Security Directory

E

Erzdiözese Salzburg

edsbg.at

0

Erzdiözese Salzburg operates as a large, established Catholic diocese serving the Salzburg region and Tiroler Unterland in Austria. The website functions as an informational and community engagement platform, offering news, event details, and religious content tailored to its Catholic audience. The organization maintains a consistent brand presence and leverages social media channels to extend its outreach. Technically, the site uses the siteswift CMS platform with modern JavaScript libraries, ensuring a responsive and user-friendly experience. Security measures include HTTPS enforcement, CSRF protection on forms, and a comprehensive cookie consent mechanism, although explicit security headers and incident response policies are not publicly documented. Overall, the site demonstrates a good balance of content quality, technical implementation, and privacy compliance, reflecting the organization's credibility and commitment to user trust.

E

Erzdiözese Salzburg

eds.at

0

The website eds.at serves as the official online presence of the Erzdiözese Salzburg, the Catholic Church in Salzburg and the Tiroler Unterland region. It provides comprehensive information on religious services, community events, social support, and educational content targeted at church members and the general public interested in faith and community activities. The site is well-positioned as a regional religious authority and community service provider with a large audience base. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies such as Bootstrap and jQuery, and integrates privacy-conscious analytics via Matomo. The site demonstrates good digital maturity with mobile optimization, accessibility, and SEO best practices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. Overall, the site is trustworthy, professionally maintained, and compliant with GDPR requirements.

The Liturgy Office website serves as the official online presence for the Department for Christian Life and Worship under the Catholic Bishops' Conference of England and Wales. It provides liturgical resources, calendar information, prayers, and news relevant to the Catholic community in England and Wales. The site targets clergy, church members, and religious scholars, positioning itself as a trusted resource within the religious non-profit sector. The business model is non-commercial, focusing on service and information dissemination. Technically, the website employs basic web technologies including HTML5, CSS, Google Fonts, and Google Tag Manager for analytics. The site lacks a modern CMS and advanced frameworks, indicating a relatively simple infrastructure. Performance and mobile optimization are basic, with room for improvement in accessibility and SEO. No forms or user input fields reduce complexity and security risks. From a security perspective, the site uses HTTPS (assumed but not explicitly confirmed), but lacks DNSSEC and security headers, which are recommended for enhanced protection. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. The WHOIS data is transparent and consistent with the organization's identity, supporting legitimacy. No critical vulnerabilities or suspicious patterns were detected. Overall, the website is a reliable and safe resource with good business credibility but requires improvements in privacy compliance, security hardening, and technical modernization to enhance user trust and regulatory adherence.

C

Catholic Bishops' Conference of England and Wales

dayforlife.org

0

The Catholic Bishops' Conference of England and Wales operates a professional and authoritative website dedicated to religious advocacy and raising awareness on life issues. The site provides comprehensive resources including messages, prayer booklets, and grant information, targeting Catholics and interested individuals in England and Wales. The organization holds a strong market position as a recognized religious authority with consistent branding and a clear mission. Technically, the website is built on WordPress with modern technologies such as Bootstrap, Yoast SEO, and Google Analytics, hosted with CDN support for performance. The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital infrastructure. From a security perspective, the site uses HTTPS and employs security best practices, although explicit security headers are not detected in the provided data. No vulnerabilities or exposed sensitive data were found. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website presents a low risk profile with strong business credibility and technical maturity. The main limitation is the lack of WHOIS data due to querying the 'www' subdomain, but this does not detract from the site's legitimacy. Strategic recommendations include enhancing security headers and publishing explicit security and incident response policies.

C

Catholic Bishops' Conference of England and Wales

taking-stock.org.uk

0

Taking Stock is a non-profit project managed by the Catholic Bishops' Conference of England and Wales, focusing on the architectural and historical review of Catholic churches and chapels across England and Wales. The website serves as an informational resource and partnership platform involving dioceses and Historic England. The target audience includes researchers, heritage professionals, and the Catholic community. The business model is collaborative and heritage-focused, with a niche market position in religious architectural documentation. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and advanced SEO plugins like Yoast. Hosting utilizes a CDN for performance, and Google Analytics is implemented for visitor tracking. The site demonstrates good mobile optimization and basic accessibility features, though there is room for improvement in security headers and cookie consent mechanisms. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data or vulnerable libraries. However, it lacks explicit security policies, incident response information, and cookie consent banners, which are important for GDPR compliance and user trust. No critical vulnerabilities or suspicious activities were detected. Overall, the website is professionally maintained with a strong business credibility and good content quality. Strategic recommendations include enhancing privacy compliance with cookie consent, implementing security headers, and publishing security and incident response policies to improve trust and compliance posture.

N

National Protective Security Authority

npsa.gov.uk

0

The National Protective Security Authority (NPSA) is the UK government's National Technical Authority for physical and personnel protective security, operating as part of MI5. The website serves as a comprehensive resource offering guidance, tools, and risk management information targeted at security professionals, government entities, industry sectors, and high-risk individuals. It holds a strong market position as an authoritative government agency providing protective security expertise. Technically, the website is built on Drupal CMS with modern JavaScript libraries and integrates analytics and tracking tools such as Google Tag Manager, Facebook Pixel, Hotjar, and LinkedIn Insight. The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, though it lacks explicit security headers and a public security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website presents a low risk profile with strong trust indicators including official UK government domain usage, Crown copyright, and consistent branding. The absence of WHOIS data is typical for government domains and does not detract from legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and providing clear incident response contacts to further strengthen security posture.

S

Secret Intelligence Service (SIS) / MI6

sis.gov.uk

0

The website www.sis.gov.uk represents the UK Secret Intelligence Service (SIS), commonly known as MI6. It serves as the official digital presence of the UK's foreign intelligence agency, providing detailed information about its mission, history, leadership, recruitment opportunities, and partnerships. The site targets potential recruits, government partners, and the general public interested in intelligence services. The business model is that of a government agency focused on intelligence gathering and national security. The website is well-branded, professionally designed, and consistent with government standards, reflecting a high level of trustworthiness and authority. Technically, the site is built on the Drupal CMS platform and employs Matomo for privacy-conscious analytics. It demonstrates good mobile optimization, accessibility, and SEO practices. The site uses HTTPS with strong SSL configuration, though no explicit security headers were detected in the provided data. Privacy compliance is robust, with clear privacy and cookie policies and a consent mechanism in place. Contact information is limited to a contact form, with no direct emails or phone numbers publicly listed, which aligns with the sensitive nature of the organization. From a security perspective, the site shows good practices such as HTTPS enforcement and privacy-respecting analytics. However, it lacks publicly visible security policies or incident response contacts, and no security.txt file was found. The WHOIS data is unavailable, which is typical for sensitive government domains and is justified in this context. Overall, the site presents a strong security posture with room for improvement in transparency around security policies. The overall risk assessment is low given the official nature of the site, its consistent branding, and government affiliation. Strategic recommendations include enhancing security header implementation, publishing a dedicated security policy and incident response information, and adding a security.txt file to facilitate vulnerability disclosures. These steps would further strengthen trust and security culture while maintaining operational security.

G

GCHQ

gchq.gov.uk

0

GCHQ is the United Kingdom's official intelligence, security, and cyber agency, tasked with protecting the country from threats both in the physical and digital realms. The website clearly communicates its mission, key services, and organizational culture, targeting UK citizens, government stakeholders, and cybersecurity professionals. The site is well-branded and professionally designed, reflecting its authoritative government status. Technically, the website employs modern web technologies including React and JSON-LD structured data for SEO and accessibility. The site is mobile-optimized and provides a smooth user experience with clear navigation and relevant content. While no explicit CMS or hosting provider is identified, the site demonstrates good performance and technical maturity. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and a public security policy or vulnerability disclosure program. No contact information for security incidents is provided, which is common for government sites but could be improved for transparency. The absence of WHOIS data is typical for UK government domains, and the domain's legitimacy is supported by its .gov.uk TLD and consistent official content. Overall, the website is trustworthy, secure, and professionally maintained, with minor recommendations to enhance security headers and incident response transparency. The risk level is low, and the site effectively serves its purpose as a government intelligence agency portal.

K

Koeln.Business

koelnbusiness.de

0

Koeln.Business is the official economic development agency for the city of Cologne, Germany, providing support for businesses, startups, and investors. The website offers services such as funding consultation and business facilitation, targeting entrepreneurs and startups primarily within Cologne. The organization positions itself as a key facilitator for economic growth and business establishment in the region. Technically, the website is built on TYPO3 CMS, a mature and widely used content management system, and incorporates modern JavaScript libraries such as Slick Slider and Owl Carousel for enhanced user experience. Cookiebot is implemented for GDPR-compliant cookie consent management, and Matomo Analytics is used for privacy-conscious visitor tracking. The site is mobile-optimized and demonstrates good SEO and accessibility practices. From a security perspective, the site enforces HTTPS and uses a comprehensive cookie consent mechanism. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure information, which are recommended for improving transparency and trust. No critical vulnerabilities or suspicious content were detected. Overall, Koeln.Business presents a professional and trustworthy online presence consistent with a government economic development entity. The domain WHOIS data is privacy protected but shows no signs of suspicious activity. Strategic recommendations include publishing security and incident response policies, enhancing security headers, and maintaining regular audits of third-party scripts to sustain a strong security posture.

I

INAIL - Istituto Nazionale per l'Assicurazione contro gli Infortuni sul Lavoro

inail.it

0

INAIL is the Italian National Institute for Insurance against Accidents at Work, operating as a government agency providing mandatory insurance, prevention, research, and rehabilitation services related to workplace injuries and occupational diseases. The website serves a broad audience including workers, employers, institutions, and stakeholders involved in workplace safety and insurance. It holds a strong national market position as an authoritative public institution. The site offers key services such as insurance coverage, safety programs, research initiatives, prosthetic and rehabilitation services, and statistical data dissemination. Technically, the website is built on Adobe Experience Manager, leveraging modern web technologies including Adobe Helix RUM, Google reCAPTCHA, Adobe Document Services Viewer SDK, and Dynatrace monitoring. The site demonstrates good performance, mobile optimization, accessibility, and SEO practices. It integrates multiple social media platforms and uses advanced analytics and monitoring tools. From a security perspective, the site employs HTTPS with strong SSL configuration, uses security headers, and implements bot protection mechanisms. However, explicit security policies and vulnerability disclosure information are not publicly visible. No vulnerabilities or suspicious activities were detected. The WHOIS data aligns well with the website's claims, confirming legitimacy and trustworthiness. Overall, the website is professional, secure, and compliant with privacy regulations, providing a trustworthy digital presence for INAIL. Strategic recommendations include publishing explicit security and incident response policies, adding vulnerability disclosure mechanisms, and enhancing transparency around security headers and third-party script integrity.

C

Caren Lay MdB

caren-lay.de

0

The website www.caren-lay.de represents Caren Lay, a member of the German Bundestag affiliated with the DIE LINKE party. It serves as a political communication platform focusing on housing policy, social issues, and club policy. The site provides articles, brochures, and information about her political work and positions. The target audience is German-speaking citizens interested in left-wing politics and social housing matters. The business model is centered on political representation and public engagement. Technically, the site is built on KONTEXT-CMS 3.9.9, uses modern frontend technologies such as Tailwind CSS and FontAwesome, and includes jQuery 3.5.1. Hosting is provided by Warenform, with CDN usage for fonts and images. The site is mobile optimized and has good SEO practices. Analytics are handled by Matomo with an opt-in cookie consent mechanism, reflecting a privacy-conscious approach. From a security perspective, the site enforces HTTPS and uses cookie consent with opt-in for tracking. However, it lacks explicit security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent and legitimate, supporting trustworthiness. Overall, the site demonstrates a good security posture but could improve by adding security headers and incident response information. The overall risk is low given the nature of the site as a political information platform with no sensitive transactions or personal data collection beyond a contact form. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility features to further strengthen trust and compliance.

D

Dieter Janecek

dieterjanecek.de

0

Dieter Janecek's website serves as the official online presence for a German Bundestag member representing Munich-West/Mitte. The site focuses on political communication, providing news, event information, and a newsletter subscription to engage constituents and supporters of the Green party. The business model centers on political representation and public outreach, targeting German citizens and political stakeholders. The website is well-branded, consistent, and offers multilingual support, enhancing accessibility for a broader audience. Technically, the site is built on WordPress using a modern tech stack including jQuery, Swiper.js, and several reputable plugins for events, forms, and multilingual content. The site demonstrates good mobile optimization and moderate performance, with a clean and professional design. SEO and accessibility are basic but adequate for the site's purpose. From a security perspective, the website enforces HTTPS and implements a GDPR-compliant cookie consent mechanism with granular user controls. No critical vulnerabilities or exposed sensitive data were detected. However, security headers are not explicitly present, and there is no dedicated security or incident response policy visible. The WHOIS data aligns with the website content, indicating a legitimate and consistent domain registration. Overall, the website presents a low-risk profile with good privacy compliance and a solid security posture for a political site. Strategic improvements could include adding security headers, incident response information, and enhanced accessibility features to further strengthen trust and compliance.

F

Fabio De Masi

fabio-de-masi.de

0

Fabio De Masi's website serves as an official political platform providing comprehensive information about his role as a member of the European Parliament. The site offers visitors access to news, media content, transparency reports, and opportunities to subscribe to newsletters. The target audience primarily consists of European citizens interested in political affairs and transparency. The business model is centered on public political representation and information dissemination, with a strong emphasis on transparency and engagement through social media and newsletters. Technically, the website is built on the KONTEXT-CMS platform, utilizing legacy jQuery and modern FontAwesome icons, hosted by warenform.de. The site demonstrates moderate performance and good mobile optimization but could benefit from updating outdated libraries and enhancing accessibility features. Security-wise, the site employs HTTPS and an opt-in cookie consent mechanism with Matomo analytics, reflecting good privacy compliance. However, the absence of security headers and the use of an outdated jQuery version present moderate risks. No explicit security or incident response policies are published, and contact information is limited to forms and social media links. Overall, the website is professional, trustworthy, and compliant with GDPR, but improvements in security posture and technical modernization are recommended.

B

Bundesregierung

gleichstellungsbericht.de

0

The website gleichstellungsbericht.de is an official German government platform dedicated to publishing gender equality reports and related information. It serves as a key resource for policymakers, administrators, and the public interested in gender equality progress and recommendations in Germany. The site provides access to current and past reports, event announcements, and downloadable documents, positioning itself as a trusted governmental information source. The business model is informational and regulatory, with a focus on transparency and public engagement in gender equality matters. Technically, the website is built on WordPress and employs common web technologies such as jQuery and Owl Carousel for interactive content. It integrates a sophisticated accessibility tool (digi·access) supporting multiple languages and accessibility needs, reflecting a high level of digital maturity and inclusiveness. Hosting is managed via domaincontrol.com (GoDaddy), a reputable provider. The site demonstrates good mobile optimization and SEO practices. From a security perspective, the site enforces HTTPS and includes essential security headers, contributing to a strong security posture. No vulnerabilities or exposed sensitive data were detected. However, the absence of a cookie consent mechanism, explicit security policies, and vulnerability disclosure pages indicates areas for improvement in compliance and transparency. No incident response contacts or data protection officer information were found, which are recommended for enhanced trust and regulatory adherence. Overall, the website is professional, trustworthy, and well-maintained, with a strong focus on accessibility and content quality. Strategic recommendations include implementing cookie consent, publishing security and incident response policies, and adding vulnerability disclosure information to further strengthen compliance and user trust.

D

Deutscher Bundestag

bundestag.de

0

The Deutscher Bundestag website serves as the official online presence of the German Parliament, providing comprehensive information about parliamentary activities, members, schedules, and live streams. The site targets the general public and stakeholders interested in German governmental affairs. It demonstrates a high level of content quality, professional design, and clear navigation, reflecting its role as a government information portal. Technically, the site uses standard web technologies including JavaScript and CSS, with moderate performance and good mobile optimization. However, there is a lack of visible security headers and explicit privacy or cookie policies, which are areas for improvement. The security posture is moderate due to missing explicit security best practices and incident response information. Overall, the domain and website are legitimate and consistent with official government use, with no suspicious indicators detected.

The Greens/EFA in the European Parliament website represents a political group focused on human rights, democracy, and climate justice within the EU. The site offers comprehensive information about their policies, members, publications, and campaigns, targeting European citizens and stakeholders interested in green politics. The website is well-structured, multilingual, and professionally designed, reflecting a mature digital presence. Technically, the site uses the Contao CMS with modern frontend frameworks like Bootstrap 4 and jQuery. It employs privacy-conscious analytics (Matomo) with cookies disabled, indicating a strong commitment to user privacy. The site is mobile-optimized and accessible, with good SEO practices. Security-wise, the site enforces HTTPS and avoids exposing sensitive data. However, no explicit security headers were detected, and no dedicated security or incident response pages are present. The WHOIS data is unavailable due to privacy protection, which is typical and justified for political organizations. Overall, the security posture is solid but could be enhanced with additional headers and transparency. The website poses low risk, is trustworthy, and serves as a credible source for political advocacy. Strategic recommendations include adding security headers, publishing incident response information, and implementing a vulnerability disclosure policy to further strengthen trust and security.

T

The Left in the European Parliament

guengl.eu

0

The Left in the European Parliament is a political group advocating for left-wing policies across the European Union. Their website serves as an information hub for their political positions, news, events, and resources, targeting European citizens interested in progressive politics. The site is hosted by OVH SAS and built on WordPress, utilizing modern web technologies and analytics tools such as Matomo and Complianz for GDPR compliance. Security posture is good with HTTPS and cookie consent mechanisms in place, though some security headers could be improved. The site is professional, well-branded, and trustworthy, with comprehensive privacy policies and multiple official social media channels. No critical vulnerabilities or suspicious activities were detected.

D

Die Linke im Europaparlament

dielinke-europa.eu

0

Die Linke im Europaparlament is a political group representing left-wing interests within the European Parliament, focusing on social justice, peace, and democracy in Europe. The website serves as an information hub for their parliamentary activities, news, publications, and contact with representatives. It targets European citizens interested in progressive politics and EU governance. The organization maintains a consistent brand presence and leverages official EU affiliations to establish trust. Technically, the website is built on WordPress with common plugins such as Contact Form 7 and uses modern web technologies including jQuery and FontAwesome. The site is hosted by http.net Internet GmbH and demonstrates moderate performance with good mobile optimization and basic accessibility features. SEO practices are well implemented with proper metadata and Open Graph tags. From a security perspective, the site enforces HTTPS and includes privacy consent mechanisms in its contact forms, aligning with GDPR requirements. However, it lacks advanced security headers and a public vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data indicates a consistent and legitimate domain registration. Overall, the website presents a professional and trustworthy digital presence for a political organization, with room for improvement in security hardening and cookie consent implementation to enhance privacy compliance and user trust.

The Projektnetzwerk Ländliche Räume Niedersachsen website serves as an official regional government platform aimed at consolidating and promoting projects in rural areas of Lower Saxony, Germany. It provides categorized project listings, information on regional development programs, and facilitates project visibility for stakeholders such as municipalities and project managers. The platform is supported by various ministries and government entities, reinforcing its authoritative position in the regional development sector. Technically, the website is built on the connectiv! WebCMS 6 platform, employs standard web technologies including JavaScript and YouTube APIs, and uses etracker for analytics with respect for user privacy. While the site is accessible and well-structured, it lacks some modern security headers and explicit cookie consent mechanisms, which are areas for improvement. The security posture is generally good with HTTPS enforced and no visible vulnerabilities, but could benefit from enhanced security policies and incident response disclosures. Overall, the website is trustworthy, professionally maintained, and serves its target audience effectively with a moderate technical maturity level.

N

Startseite - NIEDERSACHSEN PACKT AN

niedersachsen-packt-an.de

0

The website 'niedersachsen-packt-an.de' appears to be a regional government or public initiative site focused on the Niedersachsen (Lower Saxony) region in Germany. The site uses WordPress CMS with performance optimization via WPRocket and includes custom fonts and scripts. The content is primarily in German and targets the general public in the region. The site design and navigation are good, with mobile optimization present. However, there is a lack of explicit privacy, cookie, and terms of service policies, as well as no visible contact information, which impacts compliance and trust. Security posture is minimal with no detected security headers or incident response contacts. The domain uses official Niedersachsen name servers, indicating legitimacy, but WHOIS data is limited. Overall, the site is functional and professional but could improve in privacy and security transparency.

N

Niedersächsische Staatskanzlei

verkuendung-niedersachsen.de

0

The website 'Verkündungsplattform Niedersachsen' is an official government platform operated by the Niedersächsische Staatskanzlei, providing free access to the official legal publications of the state of Niedersachsen, Germany. It serves as a digital replacement for printed legal gazettes, offering PDFs and archives of laws and ministerial bulletins. The platform targets citizens, legal professionals, and institutions requiring access to up-to-date legal documents. The business model is public service with no commercial intent, positioning it as a trusted government resource. Technically, the site is built using modern web technologies including React and Material-UI, ensuring a responsive and accessible user experience. The site demonstrates good mobile optimization and accessibility compliance, though SEO optimization is basic. No third-party analytics or advertising scripts were detected, indicating a privacy-conscious design. From a security perspective, the site uses HTTPS with excellent SSL configuration, but lacks explicit security headers and cookie consent mechanisms. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data confirms the domain is legitimately registered under official Niedersachsen name servers, reinforcing trust. Overall, the website presents a secure, professional, and trustworthy government service platform with minor improvements recommended in privacy compliance and security headers to enhance protection and user trust.

N

Niedersächsischer Integrationspreis

niedersaechsischer-integrationspreis.de

0

The Niedersächsischer Integrationspreis website serves as an official platform for a regional government-supported integration award in Lower Saxony, Germany. It targets organizations and the general public interested in integration initiatives, providing information about the award, past winners, news, and related events. The site is built on TYPO3 CMS and features a professional design with consistent branding and clear navigation, supporting a good user experience. The content is primarily in German and focuses on non-profit and governmental activities related to integration.

W

WInTO GmbH

winto-gmbh.de

0

WInTO GmbH is a regional economic development company operating under the Landkreis Oberhavel in Germany. The company focuses on improving the economic structure of the region by providing comprehensive services including project development, business support, and networking. Their website reflects a professional and consistent brand image targeting businesses, investors, and regional partners. Technically, the site uses modern frontend technologies and privacy-conscious analytics with Matomo and Cookiebot. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security policies and incident response information are absent. Overall, the site is trustworthy and well-positioned as a government-related economic development entity.

A

Arbeitsmarktservice Österreich (AMS)

berufs-infos.at

0

The website www.berufs-infos.at is an official Austrian government service platform operated by the Arbeitsmarktservice Österreich (AMS). It provides comprehensive career guidance, educational resources, and job search support primarily targeting job seekers, career changers, and women re-entering the workforce. The platform offers downloadable brochures, online tools, and links to AMS services, establishing a strong market position as a trusted public employment service. Technically, the site uses a modern and stable technology stack including jQuery, Bootstrap, and Matomo analytics, hosted via braintrust.at CDN, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though some security headers could be improved. Privacy compliance is excellent with a clear cookie consent mechanism and a comprehensive privacy policy. Overall, the site is professional, trustworthy, and well-aligned with its government service mission.

A

AMS (Arbeitsmarktservice Österreich)

ausbildungskompass.at

0

The AMS Ausbildungskompass website is an official Austrian government platform providing comprehensive information on vocational training, education pathways, and career guidance. It serves a broad audience including students, job seekers, and those interested in continuing education within Austria. The site is well-branded with AMS logos and offers detailed educational content, search functionality, and links to related government and educational resources. Technically, the site employs a modern and mature technology stack including jQuery, Bootstrap, FontAwesome, and Matomo for analytics. It is mobile-optimized, accessible, and performs moderately well. The presence of a cookie consent mechanism and detailed privacy policy indicates good privacy compliance aligned with GDPR requirements. From a security perspective, the site uses HTTPS with strong SSL configuration and implements secure form practices. However, it lacks explicit security headers and a published security or incident response policy, which could be improved. No vulnerabilities or suspicious content were detected. Overall, the site is trustworthy, professional, and well-maintained, with a high legitimacy score despite the absence of WHOIS data due to privacy protection. Strategic recommendations include enhancing security headers, publishing a security policy, and providing explicit incident response contacts to further strengthen trust and compliance.

A

AMS (Arbeitsmarktservice Österreich)

berufslexikon.at

0

The AMS Berufslexikon website is an official Austrian government career information portal operated by the Arbeitsmarktservice Österreich (AMS). It provides comprehensive information on over 1,800 professions, including job descriptions, educational requirements, career prospects, and salary data. The platform targets job seekers, students, and career advisors within Austria, offering advanced search and filtering capabilities to facilitate career exploration. The site is well-branded with AMS logos and consistent government styling, reinforcing its authoritative position in the Austrian labor market information ecosystem. Technically, the website employs a modern and mature technology stack including jQuery, Bootstrap, FontAwesome, and Matomo analytics. It is mobile-optimized, accessible, and features a cookie consent mechanism compliant with GDPR standards. Performance is moderate with good SEO and accessibility practices. The site uses HTTPS exclusively, ensuring secure data transmission. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent management. However, it lacks explicit security headers and a published security policy or incident response contact information. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The absence of WHOIS data is likely due to privacy protection, which is justified for a government-related domain. Overall, the AMS Berufslexikon website is a trustworthy, professional, and secure platform providing valuable career information to the Austrian public. Strategic recommendations include enhancing security headers, publishing a security policy, and providing explicit incident response contacts to further strengthen trust and compliance.

A

Arbeitsmarktservice

ams.at

0

Arbeitsmarktservice (AMS) is the official Austrian government employment service, providing comprehensive support to job seekers and employers across Austria. The website offers a wide range of services including job search tools, application advice, financial benefits for unemployed individuals, and access to training and education programs. It serves a broad audience including unemployed persons, companies seeking personnel, and the general public interested in labor market information. The AMS website is well-branded, professionally designed, and consistent with government standards, reinforcing its position as a trusted national employment agency. Technically, the AMS website is built on Adobe Experience Manager, leveraging modern JavaScript libraries such as Adobe Launch for tag management and Silktide for analytics. The site is mobile-optimized, accessible, and SEO-friendly, with structured data (JSON-LD) enhancing search engine understanding. The presence of cookie consent mechanisms and privacy policies indicates a mature approach to privacy and compliance. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks explicit security headers and a public incident response or vulnerability disclosure policy. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is unavailable due to NIC.AT restrictions, but the domain and website content strongly indicate legitimacy and trustworthiness. Overall, AMS demonstrates a strong digital presence with high content quality, good technical implementation, and solid privacy compliance. Strategic improvements in security headers and transparency around incident response could further enhance its security posture and user trust.

S

Stadtwerke Saarbrücken Bäder GmbH

saarbruecker-baeder.de

0

Saarbrücker Bäder is a municipal swimming pool and fitness service provider operated by Stadtwerke Saarbrücken Bäder GmbH, serving the local community in Saarbrücken, Germany. The website offers information on swimming pools, aqua courses, fitness and relaxation programs, family activities, and an online ticketing platform. It positions itself as a local public service provider focused on wellness and recreational activities. Technically, the site uses a modern JavaScript stack including jQuery, Owl Carousel, and the Foundation framework, with TYPO3 CMS likely powering the backend. The site is mobile-optimized and provides basic accessibility features. Security-wise, HTTPS is used, and cookie consent mechanisms are in place, but explicit security headers and incident response policies are not publicly documented. The domain registration data aligns well with the website's municipal nature, indicating legitimacy and trustworthiness.

Z

Zentraler Kommunaler Entsorgungsbetrieb

zke-sb.de

0

The Zentraler Kommunaler Entsorgungsbetrieb (ZKE) website serves as the official municipal platform for waste disposal, sewage management, and city cleaning services in Saarbrücken, Germany. The site targets local residents and businesses, providing environmental and municipal service information. The business operates as a government entity with a medium-sized operational scope. The website promotes the official Saarbrücken city app and uses modern web technologies such as jQuery, Foundation framework, and accessibility tools like ReadSpeaker. However, the site lacks visible privacy and cookie policies, which are critical for GDPR compliance, and does not provide explicit contact information or incident response channels. Security posture is moderate with HTTPS enabled and no obvious vulnerabilities, but security headers and advanced protections are missing. Overall, the website is functional and trustworthy as a municipal service portal but requires improvements in privacy compliance and user contact transparency.

C

Catholic Bishops' Conference of England and Wales

cbcew.org.uk

0

The Catholic Bishops' Conference of England and Wales operates an official website providing authoritative information about the Catholic Church's activities, leadership, safeguarding, and community engagement within England and Wales. The site serves a broad audience including clergy, laity, and the general public interested in religious affairs. It offers news, events, podcasts, and educational resources, positioning itself as a trusted source for Catholic-related content in the region. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates SEO and analytics tools such as Yoast SEO and Google Analytics, reflecting a mature digital infrastructure. The site is hosted on reliable CDN services ensuring moderate to good performance and mobile responsiveness. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations including GDPR. The lack of WHOIS data for the exact subdomain queried is explained by it being a subdomain, with the main domain being legitimate and well-established. Strategic recommendations include enhancing security headers and maintaining regular updates to sustain security and compliance.

E

Erzdiözese Salzburg

kirchen.net

0

The website eds.at serves as the official online presence of the Erzdiözese Salzburg, the Catholic Church in Salzburg and the Tiroler Unterland region. It provides comprehensive information on church news, events, religious teachings, community services, and contact details. The site targets church members, local community members, and those interested in religious and social topics related to the Catholic Church in this region. The business model is non-profit and community-focused, positioning itself as a regional religious authority and information hub. Technically, the website is built on TYPO3 CMS, uses modern web technologies including jQuery and Bootstrap, and integrates Matomo analytics configured for privacy compliance. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure.

S

Stadt Frankfurt am Main

kufti.de

0

KUFTI is a cultural and leisure ticket initiative operated by the Stadt Frankfurt am Main, targeting children and youth under 18 years old. The website provides information about free or low-cost access to museums, the zoo, and cultural highlights in Frankfurt. It offers multilingual support and a newsletter subscription to keep the audience informed. The business model is a public service promoting cultural engagement among young residents and students in Frankfurt. Technically, the site is built on WordPress with modern plugins such as Yoast SEO, WPML for multilingual support, and Borlabs Cookie for privacy compliance. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are absent. Overall, the site is trustworthy, professional, and compliant with GDPR requirements, serving as a reliable government cultural resource.

S

Stadt Halle (Saale)

mitmachen-in-halle.de

0

Mitmachen in Halle is an official municipal platform operated by the city of Halle (Saale), Germany, designed to engage citizens directly in urban development and decision-making processes. The platform offers various services including project participation, an ideas platform, a defect reporting tool, and engagement opportunities, targeting local residents to foster community involvement. The website is built on Drupal CMS and integrates accessibility tools like ReadSpeaker and analytics via Matomo, demonstrating a moderate level of digital maturity and user-centric design. Security posture is adequate with cookie consent and no exposed sensitive data, though improvements in security headers and explicit security policies are recommended. Overall, the platform is trustworthy, compliant with GDPR, and provides a safe environment for general audiences.

S

Stadt Halle (Saale) - Geschäftsbereich Bildung und Soziales - Örtliches Teilhabemanagement

halle-grenzenlos.de

0

The website 'Halle Grenzenlos' is an official municipal portal provided by the city of Halle (Saale), Germany, focusing on inclusion, participation, and accessibility. It serves as a comprehensive information platform and guide for residents and visitors, particularly targeting people with disabilities and those interested in barrier-free access. The portal is supported by the Ministry of Labor, Social Affairs, Health, and Equality of the State of Saxony-Anhalt, indicating strong governmental backing and legitimacy. Key services include a participation guide, useful information on inclusion, event listings, and contact options for support and feedback. Technically, the site is built on the Drupal CMS platform, utilizing modern web technologies such as FontAwesome for icons, Matomo for analytics, Klaro for consent management, and ReadSpeaker for text-to-speech accessibility. The hosting is provided by evh.de, a reputable German hosting provider. The site demonstrates good mobile optimization, accessibility features, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks some advanced security headers and does not publicly disclose a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, the security posture is solid but could be enhanced with additional headers and transparency. The overall risk assessment is low, with the site presenting a trustworthy, professional, and well-maintained government service portal. Strategic recommendations include improving security headers, publishing a security policy, and adding vulnerability disclosure information to further enhance trust and compliance.

M

Ministerium für Schule und Bildung des Landes Nordrhein-Westfalen

bildungsland.nrw

0

The website www.schulministerium.nrw is the official digital presence of the Ministry for Schools and Education of North Rhine-Westphalia, Germany. It serves as a comprehensive information portal for education stakeholders including students, teachers, and parents. The site offers detailed content on school organization, education policies, legal frameworks, press releases, and various educational services. It is well-positioned as a government entity with a strong market presence in the public education sector of NRW. Technically, the website is built on Drupal CMS, leveraging modern web technologies such as Bootstrap for responsive design, Matomo for privacy-respecting analytics, and accessibility features. The site demonstrates good performance and SEO practices, with mobile optimization and clear navigation. From a security perspective, the site enforces HTTPS, respects user privacy with cookie consent mechanisms, and avoids exposing sensitive data. While explicit security headers are not fully confirmed, the overall security posture is strong with no evident vulnerabilities. The WHOIS data is privacy protected but consistent with official government use, supporting the domain's legitimacy. Overall, the website is a trustworthy, professional, and well-maintained government portal with excellent content quality and compliance with privacy regulations. It poses low risk and serves its public service mission effectively.

Ö

Österreichische Bischofskonferenz

bischofskonferenz.at

0

The website www.bischofskonferenz.at serves as the official online presence of the Austrian Bishops' Conference, providing authoritative information, official statements, and publications related to the Catholic Church in Austria. It targets church members, interested citizens, and stakeholders seeking reliable religious and organizational content. The site is well-positioned as a governmental religious entity with a medium organizational size and a clear mission to inform and communicate church positions. Technically, the site is built on the siteswift CMS platform, leveraging modern JavaScript libraries such as jQuery, Swiper.js, and Klaro for cookie consent management. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Security-wise, HTTPS is enforced, CSRF protections are in place for forms, and a comprehensive cookie consent mechanism is implemented. However, explicit security headers and a published security policy or incident response contacts are absent, representing areas for improvement. Overall, the website exhibits a strong security posture with no visible vulnerabilities or suspicious content. Privacy compliance is well addressed through GDPR-aligned policies and consent mechanisms. The business credibility is high, supported by consistent branding, official domain registration, and clear contact information. The site is safe for general audiences with no adult or questionable content. Strategically, the site would benefit from publishing a security policy, incident response contacts, and vulnerability disclosure information to enhance trust and compliance. Enhancing explicit security headers and accessibility features would further strengthen its technical and security posture.

A

AMS

karrierevideos.at

0

The website karrierevideos.at is an official Austrian government-affiliated career video portal operated by AMS (Arbeitsmarktservice Österreich). It provides over 300 videos covering various professions and career paths to support users in career orientation and job market integration. The platform targets a broad audience including students, job seekers, and career changers within Austria. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and JWPlayer, hosted via braintrust.at CDN, and integrates privacy-conscious Matomo analytics with cookie consent mechanisms. Security posture is solid with HTTPS enforced and anonymized tracking, though some security headers are not explicitly detected and no dedicated security policy or incident response contacts are provided. The site is well-branded, accessible, and professionally maintained, reflecting its government service nature. Overall, it presents a trustworthy and user-friendly resource for career information in Austria.

A

Arbeitsmarktservice Österreich (AMS)

karrierekompass.at

0

The AMS Karrierekompass website is an official Austrian government portal providing comprehensive labor market, career, and educational information. It serves a broad audience including job seekers, students, and career changers by offering detailed career guidance, job search tools, educational resources, and labor market data. The site is well-positioned as a trusted government resource with strong branding and extensive partnerships with related career and education platforms. Technically, the website employs a modern and mature technology stack including jQuery, Bootstrap, FontAwesome, and Matomo analytics with anonymized tracking. The site is mobile-optimized, accessible, and performs moderately well. It uses secure HTTPS connections and cookie consent mechanisms aligned with GDPR requirements, reflecting a high level of digital maturity. From a security perspective, the site enforces HTTPS and uses cookie consent for analytics. While some security headers are not explicitly detected, no critical vulnerabilities or exposed sensitive data were found. The WHOIS data confirms the domain's legitimacy and consistency with the AMS organization, supporting trustworthiness. Overall, the website presents a low risk profile with strong privacy compliance and business credibility. It lacks explicit contact information and security policies publicly visible, which could be improved to enhance transparency and incident response readiness.

L

Landeshauptstadt Saarbrücken

saarbruecken.de

0

The website www.saarbruecken.de is the official digital portal for the city government of Saarbrücken, Germany. It serves as a comprehensive platform providing municipal services, event information, and citizen engagement tools. The site targets residents and visitors, offering access to public transport details, cultural events, administrative services, and online appointment booking. The business model is that of a government service portal, positioning itself as the authoritative source for city-related information and services.

B

Bundesamt für Migration und Flüchtlinge

bamf.de

0

The Bundesamt für Migration und Flüchtlinge (BAMF) is a German federal government agency responsible for migration, asylum, refugee protection, integration, and voluntary return programs. The website serves as an official information and service portal targeting migrants, refugees, government entities, and the general public interested in migration-related topics in Germany. It offers comprehensive content, including thematic areas, news, publications, and service center information. The site is well-branded, professionally designed, and provides multi-language support to cater to diverse audiences. Technically, the website is built on the Government Site Builder CMS, a platform tailored for German federal administration websites. It uses modern web standards including HTML5, CSS, JavaScript, and structured data (JSON-LD) for enhanced SEO and accessibility. The site is mobile-optimized and accessible, with a moderate performance profile. Hosting is managed within the German federal infrastructure, ensuring reliability and compliance with government standards. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism with opt-in for statistical tracking via Matomo. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security headers and a public security policy or incident response contact are not present, representing areas for improvement. The WHOIS data confirms the domain's legitimacy as a government entity with consistent registration and hosting details. Overall, the BAMF website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations such as GDPR. It effectively supports its mission to provide migration-related information and services to its target audience while maintaining a secure and user-friendly online presence.

M

Ministerium für Schule und Bildung des Landes Nordrhein-Westfalen

schulministerium.nrw

0

The website www.schulministerium.nrw is the official digital presence of the Ministry for Schools and Education of the State of North Rhine-Westphalia, Germany. It serves as a comprehensive information portal for education-related topics, school organization, legal frameworks, press releases, and public services. The site targets students, educators, school administrators, parents, and the general public interested in education policies and resources within NRW. It is positioned as a key government resource with authoritative content and official branding. Technically, the website is built on the Drupal CMS platform, utilizing modern web technologies such as Bootstrap for responsive design, Matomo for privacy-conscious analytics, and Hyphenopoly for text hyphenation. The site demonstrates good mobile optimization, accessibility features, and SEO practices. It employs HTTPS with strong SSL configuration and includes a cookie consent mechanism compliant with GDPR requirements. From a security perspective, the site shows a mature posture with HTTPS enforcement, cookie consent, and no visible vulnerabilities or exposed sensitive data. However, explicit security headers like X-Frame-Options and X-Content-Type-Options are not clearly detected and could be improved. The WHOIS data is privacy protected, which is somewhat unusual for a government domain but does not detract from the site's legitimacy given the official content and domain namespace (.nrw). Overall, the website is a trustworthy, well-maintained government portal with high content quality and good security and privacy practices. It poses low risk and serves its public service mission effectively.

A

Arbeitskammer des Saarlandes

arbeitskammer.de

0

The Arbeitskammer des Saarlandes is a public institution established in 1951 with constitutional status, representing the interests of employees in the Saarland region of Germany. It provides consulting, education, research, and advocacy services to its members, funded primarily through employer-deducted membership contributions. The website serves as an information hub for employees, offering news, events, publications, and access to various thematic portals. The institution maintains an active presence on major social media platforms and provides clear contact information for members and the press. Technically, the website is built on TYPO3 CMS with Bootstrap and jQuery, ensuring a modern and responsive user experience. It uses Matomo analytics, which respects user privacy better than many alternatives. The site is well-structured, mobile-optimized, and SEO-friendly, though performance is moderate. Security is solid with HTTPS enforced, but lacks some advanced security headers and publicly disclosed security policies. From a security and compliance perspective, the site does not publicly display privacy or cookie policies, nor does it provide incident response or vulnerability disclosure information, which are areas for improvement. No WAF or blocking mechanisms were detected, and no suspicious or adult content is present. WHOIS data aligns well with the website's claims, indicating a trustworthy domain registration. Overall, the site is professional, trustworthy, and serves its public service mission effectively, but could enhance privacy compliance and security transparency to further strengthen user trust and regulatory adherence.

S

Stadt Halle (Saale)

halle.de

0

The website halle.de serves as the official digital portal for the city of Halle (Saale), Germany. It provides comprehensive information and services for residents, tourists, businesses, and government stakeholders. The site offers access to municipal services, event calendars, cultural and tourism information, and citizen engagement platforms. The website is well-branded with consistent city imagery and logos, reflecting its official status. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies such as Bootstrap, jQuery, and Matomo for analytics, alongside a consent management platform (Usercentrics) to ensure GDPR compliance. The site is mobile-optimized and accessible, with good SEO practices and performance. Security is adequate with HTTPS enforced and privacy-conscious analytics configuration, though some HTTP security headers are not explicitly detected. From a security perspective, the site shows no signs of vulnerabilities or malicious content. However, it lacks a publicly visible security policy or incident response contact information, and no security.txt file is found. Privacy compliance is strong, with clear privacy and cookie policies and a consent mechanism in place. The domain registration data aligns well with the website content, indicating a legitimate and trustworthy municipal presence. Overall, halle.de is a professional, secure, and user-friendly government website that effectively serves its target audience. Strategic improvements could include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and security posture.

The Deutscher Verlagspreis website represents an official German federal government cultural initiative aimed at supporting and awarding independent publishers in Germany. The site provides comprehensive information about the award, participation, jury, and prize winners, targeting publishers and cultural stakeholders. The business model is government-funded, focusing on cultural promotion rather than commercial activities. Technically, the site is built on the Contao CMS platform, leveraging modern JavaScript libraries such as jQuery and Modernizr to enhance user experience. The site is mobile-optimized, accessible, and SEO-friendly with clear navigation and structured content. Security posture is solid with HTTPS enforced and basic session and CSRF protections, though some advanced security headers and policies are missing. Privacy compliance is good, with a cookie consent mechanism and a privacy policy in place, but no explicit terms of service or security policy pages were found. Overall, the site is trustworthy, professional, and safe for general audiences.

WInTO GmbH is a regional government-related company focused on economic, innovation, and tourism promotion in the Oberhavel region of Germany. The website primarily serves as an imprint (Impressum) page providing legal and contact information. The business operates in the government sector with a small organizational size and targets local businesses and stakeholders interested in regional development. The website content is minimal and professional but lacks comprehensive privacy, cookie, and security policies, which are important for compliance and trust. Technically, the website uses basic HTML and CSS with no detected CMS or advanced frameworks. Hosting appears to be on generic servers indicated by the nameservers. The site shows basic mobile optimization and accessibility but lacks SEO optimization and security headers. No analytics or tracking scripts are present, indicating minimal user tracking. From a security perspective, the site uses HTTPS (assumed but not explicitly confirmed), but no security headers or incident response contacts are provided. There are no forms or user input fields, reducing attack surface. However, the absence of privacy and cookie policies is a compliance gap under GDPR. WHOIS data is partially consistent but lacks detailed registrant information, slightly reducing trustworthiness. Overall, the website is safe and professional but basic in content and technical sophistication. Strategic improvements in privacy compliance, security headers, and SEO would enhance trust and digital maturity.

Landschaftsverband Südniedersachsen is a regional non-profit association based in southern Lower Saxony, Germany, dedicated to supporting cultural heritage, museum consulting, and funding regional projects. The website serves as an informational portal offering access to funding opportunities, museum advisory services, provenance research, and cultural project updates. The organization targets local governments, cultural institutions, and the general public interested in regional culture. Technically, the website is built on the Contao CMS platform, uses modern JavaScript libraries such as jQuery and Mmenu.js, and employs Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized and accessible, with a clear navigation structure and consistent branding. Security-wise, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and explicit security headers, representing areas for improvement. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional, trustworthy, and well-suited for its audience, with moderate technical maturity and a solid security posture.

The website www.niedersachsen.de is the official portal of the Lower Saxony state government in Germany. It serves as a comprehensive information hub for residents, government officials, and other stakeholders, providing detailed content on politics, state administration, culture, energy, emergency monitoring, integration, and public services. The site is well-structured, multilingual, and professionally designed, reflecting its authoritative government status. The business model is purely informational and service-oriented, targeting the general public and specific groups such as refugees and local citizens. Technically, the site uses a mature technology stack including jQuery, Video.js, FancyBox, Slick Carousel, DataTables, and Matomo analytics, managed via the Powerslave Liveserver CMS. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks some security headers and explicit cookie consent mechanisms. Overall, the security posture is good with no detected vulnerabilities or suspicious content. The domain WHOIS data is privacy-protected as per DENIC policies, consistent with a government domain. The site lacks explicit security policies or incident response contacts, which could be improved. Privacy compliance is generally good, though cookie consent mechanisms should be enhanced. The risk assessment is low, with recommendations focusing on improving security headers, cookie consent, and publishing security policies to enhance trust and compliance. The site is trustworthy, professional, and safe for general audiences.

Z

Zweckverband eGo-Saar

vergabe.saarland

0

The website vergabe.saarland serves as the official electronic procurement platform for the Saarland region in Germany, operated by Zweckverband eGo-Saar. It provides public sector entities such as cities, municipalities, and state administration with a centralized platform to publish tenders and manage electronic submissions. The platform targets businesses and contractors interested in public procurement within Saarland, offering services like digital download of tender documents and electronic bid submission. The site is well-branded with official logos and maintains a professional appearance consistent with government standards. Technically, the website is built on WordPress 6.8.3 with common web technologies such as jQuery and Slick Carousel for UI components. Hosting is provided by plusserver.com, and the site uses HTTPS with a valid SSL certificate. Cookie consent is implemented with an opt-in mechanism for Google Analytics and Facebook Ads, reflecting a good level of privacy compliance. However, some security headers are missing or misconfigured, such as an empty Content-Security-Policy and lack of DNSSEC, which slightly reduce the security posture. From a security perspective, the site enforces HTTPS and uses clientTransferProhibited status on the domain to prevent unauthorized transfers. The WHOIS data aligns well with the website's governmental purpose, showing consistent registration details. No signs of malware, phishing, or suspicious activity were detected. The cookie consent mechanism and privacy policy indicate GDPR compliance, but no explicit security policy or incident response information is published. Overall, vergabe.saarland is a legitimate, regionally focused government procurement platform with good content quality and business credibility. Security practices are adequate but could be improved by enabling DNSSEC, configuring security headers properly, and publishing security policies. The site is safe for general audiences and does not contain any adult or questionable content.

The website www.saarland.de is currently inaccessible due to a 403 Forbidden error page indicating that a security service or WAF is blocking access. The page content is minimal and only displays a block message without any business or contact information. The domain appears to be a legitimate German government domain based on its .de TLD and nameservers pointing to teresto.net, likely a hosting or DNS provider. However, the lack of accessible content prevents a full assessment of the website's business model, services, or compliance posture. Technically, the site uses basic CSS and font resources but no advanced frameworks or analytics are detected. Security headers and SSL configuration cannot be evaluated due to the block. Overall, the site’s security posture is unclear but the presence of a WAF indicates some level of protection. Privacy and compliance documentation are absent from the accessible content.

F

FITKO

115.de

0

The website www.115.de serves as the official German government service portal providing citizens with a centralized phone number (115) to access administrative information and services from federal, state, and local authorities. It targets the general public in Germany, offering comprehensive support for a wide range of administrative topics. The site is well-positioned as a trusted, nationwide service with over 71 million reachable citizens and multiple service centers. The content is professionally curated, accessible, and includes features for easy language and sign language support. Technically, the site is built on the TYPO3 CMS platform, leveraging modern web technologies such as Matomo for privacy-compliant analytics and Cookiebot for consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices. The use of consent-based tracking and blocking mechanisms reflects a mature approach to privacy compliance. From a security perspective, the site enforces HTTPS and integrates cookie consent mechanisms to manage user privacy. While explicit security headers are not fully visible in the provided data, the overall posture is good with no evident vulnerabilities or exposed sensitive data. However, the site lacks publicly available security policies or incident response contacts, which could be improved. Overall, www.115.de is a high-quality, trustworthy government service website with strong privacy and usability features. It is recommended to enhance security transparency by publishing security policies and implementing comprehensive security headers to further strengthen its security posture.