Security Directory

L

LPO Arkitekter

lpo.no

60

LPO Arkitekter is Norway's largest independent architectural firm specializing in architecture for cities, places, buildings, and spaces with a strong focus on innovation, sustainability, and inclusive design processes. The company positions itself as a leader in the Norwegian architectural market, serving a broad audience including municipalities, developers, and the general public interested in urban development. Their business model centers on delivering comprehensive architectural and urban planning services with an emphasis on human-centric solutions. Technically, the website employs modern web technologies such as jQuery, Google Analytics, Google Tag Manager, and Plausible Analytics for tracking, alongside lazy loading for performance optimization. The site is mobile-optimized and features good SEO practices, although some accessibility features could be enhanced. The infrastructure appears stable and professionally maintained, with no signs of outdated or vulnerable libraries. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks several security headers and does not provide a visible cookie consent mechanism or detailed privacy and security policies, which are important for GDPR compliance. The WHOIS data is not publicly available due to Norid's policies, but the domain and website content align with a legitimate and professional business entity. Overall, the website presents a strong business credibility and technical foundation but would benefit from improved privacy compliance and security best practices to enhance trust and regulatory adherence.

B

Boussole21

boussole21.ch

52

Boussole21 is a Swiss government-supported online tool designed to assist project managers and organizations in evaluating the sustainability of their projects using a comprehensive set of 20 criteria. The platform offers a user-friendly interface with collaborative and modular features, enabling users to generate understandable and detailed sustainability reports. The website is professionally designed, mobile-optimized, and consistent with its branding, reflecting a niche but important role in sustainable development assessment within Switzerland. Technically, the site employs modern frontend technologies including jQuery, Bootstrap, and TinyMCE, built on a custom CMS likely using Laravel Blade templates. Performance is moderate with good mobile responsiveness, though accessibility and SEO optimizations are basic. Security practices include HTTPS usage but lack visible security headers and cookie consent mechanisms, indicating room for improvement in compliance and protection. From a security perspective, the website shows no signs of blocking or WAF interference, no exposed sensitive data, and no detected vulnerabilities. However, the absence of cookie policies, security headers, and incident response information suggests a moderate security posture. WHOIS data aligns well with the website's Swiss government affiliation, supporting legitimacy and trustworthiness. Overall, Boussole21 presents a trustworthy and professional online presence with a clear business focus but would benefit from enhanced privacy compliance, security hardening, and more transparent contact and incident response information to strengthen user trust and regulatory adherence.

K

Kompass21

kompass21.ch

50

Kompass21 is a Swiss-based sustainability project evaluation tool supported by regional government entities. It provides a structured approach to assess projects against 20 sustainability criteria, offering clear results and team collaboration features. The website is professionally designed with a focus on usability and accessibility, leveraging modern web technologies such as Bootstrap and jQuery. Security posture is moderate with HTTPS enforced but lacks advanced security headers and published policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and legitimate with no blocking or suspicious indicators.

M

MētisPresses

metispresses.ch

59

MētisPresses is a Swiss-based publishing company specializing in academic and cultural publications, offering both printed and digital books. The website targets French-speaking academics, researchers, and cultural enthusiasts, positioning itself as a niche publisher with a focus on sociological and historical content. The business model revolves around online sales of books and collections, supported by a professional and consistent brand presence. Technically, the website employs modern web technologies including Bootstrap, jQuery, and integrates payment solutions like Stripe and PayPal, indicating a mature digital infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and some basic security headers but lacks comprehensive policies such as privacy and cookie policies, and does not provide a vulnerability disclosure or security contact. Analytics usage is moderate with Google Analytics and Tag Manager implemented, but privacy compliance is weak due to missing policies. Overall, the website is trustworthy and professional but could improve its compliance and security posture.

S

Stiftung Mercator

stiftung-mercator.de

53

Stiftung Mercator is a private, independent non-profit foundation based in Germany, dedicated to promoting an open, solidaric society with equal opportunities. The foundation focuses on democratic values, social cohesion, climate protection, and supports various projects and fellowship programs. The website is professionally designed, multilingual, and optimized for SEO and accessibility, reflecting a mature digital presence. Technically, it leverages WordPress CMS with modern libraries such as jQuery and uses Borlabs Cookie for privacy compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though formal security policies and incident response contacts are not published. Overall, the site is trustworthy, well-maintained, and compliant with GDPR requirements.

H

Hostpoint AG

code-zh.com

40

The website code-zh.com is currently displaying a minimal placeholder page indicating that the PHP version used is no longer supported. The domain is registered since 2012 and is hosted by Hostpoint AG, the largest Swiss web hosting provider managing over a million domain names. The business focus is on web hosting and domain management services targeted primarily at Swiss customers. The website content is minimal and lacks essential elements such as privacy policies, cookie consent mechanisms, terms of service, and contact information, which negatively impacts user trust and compliance with regulations such as GDPR. Technically, the site uses outdated PHP, jQuery 3.6.0, and standard web fonts but lacks modern security headers and SEO optimizations. Security posture is weak due to the unsupported PHP version and absence of security best practices. Overall, the site is accessible without WAF or security blocks but requires significant improvements in content, security, and compliance to meet professional standards.

Jugendmusik Glattal is a small, community-focused youth music organization based in Switzerland's Glattal region. The website serves as an informational and engagement platform for youth musical education, orchestras, and community concerts. It is supported by local sponsors and maintains an active presence on social media platforms such as Facebook and Instagram. The technical infrastructure is built on a modern stack including jQuery, Owl Carousel, and Clubdesk CMS, providing a responsive and user-friendly experience. Security measures include HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not evident. Overall, the website is well-structured and trustworthy, with no signs of malicious content or vulnerabilities. Strategic improvements could focus on enhancing security headers, publishing clear security and incident response policies, and providing more direct contact information to improve user trust and compliance.

A

ASKO - NÁBYTEK

asko-nabytek.cz

59

ASKO - NÁBYTEK is a prominent Czech furniture retailer offering a wide range of furniture and home accessories through its e-commerce platform. The website presents a comprehensive catalog of products including beds, chairs, tables, wardrobes, sofas, and various home textiles and decorations, targeting general consumers seeking quality home furnishings. The company appears to have a large market presence in the Czech Republic with a well-structured online shopping experience. Technically, the website employs modern JavaScript libraries such as jQuery, Splide, and Slick for UI components and galleries, alongside Google Tag Manager for analytics and marketing. The site is mobile-optimized and includes cookie consent mechanisms, indicating a moderate level of digital maturity. However, the absence of detailed WHOIS data limits the ability to fully verify domain legitimacy and ownership. From a security perspective, the site enforces HTTPS and includes basic security headers, but lacks advanced headers like Content-Security-Policy and HSTS. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is basic, with cookie consent present but no explicit privacy policy or terms of service found in the analyzed content. Overall, the website is professionally designed and functional, with a good user experience and clear navigation. The lack of WHOIS transparency and limited privacy documentation are areas for improvement. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and terms policies, and improving accessibility features to strengthen compliance and trust.

B

Bider & Tanner

biderundtanner.ch

45

Bider & Tanner is a prominent bookstore and music house based in Basel, Switzerland, operating both a physical store and an online shop. The website showcases a wide range of books, music CDs, vinyl records, and cultural event tickets, positioning itself as a key cultural hub in the region. The business targets general consumers interested in literature, music, and cultural products, leveraging a retail e-commerce model complemented by physical store presence. The company enjoys a strong market position as the largest bookstore in Basel's Bankenplatz area.

U

Università degli Studi di Roma Tor Vergata

uniroma2.it

53

Università degli Studi di Roma Tor Vergata is a major Italian public university offering a wide range of academic programs and research activities across disciplines such as economics, law, engineering, humanities, medicine, and sciences. The website serves students, faculty, researchers, and prospective students by providing comprehensive information on courses, events, news, and administrative services. The institution positions itself as a key player in higher education within Italy, supported by a large-scale infrastructure and diverse academic offerings. Technically, the website employs modern web technologies including Bootstrap, jQuery, DataTables, and integrates Google Tag Manager and Usercentrics for analytics and cookie consent management. The site is mobile-optimized with good SEO and accessibility basics, though there is room for improvement in accessibility and security headers. Performance is moderate, reflecting a balance between rich content and resource loading. From a security perspective, the site enforces HTTPS and uses a consent management platform, indicating compliance with GDPR and privacy best practices. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests areas for enhancement in security transparency and readiness. Overall, the website is professional, trustworthy, and well-aligned with the university's mission. The risk profile is low, with recommendations focusing on strengthening security headers, publishing security policies, and enhancing accessibility to further improve user trust and compliance.

D

Datascroll Eventsupport GmbH

eventjet.at

10

Datascroll Eventsupport GmbH operates events.eventjet.at, a professional online ticketing platform focused on popular events in Austria including theater, concerts, family events, parties, sports, and festivals. The website offers a rich event calendar with faceted search capabilities and is optimized for SEO and user experience. The platform targets event attendees primarily in Austria and nearby regions, providing an accessible and well-structured service for event discovery and ticket purchase. The business model centers on online ticket sales and event promotion, positioning itself as a regional leader in event ticketing services.

A

Arbeitsmarktservice Österreich (AMS)

gehaltskompass.at

66

The website www.gehaltskompass.at is an official Austrian government-related platform operated by the Arbeitsmarktservice Österreich (AMS). It provides comprehensive salary comparison data for nearly 1,800 professions based on collective agreements, targeting job seekers and career entrants in Austria. The site offers additional career resources such as career videos, salary calculators, and links to AMS career information centers (BIZ). Technically, the site uses a modern tech stack including jQuery, Bootstrap, DataTables, and Matomo analytics, hosted on braintrust.at infrastructure. It is well optimized for mobile and accessibility, with clear navigation and professional design. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers and explicit security policies are not published. Privacy compliance is strong with a detailed privacy policy and cookie consent banner. No contact emails or phone numbers are directly listed, consistent with a government information portal. Overall, the site is trustworthy, professional, and safe for general audiences.

I

Initiative Therme Plus

thermeplus.at

48

Initiative Therme Plus is a promotional platform representing 38 popular thermal spas across Austria, focusing on wellness, spa, family activities, and relaxation. The website serves as an information hub and marketing channel, offering a loyalty program to encourage repeat visits. Technically, the site is built on WordPress with modern libraries and frameworks, including jQuery and Usercentrics for consent management. The security posture is solid with HTTPS and privacy compliance, though some security headers could be improved. Overall, the site is professional, user-friendly, and trustworthy, targeting a broad audience interested in Austrian thermal spa experiences.

L

LEAP

leapmade.com

10

LEAP is a small technology company specializing in SaaS product development and marketing automation solutions. Their website promotes multiple SaaS products such as Parsey, Graphly, Evidence, and Maven RSS To Email, targeting businesses seeking to grow rapidly through automation and marketing tools. The company positions itself as award-winning and customer-oriented with a strong focus on core values and customer care. The website is built on WordPress with a moderate technical infrastructure including Google Analytics and Tag Manager for tracking. The site is mobile optimized and presents a professional design with consistent branding. Security posture is adequate with HTTPS enabled and IP anonymization in analytics, but lacks security headers and explicit privacy or cookie policies. No contact information or security incident response details are provided, which limits transparency. The domain registration is consistent and legitimate, with no privacy protection and appropriate domain age. Overall, the website is functional and professional but could improve in privacy compliance and security best practices.

I

Institut Solidarische Moderne

solidarische-moderne.de

50

Institut Solidarische Moderne is a German non-profit think tank and platform focused on developing progressive political concepts through dialogue among parties, movements, trade unions, civil society, and academia. The organization offers analysis, publications, podcasts, events, and forums to promote social-ecological transformation and solidarity politics. Their business model relies on memberships and donations, emphasizing independence and community engagement. The website is professionally designed, content-rich, and well-structured, targeting progressive political actors and the general public interested in leftist political discourse. Technically, the website is built on the KONTEXT-CMS platform, uses modern frontend technologies like Tailwind CSS and jQuery, and is hosted via Warenform DNS servers. It features responsive design and good SEO practices. Analytics are implemented via Matomo with a GDPR-compliant opt-in cookie consent mechanism, reflecting a mature approach to privacy and data protection. However, some security best practices such as explicit security headers and published security policies are missing. From a security perspective, the site enforces HTTPS, uses cookie consent with opt-in for tracking, and does not expose sensitive data or vulnerable libraries. There is no evidence of incident response or vulnerability disclosure policies, which could be improved. The WHOIS data is limited but consistent with a small non-profit organization using CMS hosting services. No WAF or blocking mechanisms are detected, and the site is fully accessible. Overall, the website presents a trustworthy, professional, and privacy-conscious platform for political discourse. Strategic recommendations include publishing security and incident response policies, enhancing security headers, and improving accessibility features to further strengthen trust and compliance.

A

AMS (Arbeitsmarktservice Österreich)

ausbildungskompass.at

66

The AMS Ausbildungskompass website is an official Austrian government platform providing comprehensive information on vocational training, education pathways, and career guidance. It serves a broad audience including students, job seekers, and those interested in continuing education within Austria. The site is well-branded with AMS logos and offers detailed educational content, search functionality, and links to related government and educational resources. Technically, the site employs a modern and mature technology stack including jQuery, Bootstrap, FontAwesome, and Matomo for analytics. It is mobile-optimized, accessible, and performs moderately well. The presence of a cookie consent mechanism and detailed privacy policy indicates good privacy compliance aligned with GDPR requirements. From a security perspective, the site uses HTTPS with strong SSL configuration and implements secure form practices. However, it lacks explicit security headers and a published security or incident response policy, which could be improved. No vulnerabilities or suspicious content were detected. Overall, the site is trustworthy, professional, and well-maintained, with a high legitimacy score despite the absence of WHOIS data due to privacy protection. Strategic recommendations include enhancing security headers, publishing a security policy, and providing explicit incident response contacts to further strengthen trust and compliance.

A

AMS (Arbeitsmarktservice Österreich)

berufslexikon.at

64

The AMS Berufslexikon website is an official Austrian government career information portal operated by the Arbeitsmarktservice Österreich (AMS). It provides comprehensive information on over 1,800 professions, including job descriptions, educational requirements, career prospects, and salary data. The platform targets job seekers, students, and career advisors within Austria, offering advanced search and filtering capabilities to facilitate career exploration. The site is well-branded with AMS logos and consistent government styling, reinforcing its authoritative position in the Austrian labor market information ecosystem. Technically, the website employs a modern and mature technology stack including jQuery, Bootstrap, FontAwesome, and Matomo analytics. It is mobile-optimized, accessible, and features a cookie consent mechanism compliant with GDPR standards. Performance is moderate with good SEO and accessibility practices. The site uses HTTPS exclusively, ensuring secure data transmission. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent management. However, it lacks explicit security headers and a published security policy or incident response contact information. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The absence of WHOIS data is likely due to privacy protection, which is justified for a government-related domain. Overall, the AMS Berufslexikon website is a trustworthy, professional, and secure platform providing valuable career information to the Austrian public. Strategic recommendations include enhancing security headers, publishing a security policy, and providing explicit incident response contacts to further strengthen trust and compliance.

E

edition taberna kritika

etkbooks.com

56

edition taberna kritika is a specialized publisher focusing on experimental, conceptual, and visual literatures, offering a curated selection of print books, digital editions, and artist publications. The company operates a niche business model targeting readers and collectors interested in avant-garde literary and artistic works. The website is professionally designed using WordPress CMS with a moderate level of technical sophistication, including portfolio galleries and contact forms secured by Google reCAPTCHA. The domain is well-established since 2007, supporting the legitimacy and maturity of the business. Security posture is adequate with HTTPS and domain registrar locks, but improvements are recommended in DNSSEC and security headers. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Contact information is limited to email and forms, with no phone or physical address provided.

S

swips.ch

swips.ch

41

swips.ch is a Swiss-based media platform dedicated to promoting independent publishers in Switzerland. The website provides book previews, publisher directories, event announcements, and downloadable brochures, targeting publishers and literary enthusiasts. The platform occupies a niche market within the Swiss publishing industry, offering curated content and fostering community engagement among independent publishers. Technically, the website is built on WordPress 5.9.2, utilizing plugins such as Document Gallery and WP Statistics for content presentation and analytics. The site is mobile-optimized with a good user experience and clear navigation. Security-wise, HTTPS is enforced, and Wordfence security scripts are present, but there is a lack of explicit security headers and formal privacy or cookie policies, indicating room for compliance improvement. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

A

Arbeitsmarktservice Österreich (AMS)

karrierekompass.at

66

The AMS Karrierekompass website is an official Austrian government portal providing comprehensive labor market, career, and educational information. It serves a broad audience including job seekers, students, and career changers by offering detailed career guidance, job search tools, educational resources, and labor market data. The site is well-positioned as a trusted government resource with strong branding and extensive partnerships with related career and education platforms. Technically, the website employs a modern and mature technology stack including jQuery, Bootstrap, FontAwesome, and Matomo analytics with anonymized tracking. The site is mobile-optimized, accessible, and performs moderately well. It uses secure HTTPS connections and cookie consent mechanisms aligned with GDPR requirements, reflecting a high level of digital maturity. From a security perspective, the site enforces HTTPS and uses cookie consent for analytics. While some security headers are not explicitly detected, no critical vulnerabilities or exposed sensitive data were found. The WHOIS data confirms the domain's legitimacy and consistency with the AMS organization, supporting trustworthiness. Overall, the website presents a low risk profile with strong privacy compliance and business credibility. It lacks explicit contact information and security policies publicly visible, which could be improved to enhance transparency and incident response readiness.

T

Terra Nuova Edizioni

terranuovalibri.it

59

Terra Nuova Edizioni is an established Italian publishing company specializing in ecological and natural living literature, including books, ebooks, and magazines. The company targets Italian-speaking audiences interested in sustainable lifestyles, organic agriculture, alternative medicine, and related disciplines. The website serves as an e-commerce platform offering direct sales, subscriptions, and event information, positioning itself as a niche leader since 1977. Technically, the website employs modern web technologies such as jQuery, Bootstrap, Owl Carousel, and integrates Google and Facebook tracking tools with a compliant cookie consent mechanism. Security posture is solid with HTTPS enforced and bot protection via reCAPTCHA, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent management. Overall, the site is professional, trustworthy, and well-optimized for user experience and SEO.

F

füreinand'

fuereinand.at

59

füreinand' is a well-established Austrian non-profit community platform dedicated to fostering mutual support and volunteering across Austria. With over 43,000 members, it operates under the auspices of Caritas and partners with prominent media outlets to maximize outreach and impact. The website offers a professional, accessible, and content-rich experience, encouraging community participation through various missions and initiatives. Technically, the site leverages TYPO3 CMS, modern JavaScript libraries, and robust form validation, ensuring a responsive and user-friendly interface. Security-wise, the site employs HTTPS, cookie consent mechanisms, and error monitoring via Sentry, though it could enhance security headers and publish formal security policies. Overall, the platform demonstrates strong compliance with GDPR and privacy standards, reflecting its commitment to user trust and data protection.

B

BioCologne e.V.

biocologne.de

58

BioCologne e.V. is a specialized network organization based in Cologne, Germany, focused on fostering the biotechnology and life sciences sector through technology transfer, startup support, and industry networking. The website positions BioCologne as a central hub connecting companies, research institutions, investors, and other stakeholders to promote innovation and economic growth in the region. The business model centers on facilitating collaboration and providing resources such as job boards and events to support career development and entrepreneurship in biotech. Technically, the website is built on the Webflow platform, leveraging modern web technologies including jQuery, Google Fonts, and Google reCAPTCHA for form security. The site demonstrates good mobile optimization and SEO practices, though performance is moderate. The technical infrastructure is suitable for a small to medium-sized organization with a focus on content delivery and user engagement. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, but lacks visible security headers and explicit security or incident response policies. Privacy compliance is partially addressed with a privacy policy present, but no cookie consent mechanism was detected, which may pose GDPR compliance risks. Contact information is clearly provided, enhancing trustworthiness. Overall, the website is professional, trustworthy, and well-aligned with the organization's mission. Security and privacy practices could be improved to enhance compliance and resilience. The domain appears legitimate and consistent with the business claims, though WHOIS data is limited. Strategic recommendations include implementing cookie consent, adding security headers, and publishing incident response contacts to strengthen security posture and compliance.

B

BioCampus Cologne & RTZ Köln

rtz.de

59

BioCampus Cologne & RTZ Köln operate as high-tech innovation hubs and incubators located in Cologne, Germany, providing infrastructure and community support for startups, scaleups, and corporates in DeepTech, HighTech, and STEM fields. The website reflects a medium-sized organization focused on fostering a vibrant ecosystem with over 70 knowledge-based companies. Their services include office spaces, laboratories, workshops, and event areas, supporting growth and networking. Technically, the website is built on Webflow CMS with modern web technologies such as jQuery and Google reCAPTCHA, hosted on a CDN with HTTPS enforced. Security posture is solid with encrypted connections and bot protection but lacks some advanced security headers and explicit incident response information. Privacy compliance is partially met with a comprehensive privacy policy but missing cookie consent mechanisms. Overall, the site is professional, well-branded, and trustworthy with active community engagement through events and job postings.

B

BioCampus Cologne & RTZ Köln

biocampus-rtz.de

52

BioCampus Cologne & RTZ Köln operates as a regional technology park and incubator hub in Cologne, Germany, providing infrastructure and community support for over 70 innovative companies primarily in DeepTech, HighTech, and STEM fields. The website reflects a medium-sized, well-branded organization focused on fostering startup growth and corporate innovation through office, lab, and event spaces. Technically, the site is built on Webflow with modern web technologies including jQuery and Google services, offering a good user experience and mobile optimization. Security posture is solid with HTTPS and reCAPTCHA integration, though improvements in security headers and cookie consent mechanisms are recommended. Overall, the site is professional, trustworthy, and serves its target audience effectively.

NABU|naturgucker is a reputable non-profit platform dedicated to nature observations, biodiversity data collection, and community engagement in environmental conservation. The website serves as a comprehensive repository of nature images, videos, and species data, targeting nature enthusiasts, researchers, and conservationists primarily in Germany. The platform is affiliated with NABU, a well-known German nature conservation organization, enhancing its credibility and market position. Technically, the website is built on a custom IntraWeb framework with modern JavaScript libraries including jQuery, Bootstrap, and Google Maps API integration for interactive mapping features. Hosting is provided by 1&1 IONOS, ensuring stable infrastructure. While the site performs moderately and offers basic mobile optimization, there is room for improvement in accessibility and SEO practices. From a security perspective, the site enforces HTTPS, employs security headers, and uses nonce attributes in scripts to mitigate risks. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a strong commitment to user data protection. Overall, the website presents a professional and trustworthy digital presence with a solid security posture and compliance framework. Strategic enhancements in mobile responsiveness, security monitoring, and SEO could further strengthen its digital maturity and user experience.

B

BW-Bank

meinextend.de

70

The website meinextend.de is a customer service and benefits portal for BW-Bank's extend program, offering travel, ticketing, cashback, and insurance services to its customers. It is positioned as a regional banking service platform with a focus on customer loyalty and value-added services. The site is professionally designed with consistent branding and provides clear navigation and relevant content targeted at German-speaking BW-Bank customers. Technically, the site uses a modern tech stack including jQuery, PrimeNG, and Google Tag Manager, built on an ASP.NET framework with onpublix CMS. The site is mobile optimized and includes accessibility features, though some areas could be improved. Security posture is good with HTTPS enforced, secure login forms, and cookie consent mechanisms, but lacks explicit security policy pages and some HTTP security headers. Privacy compliance is strong with a comprehensive privacy policy and cookie consent. WHOIS data is minimal but consistent with the business branding. Overall, the site is trustworthy and professionally maintained.

B

BioCampus Cologne & RTZ Köln

biocampuscologne.de

60

BioCampus Cologne & RTZ Köln operate as high-tech innovation hubs in Cologne, Germany, providing infrastructure and community support for startups, scaleups, and corporates in deep technology, high technology, and STEM fields. The website presents a professional and well-structured digital presence, highlighting over 70 knowledge-based companies, available office and lab spaces, and active community events. The technical infrastructure is modern, leveraging Webflow CMS, Google Tag Manager, and reCAPTCHA for security and analytics. Security posture is solid with HTTPS and form protections, though improvements in security headers and explicit incident response policies are recommended. Overall, the website reflects a credible and active business ecosystem with moderate to high digital maturity.

NABU|naturgucker is a German non-profit platform dedicated to nature observation and citizen science. It enables users to record and share sightings of plants, animals, fungi, and other natural phenomena, supporting environmental awareness and research. The platform is affiliated with NABU, a well-known German nature conservation organization, which strengthens its credibility and market position in the environmental non-profit sector. The website targets nature enthusiasts, researchers, and the general public interested in biodiversity and conservation. Technically, the website is built on a custom IntraWeb framework with integration of modern JavaScript libraries such as jQuery, Bootstrap, and Google Maps API for interactive mapping features. Hosting is provided via rzone.de, and the site uses HTTPS with nonce attributes in scripts indicating some level of content security policy implementation. The site shows moderate performance and basic mobile optimization, with room for improvement in accessibility and SEO. From a security perspective, the site uses HTTPS and some script nonce attributes, but no explicit security headers were detected in the provided data. There are no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies are present and indicate GDPR compliance, but no explicit security or incident response policies were found. The domain WHOIS data is limited but consistent with the website's purpose and branding. Overall, the website is professional, trustworthy, and safe for general audiences. It serves its non-profit mission effectively but could enhance its technical and security posture by implementing additional security headers, improving mobile responsiveness, and providing clearer contact and incident response information.

D

Dachverband Deutscher Avifaunisten (DDA)

dda-web.de

57

The Dachverband Deutscher Avifaunisten (DDA) is a German non-profit umbrella organization representing regional and state ornithological associations, serving approximately 10,000 field ornithologists and bird watchers. The website provides comprehensive information about bird monitoring activities, data collection, and publications such as bird atlases. The target audience includes ornithologists, environmental researchers, and bird enthusiasts in Germany. The organization positions itself as a leading national entity in the ornithological community. Technically, the website employs modern JavaScript libraries including jQuery, GSAP, and Vue.js components, along with Matomo for analytics and Leaflet for mapping functionalities. Hosting is provided by manitu.net, a reputable German hosting provider. The site is mobile-optimized with good SEO and basic accessibility features, though some improvements could be made in accessibility and performance. From a security perspective, the site enforces HTTPS, uses security headers, and includes CSRF tokens, indicating a solid security posture. Privacy and cookie policies are present and GDPR compliant, with a named data protection officer contact. However, no explicit security policy or vulnerability disclosure mechanisms were found, which could be areas for enhancement. Overall, the website is professional, trustworthy, and well-aligned with its non-profit mission. The risk level is low, with recommendations focusing on enhancing security transparency and accessibility. The domain registration is consistent with the business type, though registrant details are minimal. The site is safe for general audiences with no adult or questionable content.

E

Erziehungswissenschaftliches Fort- und Weiterbildungsinstitut der Evangelischen Kirchen in Rheinland-Pfalz

efwi.de

47

The Erziehungswissenschaftliches Fort- und Weiterbildungsinstitut der Evangelischen Kirchen in Rheinland-Pfalz (EFWI) is a small, regionally focused non-profit educational institute dedicated to supporting teachers and pedagogical professionals through training, consulting, and specialized seminars. The website clearly targets educators in Rheinland-Pfalz, Germany, offering a variety of professional development opportunities aligned with current educational challenges and research. The business model is service-oriented, focusing on educational enrichment and church-affiliated community support. The website is well-branded and consistent with the organization's mission and regional focus. Technically, the website is built on the TYPO3 CMS platform, leveraging modern frontend technologies such as Bootstrap 4, jQuery, and FontAwesome. The site demonstrates good mobile optimization and SEO practices, with a moderate performance profile. Hosting is managed via DomainControl, consistent with the domain's WHOIS data. The technical infrastructure supports a professional and accessible user experience. From a security perspective, the site uses HTTPS with an excellent SSL configuration, but lacks visible security headers and a cookie consent mechanism, which are recommended for compliance and enhanced security posture. No vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response contact limits transparency in security management. Overall, the security posture is good but could be improved with additional best practices. The overall risk assessment is low, with no blocking or WAF detected, no suspicious content, and a trustworthy domain registration. Strategic recommendations include implementing a cookie consent banner, adding security headers, publishing a security policy, and considering a vulnerability disclosure mechanism to enhance compliance and trust.

S

ScaDS.AI Dresden/Leipzig

scads.de

50

ScaDS.AI Dresden/Leipzig is a German government-funded research center specializing in scalable data analytics, artificial intelligence, and big data. It operates as a permanent research facility with strong ties to TU Dresden and Leipzig University, positioning itself as a key player among Germany's AI competence centers. The website reflects a mature digital presence with comprehensive content targeting researchers, students, professionals, and the general public interested in AI and data science. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses several plugins for enhanced functionality, including Contact Form 7 and Yoast SEO. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Security posture is good with HTTPS enforced and no obvious vulnerabilities, but lacks DNSSEC and some security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professionally maintained, supporting its academic and research mission.

S

ScaDS.AI

scads.ai

45

ScaDS.AI Dresden/Leipzig is a government-funded German research center specializing in scalable data analytics, artificial intelligence, and big data. It operates as a permanent research facility with strong academic partnerships with TU Dresden and Leipzig University. The center offers interdisciplinary research, graduate education, consulting, and public engagement through its Living Lab. The website reflects a mature digital presence with professional design and comprehensive content tailored to researchers, students, and professionals in AI and data science. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses common plugins for forms and media display. Security posture is solid with HTTPS and domain transfer protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is good with a clear privacy policy but lacks cookie consent mechanisms. Overall, the site is trustworthy, well-maintained, and aligned with its academic and governmental mission.

M

Munich Intellectual Property Law Center (MIPLC)

miplc.de

45

The Munich Intellectual Property Law Center (MIPLC) is a specialized academic institution offering a one-year LL.M. program focused on intellectual property, innovation, and competition law. It operates with strong partnerships including the Max Planck Institute for Innovation and Competition and prominent universities, positioning itself as a niche leader in legal education for innovation-driven economies. The website reflects a high level of professionalism, with comprehensive content, multimedia integration, and clear navigation tailored to prospective students and academic audiences. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and frameworks, ensuring good performance and mobile responsiveness. Security posture is solid with HTTPS enforced and privacy-conscious analytics via Matomo with cookies disabled. However, some security headers and explicit security policies are missing, and no direct contact emails or phone numbers are provided, relying instead on contact forms. Overall, the site is trustworthy, well-maintained, and compliant with GDPR, though improvements in transparency and security documentation could enhance user trust further.

E

Economy for the Common Good - Sverige

ecgsverige.se

40

ECG Sverige is a small non-profit organization dedicated to promoting the Economy for the Common Good movement in Sweden. Their website provides information about their mission to create an economic system focused on societal and environmental well-being. They offer services such as the ECG-bokslut, which complements traditional financial statements by measuring societal contributions. The organization targets businesses, municipalities, and individuals interested in sustainable economic models. Technically, the website is built on WordPress using the Genesis Framework and Yoast SEO plugin, hosted by Oderland. It employs modern web technologies and includes a cookie consent mechanism and privacy policy, indicating good digital maturity. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and DNSSEC. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, though it could improve security policies and contact information visibility.

D

DL-Serviceshop

dl-serviceshop.de

62

DL-Serviceshop is a German finance-focused procurement and financing portal targeting True-Lease-Rahmenvertragskunden, offering asset-based financing solutions. The website is professionally designed with consistent branding and clear navigation, supporting a medium-sized business model in the finance sector. Technically, the site uses a modern tech stack including jQuery, Bootstrap, and INTERSHOP platform components, with moderate performance and good mobile optimization. Security posture is solid with HTTPS, CSRF protection, and input validation, though explicit security headers are missing. Privacy compliance is well addressed with a cookie consent mechanism and a GDPR-compliant privacy policy. Overall, the domain and website content align well, indicating legitimacy and trustworthiness.

L

Laval Energy

lavalenergy.com

63

Laval Energy is a newly established company (2023) specializing in energy management, consultancy, and project development services. Positioned as a knowledge leader in the energy sector, it offers a range of services including energy consultancy, project development, strategy insight, and various technical studies. The company targets industrial enterprises and investors seeking expert guidance in energy projects. The website reflects a professional business model with clear contact information and social media presence, supporting its market positioning. Technically, the website uses a modern but basic technology stack including jQuery, Owl Carousel, and Font Awesome, hosted behind Cloudflare DNS and CDN services. The site is mobile optimized with good navigation and content quality, though SEO and accessibility features are basic. No CMS or advanced frameworks were detected. From a security perspective, the site enforces HTTPS and uses domain transfer protection. However, it lacks visible security headers, privacy and cookie policies, and incident response information, indicating room for improvement in compliance and security posture. No WAF or blocking mechanisms were detected, and no vulnerabilities or malicious content were found. Overall, the website presents a moderate risk profile with good business credibility but gaps in privacy compliance and security best practices. Strategic improvements in policy publication, security headers, and incident response readiness are recommended to enhance trust and compliance.

The Corrie-ten-Boom-Schule is a small, state-recognized private secondary school located in Berlin-Prenzlauer Berg, operated under the Christburg Campus umbrella. It offers integrated secondary education culminating in the Mittlerer Schulabschluss and Abitur, with a Christian pedagogical perspective. The website reflects a well-structured, content-rich platform targeting students, parents, and educators in the local community. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and includes a cookie consent mechanism and Matomo analytics for user tracking. Security posture is good with HTTPS enforced, but lacks visible security headers and explicit security policies. No privacy policy or terms of service pages were detected, indicating room for compliance improvement. Social media integration is strong, enhancing community engagement. WHOIS data aligns well with the website's claims, indicating legitimacy and stable domain registration.

Kita Bunte Burg is a small, Christian-oriented childcare provider in Berlin, operating since 2013 under the parent organization Christburg Campus. The website is professionally built using TYPO3 CMS and modern JavaScript libraries, providing good user experience and mobile optimization. The site includes social media integration and a cookie consent mechanism, but lacks explicit privacy and terms of service pages. Security posture is adequate with HTTPS and no visible vulnerabilities, though security headers could be improved. Overall, the site is trustworthy and well-positioned for its niche audience.

Elisabeth-Abegg-Grundschule is a private primary school in Berlin offering education for grades 1 to 6 with a Christian perspective. The website is built on TYPO3 CMS and integrates modern frontend technologies such as jQuery and Parsley.js for form validation. It features a clean, professional design with good navigation and mobile optimization. Social media presence and testimonials enhance trustworthiness. However, the site lacks explicit privacy policy, terms of service, and direct contact information, which are important for compliance and user trust. Security posture is good with HTTPS and no visible vulnerabilities, but security headers and incident response details are missing. Overall, the site is suitable for its educational audience and demonstrates moderate to good digital maturity.

Kita Helles Nest is a small, modern childcare facility in Germany focused on providing early childhood education with Christian values. The website is built on TYPO3 CMS and features a professional design with good navigation and mobile optimization. It integrates Matomo analytics and includes a cookie consent mechanism, though lacks explicit privacy and terms of service pages. Social media presence is strong, enhancing community engagement. Security posture is good with HTTPS enabled but could be improved by adding security headers and explicit security policies. No contact emails or phone numbers were found in the provided content, which may impact user trust and compliance. Overall, the site is trustworthy and well-positioned in its niche market.

The Sabine-Ball-Grundschule website represents a small private primary school in Germany with a Christian educational perspective. The site provides comprehensive information about the school, its pedagogical approach, enrollment procedures, and after-school care (Hort). The school targets parents and guardians of primary school children and positions itself as a nurturing and family-oriented institution. The website is built on TYPO3 CMS and uses modern web technologies including jQuery and Parsley for form validation, with Matomo for analytics, indicating a moderate level of digital maturity. The site is well-structured, mobile-optimized, and includes social media integration to engage the community. Security posture is adequate with HTTPS usage and no visible vulnerabilities, though security headers and explicit policies could be improved. Privacy compliance is basic, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Overall, the website is professional, trustworthy, and safe for general audiences.

Immanuel-Kita is a small, specialized childcare provider in Germany focusing on Christian early childhood education. The website is professionally designed using TYPO3 CMS and integrates modern web technologies such as jQuery and Parsley.js for form validation. The site includes a cookie consent mechanism and uses Matomo for analytics, reflecting a moderate level of user tracking with privacy considerations. Social media integration is strong, linking to Facebook, Instagram, and YouTube, enhancing community engagement. However, explicit privacy policies and terms of service pages are not found, which could be improved for compliance and transparency. Security posture is good with HTTPS enforced but lacks advanced security headers and a public security policy or incident response contact. Overall, the website is trustworthy, content-rich, and well-positioned within its niche educational sector.

Immanuel-Grundschule is a small, private primary school in Germany with a Christian educational perspective. The website is built on TYPO3 CMS and integrates modern JavaScript libraries and Matomo analytics for user tracking. It offers detailed information about the school, its pedagogical approach, and related services such as after-school care (Hort). Social media presence is active with links to Facebook, Instagram, and YouTube. The site lacks an explicit privacy policy and visible contact emails or phone numbers, which are areas for improvement. Security posture is moderate with HTTPS enabled but missing security headers and no published security or incident response policies. Overall, the website is professional, trustworthy, and well-structured for its audience.

P

PEMEX

pemex.com

10

PEMEX is the Mexican state-owned petroleum company, a major player in the national energy sector, providing exploration, extraction, refining, logistics, and commercialization of hydrocarbons and petrochemical products. The website serves as the official digital presence, targeting the general public, investors, and stakeholders with comprehensive information about the company’s operations, transparency, and sustainability efforts. Technically, the site is built on Microsoft SharePoint, leveraging modern web technologies including jQuery, Bootstrap, and analytics tools such as Google Analytics and Microsoft Application Insights. The security posture is solid with HTTPS enforced and telemetry in place, though some security headers and explicit policies could be improved. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the site is professional, well-branded, and trustworthy, though WHOIS data is unavailable, which slightly reduces domain trust. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing clear incident response contacts.

D

Divi Ultimate - Divi Child Theme

diviultimate.com

48

Divi Ultimate is a specialized provider of Divi child themes for WordPress, offering a comprehensive product with over 200 reusable Divi library items and multiple pre-made homepage concepts. The business operates primarily through a subscription-based Pro Membership model, targeting web designers and developers who use the Divi WordPress theme. The website demonstrates a consistent brand presence and provides extensive product information, though lacks explicit privacy and cookie policies on the main site. Technically, the site is built on WordPress with WooCommerce and the Divi theme, leveraging modern web technologies and Google Fonts. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Marketing is supported by Facebook Pixel tracking, indicating moderate user tracking. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

A

Apple Inc.

icloud-content.com

74

Apple's iCloud developer site provides a comprehensive platform for developers to securely store and sync user data across Apple devices using iCloud and CloudKit technologies. The site offers detailed resources, telemetry, dashboards, and push notification tools, positioning Apple as a market leader in cloud services and developer tools. The technical infrastructure is modern and optimized for performance and accessibility, leveraging Apple's proprietary technologies and fonts. Security posture is strong with HTTPS enforced and privacy-respecting telemetry, though explicit security headers and incident response contacts are not evident on this page. Overall, the site demonstrates high professionalism, trustworthiness, and a mature digital presence.

T

TEXET POLAND Sp. z o.o.

texet.pl

44

Texet Poland Sp. z o.o. is a medium-sized Polish company specializing in promotional clothing, workwear, bags, and corporate gifts tailored for branding purposes. Operating for over 25 years, it serves businesses and advertising agencies by providing a wide portfolio of brands under the umbrella of the Swedish New Wave Group. The website demonstrates a professional and consistent brand presence with clear navigation and a focus on B2B services. Technically, the site uses modern web technologies including Bootstrap, jQuery, and various analytics and marketing tools, ensuring a good user experience and mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms, though some security headers are not explicitly detected, suggesting room for improvement. The absence of WHOIS data from the .pl registry introduces some uncertainty regarding domain registration legitimacy, but the business content and social proof indicate a legitimate operation. Overall, the website scores well on content quality, technical implementation, privacy compliance, and business credibility.

O

Owners Club

ownersclub.immo

49

Owners Club is a German real estate focused platform aiming to increase property ownership rates and provide access to previously inaccessible market segments. The website offers investment webinars, market news, and tools for property owners, targeting investors and homeowners primarily in Germany. The platform uses WordPress CMS with a moderate technical infrastructure including Matomo analytics and social media integrations. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website presents a professional and trustworthy image but could improve in compliance and security transparency.