Security Directory

M

MSD

msdresponsibility.com

0

MSD is a large multinational healthcare company focused on pharmaceuticals, vaccines, and global health solutions. Their website section on sustainability highlights their corporate responsibility efforts, including access to health, philanthropy, environmental sustainability, and impact investing. The company positions itself as a responsible business committed to improving human and animal health worldwide. Technically, the website is built on WordPress with modern SEO practices, lazy loading, and cookie consent mechanisms, indicating a mature digital infrastructure. Security posture is good with HTTPS and cookie consent, but lacks explicit security headers and published security policies. WHOIS data is incomplete or privacy protected, which slightly reduces domain trustworthiness but the active, professional website and recent expiry date support legitimacy. Overall, the website is professional, well-structured, and trustworthy with room for improvement in transparency and security disclosures.

W

Web Security Scan

websecurityscan.eu

0

Web Security Scan is a specialized cybersecurity service provider focusing on penetration testing and security assessments for applications and IT infrastructures. With over 15 years of ethical hacking experience, the company offers a comprehensive suite of services including pentesting, vulnerability scanning, code reviews, red teaming, and security workshops. Positioned as a trusted partner for businesses seeking to enhance their cybersecurity posture, Web Security Scan emphasizes compliance with major frameworks such as OWASP, PCI-DSS, ISO27001, and NIS2. The company operates as a division of DongIT, leveraging combined expertise in web security and development.

M

Merck & Co., Inc., Rahway, NJ, USA

msdaccessibility.com

0

Merck & Co., Inc., operating under the MSD brand outside the United States and Canada, maintains this accessibility microsite to demonstrate its commitment to digital accessibility and compliance with WCAG 2.2 standards. The site provides information on accessibility policies, tools, and resources, targeting a broad audience including persons with disabilities. The company leverages partnerships with accessibility service providers such as Level Access to enhance user experience and compliance. Technically, the website is built on WordPress with modern SEO and accessibility plugins, supported by Google Tag Manager and OneTrust for privacy and cookie consent management. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. The absence of WHOIS data suggests privacy protection or recent registration but does not detract from the site's legitimacy given the strong brand presence and trust indicators. Overall, the site is professional, accessible, and compliant with relevant privacy regulations.

M

MSD Belgium

msdconnect.be

0

MSD Belgium operates a professional digital platform, MSD Connect, targeting healthcare professionals in Belgium and Luxembourg. The platform provides access to therapeutic area information, product details, clinical data, congress updates, and patient educational materials. The website is well-branded, consistent with MSD's corporate identity, and offers multilingual support (French and Dutch). The technical infrastructure is modern, leveraging WordPress VIP, Google Tag Manager, and third-party authentication and consent management tools. Security posture is strong with HTTPS enforced and cookie consent implemented, though some security headers could be improved. WHOIS data is privacy protected, which is typical for corporate domains in Belgium, and no suspicious patterns were detected. Overall, the website is professional, secure, and compliant with GDPR requirements.

S

Swiss Creative

swisscreative.ch

0

Swiss Creative is a small communication agency based in Echallens, Switzerland, specializing in creative and communication services for local businesses and organizations. The website presents a professional image with clear branding and a focus on digital marketing and communication solutions. The technical infrastructure is built on WordPress using the Enfold theme, with modern fonts and SEO plugins enhancing the site's digital maturity. Analytics and tracking tools such as Hotjar and Google Tag Manager are employed, although privacy compliance is limited due to the absence of explicit privacy and cookie policies. Security posture is adequate with HTTPS enabled, but lacks explicit security headers and a vulnerability disclosure policy. Overall, the website is functional and professional but could improve in privacy compliance and security best practices.

S

Stage Entertainment

stage-entertainment.de

0

Stage Entertainment operates a professional German-language website focused on musicals and live shows, offering ticket sales and gift vouchers. The company holds a strong market position in the entertainment sector in Germany, targeting a broad audience interested in family-friendly and popular musical productions. The website is built on Drupal 10 and integrates modern analytics and marketing tools such as Google Tag Manager, Segment Analytics, and Optimizely, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and anti-bot protections on forms, though improvements can be made in security headers and cookie consent mechanisms. Overall, the site is trustworthy, professionally maintained, and compliant with GDPR through a comprehensive privacy policy.

N

Netherlands Board of Tourism & Conventions

nbtc.nl

0

The Netherlands Board of Tourism & Conventions (NBTC) operates as the national destination management organization for the Netherlands, focusing on the development, branding, and marketing of the country as a tourism destination. The website reflects a professional and authoritative presence, targeting residents, visitors, companies, and tourism stakeholders with relevant insights and services. NBTC positions itself as a connector and facilitator for cities, regions, and businesses to enhance the Netherlands' appeal as a liveable and valuable destination. Technically, the website is built on the XperienCentral CMS platform and incorporates modern JavaScript libraries and Piwik PRO analytics for privacy-conscious user tracking. The site is mobile-optimized, accessible, and uses HTTPS with CSRF protection mechanisms, indicating a mature digital infrastructure. SEO is basic but functional, with proper meta tags and structured data. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, consent management for cookies, and no visible vulnerabilities or exposed sensitive data. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure mechanisms, which could be improved to enhance trust and compliance. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR requirements. The absence of direct contact emails or phone numbers is mitigated by a contact form and social media presence. The domain registration aligns well with the organization's identity, supporting legitimacy. Strategic recommendations include publishing explicit security policies, incident response information, and enhancing SEO and accessibility further.

M

Mediaworks Hungary Zrt.

vaol.hu

0

VAOL is a regional news portal serving Vas county in Hungary, operated by Mediaworks Hungary Zrt. The website provides local news, economic updates, and domestic information targeted at residents and stakeholders in the region. It operates primarily on an advertising-supported business model, leveraging multiple ad networks and tracking technologies with user consent mechanisms in place. The technical infrastructure includes modern JavaScript libraries, Google Tag Manager, and consent management platforms, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and consent management implemented, but lacks some security best practices such as security headers and explicit privacy policies. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security transparency.

M

Mediaworks Hungary Zrt.

heol.hu

0

HEOL.hu is a regional news portal serving Heves county in Hungary, operated by Mediaworks Hungary Zrt., a large media company. The website provides local news, economic updates, and domestic information targeted at residents and stakeholders of Heves county. The business model is primarily advertising-supported, leveraging multiple ad networks and consent management platforms to monetize content. The site is positioned as a leading regional news source with consistent branding and good content quality. Technically, the website employs modern web technologies including Google Tag Manager, Facebook SDK, and InMobi's consent management platform, ensuring compliance with cookie regulations. The site uses HTTPS with good security headers, indicating a solid security posture. However, some compliance gaps exist, such as the absence of an explicit privacy policy and terms of service pages, which are critical for GDPR compliance. Security-wise, the site demonstrates good practices with HTTPS enforcement and consent management but lacks explicit incident response contacts or vulnerability disclosure mechanisms. No critical vulnerabilities or suspicious patterns were detected. Overall, the site is trustworthy but would benefit from enhanced transparency and compliance documentation. The overall risk is moderate with recommendations to improve privacy disclosures, add security policies, and provide clear contact channels for security incidents to enhance trust and compliance.

M

Mediaworks Hungary Zrt.

boon.hu

0

BOON.hu is a regional news portal serving Borsod-Abaúj-Zemplén county in Hungary, operated by Mediaworks Hungary Zrt. The site focuses on delivering fresh news, economic updates, and local information to residents and interested audiences within the region. It operates primarily on an advertising-supported business model, leveraging multiple ad networks and tracking technologies to monetize content. The website demonstrates a moderate to good level of digital maturity, employing modern analytics, consent management, and SEO best practices, including structured data markup. Security posture is adequate with HTTPS enforced and consent mechanisms in place, but lacks published security policies, incident response contacts, and vulnerability disclosure information, which are areas for improvement. Overall, the site is legitimate, professionally presented, and safe for general audiences.

E

Edital SA

edital.ch

0

Edital SA operates as the publisher of L’Echo du Gros-de-Vaud, an independent official journal serving the Gros-de-Vaud district in Switzerland. The publication has a strong local presence with a subscriber base of 3500 and free distribution to 19600 households eleven times a year. The company is family-owned and has been active for over three decades, positioning itself as a trusted local media outlet. The business model relies on subscriptions and advertising services targeted at local businesses and residents. The website reflects this focus with clear information about subscriptions, advertising opportunities, and contact details.

L

Le Courrier

lecourrier.ch

0

Le Courrier is a French-language Swiss news media outlet offering a wide range of news and cultural content focused on regional, national, and international topics. The website supports a subscription and donation business model, leveraging WooCommerce for e-commerce functionalities. The site is well-branded, professionally designed, and optimized for SEO and accessibility, targeting French-speaking readers interested in news and culture. Technically, the site is built on WordPress with modern JavaScript frameworks and integrates marketing and push notification tools such as Brevo and WonderPush. Security posture is strong with HTTPS enforced and standard security headers present, though explicit security policies and incident response contacts are not published. Privacy compliance is robust with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, the site is trustworthy and safe for general audiences.

Confedere.ch is a French-language Swiss media website providing news and journal content, including print editions. The site is built on WordPress using a professional Newspaper theme and includes GDPR-compliant cookie consent mechanisms. The technical infrastructure is modern with standard plugins and Google Analytics integration. Security posture is adequate with HTTPS enforced but could be improved by adding explicit security headers and hardening login forms. The website is trustworthy with consistent domain registration data and no suspicious content detected. Privacy compliance is good with clear cookie policies and consent mechanisms, though terms of service and security policies are not explicitly found.

The website frequenzwechsel.org is currently inaccessible, returning a 403 Forbidden error page served by nginx on Ubuntu. Due to the lack of accessible content, no business description, services, or user engagement features can be analyzed. The domain is registered since 2007 with a German registrar and hosting provider, indicating a potentially established entity, but no further business details are available from the site itself. Technically, the site uses a standard nginx web server but lacks visible security headers or HTTPS confirmation in the provided data. The security posture cannot be fully assessed due to blocked access, but the absence of DNSSEC and security policies suggests room for improvement. Overall, the site presents a low trust and content quality profile due to inaccessibility and lack of transparency.

F

Freifunk

freifunk.net

0

Freifunk.net is a well-established community-driven platform dedicated to promoting free and open communication networks in digital data networks. Founded in 2003, it operates as a decentralized non-commercial initiative primarily targeting technology enthusiasts and local community groups in Germany. The website offers a variety of services including community news aggregation, mailing lists, collaborative tools, and event calendars, supporting the growth and maintenance of free wireless mesh networks. The platform maintains a consistent brand presence and provides multilingual support with a focus on German and English audiences. Technically, the website is built on WordPress 6.8.1 with a robust set of plugins for SEO, GDPR compliance, event management, and multilingual content. It employs Matomo analytics, emphasizing privacy-conscious data collection. The site is mobile-optimized with good navigation and accessibility features, although some accessibility aspects could be enhanced. Hosting details are partially known, with domain registration through INWX GmbH and no DNSSEC enabled, representing a minor security gap. From a security perspective, the site enforces HTTPS and uses domain transfer protection, but lacks advanced security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is strong with a clear privacy policy and cookie consent mechanism. However, incident response and vulnerability disclosure policies are not publicly available, which could be improved to enhance trust and readiness. Overall, Freifunk.net presents a trustworthy, professional, and community-focused platform with a solid technical foundation and good privacy practices. Strategic improvements in DNS security, security policy transparency, and accessibility would further strengthen its security posture and user trust.

The website dadacafe.org currently presents no accessible content, with an empty HTML body and no metadata, scripts, or visible business information. The domain is registered since 2006 with a reputable German registrar, indicating a potentially legitimate registration, but the lack of website content suggests the site is inactive or under development. There are no privacy or cookie policies, no contact information, and no security policies visible, which limits the ability to assess compliance or security posture. The technical infrastructure cannot be fully assessed due to the absence of content and technical indicators. Security posture is weak by default due to missing HTTPS and security headers information. Overall, the site appears to be a placeholder or inactive domain with minimal digital maturity and no evident business operations online.

S

Spoedpost Noord-Limburg

huisartsenspoedpostnoordlimburg.nl

0

The website huisartsenpoedpostnoordlimburg.nl serves as the official online presence for Spoedpost Noord-Limburg, a regional healthcare provider specializing in out-of-hours general practitioner emergency services in the Noord-Limburg region of the Netherlands. The site offers relevant health information, contact details, and educational videos to assist patients in urgent care scenarios. The business is positioned as a medium-sized healthcare entity under the parent organization VieCuri, focusing on integrated emergency care services including crisis and pharmacy support. The website is primarily targeted at local residents seeking urgent medical assistance outside regular office hours. Technically, the website is built on WordPress 6.8.1 with a custom theme and uses modern web technologies including jQuery and embedded Vimeo videos. It integrates Google Tag Manager for analytics and uses Azure-hosted widgets for interactive health complaint carousels. The site is mobile-optimized, accessible, and SEO-friendly with structured data implemented. Performance is moderate, with lazy loading for images enhancing load times. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks DNSSEC for domain security and does not explicitly present security headers in the HTML. There is no visible incident response or security policy page, and cookie consent mechanisms are absent despite having a cookie policy page. These gaps suggest room for improvement in security posture and privacy compliance. Overall, the website is professional, trustworthy, and well-aligned with its healthcare mission. Strategic recommendations include enabling DNSSEC, implementing security headers, adding incident response information, and deploying a cookie consent mechanism to enhance GDPR compliance and user trust.

The website www.viiv-studyregister.com appears to be related to study registration, likely in the healthcare or clinical research domain. However, the homepage content is minimal with no visible descriptive text or business information. The site uses modern frontend technologies including Gatsby, Bootstrap, jQuery, and Google reCAPTCHA v3, indicating a contemporary technical infrastructure. Despite this, there is a lack of essential business and compliance information such as privacy policies, cookie consent mechanisms, terms of service, and contact details, which limits the site's credibility and user trust. Security posture is moderate with the use of HTTPS and reCAPTCHA but lacks visible security headers and incident response information. WHOIS data is unavailable, which raises concerns about domain legitimacy and transparency. Overall, the site requires significant improvements in content, compliance, and security disclosures to enhance trust and professionalism.

B

Bys Hosting

byshosting.nl

0

Bys Hosting is a Dutch hosting provider established in 2004, specializing in business hosting solutions with a focus on personal support and reliability. Their services include various hosting packages, VPS, and security offerings, with servers hosted in an ISO 27001 certified data center in the EU. The website is built on WordPress and uses modern frontend technologies, providing a professional and user-friendly experience targeted at business customers in the Netherlands. Security posture is solid with HTTPS and SSL certificates, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is basic with a privacy policy and terms of service present but lacking cookie consent mechanisms. Overall, the website and business appear legitimate and trustworthy.

Salland Zorgkantoor is a regional healthcare organization in the Netherlands responsible for executing the Long-term Care Act (Wet langdurige zorg - Wlz) for residents in the Salland region, including municipalities such as Deventer, Olst-Wijhe, Raalte, and Voorst. The organization facilitates access to appropriate long-term care services, including care in kind and personal budgets, and provides support through client advisors and informational resources. Their market position is that of a trusted regional care office, supported by clear contact information and a professional web presence. The website is designed to serve individuals needing long-term care and professionals in the healthcare sector.