Security Directory

E

Enfea

enfea.it

58

Enfea is a national bilateral entity in Italy formed by the associations CONFAPI, CGIL, CISL, and UIL, dedicated to supporting small and medium enterprises and their employees. The organization focuses on labor relations and welfare services, applying various collective labor agreements. The website serves as an informational and service portal, offering detailed sections for enterprises and workers, including apprenticeship, safety, innovation, rights, education, family, and income support. The site also links to EnfeaNews, an informational portal for SMEs. Technically, the website is built on WordPress using the Divi theme and includes modern plugins such as Smart Slider 3 and Contact Form 7. It employs Matomo analytics for privacy-conscious tracking and Facebook Pixel for marketing purposes. The site is GDPR compliant with a comprehensive cookie consent mechanism and clear privacy policies. Security-wise, HTTPS is enforced, and no critical vulnerabilities or exposed sensitive data were detected. However, some security headers are missing, and no explicit security or incident response policies are publicly available. Overall, the website is professional, trustworthy, and well-structured, serving its target audience effectively.

C

Casartigiani Confederazione Autonoma Sindacati Artigiani

casartigiani.org

50

Casartigiani is an established Italian artisan confederation representing traditional, family-run, and micro-enterprise artisans. The organization is led by President Giacomo Basso and operates with principles of autonomy and independence. The website serves as a communication platform for news, events, and organizational information related to the artisan sector in Italy. Technically, the site is built on WordPress with modern libraries and plugins, including Bootstrap and FontAwesome, and employs analytics tools such as Google Analytics and Matomo. The presence of a cookie consent mechanism via Iubenda indicates attention to privacy compliance, although no explicit privacy policy or terms of service were detected in the provided content. Security posture is moderate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and explicit security headers. Overall, the website is professional, content-rich, and trustworthy, serving a medium-sized organization in the artisan sector.

C

Confartigianato Imprese

confartigianato.it

71

Confartigianato Imprese is a leading Italian non-profit organization representing artisans and micro to small enterprises. The website serves as a comprehensive portal for news, services, advocacy, and member resources, targeting Italian artisan businesses and stakeholders. The organization maintains a strong market position as the most representative association in its sector, offering a wide range of services including credit, energy, innovation, training, and welfare. The site is well-branded, consistent, and professionally maintained, reflecting the organization's stature and mission. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Matomo analytics, emphasizing privacy and GDPR compliance. The infrastructure includes Cloudflare protection and uses HTTPS with good SSL configuration. The site is mobile-optimized and features a cookie consent mechanism with granular user control. The technical stack is robust, though some security headers could be enhanced for improved security posture. Security-wise, the site demonstrates good practices including HTTPS enforcement, use of reCAPTCHA, and privacy-respecting analytics. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a published security policy or incident response contact is noted. Overall, the site is secure and compliant with relevant privacy regulations. The overall risk assessment is low, with the website presenting a trustworthy and professional digital presence. Strategic recommendations include enhancing security headers, publishing a security policy, and continuing regular security audits to maintain and improve the security posture.

L

Legacoop Produzione e Servizi

produzione-servizi.coop

56

Legacoop Produzione e Servizi is an Italian cooperative association representing worker cooperatives across multiple sectors including construction, logistics, manufacturing, and services. The organization promotes cooperative values and supports its members through sector-specific initiatives, news dissemination, and participation in European projects. The website reflects a professional and consistent brand presence with active social media engagement and partner collaborations. The domain registration aligns well with the organization's identity and location, supporting its legitimacy. Technically, the website is built on WordPress using modern plugins such as Yoast SEO, MasterSlider, and Matomo Analytics for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, some security best practices like enabling DNSSEC and security headers are missing, and no explicit privacy or security policies are published. Security posture is moderate with HTTPS enabled and cookie consent implemented, but improvements are recommended to enhance DNS security and publish incident response information. Overall, the website is trustworthy and serves its target audience effectively, though privacy compliance could be improved by adding explicit policies. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing privacy and security policies, and conducting regular security audits to maintain a strong security posture.

K

Kesselhaus Josephsohn

kesselhaus-josephsohn.ch

50

Kesselhaus Josephsohn is a small cultural institution based in Switzerland that operates as a museum, gallery, and exhibition space dedicated to the works of Hans Josephsohn. The website serves as a digital presence showcasing their exhibitions, artworks, and related events, targeting art enthusiasts and the general public interested in cultural activities. The business model revolves around art exhibition and gallery services, with a niche market position in the cultural sector. Technically, the website employs modern JavaScript frameworks such as Vue.js and uses lazy loading techniques for images to optimize performance. It integrates Matomo analytics for user tracking, indicating a moderate level of digital maturity with some privacy considerations. However, the site lacks comprehensive SEO and accessibility features and shows only basic mobile optimization. From a security perspective, the website is accessible without WAF or blocking mechanisms, but it lacks important security headers and does not display privacy or cookie policies, which are critical for GDPR compliance. No contact information or incident response channels are provided, limiting transparency and trust. The SSL configuration could not be verified from the provided data, which is a potential risk. Overall, the website is functional and professionally designed but requires improvements in security posture, privacy compliance, and contact transparency to enhance trustworthiness and regulatory adherence. Strategic recommendations include implementing security headers, publishing privacy and cookie policies, and providing clear contact information for users and security incidents.

S

Stiftung Sitterwerk

sitterwerk.ch

51

Stiftung Sitterwerk is a Swiss non-profit cultural foundation dedicated to supporting the arts through its art library, material archive, atelier house, and various cultural events and publications. The foundation targets artists, researchers, and the general public interested in cultural and artistic activities. The website reflects a well-structured and professionally designed platform using modern technologies such as Vue.js and Matomo analytics, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy or cookie policies, which are areas for improvement. Overall, the site is safe, trustworthy, and provides clear contact information, but could enhance compliance and security transparency.

M

Merkur Druck AG

merkurmedien.ch

52

Merkur Druck AG is a Swiss-based company specializing in sustainable printing products, creative media project design, and innovative digital solutions. Positioned as a regional leader in manufacturing and media services, the company targets businesses seeking environmentally responsible and creative media services. The website reflects a professional and consistent brand image with clear contact information and a focus on sustainability. Technically, the site is built on WordPress using the Divi theme, integrating modern analytics tools such as Microsoft Clarity and Matomo, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and incident response disclosures. Privacy compliance is weak due to missing privacy and cookie policies and absence of consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security practices to meet modern compliance standards.

P

ProgrammZeitung Verlags AG

proz.online

70

PROZ.online is a regional cultural media platform operated by ProgrammZeitung Verlags AG, founded in 2022, focusing on providing comprehensive event listings, exhibitions, and magazine content for the Basel area. The website serves a culturally engaged audience interested in arts, theater, music, and literature. It offers subscription services, event submissions, and advertising opportunities, positioning itself as a key local media resource with support from Swiss cultural institutions. Technically, the site uses the open-celements CMS with a modern JavaScript stack including jQuery, Prototype.js, and Matomo analytics. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks DNSSEC and explicit security headers. No incident response or security policy is published, which could be improved. Overall, the domain registration is consistent and transparent, supporting the legitimacy of the business.

G

GGG Basel

ggg-basel.ch

58

GGG Basel is a well-established non-profit organization based in Basel, Switzerland, with a history dating back to 1777. It operates as a key social, cultural, and educational institution supporting numerous organizations and projects in the region. The website reflects a mature digital presence built on TYPO3 CMS with modern frontend technologies and a focus on accessibility and user experience. While the site is professionally designed and content-rich, it lacks some privacy compliance features such as a cookie consent mechanism and explicit GDPR compliance statements. Security posture is moderate with HTTPS usage and no visible vulnerabilities, but missing security headers and incident response policies suggest room for improvement. Overall, the domain registration and website content align well, indicating a trustworthy and credible organization.

I

Institut der deutschen Wirtschaft (IW)

iwkoeln.de

49

Institut der deutschen Wirtschaft (IW) is a private economic research institute based in Germany, focusing on economic and social policy, education systems, and labor markets. The website is professionally designed using TYPO3 CMS and provides comprehensive research articles, press releases, and studies targeting economic stakeholders, policymakers, and researchers. The technical infrastructure includes modern analytics tools such as Matomo and eTracker, and push notification services via CleverPush, indicating a mature digital presence. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure, but lacks explicit security headers and public security policies. Privacy compliance is limited due to absence of visible privacy and cookie policies. Overall, the website is trustworthy and professionally maintained, serving as a credible source of economic research in Germany.

P

PLAYMIT GmbH

playmit.com

60

PLAYMIT GmbH operates Austria's largest free learning and quiz portal aimed at career starters and students seeking apprenticeships and jobs. The platform offers gamified quizzes, rankings, certificates, and job listings, positioning itself as a leading educational resource certified by the Austrian Federal Ministry of Education. The website is professionally designed, mobile-optimized, and provides a seamless user experience with clear navigation and relevant content. Technically, the site uses modern frontend technologies including Alpine.js and Tailwind CSS, and employs Matomo analytics with user consent, reflecting a mature digital infrastructure. Security posture is good with HTTPS and CSRF protections, though explicit security headers and incident response information are absent, representing areas for improvement. Overall, the site is trustworthy, privacy compliant, and well-positioned in the Austrian education sector.

J

JUMP - Jugend-Umwelt-Plattform

jugendumwelt.at

71

JUMP - Jugend-Umwelt-Plattform is a small Austrian non-profit organization focused on engaging youth in environmental and climate protection through workshops, projects, and voluntary programs. The website serves as an informational and engagement platform targeting young people interested in environmental activism. Technically, the site is built on WordPress using the GeneratePress theme, with privacy-conscious tools like Matomo analytics and Borlabs Cookie for consent management. The site is well-structured, mobile-optimized, and provides clear navigation and relevant content. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved and explicit security policies are absent. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanisms. Overall, the site is trustworthy and professional, with a clear mission and consistent branding.

A

Aufleb GmbH

aufleb.at

45

Aufleb GmbH is an Austrian company operating a vocational training platform that connects individuals seeking training with providers offering educational opportunities. The website is professionally designed using WordPress and modern web technologies, featuring video content and clear calls to action for searching and offering training. The target audience is primarily German-speaking individuals and organizations in Austria interested in vocational education. Technically, the site uses a mature CMS with plugins for enhanced functionality and Matomo analytics configured to disable cookies, reflecting a moderate level of digital maturity and privacy awareness. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though improvements such as security headers and incident response contacts are recommended. Overall, the website is trustworthy, well-branded, and serves its niche effectively.

A

AMS Österreich

karrierefotos.at

68

AMS Karrierefotos is an official Austrian government-supported platform providing a free photo database focused on career and vocational images. It serves as a resource for individuals seeking professional and training-related imagery, supporting career orientation and education. The website is well-branded with AMS logos and links directly to the AMS main site, reinforcing its official status. Technically, the site employs modern web technologies including Bootstrap, jQuery, and FontAwesome, with privacy-conscious analytics via Matomo and a robust cookie consent mechanism. The site is mobile-optimized and accessible, offering a good user experience with clear navigation and search functionalities. Security-wise, the site uses HTTPS and respects user privacy with opt-in analytics, though it lacks explicit security policies or incident response contacts. Overall, the platform is trustworthy, compliant with GDPR, and well-suited for its target audience in Austria.

A

Arbeitsmarktservice Österreich (AMS)

gehaltskompass.at

66

The website www.gehaltskompass.at is an official Austrian government-related platform operated by the Arbeitsmarktservice Österreich (AMS). It provides comprehensive salary comparison data for nearly 1,800 professions based on collective agreements, targeting job seekers and career entrants in Austria. The site offers additional career resources such as career videos, salary calculators, and links to AMS career information centers (BIZ). Technically, the site uses a modern tech stack including jQuery, Bootstrap, DataTables, and Matomo analytics, hosted on braintrust.at infrastructure. It is well optimized for mobile and accessibility, with clear navigation and professional design. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers and explicit security policies are not published. Privacy compliance is strong with a detailed privacy policy and cookie consent banner. No contact emails or phone numbers are directly listed, consistent with a government information portal. Overall, the site is trustworthy, professional, and safe for general audiences.

D

Deutscher Gewerkschaftsbund

dgb.de

56

The Deutscher Gewerkschaftsbund (DGB) is a major German trade union confederation representing 5.7 million members across eight unions. The website serves as an information hub for labor rights, political advocacy, campaigns, and union services. It targets workers, union members, and political stakeholders in Germany, positioning itself as a leading non-profit organization in the labor sector. Technically, the site is built on TYPO3 CMS and uses Matomo for analytics, reflecting a modern and privacy-aware infrastructure. The site is well-structured, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enabled and asynchronous script loading, but lacks visible security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but would benefit from enhanced privacy disclosures and security transparency.

D

Der Beauftragte der Bundesregierung für Kultur und Medien

kulturstaatsministerin.de

67

The website kulturstaatsminister.de is the official online presence of the German Federal Government's Commissioner for Culture and Media. It serves as a comprehensive information portal about cultural policies, funding, media support, and historical remembrance initiatives in Germany. The site targets citizens, cultural institutions, artists, and media professionals, providing authoritative content and resources. Technically, the site is built on TYPO3 CMS, hosted by ITZBund, and employs Matomo analytics with a strong focus on privacy and consent management. The security posture is robust with HTTPS enforcement and consent-based cookie usage, though some security headers could be explicitly confirmed. Overall, the site demonstrates a high level of professionalism, accessibility, and compliance with GDPR regulations, reflecting its governmental nature and public trust requirements.

Berlin gegen Nazis is a small non-profit organization focused on anti-Nazi activism and social justice in Berlin. Their website serves as an informational and mobilization platform, providing news, event announcements, and calls to action for protests and rallies. The platform targets the general public interested in combating right-wing extremism and promoting solidarity. The website is multilingual, supporting English, German, and Turkish, enhancing accessibility to diverse audiences. Technically, the website is built on WordPress and utilizes a range of plugins including Yoast SEO for search optimization, Matomo for privacy-conscious analytics, and a GDPR-compliant cookie consent plugin. Hosting is provided by a German hosting provider (oopen.de), and the site uses HTTPS with a good SSL configuration. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers and explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of a security.txt file or vulnerability disclosure policy suggests room for improvement in transparency and security maturity. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. It effectively serves its mission as an anti-Nazi informational platform but could enhance its security posture and transparency to further build trust and resilience.

K

Katholische Kirche Steiermark

katholische-kirche-steiermark.at

68

Katholische Kirche Steiermark operates as the official Catholic Church diocese for the Steiermark region in Austria, providing religious, educational, and community services. The website serves as a comprehensive portal for news, events, parish information, and faith resources, targeting the general public and church members. The organization has a long history dating back to 1218, reflected in the domain's age and consistent WHOIS data. Technically, the site uses a modern CMS (siteswift), integrates various JavaScript libraries, and employs a consent management system to comply with privacy regulations. Security posture is strong with HTTPS, security headers, and CSRF protections in place, though explicit security policies and incident response information are not published. Overall, the site is professional, accessible, and trustworthy, with active social media engagement and good privacy compliance.

E

Eduversum Verlag und Bildungsagentur GmbH

eduversum.de

47

Eduversum Verlag und Bildungsagentur GmbH is a well-established German educational agency and publisher with over 40 years of experience in school communication. They provide full-service educational content development, including digital media such as web, film, games, apps, and print, targeting schools, teachers, NGOs, and government bodies. The company holds multiple certifications and awards, reflecting a strong market position and trustworthiness. Their partnerships with reputable organizations further enhance their credibility. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses Matomo for privacy-conscious analytics. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Security is robust with HTTPS and cookie-less analytics, but could benefit from enhanced security headers and explicit incident response information. Overall, the security posture is good with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, though a cookie consent mechanism is absent. Contact is primarily via web forms, and social media presence is active on major platforms. The website is professional, trustworthy, and content-rich, making it a reliable platform for educational services. Strategic recommendations include implementing security headers, adding incident response contacts, and introducing cookie consent to further strengthen compliance and security.

T

TRG

trg.de

51

TRG (The Reach Group) is a German digital and media agency specializing in data-driven online marketing campaigns, offering full funnel campaign planning, execution, and technology consulting. The company serves a broad business audience seeking performance marketing solutions and has a strong market presence with over 100 clients and recognized certifications such as Google Partner. Their website demonstrates a mature digital infrastructure built on WordPress with Elementor, integrating privacy-compliant analytics (Matomo) and cookie consent management. Security posture is good with HTTPS and no evident vulnerabilities, though some security headers could be improved. Overall, the site is professional, well-branded, and compliant with GDPR requirements, reflecting a trustworthy and credible business.

C

Campus Berlin-Buch GmbH

campus-berlin-buch.de

55

Campus Berlin-Buch GmbH operates a specialized biotech and healthcare campus in Berlin, providing laboratory and office spaces, event venues, childcare, and community services. The campus integrates scientific research with cultural and health initiatives, serving approximately 3,000 employees and fostering a vibrant community. The website reflects a professional and well-structured digital presence with good content quality and clear navigation. Technically, the site uses modern frameworks like Bootstrap and jQuery, and employs Matomo analytics for privacy-conscious user tracking. Security posture is solid with HTTPS implied, though security headers and explicit cookie consent mechanisms could be improved. The WHOIS data is limited due to DENIC restrictions but shows consistent domain management. Overall, the site is trustworthy, compliant with GDPR, and well-positioned in its niche.

G

Golding Capital Partners GmbH

goldingcapital.com

57

Golding Capital Partners GmbH is a German-based investment firm specializing in alternative investments such as private equity, private credit, infrastructure, secondaries, and impact investing. The company targets institutional investors seeking sustainable and impactful investment opportunities. The website reflects a mature digital presence built on Drupal 9, integrating modern consent management via Cookiebot and analytics through Matomo, indicating a commitment to privacy and compliance. The site is professionally designed, mobile-optimized, and provides comprehensive content relevant to its audience. Security posture is strong with HTTPS and security headers, though the absence of a public security policy and incident response contacts suggests room for improvement. The lack of WHOIS registration data is a notable concern for transparency and trustworthiness, warranting further verification. Overall, the website presents a credible and professional front for the business with moderate risk due to domain registration opacity.

P

ProLitteris, Schweizerische Genossenschaft für Urheberrechte an Literatur und Kunst

prolitteris.ch

49

ProLitteris is a Swiss cooperative society specializing in the collective management of copyright for literature and visual arts. It serves authors, publishers, broadcasters, and cultural institutions by managing rights, licensing, and remuneration distribution. The organization holds an official and recognized position within Switzerland's copyright ecosystem, providing essential services to its stakeholders. The website reflects this professional and non-profit orientation with clear multilingual support and comprehensive information on services and legal frameworks. Technically, the site is built on WordPress with a modern tech stack including jQuery, FontAwesome, and Matomo analytics, ensuring a functional and user-friendly experience. Privacy compliance is well addressed with a detailed privacy policy and cookie consent mechanisms. Security posture is solid with HTTPS, reCAPTCHA, and no visible vulnerabilities, though improvements in security headers and incident response disclosures are recommended. Overall, the website is trustworthy, professional, and well-aligned with its business objectives.

V

VIDEO.TAXI

video.taxi

70

VIDEO.TAXI is a German-based technology company specializing in AI-powered live translation, subtitling, transcription, and accessible streaming services. Founded in 2019 and operating under the parent company TV1 GmbH, it targets event organizers, media houses, public sector entities, and businesses seeking multilingual and barrier-free communication solutions. The company offers a comprehensive suite of services including live translation in 116 languages, live captioning, meeting bots, and voice AI agents, positioning itself as an innovative leader in real-time communication technology. The website reflects a mature digital presence with professional design, clear navigation, and strong branding consistency. Technically, it leverages WordPress with Elementor, integrates advanced analytics and marketing tools, and maintains GDPR compliance with cookie consent mechanisms. Security posture is robust, supported by ISO 27001 certification and HTTPS enforcement, though some security headers could be enhanced. Overall, the domain and website content align well, indicating a legitimate and trustworthy business with a strong focus on privacy and accessibility.

S

Stadtwerke Halle GmbH

energieinitiative-halle.de

57

The Energie-Initiative Halle (Saale) website represents a regional energy and climate protection initiative operated by Stadtwerke Halle GmbH. It serves as an information hub for local citizens, businesses, and partners interested in sustainable energy projects, climate policies, and transformation initiatives in Halle (Saale). The site reflects a medium-sized municipal energy provider with a strong local presence and a network of subsidiaries and partners. Technically, the website uses a traditional but stable tech stack including jQuery, jQuery UI, and Matomo analytics, with a CMS identified as SixCMS. The site is mobile optimized and includes modern privacy compliance tools such as Usercentrics for cookie consent. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some improvements like updated libraries and enhanced security headers are recommended. Overall, the site is professional, trustworthy, and compliant with GDPR, but lacks explicit published security policies and incident response contacts.

W

W+H Wasser- und Haustechnik GmbH

wuh-halle.de

60

W+H Wasser- und Haustechnik GmbH is a regional service provider specializing in water and sanitary technology services in Halle (Saale), Germany. The company offers comprehensive solutions including water meter testing, standpipe rental for water extraction, and sanitary installations. It operates as part of the larger Stadtwerke Halle GmbH (SWH) group, which encompasses multiple subsidiaries in energy, water, transportation, and related sectors. The website reflects a professional and consistent brand image aligned with its parent group, targeting local businesses and residents requiring water and heating services. Technically, the website is built on a CMS platform (likely SixCMS) and employs common JavaScript libraries such as jQuery and Modernizr, along with the Slick carousel for UI elements. It integrates Usercentrics for cookie consent management and Matomo for analytics, indicating a moderate level of digital maturity and privacy awareness. The site is mobile-optimized and uses HTTPS, but lacks some advanced security headers and explicit security policies. From a security perspective, the site demonstrates good baseline practices including HTTPS enforcement and consent management. However, it does not publish a security.txt file or detailed security policies, and security headers are not explicitly detected. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is consistent with the website's branding and hosting, reinforcing legitimacy. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR requirements. Strategic recommendations include enhancing security headers, publishing explicit security policies, and considering a vulnerability disclosure policy to improve security posture and stakeholder trust.

C

Container Terminal Halle (Saale) GmbH

ct-hs.de

57

Container Terminal Halle (Saale) GmbH operates as a regional logistics and transportation service provider specializing in container terminal operations, rail services, and combined transport solutions. The company is part of the larger Stadtwerke Halle GmbH (SWH) group, which encompasses multiple energy and infrastructure-related subsidiaries. The website reflects a professional business presence targeting logistics customers primarily in Germany, with a focus on the Halle (Saale) region. Technically, the website employs a traditional tech stack including jQuery, jQuery UI, Modernizr, and Slick Carousel, managed via the SixCMS platform. It integrates modern consent management through Usercentrics and uses Matomo for analytics, indicating a moderate level of digital maturity. The site is mobile optimized and provides clear navigation and relevant content, although some libraries are outdated. From a security perspective, the site enforces HTTPS and uses consent management for cookies, but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website content, supporting legitimacy and trustworthiness. Overall, the website presents a solid business and technical foundation with room for improvement in security transparency and modernization. The risk profile is low, with recommendations focusing on enhancing security policies, updating libraries, and improving accessibility.

I

IT-Consult Halle GmbH

itc-halle.de

62

IT-Consult Halle GmbH is a medium-sized IT service provider based in Halle (Saale), Germany, specializing in comprehensive IT solutions for the public sector and medium-sized enterprises. The company operates under the umbrella of Stadtwerke Halle GmbH, offering services including IT consulting, SAP system management, document management systems, GIS solutions, and data center services. Their market position is solid within the regional public and private sectors, supported by certifications such as ISO 27001 and a professional online presence. Technically, the website employs a modern technology stack including jQuery, Modernizr, Slick Carousel, and FontAwesome, alongside a CMS likely based on SixCMS. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and integrates a consent management platform (Usercentrics) and Matomo analytics for privacy-conscious tracking. Performance is moderate with good SEO and basic accessibility features. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, cookie consent, and no visible vulnerabilities or exposed sensitive data. However, it lacks publicly available security policies and incident response contacts, which could be improved to enhance trust and compliance. Privacy compliance is strong with a comprehensive privacy policy and cookie management. Overall, the website is professional, trustworthy, and well-aligned with the company's business objectives. The risk profile is low, with recommendations focusing on enhancing security transparency and accessibility compliance.

H

Hallesche Verkehrs-AG

havag.com

62

Hallesche Verkehrs-AG (HAVAG) is a regional public transportation company serving the Halle (Saale) and Merseburg areas in Germany. It operates under the Mitteldeutscher Verkehrsverbund and is part of the larger SWH group. The website provides comprehensive information about public transport services, ticketing options, customer service, and multimodal transport offers. It targets local residents and commuters seeking reliable public transit information and services. The company maintains a medium-sized regional presence with a clear business model focused on public transportation and customer support. Technically, the website employs a modern technology stack including jQuery, Leaflet for mapping, FontAwesome icons, and Matomo for analytics, complemented by Usercentrics for consent management. The site is hosted by Vautron Rechenzentrum AG and shows good mobile optimization and SEO practices. The infrastructure is stable with HTTPS enforced, though some security headers are not explicitly confirmed. Privacy compliance is well addressed with visible cookie consent and a detailed privacy policy. From a security perspective, the site demonstrates good practices such as HTTPS usage and consent management but lacks explicit incident response contacts and vulnerability disclosure mechanisms. DNSSEC is not enabled, which is a recommended improvement. No critical vulnerabilities or suspicious content were detected. Overall, the site is trustworthy, professional, and compliant with GDPR requirements. The overall risk is low, with recommendations focusing on enhancing DNS security, publishing security.txt, and adding explicit security headers to strengthen the security posture further. The website is suitable for its audience and business purpose, with a strong alignment between domain registration data and business claims.

A

Abfallwirtschaft GmbH Halle-Lochau

aw-halle.de

60

Abfallwirtschaft GmbH Halle-Lochau is a regional waste management company operating in Halle (Saale), Germany. It provides landfill management, recycling, and waste disposal services and is part of the larger SWH group, which includes energy, water, and transportation services. The website reflects a professional and consistent brand presence with clear service offerings and contact information. Technically, the site uses a mix of legacy and modern web technologies, including jQuery, FontAwesome, and a consent management platform, hosted likely by EVH. Security posture is adequate with HTTPS and consent mechanisms but lacks some security headers and uses an outdated jQuery version, which could pose risks. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Overall, the website is trustworthy and well-positioned in its market segment.

H

Hallesche Wasser und Stadtwirtschaft GmbH

hws-halle.de

61

Hallesche Wasser und Stadtwirtschaft GmbH is a regional utility company based in Halle, Germany, providing essential municipal services including water supply, wastewater management, waste disposal, and city cleaning primarily targeting private customers. The company operates as part of the larger SWH Gruppe, which encompasses multiple related entities in energy, transportation, and municipal services. Their website reflects a structured and comprehensive presentation of services, targeting local residents and businesses with clear navigation and service menus. Technically, the website employs modern frontend technologies such as jQuery, FontAwesome, and Slick Carousel, alongside privacy-conscious tools like Usercentrics for consent management and Matomo for analytics. The site is mobile optimized and demonstrates moderate performance and accessibility standards. However, some security headers are not explicitly detected, and there is no visible security policy or incident response information. From a security perspective, the site enforces HTTPS and uses consent management, but lacks published security policies and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were found in the provided content. The WHOIS data aligns well with the website's claims, indicating a legitimate and trustworthy domain registration. Overall, the website presents a professional and trustworthy digital presence for a municipal utility provider, with room for improvement in security policy transparency and enhanced privacy compliance documentation.

N

NETZ HALLE GmbH

netzhalle.de

60

NETZ HALLE GmbH operates as a regional energy network operator in Halle (Saale), Germany, providing essential services such as electricity, gas, and heat network connections, metering, and customer support. The company is part of the larger Stadtwerke Halle group, which includes various utility and service subsidiaries. The website reflects a professional and regionally focused utility provider with clear service offerings and customer engagement channels. Technically, the website employs a legacy CMS (SixCMS) with common JavaScript libraries like jQuery and Modernizr, enhanced by user consent management via Usercentrics and analytics through Matomo. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Hosting appears to be managed by EVH, consistent with the regional focus. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible advanced security headers and a public security policy or vulnerability disclosure. No critical vulnerabilities or suspicious content were detected. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent. Overall, the website is trustworthy, professionally maintained, and suitable for its target audience. Recommendations include enhancing security headers, publishing a security policy, and improving accessibility features to further strengthen compliance and security posture.

MeinBeitragWirkt.at is a regional non-profit website dedicated to informing and supporting members of the Catholic Church in Salzburg regarding their church contributions. The platform provides detailed information on contribution usage, payment options, frequently asked questions, and contact services, positioning itself as a trusted resource for church members. The website is built on TYPO3 CMS with modern frontend technologies like Bootstrap and jQuery, and employs Matomo analytics to ensure privacy-conscious user tracking. The site is well-designed, mobile-optimized, and offers a clear navigation structure, enhancing user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements could be made by adding security headers and explicit cookie consent mechanisms. Overall, the domain registration data aligns well with the website's purpose and location, indicating a trustworthy and legitimate online presence.

E

Erzdiözese Salzburg

eds.at

67

The website eds.at serves as the official online presence of the Erzdiözese Salzburg, the Catholic Church in Salzburg and the Tiroler Unterland region. It provides comprehensive information on religious services, community events, social support, and educational content targeted at church members and the general public interested in faith and community activities. The site is well-positioned as a regional religious authority and community service provider with a large audience base. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies such as Bootstrap and jQuery, and integrates privacy-conscious analytics via Matomo. The site demonstrates good digital maturity with mobile optimization, accessibility, and SEO best practices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. Overall, the site is trustworthy, professionally maintained, and compliant with GDPR requirements.

S

Secret Intelligence Service (SIS) / MI6

sis.gov.uk

57

The website www.sis.gov.uk represents the UK Secret Intelligence Service (SIS), commonly known as MI6. It serves as the official digital presence of the UK's foreign intelligence agency, providing detailed information about its mission, history, leadership, recruitment opportunities, and partnerships. The site targets potential recruits, government partners, and the general public interested in intelligence services. The business model is that of a government agency focused on intelligence gathering and national security. The website is well-branded, professionally designed, and consistent with government standards, reflecting a high level of trustworthiness and authority. Technically, the site is built on the Drupal CMS platform and employs Matomo for privacy-conscious analytics. It demonstrates good mobile optimization, accessibility, and SEO practices. The site uses HTTPS with strong SSL configuration, though no explicit security headers were detected in the provided data. Privacy compliance is robust, with clear privacy and cookie policies and a consent mechanism in place. Contact information is limited to a contact form, with no direct emails or phone numbers publicly listed, which aligns with the sensitive nature of the organization. From a security perspective, the site shows good practices such as HTTPS enforcement and privacy-respecting analytics. However, it lacks publicly visible security policies or incident response contacts, and no security.txt file was found. The WHOIS data is unavailable, which is typical for sensitive government domains and is justified in this context. Overall, the site presents a strong security posture with room for improvement in transparency around security policies. The overall risk assessment is low given the official nature of the site, its consistent branding, and government affiliation. Strategic recommendations include enhancing security header implementation, publishing a dedicated security policy and incident response information, and adding a security.txt file to facilitate vulnerability disclosures. These steps would further strengthen trust and security culture while maintaining operational security.

O

one4vision GmbH

one4vision.de

72

one4vision GmbH is a well-established IT consulting and service provider based in Saarbrücken, Germany, with nearly 30 years of experience. The company specializes in TYPO3 CMS web development, network and security solutions, cloud services, and remote support. Their market position is strong regionally, particularly in the Saarland and Luxembourg areas, with a focus on delivering flexible and secure IT solutions to businesses. The website reflects a professional and consistent brand image with clear service offerings and contact information. Technically, the site is built on TYPO3 CMS, uses Matomo for privacy-conscious analytics, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and formal security policies. Overall, the website is trustworthy, compliant with GDPR, and provides a positive user experience.

O

one4vision GmbH

14v.de

72

one4vision GmbH is a well-established IT consulting and service provider based in Saarbrücken, Germany, with nearly 30 years of experience. The company specializes in TYPO3 CMS web development, network and security solutions, and cloud services, targeting businesses seeking flexible and secure IT infrastructure and digital presence. Their market position is strong regionally, supported by a consistent brand and multiple related service domains. Technically, the website is built on TYPO3 CMS with a modern tech stack including PHP, MySQL, and Matomo analytics, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking explicit security headers and published security policies. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

S

SHC Netzwerktechnik GmbH

shc.eu

60

SHC Netzwerktechnik GmbH is a German-based IT security and infrastructure company specializing in comprehensive solutions for data centers, core networking, and cloud computing. The company partners with leading manufacturers such as Sophos, Dell, VMware, and Microsoft, positioning itself as a trusted provider of managed detection and response, endpoint protection, and security operations center services. Their market presence is focused on serving businesses across Germany with a strong emphasis on IT security and network technology. Technically, the website is built on WordPress using the Divi theme, incorporating modern web technologies and analytics tools like Matomo. The site demonstrates good mobile optimization and SEO practices, with GDPR compliance mechanisms in place, including cookie consent banners. The technical infrastructure reflects a moderate to good level of digital maturity suitable for their business model. From a security perspective, the website enforces HTTPS and employs GDPR-compliant cookie management. However, it lacks some advanced security headers and does not publicly disclose a formal security policy or incident response plan. The WHOIS data is privacy protected, which is typical for European domains and justified given the company's IT security focus. No critical vulnerabilities or suspicious indicators were found in the website content or technical setup. Overall, SHC Netzwerktechnik GmbH presents a professional and trustworthy online presence with a solid foundation in IT security services. Strategic improvements in security transparency and enhanced header configurations could further strengthen their security posture and customer trust.

K

Koeln.Business

koelnbusiness.de

60

Koeln.Business is the official economic development agency for the city of Cologne, Germany, providing support for businesses, startups, and investors. The website offers services such as funding consultation and business facilitation, targeting entrepreneurs and startups primarily within Cologne. The organization positions itself as a key facilitator for economic growth and business establishment in the region. Technically, the website is built on TYPO3 CMS, a mature and widely used content management system, and incorporates modern JavaScript libraries such as Slick Slider and Owl Carousel for enhanced user experience. Cookiebot is implemented for GDPR-compliant cookie consent management, and Matomo Analytics is used for privacy-conscious visitor tracking. The site is mobile-optimized and demonstrates good SEO and accessibility practices. From a security perspective, the site enforces HTTPS and uses a comprehensive cookie consent mechanism. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure information, which are recommended for improving transparency and trust. No critical vulnerabilities or suspicious content were detected. Overall, Koeln.Business presents a professional and trustworthy online presence consistent with a government economic development entity. The domain WHOIS data is privacy protected but shows no signs of suspicious activity. Strategic recommendations include publishing security and incident response policies, enhancing security headers, and maintaining regular audits of third-party scripts to sustain a strong security posture.

S

Sprachenatelier Berlin [isk] gGmbH

sprachenatelier-berlin.de

53

Sprachenatelier Berlin [isk] gGmbH is a small, established language school located in Berlin, Germany, specializing in German language courses from beginner to advanced levels (A1 to C2), including telc German exams and over 50 foreign language offerings. The school provides both onsite and online learning options, catering to international students, professionals, and language enthusiasts. Recognized by the Berlin Senate and holding multiple certifications, the institution maintains a strong market position within the education sector. The website reflects a professional and comprehensive presentation of their services, pricing, and cultural programs, targeting a broad audience seeking language education in Berlin. Technically, the website is built on the KONTEXT-CMS platform, utilizing modern web technologies such as jQuery, Google Analytics, Google Tag Manager, and Matomo for analytics. The site is mobile-optimized with good SEO practices and moderate performance. Hosting is provided by warenform.de, consistent with the domain's nameservers and analytics endpoints. From a security perspective, the site enforces HTTPS with an excellent SSL configuration and avoids exposing sensitive data. However, it lacks visible security headers and does not provide explicit security policies or incident response contacts. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism, which is a GDPR compliance gap. The business credibility is high, supported by clear contact information, certifications, and professional content. Overall, the website is trustworthy, well-maintained, and suitable for its educational purpose. Strategic improvements in privacy compliance and security transparency would enhance its security posture and regulatory adherence.

C

Caren Lay MdB

caren-lay.de

49

The website www.caren-lay.de represents Caren Lay, a member of the German Bundestag affiliated with the DIE LINKE party. It serves as a political communication platform focusing on housing policy, social issues, and club policy. The site provides articles, brochures, and information about her political work and positions. The target audience is German-speaking citizens interested in left-wing politics and social housing matters. The business model is centered on political representation and public engagement. Technically, the site is built on KONTEXT-CMS 3.9.9, uses modern frontend technologies such as Tailwind CSS and FontAwesome, and includes jQuery 3.5.1. Hosting is provided by Warenform, with CDN usage for fonts and images. The site is mobile optimized and has good SEO practices. Analytics are handled by Matomo with an opt-in cookie consent mechanism, reflecting a privacy-conscious approach. From a security perspective, the site enforces HTTPS and uses cookie consent with opt-in for tracking. However, it lacks explicit security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent and legitimate, supporting trustworthiness. Overall, the site demonstrates a good security posture but could improve by adding security headers and incident response information. The overall risk is low given the nature of the site as a political information platform with no sensitive transactions or personal data collection beyond a contact form. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility features to further strengthen trust and compliance.

F

Fabio De Masi

fabio-de-masi.de

49

Fabio De Masi's website serves as an official political platform providing comprehensive information about his role as a member of the European Parliament. The site offers visitors access to news, media content, transparency reports, and opportunities to subscribe to newsletters. The target audience primarily consists of European citizens interested in political affairs and transparency. The business model is centered on public political representation and information dissemination, with a strong emphasis on transparency and engagement through social media and newsletters. Technically, the website is built on the KONTEXT-CMS platform, utilizing legacy jQuery and modern FontAwesome icons, hosted by warenform.de. The site demonstrates moderate performance and good mobile optimization but could benefit from updating outdated libraries and enhancing accessibility features. Security-wise, the site employs HTTPS and an opt-in cookie consent mechanism with Matomo analytics, reflecting good privacy compliance. However, the absence of security headers and the use of an outdated jQuery version present moderate risks. No explicit security or incident response policies are published, and contact information is limited to forms and social media links. Overall, the website is professional, trustworthy, and compliant with GDPR, but improvements in security posture and technical modernization are recommended.

123Comics is a small German-based creative media organization specializing in comics, graphic recording, animation, and educational workshops. Their website presents a professional and well-structured platform showcasing their projects and services, targeting educators, children, and institutions interested in political and social education through comics and animation. The technical infrastructure is based on a custom CMS (KONTEXT-CMS) with common web technologies like jQuery and Slick Carousel, and they use Matomo analytics to respect user privacy. Security posture is moderate with room for improvement, especially regarding security headers and updating legacy libraries. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and social media presence suggest a genuine operation. Privacy compliance is addressed with a cookie consent banner and a privacy policy page, but no explicit terms of service or security policies are found. Overall, the site is safe, accessible, and professionally maintained but would benefit from enhanced security and clearer business legitimacy indicators.

The Greens/EFA in the European Parliament website represents a political group focused on human rights, democracy, and climate justice within the EU. The site offers comprehensive information about their policies, members, publications, and campaigns, targeting European citizens and stakeholders interested in green politics. The website is well-structured, multilingual, and professionally designed, reflecting a mature digital presence. Technically, the site uses the Contao CMS with modern frontend frameworks like Bootstrap 4 and jQuery. It employs privacy-conscious analytics (Matomo) with cookies disabled, indicating a strong commitment to user privacy. The site is mobile-optimized and accessible, with good SEO practices. Security-wise, the site enforces HTTPS and avoids exposing sensitive data. However, no explicit security headers were detected, and no dedicated security or incident response pages are present. The WHOIS data is unavailable due to privacy protection, which is typical and justified for political organizations. Overall, the security posture is solid but could be enhanced with additional headers and transparency. The website poses low risk, is trustworthy, and serves as a credible source for political advocacy. Strategic recommendations include adding security headers, publishing incident response information, and implementing a vulnerability disclosure policy to further strengthen trust and security.

The Rosa-Luxemburg-Stiftung is a well-established non-profit political education foundation affiliated with the German Left Party. The website serves as a comprehensive platform for political education, events, publications, and scholarship information targeting politically engaged individuals and activists. The organization maintains a strong presence with consistent branding and a broad range of services focused on social justice and left-wing political discourse. Technically, the website is built on TYPO3 CMS with Elasticsearch for search functionality and uses Matomo for analytics, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and well-structured, providing an excellent user experience. Security posture is solid with HTTPS and secure form handling, though improvements can be made by adding security headers and explicit incident response information. Privacy compliance is good with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a minor gap. Overall, the site is trustworthy, professional, and safe for general audiences.

N

nd - Journalismus von links

neues-deutschland.de

49

nd - Journalismus von links is a German left-wing news media outlet providing political, cultural, and social news and analysis. The website offers multiple subscription models, podcasts, newsletters, and voluntary donation options, reflecting a cooperative ownership business model. It targets a general audience interested in leftist perspectives on current affairs. The site is well-branded and professionally maintained with consistent content quality and clear navigation.

T

The Left in the European Parliament

guengl.eu

70

The Left in the European Parliament is a political group advocating for left-wing policies across the European Union. Their website serves as an information hub for their political positions, news, events, and resources, targeting European citizens interested in progressive politics. The site is hosted by OVH SAS and built on WordPress, utilizing modern web technologies and analytics tools such as Matomo and Complianz for GDPR compliance. Security posture is good with HTTPS and cookie consent mechanisms in place, though some security headers could be improved. The site is professional, well-branded, and trustworthy, with comprehensive privacy policies and multiple official social media channels. No critical vulnerabilities or suspicious activities were detected.

W

WInTO GmbH

winto-gmbh.de

46

WInTO GmbH is a regional economic development company operating under the Landkreis Oberhavel in Germany. The company focuses on improving the economic structure of the region by providing comprehensive services including project development, business support, and networking. Their website reflects a professional and consistent brand image targeting businesses, investors, and regional partners. Technically, the site uses modern frontend technologies and privacy-conscious analytics with Matomo and Cookiebot. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security policies and incident response information are absent. Overall, the site is trustworthy and well-positioned as a government-related economic development entity.