications, and membership services targeting professionals in engineering and architecture. The website reflects a well-structured and professional digital presence with clear navigation and relevant content for its audience. Technically, the site uses modern JavaScript libraries and frameworks such as Bootstrap and jQuery, with Google Tag Manager for analytics. Security posture is adequate with HTTPS enforced, but lacks some advanced security headers and anti-CSRF protections. Privacy and cookie policies are present, with a named Data Protection Officer contact, indicating GDPR awareness. Overall, the site is trustworthy and serves its niche well.

I

Instructure

instructure.com

59

Instructure is a leading education technology company specializing in learning management systems and edtech solutions for K–12, higher education, and business sectors. Their flagship product, Canvas LMS, is recognized as the world's most-loved LMS, supported by additional offerings such as Mastery for assessments and Parchment for credential management. The company maintains a strong market position with a global customer base and a comprehensive partner ecosystem. Technically, the website is built on Drupal 10 and integrates modern analytics, marketing, and tracking technologies, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is solid with HTTPS enforced and no evident vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website reflects a professional, trustworthy, and mature digital presence.

M

MADE eventi Srl

madeexpo.it

67

MADE eventi Srl operates the MADE expo, a prominent trade fair in Milan, Italy, focusing on the construction sector. The website presents a professional and comprehensive platform for exhibitors, visitors, and media, offering detailed event information, ticketing, and networking opportunities. The company is positioned as a key player in the event organization industry with strong partnerships and media presence. Technically, the website uses modern web technologies including Adobe Experience Manager CMS, Bootstrap, jQuery, and integrates Google Tag Manager and Iubenda for analytics and privacy compliance. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms implemented. No critical vulnerabilities or suspicious content were detected. Overall, the site is well-structured, GDPR compliant, and trustworthy, serving a general audience interested in construction industry events.

fairplaid.org is a German crowdfunding platform specializing in sports projects, enabling sports clubs and athletes to raise funds for their initiatives. The platform has been operational since 2012, indicating a mature presence in its niche market. The website is well designed with good content relevance and user experience, targeting sports organizations and individuals in Germany. The technical infrastructure leverages modern JavaScript frameworks and integrates multiple analytics and marketing tools while maintaining user privacy through cookie consent and IP anonymization. Security posture is solid with HTTPS enforced and domain registration protections in place, though improvements such as enabling DNSSEC and adding security headers could enhance resilience. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism, but the absence of terms of service and explicit security policies is noted. Overall, the site demonstrates a professional and trustworthy online presence with moderate to good technical and security maturity.

F

Fondazione Nigrizia

fondazionenigrizia.org

52

Fondazione Nigrizia is a medium-sized Italian non-profit organization dedicated to supporting African humanitarian and development projects. The website serves as a platform for project promotion, donor engagement, event announcements, and membership subscriptions. It leverages WordPress with a modern tech stack including jQuery, Slick Carousel, and GDPR-compliant cookie management plugins. The site is well-structured, mobile-optimized, and provides clear contact channels and privacy policies, reflecting a mature digital presence. From a security perspective, the website enforces HTTPS and uses cookie consent mechanisms, but lacks visible HTTP security headers, which could be improved to enhance protection. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits full trust verification, but the professional presentation and consistent branding support legitimacy. Overall, the website is a reliable and professional digital asset for the organization, effectively balancing user experience, privacy compliance, and functional needs. Strategic improvements in security headers and incident response transparency would further strengthen its posture.

H

HANSAINVEST Hanseatische Investment-GmbH

hansainvest.de

59

HANSAINVEST Hanseatische Investment-GmbH is a leading German capital management company specializing in fund administration and comprehensive fund solutions across all relevant asset classes. The company positions itself as a trusted partner for fund partners and asset managers, offering services including insourcing and Luxembourg-based fund solutions through its subsidiary HANSAINVEST LUX S.A. The website is professionally designed, content-rich, and targets institutional investors and potential employees. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and frameworks, hosted by Schlund Technologies, and optimized for mobile devices. Security posture is strong with HTTPS and GDPR compliance via Usercentrics, though some security headers could be improved. No blocking or WAF challenges were detected, and the domain registration is consistent with the business claims, indicating a legitimate and trustworthy online presence.

E

Eidgenössisches Institut für Geistiges Eigentum

ige.ch

67

The Eidgenössisches Institut für Geistiges Eigentum (IGE) is the Swiss federal authority responsible for intellectual property rights including patents, trademarks, designs, geographical indications, and copyright. The website serves as a comprehensive portal for individuals, businesses, and IP professionals to access registration services, legal information, and educational resources. It holds a strong market position as the central Swiss government institution in this domain, offering key services such as public registers, online applications, and IP training through its IP Academy. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including JavaScript frameworks and Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly, with a professional design and clear navigation. Performance is moderate, suitable for a government portal with rich content. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR. However, it lacks explicit security headers and a published security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy as a Swiss federal entity, enhancing trust. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. It effectively serves its target audience with relevant content and services, though it could improve security posture by adding security headers and vulnerability disclosure information.

H

Handeln JETZT!

handeln-jetzt.org

30

Handeln JETZT! is a German non-profit environmental project focused on empowering youth to implement projects related to biodiversity, climate, and climate justice. It provides financial support and mentorship through a network of project buddies. The website is well-structured, content-rich, and targets young people interested in environmental activism. Technically, the site uses modern JavaScript libraries and analytics tools with privacy compliance mechanisms such as Usercentrics CMP and CAPTCHA on forms. Security posture is good with HTTPS enforced, but lacks explicit security headers and WHOIS transparency. Overall, the site is trustworthy and professionally maintained, supported by recognized environmental youth organizations and federal funding.

M

Media Fusion

mediafusionme.com

56

Media Fusion is a well-established B2B media and events company operating primarily in the Middle East and India since 2012. The company specializes in niche publications, trade shows, conferences, and awards ceremonies that foster industry conversations and connections across sectors such as clean energy, built environment, waste management, and aviation. Their market position is strong as a fast-growing enterprise with a professional online presence and a broad portfolio of industry-specific brands and events. Technically, the website uses modern front-end technologies like Bootstrap, jQuery, and GSAP, providing a responsive and visually appealing user experience. However, the site lacks advanced CMS integration and some SEO and accessibility features could be improved. Security-wise, the site benefits from HTTPS and some basic security headers but lacks DNSSEC and published security policies or incident response contacts, which are recommended for enhanced trust and compliance. Privacy compliance is minimal with no cookie consent mechanism detected, which could be a risk under GDPR regulations. Overall, the website is professional and trustworthy but could improve in security and privacy transparency to better align with industry best practices.

W

Waste & Recycling

wasterecyclingmag.com

74

Waste & Recycling is a regional media publication focused on the waste management and recycling industry, providing news, expert insights, multimedia content, and event information. The website demonstrates a moderate level of digital maturity with use of AMP, Bootstrap, and various analytics and marketing tools. However, the absence of WHOIS registration data raises concerns about domain legitimacy. Security posture is adequate with HTTPS and reCAPTCHA usage but lacks important security headers and visible privacy compliance. Overall, the site serves its target audience well but requires improvements in transparency and security to enhance trust.

F

Fachagentur Nachwachsende Rohstoffe e. V. (FNR)

waldklimafonds.de

10

The Waldklimafonds website serves as an authoritative information portal for the German forest climate fund initiative, operated by the Fachagentur Nachwachsende Rohstoffe e. V. (FNR). It provides comprehensive resources including project databases, research updates, events, and educational materials aimed at promoting sustainable forest management and climate adaptation. The site targets researchers, policymakers, forest managers, and environmentally conscious citizens. The business model is government-funded and non-profit, positioning the site as a trusted source within the forestry and environmental sectors in Germany. Technically, the website is built on TYPO3 CMS, a robust and widely used content management system for institutional websites. It employs modern JavaScript libraries such as jQuery and Slick Carousel for interactive elements and uses Matomo analytics with cookies disabled to respect user privacy. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Hosting appears to be managed by German providers, consistent with the site's governmental affiliation. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and does not publish a security policy or incident response contacts. Privacy compliance is good with a comprehensive privacy policy present, but no cookie consent mechanism is implemented. Overall, the security posture is solid but could be improved by adding security headers and formal policies. The overall risk assessment is low, with no signs of malicious activity or vulnerabilities. Strategic recommendations include implementing cookie consent, adding security headers, publishing security and incident response policies, and enhancing transparency to further build trust. The website demonstrates a high level of professionalism, trustworthiness, and alignment with its governmental and non-profit mission.

N

Netzwerkagentur Saarland by one4vision GmbH

netzwerkagentur-saarland.de

52

Netzwerkagentur Saarland, operating as the technical division of one4vision GmbH, is a well-established IT service provider in the Saarland region of Germany. With over two decades of experience, the company specializes in hosting, network management, security, cloud services, and IT support primarily targeting public sector clients and small to medium-sized enterprises. The website reflects a professional and comprehensive presentation of their services, emphasizing reliability and regional expertise. Technically, the website is built on TYPO3 CMS with modern frameworks such as Bootstrap 5 and jQuery, ensuring good mobile responsiveness and accessibility. The hosting environment is secure, leveraging a certified data center in Germany, and the site employs Matomo analytics configured with privacy-respecting settings. The technical implementation is solid, with no visible vulnerabilities or exposed sensitive data. From a security perspective, the site enforces HTTPS and likely includes standard security headers, though explicit policies such as incident response or vulnerability disclosure are not published. Privacy policies are comprehensive and GDPR compliant, but the absence of a cookie consent mechanism is a minor compliance gap. Contact information is available, including a phone number and remote support via TeamViewer, enhancing user trust. Overall, the website and domain exhibit high legitimacy and trustworthiness, with consistent WHOIS data and alignment between business claims and technical infrastructure. The site scores well across content quality, technical implementation, security posture, privacy compliance, and business credibility, making it a reliable and professional digital presence for the company.

P

Potpuri

potpuri.org

52

Potpuri.org is an independent publishing platform and collaborative initiative focused on experimental research methodologies, investigative journalism, and production, primarily serving the Albanian diaspora and social issues between Kosovo and Switzerland. The website is hosted on the Cargo.site platform and uses modern web technologies including JavaScript frameworks and responsive design. The site is multilingual and includes partner acknowledgments from the European Union and local initiatives. Security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers. Privacy compliance is good with a cookie consent mechanism and a privacy policy present. However, contact information and terms of service are missing, which impacts business credibility and user trust. Overall, the site is functional, professionally designed, and serves a niche media and research audience.

A

Austrian Exhibition Experts GmbH

expo-experts.at

53

Austrian Exhibition Experts GmbH is a specialized event management company focusing on organizing and managing exhibitions and trade shows primarily in Austria and Germany. With over 80 years of combined expertise, the company offers comprehensive services from concept development to full execution of B2B and B2C events. Their market position is solid within the regional exhibition sector, targeting businesses seeking to increase customer engagement and brand visibility through live events. The website reflects a professional and well-structured digital presence, leveraging WordPress and modern plugins to deliver a user-friendly experience with strong SEO and mobile optimization. Security-wise, the site employs HTTPS, cookie consent management, and email obfuscation, though it lacks explicit security policies and incident response contacts. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact channels and social media integration, supporting its business credibility.

D

Deutsche Bildung

deutsche-bildung.de

48

Deutsche Bildung AG operates a specialized education financing platform focused on providing study and living cost financing for students in Germany. The company offers flexible payout options, an integrated academy for educational success, income-dependent repayment models, and support for financing foreign studies. Positioned as a reputable and established player since 2020, Deutsche Bildung targets students seeking alternative financing solutions beyond traditional loans or scholarships. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its audience. Technically, the site is built on WordPress with modern plugins and frameworks, hosted on Cloudpit infrastructure, and incorporates advanced SEO and consent management tools. Security posture is strong with HTTPS, security headers, and secure login portals, though explicit security policies and vulnerability disclosures are not publicly detailed. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR and cookie regulations.

M

Martin Tardy

martintardy.com

60

Martin Tardy's website serves as a professional portfolio and e-commerce platform for the artist's original works. The site effectively showcases the artist's biography, exhibitions, press mentions, and provides a shop for purchasing artwork. The target audience includes art collectors and enthusiasts interested in contemporary art. The business operates on a small scale with a direct-to-consumer model supported by online sales and event promotion. Technically, the website is built on WordPress using the Enfold theme and WooCommerce for e-commerce functionality, supplemented by common libraries such as jQuery and Slick Carousel. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. Security posture is adequate with HTTPS enabled and no exposed sensitive data; however, it lacks security headers and formal security policies. Privacy compliance is minimal, with no cookie consent mechanism or explicit GDPR indicators. Overall, the site is professional and trustworthy but could improve in privacy and security practices to enhance compliance and user trust.

I

Initiative Therme Plus

thermeplus.at

48

Initiative Therme Plus is a promotional platform representing 38 popular thermal spas across Austria, focusing on wellness, spa, family activities, and relaxation. The website serves as an information hub and marketing channel, offering a loyalty program to encourage repeat visits. Technically, the site is built on WordPress with modern libraries and frameworks, including jQuery and Usercentrics for consent management. The security posture is solid with HTTPS and privacy compliance, though some security headers could be improved. Overall, the site is professional, user-friendly, and trustworthy, targeting a broad audience interested in Austrian thermal spa experiences.

D

DocLX Holding GmbH

lighthousefestival.tv

64

Lighthouse Festival is a well-established boutique electronic music festival organizer with over 12 years of experience, operating events primarily in Croatia, Austria, and Tanzania. The company focuses on creating intimate, exclusive festival experiences branded as 'electronic music on vacation'. The website reflects a professional digital presence with clear event information, social media integration, and a consistent brand image. Technically, the site uses modern web technologies including Bootstrap, jQuery, and various JavaScript libraries to deliver a responsive and engaging user experience. However, some areas such as cookie consent and security headers could be improved to enhance privacy compliance and security posture. The domain registration data is consistent with the business claims, supporting the legitimacy of the site.

F

Faktor B gGmbH

faktor-b.org

56

Faktor B gGmbH is a German non-profit organization specializing in innovative educational financing based on a reverse generational contract model. The organization aims to promote equitable access to higher education by pooling donations and subordinated loans to fund students, who later repay a share of their income to sustain the fund. The website is professionally designed, content-rich, and targets students, donors, foundations, and companies interested in social impact through education. Technically, the site is built on WordPress with modern plugins and SEO optimizations, delivering good performance and mobile responsiveness. Security posture is solid with HTTPS and consent management, though some HTTP security headers are missing and no explicit security policy is published. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is common for non-profits. Overall, the site is trustworthy, compliant with GDPR, and well-positioned in the education non-profit sector.

D

Diamond Country Club

countryclub.at

53

Diamond Country Club is a well-established hospitality and golf resort located in Austria, offering multiple golf courses, hotel accommodations, event hosting, and retail services. The website positions itself as Austria's only European Tour Destination, targeting golf enthusiasts and travelers seeking premium leisure experiences. The business model integrates golf, hospitality, and event services with online booking capabilities, supported by a professional and consistent brand presence. Technically, the website is built on WordPress with WooCommerce for e-commerce functionalities, leveraging modern JavaScript libraries such as jQuery, GSAP, and Slick Carousel for enhanced user experience. The site demonstrates good mobile optimization and SEO practices, though accessibility features could be improved. Performance is moderate, with caching and optimization plugins in use. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. It implements a cookie consent mechanism compliant with GDPR, and privacy policies are comprehensive and clearly presented. However, there is no dedicated security policy or incident response information publicly available, nor a vulnerability disclosure program, which could be areas for enhancement. Overall, the website is trustworthy, professional, and compliant with privacy regulations, with a strong business credibility and digital maturity. Strategic improvements in security transparency and accessibility would further strengthen its posture.

H

HESCOM-Software GbR

hescom.de

57

HESCOM-Software GbR is a small German software company specializing in software solutions for antiquarian bookshops, collectors, galleries, and publishers. Their offerings include proprietary software products such as Antiquar-PC, Exlibris-PC, and an integrated webshop solution, targeting niche markets with tailored IT consulting and web design services. The company has a consistent market presence since 2006 and maintains a professional website with clear navigation and relevant content. Technically, the website uses a proprietary web framework with standard web technologies including jQuery and Slick Carousel, and employs Piwik/Matomo for analytics. Mobile optimization and SEO are adequately addressed, though accessibility is basic. Security posture is moderate with HTTPS implied but lacking explicit security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional and professional but could improve in security and privacy compliance aspects.

H

HESCOM-Software GbR

hescomshop.de

57

HESCOM-Software GbR is a specialized software provider based in Germany, focusing on solutions for antiquarian bookshops, publishers, galleries, libraries, and collectors. Their core offerings include software products like Antiquar-PC and Exlibris-PC, complemented by a flexible and powerful webshop solution tailored for presenting and selling antiquarian books and graphics online. The company also provides web design and hosting services, targeting a niche market with professional and comprehensive solutions. The website reflects a consistent brand image and professional content aimed at their target audience. Technically, the website employs a custom HESCOM Web Framework along with common JavaScript libraries such as jQuery, Slick Carousel, and SimpleLightbox for UI enhancements. Analytics are handled via a self-hosted Piwik/Matomo instance, indicating a privacy-conscious approach. The site is mobile-optimized with good SEO and accessibility basics, though some improvements in accessibility and security headers could be made. Hosting appears stable with dedicated nameservers and no blocking or WAF interference. From a security perspective, the site uses encrypted data transmission for orders and does not expose sensitive information in the HTML. However, explicit security policies, incident response contacts, and cookie consent mechanisms are absent, which could be improved to enhance compliance and user trust. The WHOIS data aligns well with the website claims, showing consistent domain registration and no privacy protection, supporting legitimacy. Overall, the website is professional, secure, and compliant with GDPR, serving a specialized market effectively. Strategic improvements in security headers, cookie consent, and incident response transparency would further strengthen their security posture and compliance standing.

H

HESCOM-Software GbR

hescomshop.com

57

HESCOM-Software GbR is a specialized software provider based in Germany, focusing on solutions for antiquarian bookshops, collectors, publishers, galleries, and libraries. Their core offerings include the Antiquar-PC and Exlibris-PC software systems, complemented by a flexible and powerful webshop solution tailored for antiquarian inventory presentation and eCommerce. The company positions itself as a niche player with a strong focus on the antiquarian and collector market segments, providing integrated software and web design services with hosting options. The website content is professionally presented, with clear navigation and multilingual support, targeting German and English-speaking customers in the antiquarian book and collector community.

S

Stadtwerke Halle GmbH

energieinitiative-halle.de

57

The Energie-Initiative Halle (Saale) website represents a regional energy and climate protection initiative operated by Stadtwerke Halle GmbH. It serves as an information hub for local citizens, businesses, and partners interested in sustainable energy projects, climate policies, and transformation initiatives in Halle (Saale). The site reflects a medium-sized municipal energy provider with a strong local presence and a network of subsidiaries and partners. Technically, the website uses a traditional but stable tech stack including jQuery, jQuery UI, and Matomo analytics, with a CMS identified as SixCMS. The site is mobile optimized and includes modern privacy compliance tools such as Usercentrics for cookie consent. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some improvements like updated libraries and enhanced security headers are recommended. Overall, the site is professional, trustworthy, and compliant with GDPR, but lacks explicit published security policies and incident response contacts.

W

W+H Wasser- und Haustechnik GmbH

wuh-halle.de

60

W+H Wasser- und Haustechnik GmbH is a regional service provider specializing in water and sanitary technology services in Halle (Saale), Germany. The company offers comprehensive solutions including water meter testing, standpipe rental for water extraction, and sanitary installations. It operates as part of the larger Stadtwerke Halle GmbH (SWH) group, which encompasses multiple subsidiaries in energy, water, transportation, and related sectors. The website reflects a professional and consistent brand image aligned with its parent group, targeting local businesses and residents requiring water and heating services. Technically, the website is built on a CMS platform (likely SixCMS) and employs common JavaScript libraries such as jQuery and Modernizr, along with the Slick carousel for UI elements. It integrates Usercentrics for cookie consent management and Matomo for analytics, indicating a moderate level of digital maturity and privacy awareness. The site is mobile-optimized and uses HTTPS, but lacks some advanced security headers and explicit security policies. From a security perspective, the site demonstrates good baseline practices including HTTPS enforcement and consent management. However, it does not publish a security.txt file or detailed security policies, and security headers are not explicitly detected. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is consistent with the website's branding and hosting, reinforcing legitimacy. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR requirements. Strategic recommendations include enhancing security headers, publishing explicit security policies, and considering a vulnerability disclosure policy to improve security posture and stakeholder trust.

M

Maya mare

mayamare.de

52

Maya mare is a medium-sized hospitality business based in Germany, operating a unique themed water park, sauna, wellness, and fitness club. The website reflects a well-established brand with a clear market position as the first fully themed experience bath in Germany. The business targets general audiences including families and fitness enthusiasts, offering a broad range of leisure services. Technically, the site is built on WordPress with the Divi theme and uses modern plugins for SEO, cookie management, and analytics. The hosting provider is EVH, a reputable German hosting service. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. No critical vulnerabilities were detected. Privacy compliance is strong with comprehensive policies and GDPR-aligned cookie management. Overall, the website is professional, trustworthy, and user-friendly, supporting the business's credibility and customer engagement.

C

Container Terminal Halle (Saale) GmbH

ct-hs.de

57

Container Terminal Halle (Saale) GmbH operates as a regional logistics and transportation service provider specializing in container terminal operations, rail services, and combined transport solutions. The company is part of the larger Stadtwerke Halle GmbH (SWH) group, which encompasses multiple energy and infrastructure-related subsidiaries. The website reflects a professional business presence targeting logistics customers primarily in Germany, with a focus on the Halle (Saale) region. Technically, the website employs a traditional tech stack including jQuery, jQuery UI, Modernizr, and Slick Carousel, managed via the SixCMS platform. It integrates modern consent management through Usercentrics and uses Matomo for analytics, indicating a moderate level of digital maturity. The site is mobile optimized and provides clear navigation and relevant content, although some libraries are outdated. From a security perspective, the site enforces HTTPS and uses consent management for cookies, but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website content, supporting legitimacy and trustworthiness. Overall, the website presents a solid business and technical foundation with room for improvement in security transparency and modernization. The risk profile is low, with recommendations focusing on enhancing security policies, updating libraries, and improving accessibility.

I

IT-Consult Halle GmbH

itc-halle.de

62

IT-Consult Halle GmbH is a medium-sized IT service provider based in Halle (Saale), Germany, specializing in comprehensive IT solutions for the public sector and medium-sized enterprises. The company operates under the umbrella of Stadtwerke Halle GmbH, offering services including IT consulting, SAP system management, document management systems, GIS solutions, and data center services. Their market position is solid within the regional public and private sectors, supported by certifications such as ISO 27001 and a professional online presence. Technically, the website employs a modern technology stack including jQuery, Modernizr, Slick Carousel, and FontAwesome, alongside a CMS likely based on SixCMS. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and integrates a consent management platform (Usercentrics) and Matomo analytics for privacy-conscious tracking. Performance is moderate with good SEO and basic accessibility features. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, cookie consent, and no visible vulnerabilities or exposed sensitive data. However, it lacks publicly available security policies and incident response contacts, which could be improved to enhance trust and compliance. Privacy compliance is strong with a comprehensive privacy policy and cookie management. Overall, the website is professional, trustworthy, and well-aligned with the company's business objectives. The risk profile is low, with recommendations focusing on enhancing security transparency and accessibility compliance.

A

Abfallwirtschaft GmbH Halle-Lochau

aw-halle.de

60

Abfallwirtschaft GmbH Halle-Lochau is a regional waste management company operating in Halle (Saale), Germany. It provides landfill management, recycling, and waste disposal services and is part of the larger SWH group, which includes energy, water, and transportation services. The website reflects a professional and consistent brand presence with clear service offerings and contact information. Technically, the site uses a mix of legacy and modern web technologies, including jQuery, FontAwesome, and a consent management platform, hosted likely by EVH. Security posture is adequate with HTTPS and consent mechanisms but lacks some security headers and uses an outdated jQuery version, which could pose risks. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Overall, the website is trustworthy and well-positioned in its market segment.

H

Hallesche Wasser und Stadtwirtschaft GmbH

hws-halle.de

61

Hallesche Wasser und Stadtwirtschaft GmbH is a regional utility company based in Halle, Germany, providing essential municipal services including water supply, wastewater management, waste disposal, and city cleaning primarily targeting private customers. The company operates as part of the larger SWH Gruppe, which encompasses multiple related entities in energy, transportation, and municipal services. Their website reflects a structured and comprehensive presentation of services, targeting local residents and businesses with clear navigation and service menus. Technically, the website employs modern frontend technologies such as jQuery, FontAwesome, and Slick Carousel, alongside privacy-conscious tools like Usercentrics for consent management and Matomo for analytics. The site is mobile optimized and demonstrates moderate performance and accessibility standards. However, some security headers are not explicitly detected, and there is no visible security policy or incident response information. From a security perspective, the site enforces HTTPS and uses consent management, but lacks published security policies and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were found in the provided content. The WHOIS data aligns well with the website's claims, indicating a legitimate and trustworthy domain registration. Overall, the website presents a professional and trustworthy digital presence for a municipal utility provider, with room for improvement in security policy transparency and enhanced privacy compliance documentation.

N

NETZ HALLE GmbH

netzhalle.de

60

NETZ HALLE GmbH operates as a regional energy network operator in Halle (Saale), Germany, providing essential services such as electricity, gas, and heat network connections, metering, and customer support. The company is part of the larger Stadtwerke Halle group, which includes various utility and service subsidiaries. The website reflects a professional and regionally focused utility provider with clear service offerings and customer engagement channels. Technically, the website employs a legacy CMS (SixCMS) with common JavaScript libraries like jQuery and Modernizr, enhanced by user consent management via Usercentrics and analytics through Matomo. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Hosting appears to be managed by EVH, consistent with the regional focus. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible advanced security headers and a public security policy or vulnerability disclosure. No critical vulnerabilities or suspicious content were detected. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent. Overall, the website is trustworthy, professionally maintained, and suitable for its target audience. Recommendations include enhancing security headers, publishing a security policy, and improving accessibility features to further strengthen compliance and security posture.