Security Directory

H

Horus Energy SA

horus.ch

57

Horus Energy SA is a Swiss company specializing in solar-powered and ecological hosting services, including web hosting, cloud storage, email, SMS, and multimedia production. The company positions itself as a sustainable and environmentally responsible service provider, leveraging its own photovoltaic power plants to power its infrastructure. Their market niche focuses on customers valuing ecological impact and data sovereignty within Switzerland. The website is built on WordPress with modern plugins and technologies, offering a good user experience with mobile optimization and clear navigation. Privacy compliance is well addressed with cookie consent management and a comprehensive privacy policy. Security posture is solid with HTTPS, anti-spam measures, and privacy-respecting analytics, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the site is professional, trustworthy, and aligned with its business goals.

G

Gewerkschaft Bau-Holz

gbh-news.at

10

The website www.gbh-news.at serves as an information platform for members of the Gewerkschaft Bau-Holz (GBH), a trade union representing workers in the construction and wood industries in Austria. It provides news, member services, legal support, education, and campaign information, positioning itself as a key resource for approximately 250,000 employees across multiple sectors. The site is well-branded, professionally designed, and targets union members and stakeholders in the Austrian construction and wood sectors. Technically, the website employs standard web technologies including HTML5, CSS, JavaScript, and jQuery, with integrations such as Matomo for analytics and Usercentrics for consent management, reflecting a moderate level of digital maturity. The site is mobile-optimized and includes CAPTCHA protections on forms to mitigate spam. However, no CMS or hosting provider details are evident, and some security headers appear to be missing. From a security perspective, the site enforces HTTPS and uses consent management to comply with GDPR. While no critical vulnerabilities or exposed sensitive data were detected, the absence of explicit security policies, incident response contacts, and a security.txt file suggests room for improvement in transparency and readiness. The lack of WHOIS data reduces trust in domain registration legitimacy, though the website content and branding appear consistent and professional. Overall, the site presents a low-risk profile with good privacy compliance and user experience but would benefit from enhanced security disclosures and WHOIS transparency to strengthen trust and compliance posture.

L

Les communes genevoises

geneve-communes.ch

52

Les communes genevoises website serves as an official informational platform representing the 45 communes of the Geneva canton in Switzerland. It provides comprehensive information about the diverse public services offered by the communes, including childcare, education, sports, culture, public safety, and infrastructure maintenance. The site targets residents and citizens of Geneva, aiming to increase awareness and transparency of municipal activities. Technically, the website is built on Drupal 10 with Bootstrap 5, uses Matomo for analytics with privacy-conscious settings, and integrates modern web fonts and icons. The design is professional, mobile-optimized, and accessible, providing a good user experience. Security posture is solid with HTTPS and privacy-respecting analytics, but lacks explicit privacy and cookie policies, and contact information is not clearly presented. Overall, the site is trustworthy and legitimate, aligned with its government sector role, but could improve privacy compliance and user contact options.

N

NEW WORK SE

onlyfy.jobs

70

onlyfy.io is a recruiting software platform operated by NEW WORK SE, a German technology company. The platform offers a SaaS solution enabling recruiters to post jobs to over 200 boards and manage candidate applications online. The website is professionally designed, integrates with the XING ecosystem, and uses modern analytics and engagement tools such as Matomo and Braze. The technical infrastructure is hosted on AWS with DNS managed via Amazon's DNS services. Security posture is moderate with HTTPS enforced and CSRF tokens in forms, but lacks DNSSEC and explicit security headers. Privacy and cookie policies are not publicly visible on the login page, indicating room for compliance improvement. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

F

fit4internet

fit4internet.at

10

fit4internet is an Austrian non-profit association dedicated to raising digital competences across Austria. The organization provides a comprehensive digital competence framework (DigComp AT), self-assessment tools, certification and accreditation services, and a course catalog to support lifelong learning in digital skills. The website reflects a professional and consistent brand with a clear focus on education and digital literacy. It targets a broad audience including the general public, education providers, and portal users interested in digital competence development. The business model revolves around standardization, evaluation, and certification of digital skills, positioning fit4internet as a key player in Austria's digital education landscape. Technically, the website employs a modern JavaScript stack including jQuery, Bootstrap, and various UI and analytics libraries such as Matomo and Pinpoll. The site uses a custom CMS and shows good mobile optimization and SEO practices. Performance is moderate with room for improvement in accessibility compliance. Security posture is strong with HTTPS enforced, security headers present, and no visible vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. However, no explicit security policy or incident response information is publicly available. Overall, the website is trustworthy, professionally maintained, and aligned with its educational mission. The WHOIS data confirms legitimacy and consistency with the website's Austrian association identity. There are no signs of malicious activity or content safety concerns. Strategic recommendations include publishing a dedicated security policy, adding incident response contacts, and enhancing accessibility standards to improve inclusivity and compliance.

C

Con Magazine

conmagazine.it

44

Con Magazine is an Italian online video magazine dedicated to exploring social issues and their intersection with culture, education, sports, economy, and communication. Established in 2014 and registered as a periodical in Rome, it serves a niche audience interested in social cohesion and community development. The website leverages WordPress CMS with modern front-end technologies such as Bootstrap and jQuery, ensuring a responsive and user-friendly experience. Privacy compliance is robust, with integrated Iubenda cookie consent and a comprehensive privacy policy. Security posture is good with HTTPS and privacy-conscious analytics (Matomo with disabled cookies), though some security headers could be enhanced. Contact information is clearly provided, and partnerships with notable organizations like Con i Bambini and Fondazione Con il Sud reinforce credibility.

S

Seeweb srl

seeweb.it

65

Seeweb srl is an established Italian cloud computing and hosting provider founded in 1998, offering a wide range of IT infrastructure services including cloud servers, GPU computing for AI and machine learning, virtual private clouds, and data center services across Italy, Switzerland, and Bulgaria. The company emphasizes sustainability by powering its data centers with 100% renewable energy and guarantees high service availability with SLA commitments of 99.9%. Their business model targets enterprises and organizations requiring scalable, secure, and high-performance cloud solutions, supported by a multi-level technical support system and a partner program to extend market reach. Technically, the website demonstrates a mature digital infrastructure with modern JavaScript libraries, self-hosted analytics (Matomo), Microsoft Clarity for user behavior insights, and integrated marketing tools such as Google Tag Manager and various ad networks. The site is well-optimized for mobile devices, features clear navigation, and maintains good SEO and accessibility standards. Hosting appears to be managed internally, reflecting control over infrastructure and performance. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR requirements. While explicit security headers are not fully detailed, the absence of exposed sensitive data and use of privacy-conscious analytics indicate a solid security posture. However, the site lacks a publicly visible security policy or incident response contact, which could be improved to enhance transparency and readiness. Overall, Seeweb presents a trustworthy and professional online presence with strong business credibility, technical robustness, and compliance with privacy regulations. The risk profile is low, with recommendations focusing on enhancing security transparency and formalizing vulnerability disclosure processes.

F

Flyeye

sudtirol360.it

50

Virtual Südtirol is a small hospitality-focused business offering augmented reality virtual tours of the Alto Adige region in Italy. The company, branded as Flyeye, provides immersive virtual experiences to tourists and hospitality clients to enhance travel planning and marketing efforts. The website is professionally designed using Incomedia WebSite X5 Pro and integrates modern analytics tools such as Matomo and Google Analytics, with GDPR-compliant privacy and cookie policies in place. Contact information is clearly presented, including a contact form, phone number, email, and physical address in Meran, Italy. However, the WHOIS data for the domain is missing or unavailable, which raises some concerns about domain registration transparency.

S

servier.bar - Self Ordering

servier.bar

67

servier.bar is a German-based digital ordering and payment platform tailored for the hospitality industry. The company offers self-ordering, kiosk, and webshop solutions that enable guests to order and pay via smartphones, aiming to reduce staff workload, minimize errors, and increase revenue. The website is professionally designed using WordPress with modern SEO and analytics integrations, targeting hospitality businesses in Germany. The technical infrastructure includes WordPress CMS, WPBakery Page Builder, Usercentrics for cookie consent, and analytics tools such as Matomo and Facebook Pixel. Security posture is moderate with HTTPS enabled and cookie consent implemented; however, the absence of security headers and explicit privacy and terms policies indicates room for improvement. Overall, the website is trustworthy and functional but lacks some compliance and security best practices.

D

DONAU 3 FM

donau3fm.de

58

DONAU 3 FM is a regional radio station serving the Schwaben region in Germany, providing music and important local news from cities such as Ulm, Neu-Ulm, Biberach, Günzburg, and Heidenheim. The website is professionally designed with consistent branding and targets local residents and listeners interested in regional content. The business model focuses on radio broadcasting and news dissemination, positioning itself as a key media outlet in its region. Technically, the website uses a modern technology stack including Google Tag Manager, Matomo Analytics, Google Adsense for advertising, and hCaptcha for bot protection. It is hosted on Hetzner servers, a reputable German hosting provider. The site is mobile optimized and SEO friendly, with structured data implemented for better search engine understanding. From a security perspective, the site enforces HTTPS and uses bot protection mechanisms. However, it lacks explicit security headers and does not provide visible security or incident response policies. Privacy compliance is basic, with no clear privacy or cookie policy pages found, although a cookie consent mechanism is present. No contact information for security or data protection officers is available. Overall, the website is safe, professional, and trustworthy for general audiences, with no adult or explicit content. The main risks relate to privacy compliance and security policy transparency, which could be improved to enhance user trust and regulatory adherence.

Datasport Germany GmbH operates a professional website focused on sports event timing and registration services, primarily targeting event organizers and participants in Germany. The company offers key services including event timing, registration management, live result publishing, and event organization support. The website is well-branded and consistent with the company's identity, reflecting a medium-sized business with a solid market position in the sports event sector. Technically, the website employs modern frameworks such as Bootstrap and Material Design Bootstrap, uses jQuery for interactivity, and leverages Cloudflare for DNS and CDN services. Analytics are handled via Matomo, indicating a moderate level of user tracking. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. From a security perspective, the site enforces HTTPS and uses Cloudflare services, but lacks explicit security headers and published security policies. Privacy compliance is addressed with clear privacy and cookie policies, though a cookie consent mechanism is absent. No incident response or vulnerability disclosure information is provided, which could be improved. Overall, the website is trustworthy, professional, and safe for general audiences, with no adult or questionable content. The domain registration data aligns with the business identity, supporting legitimacy. Strategic improvements in security policy transparency and privacy consent mechanisms would enhance compliance and trust.

E

Elexys srl

elexys.it

61

Elexys srl is an Italian software company specializing in the development, integration, and support of innovative software solutions for small and medium enterprises (SMEs) and professionals. Established in 2009, the company offers a range of business management software including ERP, CRM, and sector-specific solutions for metal trading, waste management, and hardware stores. Their market position is strengthened by partnerships with other software houses and a focus on tailored software solutions. The website reflects a professional and consistent brand image targeting Italian SMEs and larger companies.

D

Digiko S.A.S.

digiko.it

63

Digiko S.A.S. is a small Italian digital consulting agency specializing in digital marketing services for small and medium enterprises (PMI) and professionals. The company offers consultancy, web agency services, digital marketing training, and website creation including e-commerce solutions. The website is well-structured, professionally designed using WordPress and the Divi theme, and targets the Italian market with content in Italian. Technical infrastructure includes modern technologies such as Matomo analytics and cookie consent via acconsento, with HTTPS and DNSSEC enabled, indicating a secure and trustworthy platform. However, the site lacks explicit privacy and terms of service policies, as well as published security or incident response policies, which are areas for improvement. Overall, the website presents a credible and professional digital marketing consultancy with good technical implementation and security posture.

N

NOZ/mh:n MEDIEN

noz-mhn.de

44

NOZ/mh:n MEDIEN is a large regional media group in Germany offering a diverse portfolio of print and digital media products including newspapers, magazines, and audio content. The company positions itself as a leading regional news provider with a focus on delivering timely and valuable information to its audience. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. The technical infrastructure includes modern plugins and analytics via Matomo, hosted on servers associated with basecom.de. Security posture is solid with HTTPS and cookie consent mechanisms in place, though explicit security policies and incident response information are not published. Overall, the site is trustworthy and compliant with GDPR requirements.

The Justus-Liebig-Universität Gießen (JLU) is a large, well-established public university in Germany, offering a broad range of academic programs and conducting internationally recognized research. The website reflects a professional and comprehensive digital presence, targeting students, researchers, and academic partners. It leverages the Plone CMS platform with modern web technologies and integrates Matomo analytics for user tracking. Security posture is solid with HTTPS and secure forms, though improvements in security headers and published policies are recommended. Privacy compliance is partially met with a comprehensive privacy policy but lacks explicit cookie consent mechanisms. Overall, the site is trustworthy and well-maintained, supporting the university's strong market position in education and research.

V

Vitos GmbH

vitos.de

53

Vitos GmbH is a large, publicly supported healthcare and social services provider in Germany, specializing in psychiatric care, psychosomatics, neurology, orthopedics, and youth and disability assistance. The organization operates multiple subsidiaries and clinics, offering comprehensive treatment and support services. Their website is built on TYPO3 CMS and demonstrates a mature digital infrastructure with modern technologies such as jQuery, Matomo analytics, and Usercentrics for consent management. Security posture is strong with HTTPS enforcement and privacy compliance, although some security headers could be improved. Overall, the website reflects a professional and trustworthy organization with a clear focus on healthcare and social welfare. No critical vulnerabilities or suspicious activities were detected.

D

Deutscher Musikrat gGmbH / Bundesjugendorchester

bjo-alumni.de

54

The Bundesjugendorchester Alumni website serves as a dedicated networking and information platform for former members of the Federal Youth Orchestra in Germany. It provides alumni with tools to connect, access event information, subscribe to newsletters, and purchase merchandise. The platform is supported by the Deutscher Musikrat gGmbH and leverages a specialized CMS by Paulbergman GmbH (Alumnii). The site is well-structured, mobile-optimized, and integrates modern web technologies including Bootstrap, jQuery, and Matomo analytics. Security measures include HTTPS, CAPTCHA protection, and a comprehensive cookie consent mechanism. Privacy policies are detailed and GDPR compliant, with clear data protection officer contact information. However, no explicit terms of service or security policy pages were found.

C

Cronon GmbH

cronon.net

52

Cronon GmbH is a well-established German company specializing in managed cloud and hosting services, offering tailored IT solutions including managed business and private clouds, container services, and managed security. The company positions itself as a trusted technology and service partner for enterprises undergoing IT transformation, emphasizing personalized support and ISO 27001 certified infrastructure. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive service descriptions targeting business customers in Germany. Technically, the site is built on WordPress with modern plugins and uses Matomo for privacy-conscious analytics. Security posture is solid with HTTPS and certified data centers, though improvements like DNSSEC and security headers are recommended. Privacy compliance is generally good but lacks a cookie consent mechanism, which is a notable gap. Overall, the site is credible, professional, and trustworthy, supporting Cronon's market position as a specialist in enterprise IT services.

D

Degrowth.info | degrowth.info

degrowth.info

50

Degrowth.info is a niche advocacy and informational platform focused on critiquing global capitalism and promoting social and ecological well-being through the degrowth movement. It serves activists, researchers, and the general public interested in environmental justice and systemic change. The website offers a rich library of articles, blog posts, event information, and community engagement tools. Technically, the site uses modern JavaScript frameworks and Matomo analytics, with good mobile optimization and clear navigation, though some accessibility features could be improved. Security posture is moderate with HTTPS and CSRF protections but lacks visible security headers and published privacy or cookie policies, which impacts compliance. Overall, the site is professional and trustworthy with a moderate risk profile due to limited transparency in WHOIS data and privacy policy absence.

S

Stadt Ulm

ulm.de

71

Stadt Ulm operates an official municipal website providing comprehensive information and services to residents, businesses, and visitors. The site covers city politics, culture, economy, tourism, and offers online citizen services. It holds a strong market position as the authoritative digital portal for the city of Ulm in Germany. The website is well-branded, consistent, and targets a broad audience including citizens and tourists. Technically, the website leverages modern frameworks such as Bootstrap and is built on the Sitecore CMS platform. It integrates privacy-respecting analytics via Matomo and offers multilingual support through Conword. Accessibility features and cookie consent management demonstrate a mature digital infrastructure focused on user experience and compliance. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks a publicly visible dedicated security policy or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the official city domain and name servers, confirming legitimacy. Overall, the website presents a low-risk profile with good privacy compliance and a professional digital presence. Strategic improvements could include publishing explicit security policies and incident response information to enhance transparency and trust.

D

Deutscher Musikrat gGmbH

vermittlung-neue-musik.de

45

Abenteuer Neue Musik is a cultural and educational initiative operated by Deutscher Musikrat gGmbH, focusing on contemporary music mediation projects for schools and adult education in Germany. The website offers free teaching materials, project concepts, and multimedia content to support music educators and students. It is positioned as a niche non-profit provider with strong ties to recognized cultural institutions and a clear target audience of educators and learners interested in new music. Technically, the site is built on TYPO3 CMS, hosted by Schlund Technologies, and employs modern web technologies including Matomo analytics and cookie consent management. The site is well-structured, mobile-optimized, and includes embedded YouTube videos with explicit user consent for privacy compliance. Security posture is solid with HTTPS enforced and privacy policies in place, though some security headers could be improved. Overall, the domain registration and hosting details align well with the business claims, indicating legitimacy and trustworthiness.

F

fixpunkt für digitales GmbH

fixpunkt.com

54

fixpunkt für digitales GmbH is a small, regional full-service internet and advertising agency based in Bonn, Germany, specializing in web development, online marketing, and digital communication services. Their expertise centers on TYPO3 and WordPress CMS platforms, offering services such as SEO, SEM, social media marketing, consulting, and website maintenance. The company targets businesses and organizations in the Bonn and Köln regions seeking professional digital solutions. Technically, the website is built on TYPO3 CMS with integration of Matomo for privacy-focused analytics and uses modern web components like Slick Slider for UI. The site is mobile-optimized and provides clear navigation and professional content. Security posture is moderate; while HTTPS and cookie consent mechanisms are present, no advanced security headers or explicit incident response policies were found. WHOIS data is missing, which raises concerns about domain registration legitimacy, though the website content and business information appear credible and professional. Overall, the website demonstrates good digital maturity with room for improvement in security practices and domain registration transparency.

D

Deutscher Musikrat - BuJazzO

jugendjazzt.eu

49

Jugend jazzt is a well-established German cultural event focused on promoting young jazz musicians through biennial competitions, workshops, and concerts. The website serves as an information hub for participants, audiences, and partners, supported by the Deutscher Musikrat and governmental entities. The site is professionally designed using TYPO3 CMS, with a moderate technical infrastructure including Matomo analytics for privacy-conscious tracking. Security posture is adequate with HTTPS and cookie consent mechanisms, though improvements in security headers and explicit incident response contacts are recommended. Overall, the domain and website present a trustworthy and legitimate presence aligned with their cultural mission.

D

Deutscher Musikrat gGmbH

deutscher-chorwettbewerb.de

47

The Deutscher Chorwettbewerb website represents a well-established non-profit cultural organization dedicated to organizing national amateur choir competitions in Germany. The site provides comprehensive information about events, workshops, and participation, targeting amateur choirs and music enthusiasts. The organization behind the site is Deutscher Musikrat gGmbH, a recognized entity in the German cultural sector. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience.

D

Deutscher Musikrat

bundesjazzorchester.de

47

The Bundesjazzorchester website represents a well-established non-profit cultural institution focused on promoting young jazz musicians in Germany. It is affiliated with the Deutscher Musikrat and serves as a bridge between education and professional jazz careers. The site is built on TYPO3 CMS, professionally designed, and optimized for accessibility and mobile use. Security posture is good with HTTPS and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and cookie consent. The domain is legitimate, consistent with the organization's history and hosting provider. Overall, the site is trustworthy, professional, and serves its target audience effectively.

D

Deutscher Musikrat gGmbH

podium-gegenwart.de

47

Podium Gegenwart is a cultural initiative operated by Deutscher Musikrat gGmbH, focused on promoting contemporary music in Germany through funding, networking, and documentation. The website serves musicians, ensembles, and cultural institutions with information about funding projects and events. Technically, the site is built on TYPO3 CMS, hosted by Schlund Technologies, and uses modern web technologies including jQuery and Owl Carousel. It implements HTTPS and a cookie consent mechanism with opt-in, demonstrating good privacy compliance. Security posture is solid with no visible vulnerabilities, though security headers could be improved. Overall, the site is professional, well-branded, and trustworthy, with clear contact information and social media presence.

B

Bundesjugendorchester

bundesjugendorchester.de

47

The Bundesjugendorchester website represents a well-established German national youth orchestra focused on cultural and educational activities for young musicians aged 14 to 19. The organization operates under the Deutscher Musikrat umbrella and maintains strong partnerships with prestigious institutions such as the Berliner Philharmoniker. The website provides comprehensive information about the orchestra, concerts, media, and partners, targeting young musicians, cultural supporters, and the general public interested in classical music education. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries including jQuery and a slideshow plugin. Hosting is provided by SchlundTech, and the site uses HTTPS with a cookie consent mechanism compliant with GDPR. The site performance is moderate with good mobile optimization and SEO practices. Analytics are handled via Matomo, ensuring privacy-conscious tracking. From a security perspective, the site enforces HTTPS and uses cookie consent with opt-in and revocation options. However, explicit security headers are not detected, and no dedicated security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is consistent and trustworthy, indicating a legitimate domain registration aligned with the organization's profile. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving its educational and cultural mission effectively. Strategic improvements could include adding explicit security headers, publishing vulnerability disclosure policies, and enhancing accessibility features to further strengthen security and compliance posture.

D

Deutscher Musikrat gGmbH

deutscher-orchesterwettbewerb.de

47

The Deutscher Orchesterwettbewerb website represents a well-established non-profit cultural event organized by Deutscher Musikrat gGmbH, focusing on amateur orchestras in Germany. The site provides comprehensive information about the competition, workshops, and related activities, targeting musicians and music enthusiasts. It maintains a professional presence with clear navigation, German language content, and social media integration. Technically, the website is built on TYPO3 CMS, hosted by SchlundTech, and uses modern frontend libraries and Matomo for analytics, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response information are absent. Overall, the site is trustworthy, compliant with GDPR, and serves its cultural mission effectively.

The Deutscher Musikwettbewerb website represents a well-established German non-profit organization dedicated to promoting professional classical music talent through competitions and concert support. The organization, founded in 1975 under the Deutscher Musikrat, targets young professional musicians aged 18 to 30, offering them opportunities such as concert bookings, career advice, and CD productions. The website is professionally designed using TYPO3 CMS and modern JavaScript libraries, providing a rich user experience with clear navigation and relevant content. Privacy and cookie policies are implemented with a compliant opt-in mechanism, reflecting good data protection practices. Technically, the site is hosted on Schlundtech nameservers and uses HTTPS with no visible security vulnerabilities. Analytics are handled via Matomo, respecting user consent. However, the site lacks a publicly available security policy and incident response contacts, which could be improved to enhance trust and transparency. The WHOIS data aligns well with the website's branding and hosting, indicating legitimacy and consistency. Overall, the website scores well on content quality, technical implementation, privacy compliance, and business credibility, making it a trustworthy and professional platform for its target audience. Strategic improvements in security policy transparency and incident response readiness are recommended to further strengthen its security posture and user trust.

D

Deutsches Musikinformationszentrum (miz)

miz.org

70

The Deutsches Musikinformationszentrum (miz) is a well-established non-profit organization serving as the central information hub for music life in Germany. Founded in 1998, it offers comprehensive resources including news, studies, thematic portals, and event calendars targeted at music professionals, institutions, and enthusiasts. The website is professionally designed with excellent content quality and clear navigation, supporting a broad audience interested in the German music scene. Technically, the site is built on Drupal 10, hosted via Cloudpit, and employs modern web technologies including Matomo for analytics and a cookie consent mechanism compliant with GDPR. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and some security headers could be improved. No critical vulnerabilities or suspicious activities were detected. Privacy compliance is strong, with clear cookie policies and user consent management. Contact information is primarily via contact forms and social media channels, with no direct emails or phone numbers publicly listed. Overall, the site demonstrates a mature digital presence with a trustworthy reputation in its sector.

D

Deutscher Musikrat gGmbH

popcamp.de

37

PopCamp is a well-established German non-profit artist promotion program operated by Deutscher Musikrat gGmbH. It offers high-level coaching and professional development for emerging musicians, supporting them through workshops, showcases, and project funding. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content focused on artist development. Technically, the site is built on TYPO3 CMS, hosted by Schlundtech, and uses Matomo for analytics, indicating a preference for privacy-conscious tools. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the site is trustworthy, compliant with GDPR, and serves its target audience effectively.

F

fixpunkt für digitales GmbH

bundesjugendchor.org

45

The Bundesjugendchor website represents a German youth choir ensemble affiliated with the Deutscher Musikrat, focusing on promoting choral excellence among young singers. The site offers information about the choir, upcoming concerts, media productions, and opportunities to join. The business operates as a non-profit cultural organization with a clear target audience of music enthusiasts and young singers. The website is professionally designed using TYPO3 CMS, with a modern tech stack including Matomo analytics for privacy-conscious tracking. Hosting is provided by a German provider consistent with the organization's location. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, reflecting good privacy compliance. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and no incident response or vulnerability disclosure policies are published. No critical vulnerabilities or suspicious content were found. The website is accessible without WAF or security challenges, indicating stable infrastructure. Overall, the website demonstrates a solid digital presence with good content quality, technical implementation, and business credibility. Privacy compliance is well addressed, and the security posture is adequate but could be enhanced with additional headers and policies. The domain WHOIS data aligns with the website's identity, supporting legitimacy. Strategic recommendations include implementing additional security headers, publishing incident response and terms of service documents, and enhancing accessibility features to improve compliance and user experience.

W

WECHANGE eG

muve.sh

60

MUVE is a non-profit online networking platform dedicated to musicians and music-related institutions in Schleswig-Holstein, Germany. It offers tools such as calendars, messaging, news posting, and project mapping to facilitate collaboration and visibility within the regional music community. The platform is designed by and for young musicians, emphasizing participatory and problem-solving approaches to overcome geographic and institutional barriers. The website is professionally designed, mobile-optimized, and provides comprehensive privacy and cookie policies compliant with GDPR standards. The business is positioned as a niche regional service with a clear target audience and a small organizational size, backed by WECHANGE eG.

F

Freunde der Erziehungskunst

freunde-waldorf.de

43

Freunde der Erziehungskunst is a German nonprofit organization founded in 1976 dedicated to supporting Waldorf education worldwide. The organization supports over 830 Waldorf institutions, facilitates volunteer services, emergency pedagogy, and student fundraising campaigns. The website reflects a well-established nonprofit with a clear mission and international outreach. Technically, the site is built on TYPO3 CMS, uses modern analytics tools including Google Analytics and Matomo, and is hosted on agenturserver infrastructure. The site is mobile optimized and accessible, with good SEO practices. Security posture is moderate with HTTPS usage but lacks explicit security headers and published security policies. Privacy compliance is limited due to missing privacy and cookie policies. Business credibility is high with certifications and nonprofit registration clearly stated. Overall, the website is professional and trustworthy but could improve in privacy and security transparency.

C

CompGen - Verein für Computergenealogie

compgen.de

51

CompGen - Verein für Computergenealogie is Germany's largest genealogical association, providing free access to extensive genealogical data and supporting family history research through various online platforms and print publications. The organization operates as a non-profit entity with a strong community focus, serving over 4,000 individual members and 50 member associations. Their digital presence is built on a WordPress platform with modern plugins and SEO tools, ensuring good content quality and user experience. The website is well-structured, mobile-optimized, and integrates social media channels effectively. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though explicit privacy and cookie policies are missing, which impacts compliance. Overall, the site reflects a trustworthy and professional non-profit organization dedicated to genealogical research.

I

ITV.SH

itvsh.de

65

ITV.SH is a regional government partner focused on the digital transformation of municipal administrations in Schleswig-Holstein, Germany. The website presents a comprehensive portfolio of digital services including citizen portals, digital archiving, and cloud solutions tailored for public sector needs. The organization positions itself as a key enabler of end-to-end digitalization in local government processes. Technically, the site is built on TYPO3 CMS, leveraging privacy-conscious Matomo analytics with cookies disabled, indicating a mature approach to user privacy. The site is well-structured, mobile-optimized, and uses modern web technologies, although some security best practices such as explicit security headers and cookie consent mechanisms are missing. The WHOIS data aligns with the hosting provider and regional focus, supporting legitimacy. Overall, ITV.SH demonstrates a solid digital presence with room for improvement in security and privacy compliance to enhance trust and regulatory adherence.

D

Deutschland – Land der Ideen

land-der-ideen.de

45

Deutschland – Land der Ideen is a German non-profit initiative focused on promoting innovation and good ideas across the country. The organization supports innovators, educators, and business leaders by organizing competitions, networking events, and conferences to foster a culture of innovation. Their market position is well established as a national platform for innovation promotion with a medium-sized operational scale. Technically, the website uses modern web technologies including JavaScript, CSS, and HTML5, with privacy-respecting Matomo analytics. The site is well optimized for mobile and accessibility, with good SEO practices and a professional design. The platform appears to be custom-built or uses a proprietary CMS. From a security perspective, the site enforces HTTPS and uses secure login forms. While some security headers are not explicitly confirmed, the site follows best practices such as cookie consent and no exposed sensitive data. However, there is no public security policy or incident response contact, and no vulnerability disclosure mechanism is present. Overall, the website is trustworthy, professional, and compliant with GDPR. The lack of detailed WHOIS registrant data slightly reduces domain trust but does not raise significant concerns. Strategic improvements in security transparency and header implementation are recommended to enhance security posture further.

G

Gesellschaft für Pädagogik, Information und Medien „Johann Amos Comenius“, e.V. (GPI)

comenius-award.de

50

The website comenius-award.de represents the Gesellschaft für Pädagogik, Information und Medien „Johann Amos Comenius“, e.V. (GPI), a non-profit organization focused on promoting high-quality digital education through the Comenius-EduMedia Award. The organization has a long-standing history since 1964 and positions itself as an international authority in digital education awards. The site targets educational institutions, digital education product developers, and pedagogical professionals, offering award programs, media visibility, and professional conferences. Technically, the site is built on WordPress with the Divi theme, enhanced by SEO and analytics tools such as Rank Math and Matomo, indicating a mature digital infrastructure. Security posture is good with HTTPS and cookie consent mechanisms, though it lacks explicit security policies and incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR, making it a reliable resource in its sector.

D

Deutscher Musikrat

forum-dirigieren.de

46

Forum Dirigieren is a well-established non-profit program under the Deutscher Musikrat, dedicated to fostering young orchestral and choral conducting talent in Germany. The website serves as an information hub for their funding programs, competitions, and events, targeting aspiring conductors and music professionals. The organization leverages a professional TYPO3 CMS-based website with clear navigation and comprehensive content, reflecting its long-standing presence and commitment to the music community. Technically, the site uses modern web technologies including Bootstrap and Matomo analytics, ensuring a balance between functionality and privacy. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some improvements like explicit security policies and security.txt could enhance trust further. Overall, the domain registration and hosting align well with the organization's profile, supporting the site's legitimacy and credibility.

I

innovaphone AG

innovaphone.com

65

innovaphone AG is a well-established European technology company specializing in software and hardware solutions for enterprise communications and digital collaboration. Their offerings include IP telephony systems, virtual meetings, unified communications, and cloud services, targeting businesses of all sizes from SMBs to large enterprises. The company emphasizes security, GDPR compliance, and quality 'Made in Germany' products, positioning itself as a trusted provider in the telecommunications sector. The website demonstrates a mature technical infrastructure utilizing modern web technologies such as Bootstrap, jQuery, and Matomo analytics, combined with proprietary innovaphone scripts and WebSocket-based widgets. The site is well-optimized for mobile devices, fast loading, and includes comprehensive SEO and accessibility features, reflecting a high level of digital maturity. From a security perspective, the site employs HTTPS, strict Content Security Policies, and cookie consent mechanisms aligned with GDPR requirements. While DNSSEC is not enabled and no explicit incident response contacts or security.txt file are found, the overall security posture is strong with no evident vulnerabilities or exposed sensitive data. Overall, innovaphone AG presents a professional, trustworthy online presence with clear business information, active partner engagement, and robust security and privacy practices. The site supports their market position as a reliable European provider of enterprise communication solutions.

items GmbH & Co. KG is a well-established German company specializing in IT and process solutions for the energy and public transportation sectors. With over 25 years of experience and a workforce of approximately 400 employees across five locations, the company supports municipal utilities and public transport providers in optimizing their operations and embracing innovation. The website promotes their annual items-Forum event, targeting decision-makers and experts in these industries. Technically, the site is built on WordPress using modern tools like Elementor and Yoast SEO, with privacy-conscious analytics via Matomo. Security posture is solid with HTTPS and no exposed sensitive data, though some security headers are missing. Contact information is comprehensive, including phone, email, and social media channels. Overall, the site reflects a professional and credible business presence.

V

viadee Unternehmensberatung AG

navigate-kongress.de

55

The NAVIGATE Kongress website represents a well-established online IT conference organized by viadee Unternehmensberatung AG, a medium-sized German IT consultancy founded in 1994. The company focuses on holistic software development and organizational development, hosting an annual free online event targeting IT decision makers, architects, and developers. The website content is professional, comprehensive, and well-structured, reflecting a mature digital presence with strong SEO and user experience. Technically, the site is built on WordPress with modern tools such as Yoast SEO, Matomo Analytics, and CookieFirst for privacy compliance, hosted on Azure DNS infrastructure. Security posture is solid with HTTPS enforced and privacy-conscious analytics, though some security headers and explicit security policies could be improved. Overall, the site is trustworthy, safe, and compliant with GDPR, though it lacks explicit contact information and incident response details. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information.

O

Owners Club

ownersclub.immo

49

Owners Club is a German real estate focused platform aiming to increase property ownership rates and provide access to previously inaccessible market segments. The website offers investment webinars, market news, and tools for property owners, targeting investors and homeowners primarily in Germany. The platform uses WordPress CMS with a moderate technical infrastructure including Matomo analytics and social media integrations. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website presents a professional and trustworthy image but could improve in compliance and security transparency.

O

Open Knowledge Foundation Deutschland e. V.

okfn.de

53

Open Knowledge Foundation Deutschland e. V. is a reputable non-profit organization based in Germany focused on promoting open knowledge, transparency, and civic participation through various digital projects and community initiatives. Their key services include youth technology education, civic tech community building, freedom of information portals, and support for open government data and open source projects. The organization is well-positioned in the non-profit sector with a strong community and trust indicators such as NGOsource certification and membership in Transparency International's Initiative Transparente Zivilgesellschaft. Technically, the website is built using the Hugo static site generator, ensuring fast performance and security benefits. It employs Matomo analytics with cookies disabled, reflecting a privacy-conscious approach. The site is mobile-optimized, accessible, and SEO-friendly, with a clean and professional design that supports excellent user experience. From a security perspective, the site enforces HTTPS and provides an OpenPGP public key for secure communications. However, it lacks explicit cookie consent mechanisms, a published security policy, incident response contacts, and a vulnerability disclosure policy, which are areas for improvement. No critical vulnerabilities or suspicious elements were detected. Overall, the website demonstrates a high level of professionalism, trustworthiness, and technical maturity, with minor gaps in privacy compliance and security policy transparency. Strategic improvements in these areas would further enhance their security posture and regulatory compliance.

B

La Bibbia - leggila dal sito ufficiale CEI

bibbiaedu.it

58

Bibbiaedu.it is an Italian educational website dedicated to providing access to official Bible texts and facilitating comparative study of different Bible translations, including Italian, Hebrew, and Greek versions. The platform targets Italian-speaking users interested in religious studies and biblical scholarship. The website offers search functionality and comparison tools for various Bible versions, positioning itself as a niche educational resource in the religious education sector. Technically, the site employs modern web technologies including Google Analytics, Google Tag Manager, Matomo Analytics, and a cookie consent management system, indicating a moderate to advanced digital maturity. The website is mobile optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and implements cookie consent mechanisms but lacks DNSSEC and visible security headers, suggesting room for improvement in security hardening. No privacy policy or terms of service pages were detected, and no direct contact information is provided on the homepage, which may impact trust and compliance. The domain is well aged, registered since 2000, consistent with the site's educational purpose, and shows no suspicious patterns. Overall, the site is trustworthy and safe, with a solid foundation but could benefit from enhanced privacy and security disclosures.

S

Semesterspiegel

semesterspiegel.de

60

Semesterspiegel is a German student-run media platform primarily serving the university community in Münster. It offers a variety of articles covering politics, culture, campus life, and society, supplemented by a weekly newsletter and opportunities for student involvement. The website is built on WordPress and hosted by Variomedia, utilizing modern web technologies and privacy-respecting analytics via Matomo. The site demonstrates good content quality, consistent branding, and a clear focus on its target audience of university students and young adults. Security practices include HTTPS enforcement and cookie consent mechanisms, though there is room for improvement in security headers and incident response disclosures. Overall, the domain registration and hosting details align well with the website's purpose, indicating a legitimate and trustworthy operation.

S

Studierendenparlament der Universität Münster

stupa.ms

50

The website represents the Studierendenparlament der Universität Münster, a student parliament body dedicated to representing student interests and facilitating democratic participation at the University of Münster. It provides information on parliamentary sessions, committees, election results, and contact points for students. The site is well-branded, consistent, and targets the university's student community. Technically, it is built on WordPress with modern plugins and frameworks, hosted by Variomedia AG, and uses Matomo for privacy-respecting analytics. Security posture is adequate with HTTPS enforced but lacks DNSSEC and some security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional, trustworthy, and serves its educational and non-profit purpose effectively.

M

Museo miniere Alto Adige

museominiere.it

63

Museo miniere Alto Adige operates a provincial mining museum with four physical locations in the South Tyrol region of Italy. The museum offers cultural, educational, and historical exhibitions focused on mining heritage, targeting a general audience including tourists and local visitors. The website is professionally designed, mobile-optimized, and provides clear navigation to various museum sites and programs. Technically, the site uses modern JavaScript libraries such as jQuery, Owl Carousel, and PhotoSwipe, and integrates analytics tools like Matomo and Facebook Pixel with a compliant cookie consent mechanism. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies are absent. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the website reflects a trustworthy and legitimate regional cultural institution with a strong digital presence.

NABU LV Sachsen is a regional branch of the well-established German non-profit environmental organization NABU - Naturschutzbund Deutschland e.V. The website serves as a comprehensive platform for nature conservation activities, environmental education, advocacy, and community engagement within the Saxony region. It offers news, events, donation opportunities, and volunteer coordination, targeting environmentally conscious individuals and supporters in Germany. The organization maintains a strong market position as a reputable non-profit with consistent branding and trust indicators such as official contact details and privacy compliance. Technically, the website is built on the Imperia CMS platform with Bootstrap for responsive design, enhanced by JavaScript libraries including jQuery and Matomo for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices. Privacy and cookie policies are clearly presented with a consent mechanism, reflecting GDPR compliance. The use of Matomo and Google Analytics indicates moderate user tracking balanced with privacy considerations. From a security perspective, the site enforces HTTPS and employs security cookies for bot detection. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not clearly present and could be improved. No vulnerabilities or exposed sensitive data were detected. Incident response and security policy information are not prominently available, suggesting room for enhancement in transparency and readiness. Overall, the website is professional, trustworthy, and well-aligned with its non-profit mission. It effectively balances user experience, privacy, and security, making it a reliable resource for its audience. Strategic improvements in security headers and incident response visibility would further strengthen its posture.

E

Etat de Fribourg

fr.ch

64

The website www.fr.ch is the official online portal for the Canton of Fribourg, Switzerland, providing comprehensive information and services related to the cantonal administration. It serves residents and citizens by offering access to government services, news, legislation, and administrative procedures. The site is well-branded, multilingual, and designed for accessibility and mobile responsiveness. Technically, the site is built on Drupal CMS, utilizing modern web technologies including Matomo for analytics and Google reCAPTCHA for security. The infrastructure demonstrates good digital maturity with privacy-respecting analytics and cookie consent mechanisms. Performance is moderate with good SEO and accessibility features. From a security perspective, the site enforces HTTPS, employs security headers, and avoids exposing sensitive data. However, it lacks a dedicated security policy or incident response contact information, which could enhance trust and preparedness. No vulnerabilities or suspicious activities were detected. Overall, the site presents a low-risk profile with strong legitimacy as a government entity. Strategic recommendations include publishing explicit security and incident response policies, adding a vulnerability disclosure mechanism, and enhancing transparency on data retention. These steps would further strengthen the site's security posture and user trust.