Security Directory

M

Mayer am Nussberg

mayeramnussberg.at

52

Mayer am Nussberg is a small hospitality business operating a traditional Austrian Buschenschank, offering a variety of food and beverage services including onsite dining, reservations, and online ordering via integrated third-party platforms. The website is built on WordPress using the Avada theme and includes modern web technologies such as LayerSlider and FontAwesome. It demonstrates good digital maturity with structured data for SEO and social media integration. Security posture is solid with HTTPS enabled and no visible sensitive data exposure, though it lacks explicit privacy and cookie policies and security headers. Overall, the site is professional and trustworthy but could improve compliance and security transparency. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and establishing a vulnerability disclosure process.

K

Katholisch Stadt Zürich

katholisch-zuerich.ch

9

Katholisch Stadt Zürich is a non-profit religious organization representing the Catholic community in Zurich, Switzerland. The website serves as a hub for 23 parishes, providing information and services related to Catholic life in the city. It targets local residents and members of the Catholic community, offering religious services and community engagement. The organization holds a strong market position as the largest Catholic entity in Zurich. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Smart Slider 3, indicating a moderate level of digital maturity. The site is mobile-optimized and uses common web technologies including jQuery and FontAwesome. SEO practices are well implemented, but accessibility features are basic. From a security perspective, the site uses HTTPS with excellent SSL configuration but lacks important security headers and formal privacy or cookie policies. Tracking pixels from Facebook and LinkedIn are present without visible consent mechanisms, indicating privacy compliance gaps. No incident response or security contact information is provided. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security hardening to reduce risk and improve user trust.

MBPI AG is a Liechtenstein-based financial services and family office provider focused on delivering long-term prosperity and well-being to its clients. The company emphasizes tradition, societal responsibility, progress, and humanity as core values. The website is professionally designed using WordPress with the Avada theme and includes multilingual support in English and German. Key services include family office management and client wealth services, targeting private clients and institutions primarily in Liechtenstein. The digital infrastructure is modern but lacks some advanced security headers and cookie consent mechanisms. The site uses HTTPS and common web technologies such as jQuery and Revolution Slider, providing a moderate performance and good mobile optimization. Security posture is adequate but could be improved by implementing security headers and publishing incident response policies. Overall, the website is trustworthy and consistent with the company's business claims.

M

Mark Allen Group

efwconference-me.com

61

The website represents the Energy from Waste Middle East 2025 conference organized by Mark Allen Group, a UK-based event organizer with a strong presence in the waste to energy sector. The site provides comprehensive event information, including program details, speakers, sponsors, and site visits, targeting senior industry professionals and stakeholders in sustainable waste management. Technically, the site uses a modern event management platform (Evessio), integrates multiple analytics and marketing tools, and implements cookie consent mechanisms, reflecting a mature digital infrastructure. Security posture is generally good with HTTPS and CSRF protections, though DNSSEC is not enabled and security headers are not explicitly detected, suggesting room for improvement. The WHOIS data shows an unusual future domain creation date, which may indicate a staging environment or data anomaly, slightly impacting trust. Overall, the site is professional, content-rich, and trustworthy, with moderate technical and security maturity.

S

stafftastic GmbH

praktikumswoche.de

60

Praktikumswoche.de is a German educational platform operated by stafftastic GmbH that facilitates internship weeks for students across over 200 regions in Germany. The platform enables students to explore different companies and professions by participating in daily internships during the holidays. It serves both students and companies, offering free registration and participation. The website is well-positioned in the education sector with strong media recognition and a broad regional presence. Technically, the website employs a modern tech stack including Bootstrap, jQuery, FontAwesome, and Cookiebot for cookie consent management. Hosting is managed via Google Domains, and privacy-respecting analytics are implemented using Plausible Analytics. The site is mobile-optimized with good SEO and accessibility basics. From a security perspective, the site uses HTTPS with no visible vulnerabilities or exposed sensitive data. Cookie consent is properly implemented, and privacy is respected with no-cookie YouTube embeds. However, security headers are not explicitly detected, and no public security policy or incident response contacts are provided, which could be improved. Overall, the website is trustworthy, professional, and compliant with GDPR. It lacks explicit contact information on the main page but provides social media links and a privacy policy. The domain registration is consistent and legitimate, supporting the platform's credibility.

Federparquet is an Italian non-profit association representing parquet retailers, installers, and related professionals. Founded officially in 2022, it aims to promote sector development through services such as insurance, expert consultancy, legal assistance, and member conventions. The website serves as an informational and contact portal for members and interested parties, with clear contact details and social media presence. Technically, the site is built on WordPress using the OnePress theme, incorporating modern web technologies like Bootstrap and jQuery. It includes a comprehensive cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS and DNSSEC enabled, though no explicit security policy or incident response information is published. Overall, the site is professional, user-friendly, and trustworthy, serving its niche audience effectively.

A

ANIT

anit.it

51

ANIT is a well-established Italian national association dedicated to promoting scientific information and best practices in thermal and acoustic insulation for the construction and industrial sectors. The website serves as a comprehensive platform offering news, legislative updates, training courses, publications, and membership services targeting professionals, companies, and public entities involved in insulation technologies. The organization maintains a strong market position within Italy's energy and construction sectors, supported by active social media engagement and a professional web presence. Technically, the website is built on WordPress with WooCommerce integration, leveraging modern frameworks like Bootstrap and libraries such as jQuery and FontAwesome. It employs Google Analytics and Google Tag Manager for analytics and tracking, alongside Iubenda for cookie consent management, indicating a moderate level of digital maturity. The site is mobile-optimized and SEO-friendly, with structured data enhancing search visibility. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data confirms the legitimacy and consistency of the domain registration with the organization's identity and history. Overall, ANIT's website demonstrates a solid business and technical foundation with room for improvement in security policy transparency and enhanced security header implementation. The site is safe for general audiences and aligns well with its stated mission and sector focus.

M

media touch

mediatouch.de

45

media touch is a German technology company operating a website powered by TYPO3 CMS, targeting German-speaking users. The company appears to provide digital technology services, though specific services are not detailed in the provided content. The website uses modern frontend technologies including Bootstrap and jQuery, and integrates Usercentrics for GDPR-compliant cookie consent management. Hosting is provided by Schlundtech, a German hosting provider, consistent with the website's regional focus. Security posture is moderate with HTTPS enabled and consent management in place, but lacks explicit privacy policies, terms of service, and security headers. Contact information and incident response details are not present, limiting transparency and trust. Overall, the website is professionally designed and mobile-optimized but could improve in privacy and security disclosures.

L

Lutec GmbH

lutec.ch

69

Lutec GmbH is a Swiss-based company specializing in energy-efficient ventilation and climate technology solutions, focusing on central and residential ventilation systems. The company targets regional customers in Baselland, Switzerland, offering services including installation, maintenance, and servicing of ventilation and air conditioning systems. The website is built on the BaseKit CMS platform, hosted by Hoststar, and employs modern web technologies such as FontAwesome and PhotoSwipe for enhanced user experience. The site is mobile-optimized and provides a good level of content quality and navigation clarity, although explicit contact details and privacy policies are missing. Security-wise, the website uses HTTPS but lacks important security headers and explicit incident response or vulnerability disclosure information, indicating room for improvement in security posture and compliance. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy of the website and company.

D

Discover-Culture

discover-culture.com

63

Discover-Culture is a small media company based in Germany, specializing in digital cultural tours, VR experiences, and interactive cultural media. The website offers digital tours and cultural films accessible without restrictions after purchase, targeting a general audience interested in culture and art. The business model is primarily e-commerce focused on digital content delivery. Technically, the website is built on WordPress with WooCommerce, integrating modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and HubSpot. Hosting is via Amazon AWS infrastructure, ensuring reliable performance and scalability. Security posture is good with HTTPS enforced and domain transfer protection, though the absence of DNSSEC and explicit security headers suggests room for improvement. Privacy compliance is partial, with a cookie policy and consent mechanism present but lacking explicit privacy and terms of service pages. Overall, the website is professional, well-branded, and functional, with moderate trustworthiness and a solid technical foundation.

P

Paulo Fernandes & André Kleegräfe GbR

u21.de

53

U21 mediendesign is a small, owner-operated media design agency based in Hannover, Germany, founded in 1999. The company specializes in responsive web design, Typo3 CMS implementations, SEO, SEA, and app programming, targeting businesses seeking professional digital presence solutions in the Hannover region. Their market position is that of an established regional player with over two decades of experience, offering comprehensive digital services with a focus on quality and client trust. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies such as jQuery, FontAwesome, Google reCAPTCHA, and Typekit fonts. The hosting is managed via kasserver.com, and the site demonstrates good mobile optimization, accessibility, and SEO practices. Performance is moderate, with room for optimization. The site includes a cookie consent mechanism and uses Matomo analytics with transparent data retention policies. From a security perspective, the site enforces HTTPS and uses reCAPTCHA for form protection. Cookie consent is granular and GDPR compliant. However, explicit security headers are not detected, and no dedicated security or incident response policies are published. No vulnerabilities or exposed sensitive data were found. The WHOIS data aligns with the business claims, showing a consistent domain age and hosting setup. Overall, the website presents a professional, trustworthy, and compliant digital presence with minor areas for security and technical enhancement. The risk level is low, with recommendations to improve security headers, publish security policies, and consider vulnerability disclosure mechanisms to further strengthen trust and compliance.

P

Prosegur Portugal

prosegur.pt

71

Prosegur Portugal is a leading private security company specializing in alarm systems and security services for residential and business customers. The website presents a professional and comprehensive overview of their offerings, including 24/7 monitoring, police alert services, video surveillance, and access control. The company targets both B2C and B2B segments, emphasizing security technology and customer protection. The digital infrastructure leverages modern technologies such as Google Tag Manager, Microsoft Clarity, and a consent management platform to ensure compliance and user tracking. Security posture is strong with HTTPS enforcement and secure form handling, though some security headers could be improved. Privacy compliance is well addressed with clear cookie policies and consent mechanisms. Overall, the site reflects a mature, trustworthy business with a solid market position in Portugal.

P

Prosegur UK

prosegur.co.uk

78

Prosegur UK presents itself as a professional security services provider offering integrated security solutions including manned guarding, logistics, alarms, and cybersecurity. The website is well-structured and targets organizations seeking comprehensive security services in the UK market. The company leverages modern web technologies and consent management tools to ensure privacy compliance. However, the WHOIS data indicates the domain www.prosegur.co.uk is not officially registered under Nominet UK due to naming rules violations, which raises questions about domain legitimacy despite the professional appearance and branding consistency. The website lacks direct contact emails and phone numbers but provides a contact form for inquiries. Overall, the digital maturity is moderate with good SEO and mobile optimization but could improve security headers and explicit incident response information.

P

Prosegur

prosegur.us

70

Prosegur is a global security services provider offering integrated solutions including manned guarding, cybersecurity, and risk management, now operating in the USA. The company is recognized internationally for trustworthiness and excellence, holding awards from Newsweek and TIME. Their business model emphasizes hybrid security combining human expertise with advanced technology to deliver adaptive and scalable security solutions tailored to diverse industries. The website targets B2B clients seeking comprehensive security services. Technically, the website employs modern technologies such as Google Tag Manager, HubSpot forms, and Didomi consent management, hosted likely on SAP Commerce Cloud. The site is well-optimized for mobile and accessibility, with good SEO practices and performance. Privacy compliance is robust with clear cookie consent mechanisms and a comprehensive privacy policy hosted on a partner domain. Security posture is strong with HTTPS enforced, security headers present, and no visible vulnerabilities or exposed sensitive data. However, the site lacks explicit security policies or incident response contacts, which could be improved. WHOIS data is unavailable, which slightly reduces trust signals, but the overall legitimacy is supported by branding and external recognitions. Overall, Prosegur's website presents a professional, secure, and privacy-conscious digital presence suitable for its enterprise security services business, with recommendations to enhance transparency around security policies and incident response.

D

Dietmar Hopp Stiftung GmbH

dietmar-hopp-stiftung.de

52

The Dietmar Hopp Stiftung GmbH is a well-established non-profit foundation based in Germany, focused on funding projects in medicine, education, social welfare, youth sports, and climate protection within the Rhein-Neckar metropolitan region. Founded by Dietmar Hopp, co-founder of SAP, the foundation leverages significant resources to support community and philanthropic initiatives. The website presents a professional and consistent brand image, targeting non-profit organizations and beneficiaries in the region. The business model centers on grant-making and social impact, positioning the foundation as a key regional philanthropic actor. Technically, the website is built on the TYPO3 CMS platform, utilizing modern frontend technologies such as Bootstrap, jQuery, and FontAwesome. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Performance is moderate, with no major technical issues detected. SEO and accessibility features are basic but functional. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism with opt-in options for statistics and marketing cookies, demonstrating good privacy compliance. However, no explicit security policies or incident response contacts are publicly disclosed. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is consistent and supports the legitimacy of the domain and organization. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR requirements. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving SEO and accessibility features to further strengthen the site's security posture and user trust.

C

Crain Communications Ltd

prseventindia.com

61

Plastics Recycling Show India 2025 is a professionally organized event by Crain Communications Ltd, targeting the plastics recycling industry in India and the surrounding region. The website provides comprehensive event details, including conference programs, exhibitor information, advisory board members, sponsors, and testimonials, positioning itself as a leading regional event in this sector. The technical infrastructure leverages modern web technologies such as Google Analytics, Google Tag Manager, YouTube embeds, and bot protection services, hosted primarily on Amazon S3 and powered by the Evessio event platform. Security posture is solid with HTTPS enforced and basic security headers present, though improvements can be made by adding explicit security policies and incident response contacts. Privacy compliance is well addressed with clear cookie and privacy policies, including GDPR considerations. However, the domain WHOIS data is missing or inaccessible, which raises concerns about domain registration legitimacy despite the professional website presence. Overall, the site scores well on content quality, technical implementation, and security, but domain registration inconsistencies and lack of phone contact information slightly reduce trustworthiness.

F

Fachagentur Nachwachsende Rohstoffe e. V. (FNR)

waldklimafonds.de

10

The Waldklimafonds website serves as an authoritative information portal for the German forest climate fund initiative, operated by the Fachagentur Nachwachsende Rohstoffe e. V. (FNR). It provides comprehensive resources including project databases, research updates, events, and educational materials aimed at promoting sustainable forest management and climate adaptation. The site targets researchers, policymakers, forest managers, and environmentally conscious citizens. The business model is government-funded and non-profit, positioning the site as a trusted source within the forestry and environmental sectors in Germany. Technically, the website is built on TYPO3 CMS, a robust and widely used content management system for institutional websites. It employs modern JavaScript libraries such as jQuery and Slick Carousel for interactive elements and uses Matomo analytics with cookies disabled to respect user privacy. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Hosting appears to be managed by German providers, consistent with the site's governmental affiliation. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and does not publish a security policy or incident response contacts. Privacy compliance is good with a comprehensive privacy policy present, but no cookie consent mechanism is implemented. Overall, the security posture is solid but could be improved by adding security headers and formal policies. The overall risk assessment is low, with no signs of malicious activity or vulnerabilities. Strategic recommendations include implementing cookie consent, adding security headers, publishing security and incident response policies, and enhancing transparency to further build trust. The website demonstrates a high level of professionalism, trustworthiness, and alignment with its governmental and non-profit mission.

V

VIECC® Vienna Comic Con

viecc.com

45

VIECC® Vienna Comic Con is a prominent event organizer specializing in pop culture and gaming conventions in Austria, particularly in Vienna. Established in 2015, it has positioned itself as a leading event in the region, offering a wide range of services including ticket sales, cosplay competitions, and exhibitor opportunities. The website reflects a professional and engaging digital presence tailored to its target audience of pop culture and gaming enthusiasts. Technically, the site is built on WordPress with a modern tech stack including Avada theme, Yoast SEO, and multilingual support via WPML. While performance and mobile optimization are good, there is room for improvement in accessibility and security headers. Security posture is solid with HTTPS and cookie consent mechanisms in place, but lacks advanced security headers and public incident response information. Privacy compliance is strong with comprehensive GDPR-aligned policies and cookie management. Overall, the site is trustworthy and well-maintained, supporting the business's market position effectively.

1

1&1 Internet Inc

moneyyy.me

56

moneyyy.me is an online platform launched in 2018 that facilitates users in requesting money via multiple popular payment platforms such as Venmo, PayPal, Cash App, Patreon, and OnlyFans through a single aggregated link. The service targets individuals and content creators who receive payments across these platforms, offering convenience and streamlined payment requests. The website is professionally designed with good user experience and mobile optimization, leveraging common web technologies including jQuery, Bootstrap, and FontAwesome, and integrates Google Analytics for user tracking. From a technical perspective, the site is hosted under the registrar IONOS SE (1&1 Internet Inc), with a domain age consistent with the business timeline. The technical stack is modern but lacks advanced security configurations such as DNSSEC and security headers. The site uses HTTPS, but no explicit security headers were detected in the HTML content. Privacy and cookie policies are absent, which impacts compliance and user trust. The registration form collects sensitive user data including email, username, password, and payment platform links, but no visible security or privacy disclosures are provided. Security posture is moderate with room for improvement. The absence of DNSSEC, security headers, and privacy policies are notable gaps. No incident response or vulnerability disclosure information is available. The domain registration is transparent and consistent with the website content, indicating legitimacy. No adult or explicit content is present, making the site safe for general audiences. Overall, moneyyy.me presents a niche financial service with a good user interface and functional design but requires enhancements in privacy compliance, security best practices, and transparency to improve trust and regulatory adherence.

M

Merkur Druck AG

merkurdruck.ch

52

Merkur Druck AG operates as a medium-sized Swiss company specializing in sustainable printing products, creative media project design, and innovative digital solutions. The company targets businesses and organizations seeking environmentally conscious and creative media services. Their market position appears established within the regional manufacturing and media sectors, supported by a professional and consistent online presence. Technically, the website is built on WordPress using the Divi theme, enhanced with modern analytics tools such as Matomo and Microsoft Clarity, and SEO optimizations via Rank Math. The site demonstrates good mobile optimization and user experience, though performance is moderate. Security posture is solid with HTTPS enforced and no exposed sensitive data, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies, which should be addressed to meet GDPR standards. Overall, the website is professional and trustworthy, with room for improvement in privacy and security transparency.

OBST&GEMÜSE jam GmbH is a Swiss-based small business specializing in the retail and repair of cargobikes, racing bikes, and related accessories. The company operates both a physical showroom in Basel and an online shop serving customers across Switzerland. Their business model focuses on urban mobility solutions, targeting customers interested in lightweight, high-performance freight and cycling products. The website is professionally designed with clear navigation and good mobile optimization, reflecting a solid digital presence. Technically, the website is built on the Odoo CMS platform, utilizing modern web technologies such as FontAwesome for icons and Pannellum for 360-degree panorama views. The site integrates Google Analytics and various marketing tools, including Facebook Pixel and Hotjar, to monitor user engagement and optimize marketing efforts. Performance is moderate with good SEO practices and basic accessibility features. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, indicating attention to secure data handling. However, no explicit security headers were detected, and there is no published security policy or incident response contact information. Privacy compliance is strong, with a comprehensive privacy policy, cookie consent mechanism, and GDPR-aligned data processing disclosures. Overall, the website presents a trustworthy and professional front for the business with minor areas for security enhancement. The domain registration data aligns well with the business identity, supporting legitimacy. Strategic improvements in security headers and incident response transparency would further strengthen the security posture.

M

Merkur Druck AG

merkurmedien.ch

52

Merkur Druck AG is a Swiss-based company specializing in sustainable printing products, creative media project design, and innovative digital solutions. Positioned as a regional leader in manufacturing and media services, the company targets businesses seeking environmentally responsible and creative media services. The website reflects a professional and consistent brand image with clear contact information and a focus on sustainability. Technically, the site is built on WordPress using the Divi theme, integrating modern analytics tools such as Microsoft Clarity and Matomo, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and incident response disclosures. Privacy compliance is weak due to missing privacy and cookie policies and absence of consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security practices to meet modern compliance standards.

A

Arbeitsmarktservice Österreich (AMS)

berufskompass.at

56

Berufskompass is a career guidance platform operated by the Austrian Public Employment Service (AMS), providing job seekers and career changers in Austria with tools and information for career orientation and job matching. The website is government-affiliated, authoritative, and targets the Austrian labor market. Technically, the site uses a modular JavaScript stack including RequireJS, Knockout.js, and jQuery, with a custom CMS and moderate performance. Security posture is good with HTTPS and a strict Content-Security-Policy header, though additional headers and cookie consent mechanisms are recommended. The site is accessible, professional, and trustworthy, but could improve privacy compliance and mobile optimization.

D

DocLX Holding GmbH

lighthousefestival.tv

64

Lighthouse Festival is a well-established boutique electronic music festival organizer with over 12 years of experience, operating events primarily in Croatia, Austria, and Tanzania. The company focuses on creating intimate, exclusive festival experiences branded as 'electronic music on vacation'. The website reflects a professional digital presence with clear event information, social media integration, and a consistent brand image. Technically, the site uses modern web technologies including Bootstrap, jQuery, and various JavaScript libraries to deliver a responsive and engaging user experience. However, some areas such as cookie consent and security headers could be improved to enhance privacy compliance and security posture. The domain registration data is consistent with the business claims, supporting the legitimacy of the site.

G

GAIL's

gailsbread.co.uk

69

GAIL's is an established bakery business based in the United Kingdom, specializing in fresh handmade bread, pastries, sandwiches, and specialty coffee with delivery services in London. The website is built on the Shopify platform, leveraging modern e-commerce technologies and integrations such as Google Tag Manager, Bing Clarity, and Freshchat for customer engagement and analytics. The domain is long-standing, created in 2001, and shows consistent registration details with no privacy protection, indicating transparency and legitimacy. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. However, explicit terms of service and security policies are not evident in the provided content. The website demonstrates good design quality, mobile optimization, and SEO practices, providing a professional user experience.

W

WebFactory Ltd

underconstructionpage.com

59

WebFactory Ltd operates the UnderConstructionPage website, offering a popular WordPress plugin designed to create under construction, maintenance, landing, and sales pages quickly and easily. The company targets WordPress site owners including business owners, bloggers, and developers, providing a drag-and-drop builder, extensive templates, and premium image integration. With over 12 million downloads and a strong user base, the company holds a solid market position in the WordPress plugin ecosystem. The website is professionally designed, SEO optimized, and rich in content including user reviews and blog posts, reflecting a mature digital presence. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses several third-party services such as Paddle for payments, Helpscout for support, and Tooltip.io for marketing. The site is mobile optimized, fast, and accessible, with good SEO practices and structured data implemented. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit security policies could be improved. The security posture is solid with no critical vulnerabilities detected. The site uses nonce tokens for AJAX calls and avoids exposing sensitive data. Privacy compliance is well addressed with clear GDPR and cookie policies, including a consent mechanism. Contact information is available primarily via email and support forms, though no phone numbers or physical addresses are listed. The domain is long-standing since 2006, consistent with the business maturity, and WHOIS data shows no suspicious patterns. Overall, the website presents a trustworthy, professional, and secure platform for its users. Strategic recommendations include enhancing security headers, publishing explicit security policies, and adding a vulnerability disclosure mechanism to further strengthen trust and compliance.

M

Meine Kirchenzeitung

meinekirchenzeitung.at

65

MeineKirchenzeitung.at is a German-language online media portal aggregating regional and local news from various Austrian church newspapers. It serves as a centralized hub linking to multiple diocesan publications, offering news, reports, opinions, event listings, and ePaper access primarily targeting German-speaking audiences interested in church and regional topics in Austria. The website demonstrates a consistent and professional brand presence with good content quality and clear navigation. Technically, it employs modern web technologies including Google Analytics, Google Tag Manager, Swiper.js, and Foundation CSS framework, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and cookie banner aligned with GDPR requirements. However, WHOIS data is unavailable due to quota limits, limiting domain registration trust verification. Overall, the site is trustworthy, safe, and professionally managed, with room for technical and security enhancements.

P

ProLitteris, Schweizerische Genossenschaft für Urheberrechte an Literatur und Kunst

prolitteris.ch

49

ProLitteris is a Swiss cooperative society specializing in the collective management of copyright for literature and visual arts. It serves authors, publishers, broadcasters, and cultural institutions by managing rights, licensing, and remuneration distribution. The organization holds an official and recognized position within Switzerland's copyright ecosystem, providing essential services to its stakeholders. The website reflects this professional and non-profit orientation with clear multilingual support and comprehensive information on services and legal frameworks. Technically, the site is built on WordPress with a modern tech stack including jQuery, FontAwesome, and Matomo analytics, ensuring a functional and user-friendly experience. Privacy compliance is well addressed with a detailed privacy policy and cookie consent mechanisms. Security posture is solid with HTTPS, reCAPTCHA, and no visible vulnerabilities, though improvements in security headers and incident response disclosures are recommended. Overall, the website is trustworthy, professional, and well-aligned with its business objectives.

S

Select Insure Group

ecolife.zone

53

Eco Life Zone is a content-driven website dedicated to promoting sustainable living and eco-friendly practices. The site offers a variety of resources and articles on topics such as renewable energy, green homes, sustainable transportation, zero waste lifestyle, natural health, organic gardening, and sustainable travel. The business targets environmentally conscious individuals seeking practical advice and inspiration for greener living. The website is positioned as a niche informational platform with a focus on community engagement and education. Technically, the website is built on WordPress using popular plugins and frameworks such as Elementor, Mai Engine, and Genesis Framework. It employs modern web technologies including JavaScript, jQuery, and Google Analytics for tracking. The site is mobile optimized and demonstrates good SEO practices with comprehensive meta tags and structured data. Performance is moderate, with room for improvement in loading speed and security headers. From a security perspective, the site uses HTTPS with a good SSL configuration and employs a WordPress security plugin (Malcare). However, it lacks explicit security headers and privacy compliance mechanisms such as a privacy policy and cookie consent banner, which are important for GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is common for this type of website, and does not raise immediate concerns. Overall, Eco Life Zone presents a professional and trustworthy platform for eco-sustainability content. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, and maintaining regular updates to plugins and themes to enhance security and compliance.

T

TIVENTS

tivents.app

45

TIVENTS operates a German-language platform focused on connecting users with a wide network of local partners including cultural institutions, sports clubs, restaurants, and event organizers. The website serves as a partner selection portal with extensive listings and links to partner microsites, supporting event promotion and ticketing services. The platform targets local businesses and customers interested in cultural and leisure activities within Germany. Technically, the site employs modern frontend technologies such as Bootstrap, Livewire, and FontAwesome, ensuring a responsive and user-friendly experience. However, some areas such as security headers and cookie consent mechanisms could be improved to enhance compliance and security posture. The security evaluation shows good SSL implementation but lacks explicit security policies or incident response contacts. Overall, the site is legitimate, professionally designed, and maintains a moderate trust level with room for security and privacy enhancements.

H

Hallesche Verkehrs-AG

havag.com

62

Hallesche Verkehrs-AG (HAVAG) is a regional public transportation company serving the Halle (Saale) and Merseburg areas in Germany. It operates under the Mitteldeutscher Verkehrsverbund and is part of the larger SWH group. The website provides comprehensive information about public transport services, ticketing options, customer service, and multimodal transport offers. It targets local residents and commuters seeking reliable public transit information and services. The company maintains a medium-sized regional presence with a clear business model focused on public transportation and customer support. Technically, the website employs a modern technology stack including jQuery, Leaflet for mapping, FontAwesome icons, and Matomo for analytics, complemented by Usercentrics for consent management. The site is hosted by Vautron Rechenzentrum AG and shows good mobile optimization and SEO practices. The infrastructure is stable with HTTPS enforced, though some security headers are not explicitly confirmed. Privacy compliance is well addressed with visible cookie consent and a detailed privacy policy. From a security perspective, the site demonstrates good practices such as HTTPS usage and consent management but lacks explicit incident response contacts and vulnerability disclosure mechanisms. DNSSEC is not enabled, which is a recommended improvement. No critical vulnerabilities or suspicious content were detected. Overall, the site is trustworthy, professional, and compliant with GDPR requirements. The overall risk is low, with recommendations focusing on enhancing DNS security, publishing security.txt, and adding explicit security headers to strengthen the security posture further. The website is suitable for its audience and business purpose, with a strong alignment between domain registration data and business claims.

D

Die Linke im Europaparlament

dielinke-europa.eu

44

Die Linke im Europaparlament is a political group representing left-wing interests within the European Parliament, focusing on social justice, peace, and democracy in Europe. The website serves as an information hub for their parliamentary activities, news, publications, and contact with representatives. It targets European citizens interested in progressive politics and EU governance. The organization maintains a consistent brand presence and leverages official EU affiliations to establish trust. Technically, the website is built on WordPress with common plugins such as Contact Form 7 and uses modern web technologies including jQuery and FontAwesome. The site is hosted by http.net Internet GmbH and demonstrates moderate performance with good mobile optimization and basic accessibility features. SEO practices are well implemented with proper metadata and Open Graph tags. From a security perspective, the site enforces HTTPS and includes privacy consent mechanisms in its contact forms, aligning with GDPR requirements. However, it lacks advanced security headers and a public vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data indicates a consistent and legitimate domain registration. Overall, the website presents a professional and trustworthy digital presence for a political organization, with room for improvement in security hardening and cookie consent implementation to enhance privacy compliance and user trust.

M

Main-Echo

main-echo.de

60

Main-Echo is a regional news media company serving Aschaffenburg and surrounding areas in Germany. The website provides news, event information, and local announcements targeting a general audience interested in regional developments. The business model is focused on regional news publishing with digital services including newsletters and push notifications. Technically, the site uses a modern CMS (fidion fCMS), integrates Google Tag Manager, Facebook SDK, and other analytics and advertising technologies, and is optimized for mobile devices with good SEO practices. Security posture is adequate with HTTPS enforced and consent management implemented, but lacks explicit security headers and published security policies. Privacy compliance is basic, with no explicit privacy or cookie policy pages found in the provided content. Overall, the site is professional, trustworthy, and aligned with its business purpose, but could improve transparency and security documentation.

S

Saarländisches Staatstheater

staatstheater.saarland

58

The Saarländisches Staatstheater is a prominent cultural institution in Saarland, Germany, offering high-quality performances in music theater, drama, ballet, and concerts. It serves a broad audience interested in the arts and culture, with a business model centered on ticket sales, subscriptions, and cultural events. The website reflects a well-established organization with a strong regional presence and professional digital representation. Technically, the website is built on TYPO3 CMS, leveraging modern frontend technologies such as Bootstrap and FontAwesome. It employs Matomo analytics configured for privacy-conscious tracking without cookies. The site is mobile-optimized, well-structured, and SEO-friendly, indicating a mature digital infrastructure. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent mechanisms aligned with GDPR. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced security posture. No critical vulnerabilities or suspicious content were detected. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations, making it a reliable digital presence for the institution.

J

JK.works mediatec

jk-works.de

55

JK.works mediatec is a small, established German IT service provider specializing in system administration, cloud and backup solutions, server maintenance, and web design/development. With over 20 years of experience and a Microsoft Silver Partner certification, the company targets businesses primarily in the Bremen, Wildeshausen, and Oldenburg regions. Their website reflects a professional and consistent brand image, offering clear service descriptions and accessible contact information. Technically, the site is built on OctoberCMS with a modern tech stack including Bootstrap and jQuery, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and explicit security policies. Overall, the website is trustworthy, compliant with GDPR, and free from suspicious or adult content.

E

Euro Akademie

euroakademie.de

52

Euro Akademie is a well-established educational institution in Germany offering a wide range of vocational training, further education, and degree programs. The website is professionally designed using TYPO3 CMS and provides detailed information about courses and locations, targeting students and professionals seeking education and training. The institution is part of the ESO Education Group, enhancing its market position and trustworthiness. Technically, the website employs modern technologies including Google Tag Manager and Usercentrics for GDPR-compliant consent management. Security posture is good with HTTPS enforced and privacy-conscious tracking defaults, though some security headers and explicit policies are missing. Overall, the site is safe, accessible, and trustworthy with no adult or questionable content detected.

B

BookGazette!

bookgazette.xyz

55

Book Gazette is a small independent media platform based in Germany focused on literary reviews, podcasts, and profiles of independent book publishers. The website offers curated content in German targeting readers interested in discovering books from independent publishers. Technically, the site uses modern web standards including HTTPS, JSON-LD structured data, and CDN-hosted assets, delivering a good user experience with responsive design and clear navigation. Security posture is adequate with HTTPS enforced but lacks advanced security headers and published security policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professionally presented but could improve in security and privacy transparency.

R

Rotpunktverlag AG

rotpunktverlag.ch

67

Rotpunktverlag AG is a well-established Swiss publishing company specializing in politically engaged and culturally relevant literature, including fiction, political non-fiction, and travel guides. The company has a strong regional presence in Switzerland and a loyal target audience of literature enthusiasts. Their business model includes book publishing, event hosting, and community engagement through shareholder participation and project funding. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content that supports their market position. Technically, the website employs modern web technologies such as HTML5, CSS3, JavaScript, and uses Google Tag Manager for analytics. Hosting assets on Amazon AWS indicates a reliable infrastructure. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is good with HTTPS enforced and CSRF protections, but could be improved with explicit security headers and published incident response policies. Overall, the website demonstrates a high level of professionalism and trustworthiness, with transparent contact information and social media presence. Privacy compliance is adequate with a privacy policy and cookie policy present, though lacking an explicit cookie consent mechanism. No signs of malicious activity or content safety concerns were found. Strategically, the company should enhance its security and privacy posture by publishing a security policy, incident response contacts, and implementing a cookie consent mechanism to improve GDPR compliance and user trust.

Lokwort Buchverlag is a small Swiss book publisher specializing in thematic and regional literature, primarily targeting German-speaking audiences interested in Swiss German dialects and consciousness topics. The company operates an e-commerce platform based on WordPress and WooCommerce, offering a curated selection of books and author events. The website is professionally designed with good navigation and mobile optimization, reflecting a consistent brand image. Technically, the site uses modern web technologies including jQuery, Slick Slider, and MediaElement.js, but lacks some advanced security headers and cookie consent mechanisms. Security posture is moderate with HTTPS enforced but missing additional headers and explicit security policies. Contact information is clearly provided, enhancing business credibility. Overall, the website is safe, compliant to a basic degree with privacy regulations, and suitable for general audiences.

Lenos Verlag AG is an independent Swiss book publisher specializing in literature from Switzerland and international works, with a particular focus on Arabic literature, thriller novels, and topical non-fiction. The company operates a professional website that showcases its book catalog, author information, upcoming events, and ordering options. The business targets readers interested in diverse literary genres and cultural topics, maintaining a niche market position within the Swiss and international publishing landscape. The website supports user engagement through newsletter subscriptions and social media channels, enhancing its community reach. Technically, the website employs a modern technology stack including jQuery, Bootstrap, FontAwesome, and Typekit fonts, managed via the Kirby CMS platform. It integrates privacy-respecting analytics (Plausible) and offers a responsive design optimized for mobile devices. While performance is moderate, the site provides clear navigation and good SEO practices. However, some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. Yet, it lacks several recommended security headers and does not provide explicit security policies or incident response contacts. Privacy compliance is strong regarding GDPR with a comprehensive privacy policy, but no cookie consent mechanism is present. Overall, the security posture is solid but could benefit from improvements in headers and transparency. The domain registration data aligns well with the business claims, showing consistency and legitimacy. No blocking or WAF mechanisms interfere with content access, allowing full analysis. The website is safe for general audiences, with no adult or questionable content detected. Strategic recommendations include implementing security headers, adding cookie consent, publishing security policies, and enhancing accessibility to further strengthen trust and compliance.

B

Bildungsgemeinschaft ARBEIT und LEBEN Bremerhaven e. V.

arbeitundleben-bhv.de

46

Arbeit und Leben Bremerhaven is a well-established non-profit educational organization based in Germany, providing a wide range of seminars, workshops, and advisory services primarily focused on workers, youth, and social participation. With over 50 years of experience, it holds a strong regional presence and cooperates with trade unions and social partners to deliver its services. The website reflects a professional and consistent brand image with clear contact information and relevant content for its target audience. Technically, the site is built on WordPress with modern plugins and frameworks such as Bootstrap, ensuring good mobile optimization and accessibility. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and incident response disclosures. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and functional, serving its educational mission effectively.

B

Bundesarbeitskreis Arbeit und Leben e.V.

arbeitundleben-bayern.de

61

Arbeit und Leben in Bayern is a regional non-profit organization focused on political youth and adult education, supported by major German educational and labor organizations such as the Deutscher Gewerkschaftsbund (DGB) and Deutscher Volkshochschulverband (DVV). The organization offers workshops, seminars, international programs like Erasmus+, and various social and political projects aimed at diverse audiences including migrants, youth, and workers. Their market position is that of a trusted educational provider within Bavaria, Germany. Technically, the website is built on Joomla CMS with modern UIkit and FontAwesome frameworks, supported by PixelX hosting. The site is mobile-optimized, uses GDPR-compliant cookie consent mechanisms, and integrates Matomo analytics for user behavior tracking. The technical infrastructure is solid with good performance and accessibility features. From a security perspective, the site enforces HTTPS and uses cookie consent with opt-in/out options. However, it lacks explicit security policies or incident response contacts and could improve by adding security headers and a security.txt file. No vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving its educational mission effectively. Strategic improvements in security transparency and header implementation would enhance its security posture further.

B

Braintrust GmbH

braintrust.studio

71

Braintrust GmbH operates a professional video streaming and production service based in Vienna, Austria. The company offers a comprehensive portfolio including live streaming, hybrid events, webinars, and studio rental services. Their market position is supported by long-term client relationships and a strong reputation for quality and professionalism. The website reflects a mature digital presence with modern technologies such as WordPress CMS, Matomo analytics for privacy-conscious tracking, and Google reCAPTCHA for security. Privacy compliance is well addressed with a detailed cookie consent mechanism and a comprehensive privacy policy in German. Security posture is good with HTTPS enforced and secure form handling, though some security headers could be improved. Overall, the website is professional, trustworthy, and well-optimized for SEO and user experience.

A

AMS

karrierevideos.at

65

The website karrierevideos.at is an official Austrian government-affiliated career video portal operated by AMS (Arbeitsmarktservice Österreich). It provides over 300 videos covering various professions and career paths to support users in career orientation and job market integration. The platform targets a broad audience including students, job seekers, and career changers within Austria. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and JWPlayer, hosted via braintrust.at CDN, and integrates privacy-conscious Matomo analytics with cookie consent mechanisms. Security posture is solid with HTTPS enforced and anonymized tracking, though some security headers are not explicitly detected and no dedicated security policy or incident response contacts are provided. The site is well-branded, accessible, and professionally maintained, reflecting its government service nature. Overall, it presents a trustworthy and user-friendly resource for career information in Austria.

Z

Zentiva, k.s.

tochcepersen.cz

58

The website www.tochcepersen.cz represents a pharmaceutical brand offering herbal medicinal products aimed at stress relief and sleep improvement, primarily targeting adults and adolescents from 12 years old. The site is professionally designed with consistent branding and provides detailed product information, usage instructions, and links to reputable pharmacy partners for purchase. The presence of comprehensive cookie consent and privacy policy links indicates good compliance with GDPR regulations. Technically, the site is built on Joomla CMS with Bootstrap framework, integrating modern tools like Google Tag Manager and Cookiebot for analytics and consent management. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure, though the absence of security headers suggests room for improvement. The lack of WHOIS data limits domain trust verification, but the overall content and external partnerships support legitimacy. Strategic recommendations include enhancing security headers, improving accessibility, and ensuring regular audits of third-party scripts to maintain compliance and security.

C

home - communeagence.ch

communeagence.ch

49

The website communeagence.ch represents a small communication agency focused exclusively on serving French-speaking Swiss municipalities. The business appears to be niche and specialized, targeting a specific regional audience. The website is built on WordPress using the Divi theme, incorporating modern web technologies such as Google Analytics and Google Tag Manager for tracking, with IP anonymization enabled to enhance privacy. However, the site lacks visible privacy and cookie policies, which are critical for GDPR compliance and user trust. Security posture is moderate with HTTPS enabled but missing important security headers and incident response information. Overall, the site is functional and professionally designed but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

A

Arbeitskammer des Saarlandes

arbeitskammer.de

55

The Arbeitskammer des Saarlandes is a public institution established in 1951 with constitutional status, representing the interests of employees in the Saarland region of Germany. It provides consulting, education, research, and advocacy services to its members, funded primarily through employer-deducted membership contributions. The website serves as an information hub for employees, offering news, events, publications, and access to various thematic portals. The institution maintains an active presence on major social media platforms and provides clear contact information for members and the press. Technically, the website is built on TYPO3 CMS with Bootstrap and jQuery, ensuring a modern and responsive user experience. It uses Matomo analytics, which respects user privacy better than many alternatives. The site is well-structured, mobile-optimized, and SEO-friendly, though performance is moderate. Security is solid with HTTPS enforced, but lacks some advanced security headers and publicly disclosed security policies. From a security and compliance perspective, the site does not publicly display privacy or cookie policies, nor does it provide incident response or vulnerability disclosure information, which are areas for improvement. No WAF or blocking mechanisms were detected, and no suspicious or adult content is present. WHOIS data aligns well with the website's claims, indicating a trustworthy domain registration. Overall, the site is professional, trustworthy, and serves its public service mission effectively, but could enhance privacy compliance and security transparency to further strengthen user trust and regulatory adherence.

T

TGZ Halle Technologie- und Gründerzentrum Halle GmbH & Bio-Zentrum Halle GmbH

weinberg-campus.de

47

The Weinberg Campus - Technologiepark website represents a well-established technology and innovation hub located in Halle, Germany. The organization supports startups, researchers, and companies primarily in the fields of Digital Health and Smart Green Technology by providing infrastructure, advisory services, and networking opportunities. The website is professionally designed, content-rich, and targets a broad audience including entrepreneurs, investors, and the regional business community. Technically, the site is built on Drupal CMS, hosted by Alfahosting, and employs modern web technologies such as Matomo for analytics and CookiesJSR for cookie consent management. Security posture is solid with HTTPS enforced and privacy compliance mechanisms in place, although some advanced security headers and explicit security policies are absent. Overall, the site is trustworthy, accessible, and compliant with GDPR requirements, making it a credible digital presence for the organization.

C

Creative3Studio

creative3studio.com

47

Creative3Studio is a small IT services company based in India, specializing in WordPress design, website development, graphic design, ecommerce solutions, PHP development, mobile development, and online marketing. The company targets businesses and individuals seeking comprehensive digital solutions. The website is built on WordPress using the Astra theme and Elementor page builder, indicating a modern and flexible technical infrastructure. The site is mobile optimized and uses standard web technologies including jQuery and FontAwesome. Security posture is good with HTTPS enforced and use of Google reCAPTCHA on forms, but lacks advanced security headers and published security policies. The absence of WHOIS data and privacy/cookie policies are notable gaps that reduce overall trust and compliance. Contact information is clearly presented, and social media presence is active on Facebook, Twitter, and LinkedIn. Overall, the website is professional and functional but would benefit from enhanced privacy compliance and security transparency.

L

La Guida Nomade

laguidanomade.it

46

La Guida Nomade is an Italian online portal dedicated to conscious travelers seeking wellness, artisanal, agricultural, commercial, and tourism experiences that respect health, life, and the environment. The website serves as a niche directory and content platform, positioning itself as a reference point for sustainable and mindful travel in Italy. The business is small-sized, founded around 2018, and operates under the parent project La Grande Via. The portal offers categorized listings, blog content, and a contact form to engage users. Technically, the website is built on WordPress with WooCommerce for product listings, enhanced by popular plugins such as Yoast SEO, Revolution Slider, and WPBakery Page Builder. It uses modern web technologies including Google Analytics for tracking, Google Fonts, and FontAwesome icons. The site is moderately optimized for performance and mobile devices, with good SEO practices and structured data implemented. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA for form protection. However, it lacks explicit security headers like a full Content-Security-Policy and does not publish a security policy or incident response contacts. Privacy compliance is basic, with no visible privacy or cookie policies or consent mechanisms, which is a gap given GDPR requirements. Overall, the website is accessible, professionally designed, and content-rich, targeting a general audience interested in sustainable travel and lifestyle. The security posture is adequate but can be improved with better policy disclosures and headers. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.