Security Directory

M

Münchener Hypothekenbank eG

meindarlehen.de

50

Münchener Hypothekenbank eG operates the website www.meindarlehen.de as a digital customer portal for mortgage loan management. The portal offers services such as personal data updates, payout requests, repayment options, contract adjustments, and membership management, targeting loan customers primarily in Germany. The website reflects an established financial institution with a medium-sized market presence and a focus on customer self-service through a modern web interface. Technically, the site is built on Drupal CMS, utilizing common libraries such as jQuery, Bootstrap, FontAwesome, and Slick Carousel for UI components. The site is mobile-optimized and accessible, with moderate performance characteristics. Security posture is good with HTTPS enforced and cookie consent managed via Cookiebot, but lacks explicit security headers and published security policies. Analytics are handled via Matomo, indicating a privacy-conscious approach. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

V

VGH Stiftung

vgh-stiftung.de

44

VGH Stiftung is a medium-sized non-profit foundation based in Germany, focusing on cultural education, literature, monument preservation, and scientific research. The foundation supports various projects and events primarily in northern Germany, including literary festivals, educational workshops, and scientific awards. The website reflects a professional and consistent brand image with a clear focus on its cultural mission. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Borlabs Cookie for cookie consent management. The site is mobile-optimized and uses HTTPS, ensuring secure communications. However, there is a lack of explicit privacy policy and terms of service pages, which impacts privacy compliance ratings. Security headers are not detected, suggesting room for improvement in security hardening. No direct contact information or incident response contacts are visible, which could affect user trust and compliance. Overall, the website is well-structured and trustworthy but would benefit from enhanced privacy and security disclosures.

P

PFPRO IT Services

pfproit.de

60

PFPRO IT Services is a small German IT company based in Saarbrücken, specializing in professional web development, IT consulting, and support services. Founded in 2008, the company offers a range of services including consulting, custom web application development, IT support, remote maintenance, and emergency IT services. They also provide a cloud-based industry solution called PFPRO Cloud R6 targeting sectors like gastronomy and entertainment. The website is well-structured, professionally designed, and targets both businesses and private users in the local region. The company maintains an active presence on LinkedIn, Xing, and GitHub, enhancing its professional credibility. Technically, the website employs a modern technology stack including Bootstrap, FontAwesome, jQuery, Owl Carousel, and Matomo for analytics, combined with Usercentrics for GDPR-compliant cookie consent management. The site is mobile-optimized and uses HTTPS with good SSL configuration. However, explicit security headers are not detected, and no dedicated security policy or incident response information is provided. The website demonstrates good privacy compliance and moderate user tracking through Matomo. From a security perspective, the site shows a solid baseline with HTTPS and consent management but lacks advanced security headers and documented incident response processes. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data aligns well with the website's business claims, showing consistent registration information and domain age appropriate for the company's founding date. Overall, PFPRO IT Services presents a trustworthy and professional online presence with good technical implementation and privacy compliance. Strategic improvements could include enhancing security headers, publishing a security policy, and providing incident response contacts to further strengthen trust and security posture.

M

Medienberatung NRW

bildungsmediathek-nrw.de

59

Bildungsmediathek NRW is a regional educational media platform serving schools and educators in North Rhine-Westphalia, Germany. It offers a wide range of educational media, apps, and materials to support teaching and learning. The platform is supported by governmental and regional bodies, ensuring a trusted and authoritative source of educational content. The website is professionally designed with clear navigation and a strong focus on accessibility and user experience. Technically, it employs modern web technologies including JavaScript frameworks and privacy-focused analytics, hosted likely on specialized educational cloud infrastructure. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is strong with clear privacy and terms policies, but lacks a cookie consent mechanism. Overall, the site is trustworthy, well-maintained, and serves its educational mission effectively.

W

Welput

welput.com

58

Welput is a large, specialist unlisted Central London office fund managed by BentallGreenOak (BGO). The company focuses on creating sustainable, wellness-oriented office environments with a strong emphasis on future-proofing and community engagement. Their portfolio includes major developments such as 105 Victoria Street and Regent's Wharf, targeting high sustainability certifications like BREEAM Outstanding and WELL Platinum. The website reflects a professional and modern digital presence built on WordPress, with good SEO and mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms, though improvements such as DNSSEC and security headers are recommended. Overall, the site is trustworthy and well-aligned with the business's market position and audience.

C

ClikFIX

clikfix.com

59

ClikFIX operates an online portal primarily focused on appointment booking and service scheduling. The website uses AngularJS and Bootstrap frameworks, indicating a moderately modern technical infrastructure. However, the absence of WHOIS registration data and domain registrar information raises concerns about the domain's legitimacy and registration status. The website lacks critical compliance documents such as privacy and cookie policies, as well as contact information, which impacts its business credibility and privacy compliance scores. Security posture is minimal with no detected security headers or advanced configurations, and no analytics or tracking technologies are observed, suggesting limited user tracking and data collection. Overall, the website is functional but basic in content and design quality, with a low trustworthiness rating due to missing registration and compliance information.

d & d Brandschutzsysteme GmbH is a German company specializing in comprehensive fire protection and detection solutions tailored to specific applications. Their offerings include planning, implementation, and maintenance of fire alarm systems, stationary fire extinguishing systems, and specialized solutions, including high-end flame and gas detection systems from Det-Tronics. The company targets industrial sectors such as recycling, data centers, server environments, and lithium-ion battery systems, positioning itself as a trusted service provider with a focus on quality and safety. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern web technologies such as jQuery, Bootstrap, FontAwesome, and Usercentrics for cookie consent management. The site is mobile-optimized with good accessibility and basic SEO features. Analytics are implemented via Google Tag Manager and Google Analytics, with appropriate privacy compliance mechanisms in place. From a security perspective, the site enforces HTTPS and uses cookie consent tools but lacks explicit security headers and documented security policies or incident response contacts. No vulnerabilities or suspicious content were detected. WHOIS data confirms domain legitimacy with consistent registration details and no privacy protection, supporting trustworthiness. Overall, the website presents a professional and trustworthy digital presence for a small-sized specialized business in the energy and manufacturing sectors, with room for improvement in security policy transparency and technical security hardening.

E

Ethos Media Group srl

secsolution.com

76

Secsolution.com is a professional Italian B2B online magazine and information portal focused on security, cybersecurity, privacy, and related technologies. Operated by Ethos Media Group srl, it serves security professionals in Italy by providing news, articles, podcasts, training opportunities, and event promotion such as the Secsolution Forum. The website demonstrates a solid market position as a leading security information source in Italy with a consistent brand and quality content. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Google Analytics, with responsive design and good SEO practices. However, some security best practices such as HTTP security headers are missing, and the WHOIS data for the domain is unavailable, raising concerns about domain registration legitimacy. Privacy compliance is well addressed with GDPR-compliant cookie consent and a privacy policy. Overall, the site is professional and trustworthy but would benefit from enhanced security configurations and domain registration transparency.

E

essecome editore srls

securindex.com

57

Securindex.com is a well-established Italian online portal dedicated to the security industry, providing news, legislative updates, technological innovations, professional training, and direct contact with certified installers. The website targets professionals and stakeholders in the Italian security sector, positioning itself as a trusted media source with a comprehensive content offering including articles, videos, and newsletters. The business operates under essecome editore srls, a small-sized media company based in Milan, Italy, with a domain age dating back to 1998, indicating a mature and stable presence in the market. Technically, the website employs a modern tech stack including jQuery, Bulma CSS framework, FontAwesome icons, and integrates third-party services such as Google Tag Manager and LinkedIn Insight for analytics and marketing. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some advanced security headers are not explicitly detected. Hosting and domain registration are managed by reputable providers, with domain transfer and update protections in place. From a security perspective, the site enforces HTTPS and uses a robust cookie consent mechanism via Iubenda, ensuring GDPR compliance. However, DNSSEC is not enabled, and there is no visible security.txt or vulnerability disclosure policy, which are areas for improvement. No critical vulnerabilities or suspicious content were detected, and the site maintains a professional and trustworthy appearance. Overall, securindex.com presents a solid digital presence with good content quality, privacy compliance, and business credibility. Strategic recommendations include enabling DNSSEC, implementing a security.txt file, enhancing security headers, and continuous monitoring of third-party scripts to maintain and improve security posture.

B

Beagle Watch Armed Response

beaglewatch.co.za

73

Beagle Watch Armed Response is a well-established private security company based in Gauteng, South Africa, with a history dating back to 2004. The company offers a comprehensive range of security services including armed response, CCTV monitoring, video verification, guarding, technical support, and fire protection solutions. It maintains a strong market position as a leading security provider in Johannesburg, supported by its partnership with the international security firm Prosegur. The website reflects a professional and client-focused business model targeting residential and commercial clients seeking reliable security solutions. Technically, the website is built on a modern stack including Magnolia CMS, Bootstrap, jQuery, and integrates Google Tag Manager and YouTube APIs for analytics and media. The site is mobile-optimized with good SEO practices and uses asynchronous loading for performance. Security-wise, the site enforces HTTPS and includes CSRF protections on forms, but could improve by adding additional security headers such as Content-Security-Policy and X-Frame-Options. Privacy and cookie policies are present and indicate GDPR compliance, with consent mechanisms implemented. Overall, the security posture is solid with no evident vulnerabilities or exposed sensitive data. The WHOIS data is unavailable, likely due to privacy protection, which is justified given the nature of the business. The domain and website content are consistent with a legitimate, medium-sized security services provider. The site includes multiple trust indicators such as client testimonials, partnerships, and detailed service descriptions, contributing to high business credibility. Strategic recommendations include enhancing security headers, improving accessibility compliance, and maintaining regular audits of third-party scripts. The website is safe for general audiences with no adult or explicit content detected, and it provides multiple contact channels for client engagement.

C

Co_Studio Prosegur

costudioprosegur.com

63

Co_Studio Prosegur operates as a flexible and multipurpose corporate event space located in Madrid, Spain, under the reputable Prosegur brand. The business targets corporate clients seeking venue rental with integrated security, audiovisual equipment, and event support services. The website reflects a professional and consistent brand image with clear content describing the venue's features and services. Technically, the site employs modern technologies including Google Tag Manager and Didomi for consent management, and is likely built on Magnolia CMS. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and cookie consent implemented, though security headers are not detected, suggesting room for improvement. The WHOIS data is unavailable, which slightly impacts trust but is mitigated by the strong brand association and professional site presentation. Overall, the website is secure, compliant with GDPR, and credible for its business purpose.

F

Fondamentale – La Filiera delle Costruzioni

filierafondamentale.it

55

Fondamentale – La Filiera delle Costruzioni is a collaborative union representing key stakeholders in the Italian construction sector, including companies and labor unions. The organization focuses on enhancing competitiveness through innovation, sustainability, training, safety, and legal compliance. Their website reflects a professional presence with clear messaging and partnerships with recognized industry bodies. Technically, the site is built on WordPress with Elementor, using modern libraries and a responsive design. Security posture is good with HTTPS and cookie consent implemented, though lacking explicit privacy and security policies. Overall, the site is trustworthy and serves as an effective communication platform for the organization.

F

Formedil

formedil.it

64

Formedil is a prominent Italian non-profit organization dedicated to training and safety in the construction sector. It operates nationally to promote professional qualification, safety standards, and workforce development through various training programs, certifications, and observatories. The organization maintains a strong market position as a leader in construction sector education and safety, supported by a comprehensive website with rich content and multiple regional presences. Technically, the website employs modern web technologies including jQuery, Slider Revolution, and Google Fonts, and is built on the Simplex CMS platform. It is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and secure embedded content, but lacks some security headers and explicit incident response information. Privacy compliance is evidenced by a detailed privacy policy, though cookie consent mechanisms are absent. Overall, the domain registration data aligns well with the organization's identity, supporting its legitimacy.

E

Ebilog

ebilog.it

37

Ebilog is a national bilateral entity serving the logistics, freight transport, and shipping sector in Italy. It facilitates workforce registration, training, contribution management, and funding access for companies and workers. The website is well-structured, professionally designed, and provides comprehensive information tailored to its target audience of companies and workers in the sector. Technically, it is built on WordPress with Elementor, uses Google Analytics for tracking, and implements cookie consent mechanisms. Security posture is good with HTTPS enforced and some security best practices observed, though additional security headers could enhance protection. No critical vulnerabilities or suspicious content were detected. Overall, the website reflects a legitimate and credible business entity with a clear focus on sector-specific services.

B

Braintrust GmbH

braintrust.video

10

Braintrust GmbH operates a professional live video streaming and video production service primarily targeting businesses and organizations requiring hybrid events, on-demand videos, and inclusive video solutions. The company positions itself as a market leader in Austria with a focus on quality, accessibility, and comprehensive service including software tools like EventMaker and KontaktManager. The website is well-designed, mobile-optimized, and uses modern technologies such as WordPress, Bootstrap, and Matomo analytics, reflecting a mature digital infrastructure. Security measures include HTTPS, Google reCAPTCHA, and cookie consent mechanisms, although some security headers and explicit policies could be improved. Overall, the site demonstrates a strong security posture with no critical vulnerabilities detected. The WHOIS data is privacy protected, which is typical and justified for this business type, and no suspicious patterns were found. The website is trustworthy, professional, and compliant with GDPR requirements.

B

Braintrust GmbH

livewebtv.at

71

Braintrust GmbH operates the website braintrust.video, providing professional live streaming and video production services including hybrid events, video studio productions, and on-demand video solutions. The company positions itself as a market leader in live streaming and video services in Austria, targeting businesses and organizations requiring high-quality video content and event streaming. The website is well-designed, mobile-optimized, and includes comprehensive service descriptions and customer testimonials, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and uses Matomo for analytics, ensuring privacy-conscious data collection. Security measures include HTTPS, Google reCAPTCHA, and a cookie consent mechanism, though some security headers could be enhanced. The WHOIS data is privacy protected, which is common and justified for this business type, but limits direct verification of domain registration details. Overall, the security posture is good with no critical vulnerabilities detected. Privacy compliance is strong with GDPR-aligned cookie consent and privacy policy. The absence of explicit contact emails or phone numbers on the site is a minor gap in business credibility. Strategic recommendations include improving security headers, publishing incident response and vulnerability disclosure policies, and enhancing contact information transparency.

H

Hochschule Heilbronn

hs-heilbronn.de

74

Hochschule Heilbronn (HHN) is a prominent public university of applied sciences located in Germany, specializing in technology, business, and computer science education and research. It is recognized as the largest university of applied sciences in southwestern Germany, offering a broad range of bachelor and master degree programs, fostering practical learning and international cooperation. The institution maintains a strong digital presence with active social media channels and a modern, well-structured website built on the Scrivito CMS platform, hosted via academic DNS infrastructure. The website demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or suspicious elements were detected in the content or WHOIS data, which aligns well with the institution's identity and legitimacy. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, serving its academic audience effectively.

H

Hochschule Aalen

hs-aalen.de

61

Hochschule Aalen is a German higher education institution offering a broad range of study programs across engineering, business, health sciences, informatics, and design. The website reflects a well-established academic entity with a strong regional and international presence, providing education, research, and continuing education services. The institution targets students, researchers, and professionals seeking academic advancement and career development. Technically, the website employs modern web technologies including Cookiebot for consent management and Matomo for analytics, hosted likely on academic or regional infrastructure. The site is well-structured, mobile-optimized, and provides comprehensive content and navigation for its audience. Security posture is solid with HTTPS enforced and privacy compliance evident, though some security headers could be improved. Overall, the domain registration and DNS setup align with the institution's identity, supporting legitimacy and trust. No critical vulnerabilities or suspicious elements were detected.

werk.ARCHITEKTEN is a Swiss architecture cooperative specializing in architecture, urban planning, and sustainable building projects. The firm emphasizes responsible resource use and high architectural quality tailored to client needs. Their collaborative approach includes partnerships with experts in related fields and engagement in academic teaching and quality assurance processes. The website reflects a professional and regionally focused architecture practice with clear contact information and a cookie consent mechanism ensuring GDPR compliance. Technically, the website employs modern web technologies including Bootstrap, jQuery, and Google Analytics, with responsive design and basic accessibility features. The site is served over HTTPS with no detected blocking or WAF interference, indicating good digital maturity. However, security headers are not explicitly present, and no formal security or incident response policies are published. From a security perspective, the site benefits from HTTPS and cookie consent but lacks advanced security headers and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were found. The WHOIS data aligns well with the website content, supporting legitimacy and trustworthiness. Overall, the website presents a secure, professional, and compliant digital presence suitable for a small architecture cooperative. Strategic improvements in security headers, incident response transparency, and accessibility could further enhance the security posture and user trust.

T

Touch Medical Communications

touchmedicalcommunications.com

65

Touch Medical Communications is a UK-based leader in medical educational programming, partnering with industry sponsors to deliver impactful scientific content across multiple specialized therapy platforms. Their business model focuses on creating engaging, educational materials for healthcare professionals, leveraging innovative formats such as animations, expert interviews, and faculty discussions. The company demonstrates strong market positioning with a medium-sized, professional team and recognized industry certifications. Technically, the website is built on WordPress with modern performance optimizations and good mobile responsiveness. Security posture is solid with HTTPS and security headers, though improvements are recommended in DNSSEC and CSP policies. Privacy compliance is partial, with cookie consent mechanisms present but no explicit privacy policy found. Overall, the website is professional, trustworthy, and well-optimized, supporting the company's credibility and business goals.

T

Touch Medical Media IME

touchime.org

68

Touch Medical Media IME operates as a global leader in independent medical education, providing healthcare professionals worldwide with trusted, faculty-led educational content across multiple specialized therapy areas. The company emphasizes scientific integrity, collaboration, and innovation to improve patient care outcomes. Their business model leverages a multi-platform approach with dedicated therapy area websites and a broad global reach, serving healthcare professionals in over 150 countries. Technically, the website is built on WordPress with modern front-end technologies including jQuery, Select2, and FontAwesome, optimized for performance using WP Rocket and served via Cloudflare infrastructure. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, although some security headers and DNSSEC are missing. From a security perspective, the site enforces HTTPS and uses Cloudflare DNS but lacks DNSSEC and some recommended security headers like CSP and X-Frame-Options. No privacy policy or terms of service pages were found, which is a compliance gap. Cookie consent is implemented via Borlabs Cookie plugin, and tracking includes Facebook Pixel and Google Tag Manager. No critical vulnerabilities or WAF blocking were detected. Overall, the website presents a professional, trustworthy, and well-structured platform for medical education with strong business credibility. Strategic improvements in privacy compliance and security hardening are recommended to enhance trust and regulatory adherence.

R

Richard Ashcroft | The Official Website

richardashcroft.com

52

The website richardashcroft.com serves as the official online presence for the musician Richard Ashcroft. It primarily functions as a media and promotional platform targeting fans and music enthusiasts. The site is built on WordPress and employs performance optimization tools such as WPRocket and Google Fonts. While the website is professionally designed with good user experience and mobile optimization, it lacks explicit privacy policies and terms of service pages, though it does implement a cookie consent mechanism via CookieYes. Security posture is moderate with HTTPS enabled and domain registration protections in place, but there is room for improvement in security headers and incident response disclosures. Overall, the domain is legitimate and consistent with the business purpose, with no signs of malicious activity or content blocking.

D

Deutsches Hochschulkonsortium für Internationale Kooperationen

dhik.org

55

The Deutsches Hochschulkonsortium für Internationale Kooperationen (DHIK) operates as a consortium of 37 German universities facilitating international academic cooperation, primarily focusing on student exchange and double degree programs with partner institutions in China, Mexico, India, and South Africa. The website is professionally designed, content-rich, and targets students and academic institutions interested in international study opportunities. Technically, the site is built on WordPress with common plugins and uses Piwik for analytics, showing a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and cookie consent implemented, though security headers are missing and no explicit incident response or vulnerability disclosure policies are found. Overall, the website is trustworthy and aligns well with its educational mission.

KinderUniGraz is a non-profit educational initiative based in Graz, Austria, focused on inspiring children in science, research, and art through lectures, workshops, and events. The website serves as a portal for program information, news, and event registration, targeting children, families, and educators. It collaborates with multiple universities and institutions in Graz, enhancing its credibility and reach. Technically, the website is built on WordPress with a variety of plugins, uses HTTPS, and includes modern web technologies such as jQuery and FontAwesome. The site is moderately optimized for performance and mobile devices, with good SEO practices but basic accessibility features. Security posture is decent with HTTPS and no visible vulnerabilities, but lacks some security headers and formal policies. Privacy and cookie policies are not found, which is a compliance gap. Overall, the site is trustworthy and professional but could improve in privacy compliance and security best practices.

H

humantechnology styria gmbh

humantechnology.at

50

humantechnology styria gmbh operates as a central cluster organization connecting approximately 150 companies in the Styrian life sciences and healthcare sector. The company facilitates networking, knowledge exchange, and business support to enhance the economic value and international visibility of the region. Their website reflects a professional and modern digital presence built on WordPress with SEO and analytics integrations. However, the site lacks explicit privacy and security policies, which are important for compliance and trust. The technical infrastructure is solid, leveraging popular plugins and frameworks, but could benefit from enhanced security headers and incident response disclosures.

B

Buchladen Rote Straße

roter-buchladen.de

58

Buchladen Rote Straße is a small, independent bookstore located in Göttingen, Germany, with a strong cultural and political focus on leftist, feminist, and queer literature. Founded in 1972, it has a longstanding presence in the community and offers both in-store and online book sales, as well as cultural events such as readings and concerts. The website reflects this niche positioning with relevant content and event announcements. Technically, the site is built on Joomla CMS with modern frontend technologies like Bootstrap and jQuery, hosted by webgo.de. The site is mobile-optimized and provides a good user experience with clear navigation and relevant metadata. Security posture is solid with HTTPS and CSRF protections, but lacks some security headers and a vulnerability disclosure mechanism. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional, serving a specialized audience with minimal tracking or advertising.

L

LSO Life Science Oberhavel GmbH

lso-gmbh.de

10

LSO Life Science Oberhavel GmbH is a specialized company focused on establishing and operating biotechnology, life science, and startup centers in the Oberhavel region of Germany, particularly in Hennigsdorf. The company supports small and medium-sized enterprises in the life sciences sector by providing rentable laboratory and office spaces, infrastructure, and community facilities. It is a wholly owned subsidiary of Oberhavel Holding Besitz- und Verwaltungsgesellschaft mbH, itself owned by the Landkreis Oberhavel, indicating strong regional governmental ties. The flagship project is the BioTech Campus Hennigsdorf, a state-of-the-art facility planned to meet the needs of health and biotech companies in the Berlin metropolitan area.

T

TGZ Halle Technologie- und Gründerzentrum Halle GmbH & Bio-Zentrum Halle GmbH

technologiepark-weinberg-campus.de

10

Weinberg Campus is a regional technology park and innovation hub located in Halle (Saale), Germany, focused on fostering startups, research institutes, and companies in sectors such as digital health and smart green technology. The organization provides rental spaces, consulting, and community engagement to support innovation and entrepreneurship. The website reflects a professional and consistent brand presence with clear navigation and relevant content for its target audience of startups, researchers, and entrepreneurs. Technically, the website is built on the Drupal CMS platform, utilizing modern libraries such as Matomo for analytics, FontAwesome for icons, and FlexSlider for interactive content. The hosting provider is identified as Alfahosting based on nameserver data. The site is mobile-optimized, accessible, and performs moderately well, with proper SEO meta tags and cookie consent mechanisms in place. From a security perspective, the website enforces HTTPS and implements cookie consent, but lacks explicit security headers and detailed security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the website's business claims, indicating legitimacy and a trustworthy domain registration. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic improvements could include adding security headers, publishing a security policy, and providing direct contact information for incident response to enhance trust and security posture.

M

Münchener Hypothekenbank eG

muenchenerhyp.de

53

Münchener Hypothekenbank eG is a well-established cooperative bank specializing in long-term real estate financing for private and commercial clients, with a strong emphasis on sustainability and member benefits. The bank operates primarily in Germany with additional presence in Western Europe and the USA. Their website reflects a mature digital presence built on Drupal 10, incorporating modern web technologies and analytics tools such as Matomo and Google Tag Manager. The site is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content including press releases, career opportunities, and investor information. Security posture is solid with HTTPS enforced and cookie consent managed via Cookiebot, though some security headers and explicit security policies could be improved. WHOIS data aligns well with the business claims, indicating a trustworthy and legitimate domain. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations.

F

Friends of the Earth Europe

friendsoftheearth.eu

58

Friends of the Earth Europe is a large grassroots environmental justice network campaigning for people-powered solutions to climate and ecological crises. The website positions itself as Europe's biggest network in this sector, focusing on advocacy and community mobilization. Technically, the site is built on WordPress with a modern theme and plugins, including privacy-focused Matomo analytics and SEO optimizations. Security posture is moderate with HTTPS enabled and some security plugins active, but lacks explicit security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional, trustworthy, and content is safe for general audiences.

W

Wellbeing Economy Alliance

weall.org

53

Wellbeing Economy Alliance (WEAll) is a UK-registered non-profit organization established in 2011, focused on transforming the economic system towards a wellbeing economy that prioritizes people and planet. The website serves as a hub for changemakers, governments, businesses, and organizations to collaborate, access resources, and participate in advocacy and education efforts. WEAll maintains a strong market position with over 500 member organizations and multiple national governments involved. Technically, the website is built on WordPress with modern JavaScript frameworks and libraries, offering a good user experience with mobile optimization and moderate performance. Security practices include HTTPS, GDPR-compliant cookie consent, and use of reCAPTCHA, though improvements such as DNSSEC and security headers are recommended. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though it lacks explicit terms of service and direct contact emails or phone numbers.

K

Kadans Science Partner

kadans.com

69

Kadans is a European company specializing in creating tailored laboratory and office spaces within over 30 science clusters across Europe, supporting more than 400 clients primarily in key research sectors such as healthcare and technology. The company positions itself as a leading science partner, providing specialized real estate solutions to research institutions and companies. The website reflects a professional and consistent brand image with a focus on its business offerings and market presence. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates several analytics and marketing tools such as Hotjar, Google Tag Manager, and Visual Website Optimizer, indicating a mature digital infrastructure. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms, but lacks visible security headers and explicit security or incident response policies. The WHOIS data is incomplete, showing no registration details, which raises some concerns about domain legitimacy. Overall, the website is professional and trustworthy in content and design but would benefit from enhanced transparency in privacy, security policies, and domain registration information.

B

Bildungsregion Rhein-Neckar

mrn-bildung.de

45

MRN Bildung is a regional educational platform serving the Metropolregion Rhein-Neckar in Germany. It focuses on promoting education through strategic initiatives, networking, and events such as MINTcon and the educon Bildungsgipfel. The platform targets students, educators, and regional stakeholders to foster innovation and collaboration in education. Technically, the site is built on WordPress with modern plugins and a responsive design, providing a good user experience. Security posture is adequate with HTTPS and no visible vulnerabilities, though improvements in security headers and incident response policies are recommended. Privacy compliance is supported by a comprehensive GDPR privacy policy, but cookie consent mechanisms are lacking. Overall, the site is professional, trustworthy, and well-positioned as a regional educational resource.

C

Chamaeleon AG

chamaeleon.de

65

Chamaeleon AG is a German-based technology company specializing in advanced content management systems (CMS) and digital solutions for enterprises and public administration. Their flagship product, the ionas CMS, offers WYSIWYG editing optimized for web and mobile platforms. The company positions itself as 'Die Webarchitekten' (The Web Architects), emphasizing tailored digital architecture and support services. The website reflects a medium-sized business with a clear focus on B2B clients in both private and governmental sectors. Technically, the website is built on a modern CMS platform (ionas4) with JavaScript frameworks and uses SystemJS for module loading. Hosting appears to be provided by Deutsche Telekom, inferred from the nameservers. The site is mobile-optimized and includes SEO best practices such as meta tags and canonical URLs. Performance is moderate with no major technical issues detected. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, explicit security headers (e.g., CSP, HSTS) are not detected, and no published security or incident response policies are found. No vulnerabilities or exposed sensitive data were identified in the HTML content. The absence of direct contact emails or phone numbers suggests a preference for contact via web forms. Overall, the website demonstrates a professional and trustworthy digital presence with good privacy compliance and a solid technical foundation. Strategic improvements could include publishing formal security policies, adding security headers, and providing direct contact information for incident response. These enhancements would strengthen the security posture and business credibility further.

A

ALEX Berlin

alex-berlin.de

64

ALEX Berlin operates the digital media platform 'ALEX Kosmos', providing livestreams of TV and radio, podcasts, videos, and community-driven content primarily targeting the Berlin region. The platform positions itself as a creative and participatory media hub for an urban audience, offering crossmedia content accessible 24/7. The business model revolves around media streaming and community engagement, supported by a modern web infrastructure and compliance with European data protection laws. Technically, the website leverages modern JavaScript frameworks, a consent management platform for GDPR compliance, and is hosted on a reputable provider with HTTPS enforced, ensuring secure user interactions. The site demonstrates good mobile optimization and accessibility features, though some advanced security headers could be improved. Security posture is strong with no visible vulnerabilities or exposed sensitive data, but lacks explicit published security policies or incident response contacts. Overall, the platform is trustworthy, professionally designed, and compliant with privacy regulations, making it a reliable media service for its audience.

C

Center RS za poklicno izobraževanje

nrpslo.org

66

The website www.nrpslo.org serves as the national information center for vocational qualifications in Slovenia, operated by the Center RS za poklicno izobraževanje. It provides comprehensive resources and services related to the validation and verification of non-formally acquired knowledge through the NPK system. The site targets candidates, advisors, commissions, and vocational education providers, positioning itself as an authoritative government-supported portal in the education sector. Technically, the website employs modern web technologies including Bootstrap, Vue.js, jQuery, and several UI libraries, indicating a mature and maintainable infrastructure. The presence of cookie consent mechanisms and privacy policies reflects a good level of digital maturity and compliance with GDPR requirements. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site uses HTTPS and implements cookie consent, but lacks explicit security headers and incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is unavailable or privacy-protected, which is common for governmental or public institutions, and does not detract from the site's legitimacy. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and maintaining up-to-date third-party libraries to further strengthen security posture.

H

Helmholtz Association

hifis.net

67

HIFIS (Helmholtz Federated IT Services) is a specialized IT service provider focused on delivering digital infrastructure and software services to the Helmholtz Association, a major German research organization. The website presents a professional and comprehensive overview of their offerings including cloud services, identity management, software consulting, and training. The target audience primarily includes scientists, software engineers, cloud service providers, and IT support experts within the Helmholtz ecosystem. The organization is well positioned as a key facilitator of research IT services within Germany's scientific community. Technically, the website is built with modern web standards including HTML5, CSS3, and JavaScript, leveraging libraries such as FontAwesome and Modernizr for enhanced UI/UX. Hosting is provided by DESY, a reputable Helmholtz research center, ensuring reliable infrastructure. The site is mobile optimized, fast loading, and accessible, with good SEO practices. Analytics are implemented via Matomo with cookies disabled, reflecting a privacy-conscious approach. From a security perspective, the site uses HTTPS and shows no signs of exposed sensitive data or vulnerabilities. However, it lacks visible security headers and a cookie consent mechanism, which are recommended for GDPR compliance and enhanced security. There is no published security policy or incident response information, which could be improved to strengthen trust and preparedness. Overall, the website is trustworthy, professional, and well-aligned with its institutional backing. The domain registration data corroborates the legitimacy and consistency of the service. Strategic improvements in privacy compliance and security transparency would further enhance the site's security posture and user trust.

A

agzente plus

agzente.de

59

agzente plus is a local community magazine serving the residents of Ulm, Germany, focusing on sustainability, social engagement, and local news. It operates as a non-profit initiative in partnership with lokale agenda ulm 21 and engagiert in ulm, providing regularly updated content, event information, and advertising opportunities for local businesses. The website is built on Drupal 10 and hosted via 1und1, employing modern web technologies and maintaining a good level of mobile optimization and user experience. From a security perspective, the site uses HTTPS with good SSL configuration and includes a GDPR-compliant cookie consent banner with opt-in mechanisms. Google Analytics and Tag Manager are used with IP anonymization to respect user privacy. However, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which could be improved to enhance trust and compliance. Overall, the website is professional, trustworthy, and well-maintained, with clear contact information and consistent branding. The domain WHOIS data is limited but consistent with a legitimate small local media outlet. No critical security issues or suspicious content were detected, and the site is safe for general audiences.

C

Cinema Caravaggio

cinemacaravaggio.it

69

Cinema Caravaggio operates as a local cinema in Rome, Italy, providing movie screenings and online ticket sales through a dedicated website. The business targets general moviegoers in the Rome area and leverages the 18tickets platform for content management and ticketing services. The website presents a professional and user-friendly interface with clear programming schedules and ticket purchasing options. Technically, the site uses modern web technologies including JavaScript, Google reCAPTCHA for bot protection, and Socket.IO for real-time features. The site is mobile optimized and includes basic accessibility features. Security posture is adequate with HTTPS enforced and CSRF tokens implemented, though additional security headers could enhance protection. Privacy compliance is well addressed with clear cookie and privacy policies and a consent mechanism. The domain registration is consistent with the business claims, enhancing trustworthiness. Overall, the website is reliable, secure, and professionally maintained, serving its intended audience effectively.

P

Prosegur

prosegur.com

72

Prosegur is a leading global private security company with over 45 years of experience and operations in more than 30 countries. The company offers a broad portfolio of services including physical security, cash logistics, alarm systems, cybersecurity through its Cipher division, and technology solutions via AVOS Tech. The website reflects a mature digital presence with professional design, comprehensive content, and a focus on innovation and sustainability. Technically, the site employs modern marketing and analytics tools such as Google Tag Manager, Eloqua, and Didomi CMP, and uses multimedia elements like video backgrounds to enhance user engagement. Security posture is strong with HTTPS enforcement, security headers, and consent management, though explicit incident response and vulnerability disclosure information are not publicly available. The absence of WHOIS domain registration data is a notable concern, impacting domain transparency and trust. Overall, the website is professional, secure, and compliant with privacy regulations, serving a broad business audience seeking security services.

S

Swiss Film School

swissfilmschool.com

49

Swiss Film School is a specialized educational institution based in Switzerland, focusing on film and acting training programs for various audiences including kids, teens, and professionals. The website presents a professional and consistent brand image with clear navigation and relevant content about their offerings. Technically, the site is built on WordPress with WooCommerce and uses modern plugins and frameworks, hosted likely by Hostpoint AG. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and trustworthy but could improve in compliance and security transparency.

T

Touch Medical Media

touchmedicalmedia.com

65

Touch Medical Media is a well-established healthcare media and education company founded in 2011, specializing in delivering expert-led medical education and communications globally. The company operates multiple subsidiaries and therapy area platforms, reaching millions of healthcare professionals worldwide. Their business model focuses on medical publishing, digital education, and scientific content delivery, positioning them as a global leader in trusted medical education. Technically, the website is built on WordPress with modern performance optimizations and good mobile responsiveness. Security posture is strong with HTTPS, security headers, and Cloudflare DNS, though DNSSEC is not enabled and formal security policies are not published. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-maintained, reflecting a mature digital presence for a healthcare-focused media company.

werk.ARCHITEKTEN Genossenschaft is a Swiss architectural cooperative specializing in architecture, urban planning, and sustainable building practices. With over two decades of experience, the firm offers comprehensive services ranging from new constructions to renovations, emphasizing resource responsibility and ecological sustainability. Their collaborative approach involves qualified partners across architecture, landscape architecture, engineering, and construction management, positioning them as a reputable regional player in the real estate and architectural sector. Technically, the website employs a modern but straightforward technology stack including Bootstrap, jQuery, FontAwesome, and Google Analytics for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. However, some technical improvements such as updating JavaScript libraries and implementing security headers could enhance security posture. From a security perspective, the site uses HTTPS and has implemented a cookie consent mechanism compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. The absence of explicit security policies or incident response information suggests room for improvement in transparency and preparedness. Overall, the website is professional, trustworthy, and compliant with privacy regulations, supporting the legitimacy of the business. Strategic recommendations include enhancing security headers, updating dependencies, and publishing security and incident response policies to strengthen trust and compliance.

O

openfellas GmbH

openfellas.com

74

openfellas GmbH is a well-established German company specializing in Odoo ERP consulting and implementation services. With over 15 years of experience and more than 250 successful projects, they hold a strong market position as an Odoo Gold Partner since 2014. Their business model focuses on B2B services targeting industries such as manufacturing, energy, and e-commerce. The website reflects a professional and consistent brand image, showcasing detailed service offerings and customer testimonials that reinforce trust and credibility. Technically, the site is built on the Odoo platform, leveraging modern web technologies and hosted behind Cloudflare for performance and security. Analytics and marketing tracking are implemented via Google Tag Manager with a GDPR-compliant cookie consent mechanism. Security posture is generally good with HTTPS enforced and domain transfer protection, though DNSSEC is not enabled and some security headers are missing. No explicit security or incident response policies are published. Overall, the website is accessible, well-structured, and trustworthy, supporting the company's business objectives effectively.

L

La Commune de Bardonnex

bardonnex.ch

46

The website www.bardonnex.ch serves as the official online presence for the Commune de Bardonnex, a local government entity in Switzerland. It provides residents and visitors with access to community news, municipal services, event calendars, and administrative information. The site is positioned as a trusted source for local governance and public service information. Technically, the site is built on WordPress with a modern tech stack including popular plugins for events and sliders, ensuring good mobile responsiveness and accessibility. Security posture is solid with HTTPS enabled and no exposed sensitive data, though it lacks some security headers and formal policies such as privacy and cookie policies. Overall, the site is professional, trustworthy, and well-structured but could improve compliance and security transparency.

T

Telefilm Canada

telefilm.ca

66

Telefilm Canada is a Canadian government agency dedicated to financing, developing, and promoting the Canadian audiovisual industry. It serves as a key national player supporting filmmakers, festivals, and industry stakeholders through funding programs and promotional initiatives. The website reflects a mature digital presence with a focus on accessibility, multilingual support, and rich content tailored to its audience. Technically, the site leverages WordPress CMS with modern performance optimizations and integrates widely used analytics and marketing tools. Security posture is solid with HTTPS enforcement and domain management best practices, though some security headers and explicit policies could be improved. Privacy compliance is basic, with cookie consent implemented but no explicit privacy or terms of service pages detected. Overall, the site is professional, trustworthy, and well-aligned with its government agency role.

S

Stephen Budd Music Management

record-producers.com

45

Stephen Budd Music Management is a London-based company specializing in the management of music artists, record producers, songwriters, mix engineers, and related professionals. The company represents a diverse and influential roster including notable names such as Rick Nowels and Nick Zinner. Their services extend beyond management to consultancy, music festival advising, A&R, and DJ activities, positioning them as a key player in the music industry media sector. The website reflects a professional and well-maintained digital presence with clear branding and comprehensive content about their roster and services. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Google reCAPTCHA v3 for spam protection. It uses standard web technologies including jQuery, Flickity for carousels, and FontAwesome icons. The site is mobile optimized and performs moderately well, with good SEO practices evident in meta tags and structured data. However, some security best practices such as security headers are missing, and there is no cookie consent mechanism despite the use of tracking technologies. From a security perspective, the site uses HTTPS with a presumably strong SSL configuration and employs Google reCAPTCHA to protect forms. No obvious vulnerabilities or exposed sensitive data were detected. However, the absence of security headers and lack of published security or incident response policies indicate room for improvement in security posture and compliance. The WHOIS data for the domain is unavailable, which reduces trust in domain legitimacy, although the website content itself appears professional and consistent with a legitimate business. Overall, the website is a credible and professional platform for a niche music management business, but it would benefit from enhanced security measures, improved privacy compliance (notably cookie consent), and verification of domain registration details to strengthen trust and compliance.

N

NABU | naturgucker

nabu-naturgucker.de

52

NABU|naturgucker is a well-established non-profit organization dedicated to nature observation, education, and conservation in Germany. The website serves as a hub for citizen science activities, offering a social network for nature observations, an online academy, travel experiences, and a participatory nature journal. It targets nature enthusiasts and researchers, providing extensive resources and community engagement opportunities. The platform is professionally designed, SEO optimized, and mobile-friendly, reflecting a mature digital presence. Technically, it is built on WordPress with modern plugins enhancing functionality and user experience. Security posture is good with HTTPS and cookie consent mechanisms in place, though formal security policies and incident response contacts are not explicitly published. Overall, the site is trustworthy, content-rich, and aligned with its mission to promote nature awareness and scientific collaboration.

The website ticket-cloud.ch currently presents an offline or error page indicating that the searched cinema cannot be found. There is no active business content or service information available on the site. The technical infrastructure uses common frontend libraries such as Bootstrap, FontAwesome, jQuery UI, and Video.js, but lacks advanced frameworks or CMS integration. No forms or data collection mechanisms are present. Security posture is minimal with no visible security headers or HTTPS confirmation in the provided data. Privacy and cookie policies are absent, and no contact information is provided, limiting trust and compliance. Overall, the site appears to be either under maintenance or discontinued, resulting in poor user experience and low business credibility.

I

Integral

integralmusic.com

66

Integral is a music services division under the PIAS group, offering comprehensive global distribution, sales, promotion, sync licensing, and production services to independent record labels, managers, and artists. With over 30 years of experience, Integral positions itself as a trusted partner in the music industry, leveraging local expertise combined with global scale to deliver value to its partners. The website reflects a professional and consistent brand image aligned with its market positioning. Technically, the website is built on WordPress with a custom theme, utilizing modern web technologies such as CSS3 and JavaScript. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, some technical improvements could be made, such as implementing security headers and enhancing accessibility features. The site uses HTTPS with an excellent SSL configuration, ensuring secure communication. From a security perspective, the site demonstrates basic best practices including HTTPS enforcement and a cookie consent mechanism compliant with GDPR. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. No explicit security policies or incident response contacts are found, indicating room for improvement in transparency and security posture. No vulnerabilities or malicious content were detected. Overall, Integral's website is professional and trustworthy from a content and design perspective but would benefit from improved domain registration transparency and enhanced security headers. The risk level is moderate, primarily due to the missing WHOIS data. Strategic recommendations include verifying domain registration, implementing security headers, and publishing explicit security and incident response policies.