Security Directory

I

Indo-German Center For Higher Education

igche.de

48

The Indo-German Center For Higher Education (IGCHE) operates as a consortium of German universities offering bilingual engineering degree programmes that facilitate student exchange and cultural integration between India and Germany. The website clearly communicates its educational mission, target audience of prospective engineering students, and key services including German language training and internships. Technically, the site is built on RapidWeaver CMS with Stacks, uses Matomo for privacy-conscious analytics, and demonstrates good mobile responsiveness and navigation clarity. Security posture is solid with HTTPS enforced and cookie consent implemented, though security headers and incident response policies are absent. Overall, the site is professional, trustworthy, and well-aligned with its educational objectives.

A

Am Hof 8 Betriebs GmbH

amhof8.com

60

Am Hof 8 Betriebs GmbH operates Vienna's first private members club, offering exclusive access to a private house, curated events, and partner benefits. The business targets affluent individuals seeking a discreet and refined social environment in a central Vienna location. The website reflects a professional and consistent brand image, emphasizing exclusivity and community. Technically, the site uses modern web technologies including Livewire and Alpine.js, with a CMS likely based on Strapi. The site is mobile-optimized and performs moderately well, though some security enhancements are recommended. Security posture is solid with HTTPS and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is transparent and includes phone, email, and physical address. Overall, the domain registration is consistent with the business claims, supporting legitimacy. Strategic improvements in security headers and privacy mechanisms would enhance trust and compliance.

I

In-Dish Wien

in-dish.at

59

In-Dish Wien is a small hospitality business operating an Indian fusion restaurant located in Vienna, Austria. The website presents a professional and visually appealing design built on the Framer platform, targeting general audiences interested in creative Indian cuisine. The business appears to be locally focused with a niche market position. Technically, the website uses modern web technologies but lacks advanced security configurations and privacy compliance features. No privacy or cookie policies are present, and no contact information is explicitly provided in the analyzed content. Security posture is minimal with no detected security headers or incident response contacts. Overall, the site is safe and appropriate for general users but would benefit from enhanced security and compliance measures.

S

Restaurant und Bar | Spelunke

spelunke.at

60

The website www.spelunke.at appears to be a small hospitality or restaurant business based in Austria, utilizing the Wix platform for its online presence. The site integrates a Molzait reservation system, indicating a focus on customer bookings. The technical infrastructure is standard for Wix-hosted sites, leveraging Wix Thunderbolt framework and common web technologies such as JavaScript, HTML5, and CSS3. Mobile optimization is good, but content quality and SEO are basic, with limited business information visible in the provided HTML content. Security posture is moderate with HTTPS enabled but lacking security headers and privacy compliance documentation. Overall, the site is functional but lacks comprehensive privacy, security, and contact information, which could impact user trust and regulatory compliance.

D

Das Bootshaus Alte Donau

dasbootshaus.at

76

Das Bootshaus Alte Donau is a small hospitality business located in Vienna, Austria, combining rowing culture with gastronomy. The website presents a professional and well-structured digital presence featuring online reservations, event promotions, and a strong social media footprint. Technically, the site uses modern web technologies including JavaScript libraries, lazy loading, and integrates third-party reservation widgets. Security posture is adequate with HTTPS enforced but lacks explicit security headers and published security policies. Privacy compliance is partial with cookie consent but missing explicit privacy and terms of service pages. Overall, the website is trustworthy and well-positioned in its local market niche.

P

Plachutta

plachutta.at

60

Plachutta is a well-established family-owned hospitality business operating multiple restaurant locations in Vienna, Austria, specializing in traditional Viennese cuisine such as Tafelspitz and Wiener Schnitzel. The website reflects a professional and consistent brand presence targeting tourists and locals interested in authentic Austrian culinary experiences. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript libraries like Slick Slider, and integrates Google services such as Tag Manager, Maps, and reCAPTCHA. The site is mobile-optimized and performs moderately well with good SEO practices. Security posture is strong with HTTPS enforced and multiple security headers present, alongside a cookie consent mechanism indicating GDPR awareness. However, the absence of explicit privacy policy and terms of service pages represents a compliance gap. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

B

Bosch Climate Solutions

bosch-climate-solutions.com

59

Bosch Climate Solutions is a sustainability consultancy focused on helping SMEs and industrial companies achieve sustainability goals and comply with European sustainability reporting requirements such as CSRD. The company leverages Bosch's industrial heritage and expertise to provide customized climate protection and energy efficiency consulting services. The website is built on the HubSpot CMS platform, incorporating modern JavaScript libraries and marketing tools such as Google Tag Manager and HubSpot Analytics. While the site is professionally designed and mobile optimized, it lacks visible privacy and cookie policies despite using tracking technologies, which is a compliance gap. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. The domain registration is consistent and legitimate, supporting the business claims. Overall, the website presents a trustworthy and professional image but should improve privacy compliance and security best practices.

The website tickethead.io is currently inaccessible due to a Cloudflare security challenge page that blocks direct content access. The page presented is a robot challenge screen implementing a JavaScript-based proof-of-work captcha, indicating the presence of a Web Application Firewall (WAF) protecting the site. Due to this, no business-related content, contact information, or policies are publicly available for analysis. The domain is recently registered in 2023 and uses privacy protection services, which limits transparency and trust signals. Technically, the site uses Cloudflare DNS and Cloudfront CDN for hosting and content delivery, but no CMS or frameworks are identifiable from the blocked content. Security headers and SSL configuration details are not available from the provided data. Overall, the site’s security posture cannot be fully assessed due to access restrictions, and the lack of visible privacy and cookie policies indicates poor compliance readiness.

F

Fab Fox Shop

fabfox.shop

61

Fab Fox Shop is a small e-commerce business specializing in official merchandise for the Fab Fox Fabulous Tour, targeting fans primarily in Austria. The website is professionally designed using the Shopify platform, featuring a consistent brand presence and clear navigation. The business model focuses on direct online retail of branded merchandise, positioning itself as a niche player in the fan merchandise market. Technical infrastructure leverages Shopify's robust hosting and commerce capabilities, including integration with Facebook Pixel and Shopify Analytics for marketing and user tracking. The site is mobile-optimized and performs well with fast loading times and good accessibility features. Security posture is solid with HTTPS enforced and domain transfer protections in place, though improvements can be made by enabling DNSSEC and adding explicit security headers. Privacy compliance is currently basic, lacking explicit privacy and cookie policies, which should be addressed to meet GDPR standards fully. Overall, the site is trustworthy and functional but would benefit from enhanced transparency and security practices.

T

Teta drogérie

tetadrogerie.sk

68

Teta drogérie is a well-established Slovak retail company specializing in drogery, cosmetics, and baby care products, operating a professional e-commerce platform. The website demonstrates a mature digital infrastructure with modern technologies including ASP.NET, advanced analytics tools like Google Analytics and Matomo, and comprehensive cookie consent management via Cookiebot, ensuring GDPR compliance. Security posture is solid with HTTPS enforced and standard security practices observed, though explicit security policies and incident response information are not publicly evident. Overall, the site presents a trustworthy and professional online presence suitable for its market segment.

B

Bureau of Middle East Recycling

bmr.ae

31

The Bureau of Middle East Recycling (BMR) is a small, non-profit organization serving as the regional forum and voice for the recycling industry in the Middle East, particularly focusing on metal recycling. The organization promotes recycling awareness, supports free trade of secondary raw materials, and provides networking and policy updates to its members. The website reflects this mission with professional design, multimedia content, and clear contact information, targeting industry stakeholders in the region. Technically, the website employs a modern tech stack including Bootstrap, jQuery, and various JavaScript libraries, with integration of Google Analytics and Tag Manager for tracking. The site is moderately optimized for performance and mobile devices, though some accessibility and SEO features could be improved. The hosting and domain registration align with the UAE location, supporting the business's regional focus. From a security perspective, the site uses HTTPS (implied by canonical URL), but lacks visible security headers and formal security policies. No privacy or cookie policies are present, indicating compliance gaps especially regarding GDPR. The contact form collects user data but lacks visible consent mechanisms. No WAF or blocking mechanisms are detected, and no suspicious or vulnerable elements are found in the HTML content. Overall, the website is professional and trustworthy but would benefit from enhanced security practices, privacy compliance, and clearer policy disclosures to improve user trust and regulatory adherence.

The website bir.org currently serves a robot challenge screen implementing a client-side proof-of-work CAPTCHA mechanism to mitigate automated access. This indicates the presence of a Web Application Firewall (WAF) or similar security control actively blocking direct content access. Due to this, the actual business content is inaccessible, limiting the ability to analyze the company's services, policies, or contact information. The domain is long-established, registered since 1996 with Gandi SAS, which suggests legitimacy, but the lack of DNSSEC and visible security headers indicates room for improvement in domain and site security. Technically, the site uses advanced JavaScript cryptographic functions and Web Workers to perform the CAPTCHA challenge, demonstrating a modern approach to bot mitigation. However, the page lacks SEO optimization, accessibility features, and any visible business or compliance documentation. No privacy, cookie, or terms of service policies are present, and no contact or incident response information is available. Security posture is moderate due to the presence of the CAPTCHA challenge but is weakened by missing security headers and lack of visible SSL configuration details. The absence of privacy and cookie policies and contact information reduces compliance and trustworthiness. Overall, the site is currently inaccessible for normal users without passing the challenge, which significantly impacts user experience and trust. Strategic recommendations include enabling DNSSEC, publishing privacy and cookie policies, adding contact and incident response information, implementing security headers, and ensuring HTTPS enforcement. These steps will improve compliance, security posture, and user trust.

B

Brain City Berlin

braincity.berlin

53

Brain City Berlin is an information and networking platform dedicated to promoting Berlin as a leading science metropolis in Europe. The website provides comprehensive content about research developments, funding opportunities, events, and a vibrant ambassador program featuring prominent figures from Berlin's scientific community. The platform targets researchers, academics, students, and stakeholders interested in Berlin's science ecosystem. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates consent management for GDPR compliance. Security posture is solid with HTTPS and consent mechanisms, though explicit security headers and policies are not evident. Overall, the site is professional, content-rich, and trustworthy, with good user experience and mobile optimization.

Zahlenzorro is an educational online platform operated by the Westermann Gruppe, offering interactive math exercises targeted at primary school students (grades 1-4) in Germany. The platform provides engaging math stories, training apps, and classroom management tools with a subscription-based licensing model for individuals, classes, schools, and school districts. The website is professionally designed with consistent branding and clear navigation, supporting both desktop and mobile devices. It integrates Piwik analytics with privacy-conscious settings and links to reputable educational partners. Security posture is moderate with HTTPS usage and some privacy considerations, but lacks explicit security headers and published security policies. Contact information and trust signals such as awards and partner logos enhance credibility. Overall, the site is safe, compliant with GDPR, and well-positioned in the German educational market.

W

Westermann Gruppe

westermann.de

72

Westermann Gruppe operates a comprehensive educational media and services platform primarily targeting teachers, parents, students, and educational professionals in German-speaking countries. The website offers a broad range of services including educational books, digital learning platforms like BiBox, teacher training webinars, school consulting, and an online shop. The company is positioned as a large, established player in the education sector with consistent branding and a professional online presence. Technically, the website employs modern web technologies, including JavaScript frameworks, responsive design, and lazy loading for images, ensuring a good user experience across devices. The site is well-optimized for SEO and accessibility, with clear navigation and rich content. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. However, it lacks explicit security headers and a published security policy or incident response contact, which are areas for improvement. Overall, the website is safe, trustworthy, and professionally maintained, with no signs of adult or questionable content. The domain registration appears legitimate though limited WHOIS data restricts full verification. Strategic recommendations include enhancing security headers, publishing a security policy, and establishing a vulnerability disclosure process to further strengthen trust and compliance.

P

Präsenzstelle O-H-V | Velten

praesenzstelle-velten.de

59

The Präsenzstelle O-H-V | Velten website serves as a regional hub connecting higher education institutions in Brandenburg with local communities, students, and businesses. It provides access to teaching and research, facilitates networking, and offers consultation services. The site is positioned as a non-profit educational and research facilitation center with strong partnerships including Technische Hochschule Brandenburg, Universität Potsdam, and regional economic development entities. The content is well-structured, professionally presented, and targets a broad audience including students, citizens, and companies in the region. Technically, the website is built on TYPO3 CMS, employs modern web standards, and is mobile-optimized with good accessibility and SEO practices. The site uses HTTPS exclusively and implements a GDPR-compliant cookie consent mechanism. However, it lacks visible security headers and explicit security or incident response policies. Analytics usage is minimal and privacy-conscious, relying on Matomo. From a security perspective, the site demonstrates a solid baseline with HTTPS and cookie consent but could improve by adding security headers and publishing security policies or vulnerability disclosure information. No critical vulnerabilities or suspicious patterns were detected. The domain registration data aligns well with the website's claims, supporting legitimacy and trustworthiness. Overall, the website is a credible, well-maintained regional educational platform with good content quality and technical implementation. Strategic improvements in security policy transparency and header implementation would enhance its security posture and trust further.

W

wedooper

karriere-hennigsdorf.de

37

The Karriereportal Hennigsdorf is a regional career portal focused on connecting companies in Hennigsdorf with young talents seeking internships, apprenticeships, study opportunities, and jobs. The platform is operated by wedooper in collaboration with the city's economic development office, positioning itself as a niche regional service provider in the education sector. The website is well-structured, with clear navigation and relevant content tailored to its target audience of local companies and job seekers. Technically, the site uses modern web technologies including jQuery, Swiper.js, and Modernizr, and is served over HTTPS with a cookie consent mechanism in place, though it lacks advanced security headers and analytics integration. Security posture is moderate with no critical vulnerabilities detected, but improvements are recommended in security headers and incident response transparency. Overall, the site is safe, professional, and trustworthy with a good balance of privacy compliance and user experience.

U

UNICMI

unicmi.it

43

UNICMI is a well-established Italian industry association founded in 2013, representing companies in the metal construction and building envelope sectors. The website serves as a comprehensive portal offering technical training, consultancy, market data, and industry news to its members and stakeholders. It maintains a consistent brand presence and provides useful resources tailored to industry professionals. Technically, the site is built on Joomla CMS with standard JavaScript libraries and tracking tools such as Google Analytics and Facebook Pixel. While the site is functional and professionally designed, there is room for improvement in mobile optimization and accessibility. Security posture is moderate with HTTPS enabled and basic privacy compliance, but lacks advanced security headers and DNSSEC. The WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the site is trustworthy and serves its target audience effectively.

H

Hochschulallianz für Angewandte Wissenschaften (HAWtech)

hawtech.de

46

HAWtech is a German university alliance focused on applied sciences and engineering education, uniting six leading universities of applied sciences. The website serves as an information portal for students, researchers, and industry partners, emphasizing collaboration in teaching, research, and innovation. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and includes privacy-compliant cookie consent and analytics via Matomo. Security posture is solid with HTTPS and no visible vulnerabilities, though formal security policies and incident response contacts are absent. Overall, the site is professional, trustworthy, and well-maintained, supporting the alliance's mission effectively.

The domain landratsamt-ostalbkreis.de currently serves a minimal redirect page managed by Parklogic, a domain parking and monetization service. No official website content, business information, or contact details are present, indicating the domain is not actively used for its purported purpose. The technical infrastructure is limited to basic JavaScript redirection and ad overlays, with no visible security or privacy policies. This results in a low digital maturity and poor user experience. Security posture is weak due to lack of HTTPS confirmation and absence of security headers. Overall, the site poses a low trust level and is not suitable for business or public use in its current state.

S

Viele Hochschulen. Ein Ziel. Ihr Weiterkommen.

suedwissen.de

57

The website www.suedwissen.de serves as an educational platform focused on providing information about multiple universities and supporting educational advancement, primarily targeting students and prospective university attendees in Germany. The site features a modern technical infrastructure utilizing JavaScript frameworks such as Vue.js, with Cookiebot managing cookie consent and Matomo for analytics, hosted on bunny.net's infrastructure. While the site demonstrates good design quality and user experience with mobile optimization, it lacks explicit privacy policies, terms of service, and contact information, which are critical for compliance and user trust. Security posture is moderate, with no detected security headers or incident response policies, indicating room for improvement in security best practices. Overall, the site is safe for general audiences and does not contain adult or questionable content.

W

WInTO GmbH – Wirtschafts-, Innovations- und Tourismusförderung Oberhavel GmbH

youlab.de

51

youlab.de is the official website for the youlab career and educational fair organized by WInTO GmbH, serving the Oberhavel region in Germany. The site provides comprehensive information about the event, including exhibitor registration, apprenticeship opportunities, and media impressions. It targets students, young job seekers, and local companies, positioning itself as the largest career orientation fair in the region. The business model focuses on event organization and promotion, supported by local government and industry partners. Technically, the website is built on a modern stack including HTML5, CSS3, JavaScript, and uses Cookiebot for consent management and Matomo for analytics. The CMS appears to be Redaxo, inferred from media URL patterns. The site is hosted on servers indicated by the nameservers your-server.de and second-ns.de. Performance and mobile optimization are good, with basic accessibility and SEO features implemented. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism with blocking mode. No critical vulnerabilities or exposed sensitive data were detected. However, security headers are not explicitly observed in the provided data, and no published security or incident response policies were found. Privacy compliance is strong, with a clear privacy policy and cookie management aligned with GDPR requirements. Overall, the website is professional, trustworthy, and well-suited for its educational purpose. Recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and continuing to monitor third-party scripts for security risks.

W

WInTO GmbH

gruenderservice-oberhavel.de

47

WInTO GmbH operates the Gründerservice Oberhavel website, providing comprehensive support and consulting services for business founders in the Oberhavel region of Germany. The company focuses on guiding entrepreneurs through orientation, planning, implementation, and consolidation phases of business establishment. The website serves as a regional government-related platform to foster a startup-friendly environment with clear contact points and event information. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, Font Awesome icons, and Swiper.js for UI components. Cookie consent is managed via Cookiebot, ensuring GDPR compliance, and user analytics are handled through Matomo with cookies disabled to enhance privacy. The site is mobile-optimized and presents a professional design with good navigation clarity. From a security perspective, the site uses HTTPS and integrates cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or suspicious elements were detected in the content or WHOIS data. The domain registration information is minimal but consistent with the business claims. Overall, the website is a trustworthy, professional resource for its target audience, with moderate technical sophistication and good privacy compliance. Strategic improvements in security headers, incident response transparency, and SEO could further enhance its posture and user trust.

fairplaid.org is a German crowdfunding platform specializing in sports projects, enabling sports clubs and athletes to raise funds for their initiatives. The platform has been operational since 2012, indicating a mature presence in its niche market. The website is well designed with good content relevance and user experience, targeting sports organizations and individuals in Germany. The technical infrastructure leverages modern JavaScript frameworks and integrates multiple analytics and marketing tools while maintaining user privacy through cookie consent and IP anonymization. Security posture is solid with HTTPS enforced and domain registration protections in place, though improvements such as enabling DNSSEC and adding security headers could enhance resilience. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism, but the absence of terms of service and explicit security policies is noted. Overall, the site demonstrates a professional and trustworthy online presence with moderate to good technical and security maturity.

T

TARGOBANK

targobank.de

66

TARGOBANK is a well-established German financial institution offering a broad range of banking products including loans, accounts, cards, savings, investments, and insurance. The website targets private, business, and corporate customers with a strong emphasis on flexible, customer-centric financial solutions. The bank maintains a significant physical presence with approximately 340 branches and complements this with a robust digital platform featuring online banking and mobile apps. The site content is professional, comprehensive, and well-structured, reflecting a mature business model in the banking sector. Technically, the website employs modern web technologies including asynchronous JavaScript, CSS, and uses third-party services such as Google Tag Manager and TagCommander for analytics and consent management. The site is hosted on a CDN, ensuring moderate to good performance and excellent mobile optimization. Accessibility features and SEO best practices are well implemented. From a security perspective, the site enforces HTTPS, includes multiple security headers, and integrates a consent management platform to comply with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, explicit incident response contacts and vulnerability disclosure mechanisms like security.txt are not found, representing an area for improvement. Overall, the website demonstrates a high level of professionalism, security, and compliance suitable for a large financial institution. Strategic recommendations include enhancing transparency around security incident response and vulnerability disclosure to further strengthen trust and security posture.

C

CELLEHEUTE.DE | Nachrichten für Stadt und Landkreis Celle

celleheute.de

54

The website www.celleheute.de appears to be a small-scale local news or information portal based in Germany, built using the Wix platform. The site uses standard Wix hosting and scripts, including Google Tag Manager and Facebook Pixel for analytics and tracking. However, the website lacks critical privacy and cookie policies, contact information, and security policies, which impacts its overall trustworthiness and compliance posture. The content quality is minimal based on the provided HTML snapshot, and no structured data or Open Graph metadata is present to enhance SEO or social sharing. Technically, the site benefits from HTTPS and Wix's hosting infrastructure but lacks advanced security headers and accessibility features.

B

Boch & Fernsh

bochfernsh.com

46

Boch & Fernsh is a well-established creative advertising agency based in Mumbai, India, with over two decades of experience. The company offers a comprehensive suite of services including branding, advertising campaigns, video production, digital marketing, social media management, and web design. Their market position is strong, supported by multiple industry awards and a reputable client portfolio. Technically, the website employs modern web technologies and integrates various analytics and marketing tools, hosted on DreamHost. The site is mobile-optimized and professionally designed, providing an excellent user experience. Security posture is good with HTTPS enforced, but lacks some advanced security headers and explicit privacy compliance mechanisms. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy and trustworthiness.

P

Prosegur Deutschland

prosegur.de

72

Prosegur Deutschland is a leading security and cash management service provider in Germany, specializing in secure transportation and handling of physical and digital assets. The company positions itself as the market leader in Germany, serving B2B clients including banks, public institutions, and enterprises. Their comprehensive service portfolio includes cash management outsourcing, cash deposit solutions, technical services, and high-security storage. Technically, the website employs modern tracking and consent management tools, hosted on a reputable CDN provider (Akamai), and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, supporting Prosegur's strong market presence.

E

European Union Intellectual Property Office

tmdn.org

54

The European Union Intellectual Property Network (EUIPN) website serves as the official portal for intellectual property information and services across the European Union. Operated by the European Union Intellectual Property Office (EUIPO), it provides resources, tools, and updates relevant to IP professionals, government entities, and the public. The site is positioned as an authoritative source within the government sector, supporting IP management and cooperation among EU member states. Technically, the website employs modern web technologies including React and JavaScript, with Matomo analytics for privacy-conscious user tracking. The site demonstrates good mobile optimization, accessibility, and a professional design consistent with government standards. However, some security headers and explicit security policies are not evident, suggesting room for enhancement in security posture. From a security perspective, the site benefits from HTTPS and GDPR-compliant privacy and cookie policies, including a consent mechanism. No critical vulnerabilities or suspicious indicators were found. The WHOIS data is unavailable or malformed, which is typical for EU domains, but the domain's legitimacy is supported by consistent branding and official content. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include improving security headers, publishing explicit security policies, and enhancing incident response transparency to further strengthen trust and security maturity.

E

Eidgenössisches Institut für Geistiges Eigentum

swissreg.ch

64

The website swissreg.ch is the official portal of the Swiss Federal Institute for Intellectual Property (Eidgenössisches Institut für Geistiges Eigentum). It serves as the authoritative source for intellectual property rights in Switzerland, including trademarks, patents, and design protections. The site targets businesses, legal professionals, inventors, and the general public seeking information and services related to intellectual property. As a government entity, it holds a strong market position as the official Swiss authority in this domain. Technically, the website employs modern web technologies such as Angular and Material Design components, ensuring a responsive and accessible user experience. The presence of Font Awesome icons and Dynatrace monitoring scripts indicates a mature digital infrastructure focused on usability and performance. The site is well-structured with good design quality and navigation clarity, optimized for mobile devices. From a security perspective, the site uses HTTPS and modern JavaScript frameworks, but lacks explicit security headers and detailed privacy or cookie policies. No forms or direct contact information were detected in the provided content, which limits user interaction and transparency in privacy compliance. The WHOIS data confirms the domain's legitimacy as a Swiss federal government asset, reinforcing trustworthiness. Overall, the website demonstrates a solid security posture and technical maturity appropriate for a government service portal. However, improvements in privacy compliance documentation and security header implementation are recommended to enhance user trust and regulatory adherence.

G

Government Communications Headquarters (GCHQ)

gchq-careers.co.uk

70

GCHQ Careers is the official recruitment portal for the Government Communications Headquarters, a UK government intelligence and cyber security agency. The website serves as a platform to attract and inform prospective candidates about career opportunities within GCHQ, emphasizing its mission to keep the UK safe. The site is professionally designed with clear navigation, mobile optimization, and comprehensive content about roles and application processes. Technically, the site employs modern JavaScript frameworks, Google Tag Manager, and Facebook Pixel for analytics and marketing, alongside a robust cookie consent mechanism ensuring GDPR compliance. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though additional security headers could enhance protection. The absence of WHOIS data is due to the domain being a subdomain or alias, common for government sites, and does not detract from the site's legitimacy. Overall, the site presents a trustworthy, professional front for GCHQ recruitment efforts.

R

rockit GmbH

rockit.at

44

rockit GmbH is a specialized TYPO3 CMS agency based in Vienna, Austria, offering comprehensive web development services including responsive design, accessibility, SEO, and GDPR-compliant solutions. The company holds certifications as TYPO3 integrators and serves a diverse client base including government and large organizations, positioning itself as a trusted technology service provider in the Austrian market. Their business model focuses on delivering tailored TYPO3 websites with ongoing maintenance and quality assurance. Technically, the website is built on a modern TYPO3 CMS platform with a rich technology stack including PHP, TailwindCSS, JavaScript frameworks like Vue.js and Alpine.js, and uses Matomo for privacy-conscious analytics. The site is well-optimized for mobile devices, accessibility, and SEO, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, there is room for improvement in publishing explicit security policies, incident response contacts, and implementing additional HTTP security headers. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional and trustworthy digital presence with strong compliance and technical maturity. The lack of WHOIS data limits domain trust verification but does not detract from the evident business legitimacy. Strategic recommendations include enhancing security header implementation and publishing formal security policies to further strengthen trust and compliance.

L

Liverpool University Press

liverpooluniversitypress.co.uk

62

Liverpool University Press is a reputable academic publisher specializing in humanities and social sciences. It offers a range of publishing services including books, journals, digital collections, and distribution. The press targets academics, researchers, libraries, and institutions primarily in the UK and Europe. The website reflects a professional and consistent brand image aligned with its academic mission. Technically, the site uses modern JavaScript frameworks, Cloudflare for hosting and security, and integrates Google Analytics for user tracking. Security posture is strong with HTTPS and secure login forms, though it lacks some advanced security headers and explicit cookie consent mechanisms. Overall, the domain registration and website content are consistent and trustworthy, supporting a high legitimacy score.

R

rapidmail

emailsys1a.net

55

Rapidmail operates as a German-based email marketing and servicedomain provider targeting businesses and marketers primarily in German-speaking regions. The website presents a professional but basic digital presence with a focus on servicedomain offerings. The technical infrastructure is standard, utilizing modern web fonts and CSS, hosted with DNS Made Easy, indicating a reliable DNS setup. However, the site lacks visible advanced frameworks or CMS indications. Security posture is minimal with no detected security headers or incident response information, and privacy compliance is not evident due to missing privacy and cookie policies. Overall, the site is accessible and safe but would benefit from enhanced security and compliance features to strengthen trust and regulatory adherence.

B

Bider & Tanner

biderundtanner.ch

45

Bider & Tanner is a prominent bookstore and music house based in Basel, Switzerland, operating both a physical store and an online shop. The website showcases a wide range of books, music CDs, vinyl records, and cultural event tickets, positioning itself as a key cultural hub in the region. The business targets general consumers interested in literature, music, and cultural products, leveraging a retail e-commerce model complemented by physical store presence. The company enjoys a strong market position as the largest bookstore in Basel's Bankenplatz area.

C

Christoph Merian Stiftung

cms-basel.ch

61

The Christoph Merian Stiftung is a well-established non-profit foundation based in Basel, Switzerland, focused on promoting social cohesion, cultural diversity, and environmental stewardship within the city. The foundation operates through project funding, real estate development, and managing cultural institutions such as a publishing house, museum, and gardens. Their website reflects a strong local presence and commitment to community engagement. Technically, the site is built on modern frameworks including Vue.js and Nuxt.js, powered by Craft CMS, and integrates Google Tag Manager for analytics. The site is performant, mobile-optimized, and accessible, with clear navigation and professional design. Security posture is good with HTTPS enforced and no visible vulnerabilities, though improvements could be made by adding security headers and formal incident response policies. Privacy compliance is adequate with a comprehensive privacy policy but lacks an explicit cookie consent mechanism. Overall, the website and domain registration data align well, indicating a legitimate and trustworthy organization.

The website saverianibrescia.it is currently a placeholder domain sale landing page with minimal content and no business presence. The domain was registered recently in August 2023 and is being offered for sale, indicating no active business operations or services. The technical infrastructure includes basic JavaScript and external advertising/tracking scripts served via AWS Cloudfront CDN. There is no evidence of a CMS or advanced frameworks. Security posture is weak with no HTTPS enforcement or security headers detected, and no privacy or cookie policies are present. No contact information or business credentials are provided, limiting trust and credibility. Overall, the site is low risk but also low value from a business or security perspective.

M

MissioNET

missionet.org

45

MissioNET is a small non-profit multimedia platform owned by the Xaverian Missionaries, focused on missionary animation and vocational promotion through a video library. The website is built on Joomla CMS with Yootheme and UIkit frameworks, providing a good user experience with mobile optimization and clear navigation. The technical infrastructure is modern and includes Google Analytics for tracking, though lacks some advanced security headers and DNSSEC. Security posture is moderate with HTTPS enabled and domain transfer protections in place. However, the absence of privacy and cookie policies, as well as no visible incident response or security policies, indicates gaps in compliance and transparency. Overall, the website is legitimate, professionally presented, and serves a niche religious community audience effectively.

E

Eidgenössisches Institut für Geistiges Eigentum

ige.ch

67

The Eidgenössisches Institut für Geistiges Eigentum (IGE) is the Swiss federal authority responsible for intellectual property rights including patents, trademarks, designs, geographical indications, and copyright. The website serves as a comprehensive portal for individuals, businesses, and IP professionals to access registration services, legal information, and educational resources. It holds a strong market position as the central Swiss government institution in this domain, offering key services such as public registers, online applications, and IP training through its IP Academy. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including JavaScript frameworks and Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly, with a professional design and clear navigation. Performance is moderate, suitable for a government portal with rich content. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR. However, it lacks explicit security headers and a published security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy as a Swiss federal entity, enhancing trust. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. It effectively serves its target audience with relevant content and services, though it could improve security posture by adding security headers and vulnerability disclosure information.

3

3Q GmbH

3q.video

73

3Q GmbH is a German-based technology company specializing in professional video streaming and hosting solutions. Their platform offers a comprehensive suite of services including live streaming, video hosting, webcasting, video analytics, and AI-powered video optimization. Positioned as a GDPR-compliant and ISO 27001 certified provider, 3Q targets businesses and organizations requiring secure, scalable, and flexible video infrastructure primarily in Europe but also worldwide. The company operates its own infrastructure, ensuring data sovereignty and reliability. Technically, the website demonstrates a mature digital presence with modern web technologies such as HTML5, JavaScript, HubSpot integration, and Cookiebot for consent management. The proprietary 3Q video player and content delivery network underline their technical capabilities. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a high level of digital maturity. From a security perspective, 3Q maintains strong practices including HTTPS enforcement, security headers, GDPR compliance, and ISO 27001 certification. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a public vulnerability disclosure or incident response contact is noted as an area for improvement. Overall, 3Q GmbH presents a trustworthy, professional, and secure platform with strong compliance and business credibility. The website effectively communicates their offerings and supports user engagement through clear contact channels and marketing tools.

N

Naturpark Barnim

barnim-naturpark.de

44

Naturpark Barnim operates as a regional nature park jointly managed by Brandenburg and Berlin, focusing on nature conservation, environmental education, and tourism. The website serves as an informational portal for visitors and stakeholders, providing rich content about the park's landscapes, flora, fauna, and cultural heritage. Technically, the site is built on TYPO3 CMS, hosted by a professional hosting provider, and uses HTTPS for secure communication. However, it lacks explicit privacy and cookie policies, as well as visible contact information, which are important for compliance and user trust. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosure mechanisms. Overall, the site is professional, trustworthy, and well-branded but could improve in privacy compliance and security best practices.

The website costa-rica.com is currently inaccessible beyond a robot challenge screen that implements a proof-of-work captcha mechanism, indicating the presence of a Web Application Firewall (WAF) or similar security protection. This prevents access to any substantive business content or user-facing information. The domain is registered since 2003 with a reputable registrar, but no registrant or business details are publicly available. The technical infrastructure includes advanced JavaScript and uses AWS Cloudfront CDN for hosting. However, no privacy, cookie, or terms of service policies are present, and no contact information or social media links are found. Security headers and SSL configuration details are not visible, and DNSSEC is not enabled. Overall, the site appears to be protected against automated access but lacks visible transparency or business information.

T

TAV Academy - Trans Audio Video Group

tav-academy.com

65

TAV Academy is a division of the established TAV Group, focused on providing professional training and education in audiovisual technologies including photo, video, audio, and security. The website positions itself as a key player in the Italian audiovisual market, offering courses, workshops, masterclasses, and events to professionals, students, and enthusiasts. The business model centers on education and community engagement with a strong emphasis on technology and innovation. Technically, the website is built using Canva's platform with modern web standards, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced security headers and DNSSEC. Privacy compliance is supported by a comprehensive privacy policy via Iubenda, though cookie consent mechanisms are absent. Overall, the website is professional, trustworthy, and well-aligned with its business objectives.

Bazar de Noël is a community-driven event organizer hosting an annual Christmas market at the Walzwerk industrial area in Switzerland. The event showcases local artisans, cultural activities, and social engagement, attracting a general audience interested in holiday festivities and local craftsmanship. The website is built on WordPress with Elementor, reflecting a moderate level of digital maturity with good design and mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is trustworthy and professional but could improve in compliance and security transparency.

S

SF Urban Properties AG

sfurban.ch

54

SF Urban Properties AG is a Swiss real estate company founded in 2001 and publicly listed on the SIX Swiss Exchange since 2012. The company focuses on managing rental properties and selling condominium units in prime urban locations, primarily Zurich and Basel. Their business model combines stable rental income with value creation through property sales, targeting investors and shareholders seeking attractive returns. The website reflects a mature digital presence built on TYPO3 CMS, with good mobile optimization and clear navigation. Integration of marketing and analytics tools like Pardot and Google Tag Manager indicates a modern approach to digital engagement. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though no explicit security policy or incident response contacts are published. WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving its investor and client audience effectively.

F

FALTER.at

kind-in-wien.at

73

FALTER.at is a well-established Austrian media company focused on providing expert advice, event listings, and cultural content primarily targeting families and parents in Vienna. The website offers a comprehensive range of services including news articles, local guides, and subscription-based content. Their market position is strong within the regional media sector, supported by a consistent brand presence and professional content quality. Technically, the site employs modern JavaScript frameworks and integrates multiple third-party marketing and analytics tools, demonstrating a mature digital infrastructure. Security-wise, the site enforces HTTPS, uses standard security headers, and implements a consent management platform, reflecting good compliance with GDPR and privacy standards. However, explicit security policies and incident response contacts are not publicly evident. Overall, the site is trustworthy, professionally maintained, and suitable for its target audience.

A

Auto verkaufen leicht gemacht!

autohierverkaufen.de

58

Autohierverkaufen.de is a German-focused online platform facilitating the sale of cars with services including quick vehicle valuation, immediate payment via bank transfer, and fast deregistration. The website targets individual car sellers in Germany and positions itself as a stress-free, efficient car selling solution. Technically, the site employs modern JavaScript technologies, integrates Google Analytics and Google Ads for marketing and tracking, and uses Cookiebot for cookie consent management. The hosting is provided by 1&1 IONOS, inferred from the nameservers. Security-wise, the site uses HTTPS but lacks visible security headers and formal security policies. Privacy compliance is partial, with cookie consent present but no privacy policy or terms of service pages found. Overall, the site is accessible, professionally designed, and mobile-optimized but would benefit from enhanced security and compliance documentation.

V

VisionConnect GmbH

visionconnect.de

68

VisionConnect GmbH is a well-established digital media agency based in Hannover, Germany, founded in 1995. The company specializes in providing comprehensive digital solutions including TYPO3 CMS, Wordpress, e-commerce shops, SEO, and web marketing services. Their market position is strong with over 25 years of experience and a portfolio of reputable clients across various sectors. The website reflects a professional and consistent brand image, targeting businesses and institutions seeking digital transformation and web development services. Technically, the site is built on TYPO3 CMS with integrations of Wordpress and uses Matomo for privacy-conscious analytics. The site is mobile-optimized, accessible, and SEO-friendly, demonstrating a mature digital infrastructure. Security posture is good with HTTPS enforced and privacy-respecting analytics, though some security headers could be improved and a formal security policy is absent. Overall, the website is trustworthy, professional, and compliant with GDPR, with clear contact information and transparent cookie consent mechanisms.

The website bildungsportal-niedersachsen.de is currently inaccessible due to a Cloudflare Turnstile security challenge page, which blocks access to the actual content. This prevents extraction of meaningful business, security, or compliance information. The domain appears to be protected by Cloudflare, indicating an intent to secure the site from automated abuse or attacks. Without access to the real content, no privacy policies, contact information, or business details can be confirmed. The technical infrastructure includes Cloudflare's security mechanisms but lacks visible analytics or advertising technologies in the provided content. The security posture cannot be fully evaluated due to the content block, but the presence of Cloudflare indicates a baseline security measure. Overall, the site is likely a public educational portal, but the analysis is limited by the WAF challenge.

D

DiG Plus GmbH

dig-berlin.de

55

DiG Plus GmbH is a Berlin-based design and communication agency specializing in political and social themes with over 20 years of experience. The company offers services including campaign design, publishing, and product development, targeting political organizations, social campaigns, and non-profits. The website reflects a professional and consistent brand presence with detailed project showcases and clear contact information. Technically, the site uses standard web technologies such as HTML5, CSS3, jQuery, and Bootstrap icons, with moderate performance and good mobile optimization. Security posture is moderate with basic best practices like email obfuscation and meta referrer policy, but lacks advanced security headers and HTTPS confirmation. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site is safe, professional, and trustworthy with room for security and privacy improvements.