Security Directory

APARTHOTEL-aarau-WEST is a small hospitality business located in Aarau, Switzerland, offering modern 1-3 room apartments suitable for short and long stays. The business also provides seminar and group rooms, targeting both leisure and business travelers. The website is professionally designed with clear navigation and includes booking tools, 360° apartment views, and comprehensive contact information. The parent company is AARGAUHOTELS.CH, indicating a regional hospitality network. Technically, the site uses Orchard CMS with a mix of modern and legacy technologies including jQuery 1.11.1, Google Analytics, and Matomo for analytics, and Google reCAPTCHA for form security. The site is mobile optimized and SEO friendly but could improve accessibility and update outdated libraries. Security posture is good with HTTPS and input validation, though additional security headers and explicit security policies are recommended. Privacy compliance is basic with a privacy policy and cookie consent banner present. Overall, the site is trustworthy and professionally maintained with moderate user tracking and no suspicious content.

한

한국여성건축가협회 (Korean Institute of Female Architects)

kifaonline.com

9

The Korean Institute of Female Architects (한국여성건축가협회) is a professional non-profit organization dedicated to supporting and promoting female architects in Korea. The website serves as a hub for membership services, event announcements, publications such as newsletters and eBooks, and advocacy for women in architecture. It targets female architecture professionals, students, and related stakeholders within Korea. The organization appears established with a consistent brand presence and active social media engagement.

P

PRÜM-Türenwerk GmbH

tuerenhandbuch-pruem.de

61

PRÜM-Türenwerk GmbH operates a professional website focused on door manufacturing and providing detailed door handbooks and specification texts. The site targets professionals in construction and architecture sectors, offering specialized product information. The company maintains a medium-sized manufacturing business based in Germany with consistent branding and a good quality web presence. Technically, the website is built on TYPO3 CMS with modern frontend technologies such as Bootstrap and jQuery UI. The site is moderately performant, mobile-optimized, and includes SEO best practices. Cookie consent and privacy policies are well implemented, reflecting GDPR compliance. However, explicit security headers and incident response policies are not published. Security posture is adequate with HTTPS and cookie management but could be improved by adding security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected. Tracking includes Google Analytics and Facebook Pixel with user consent mechanisms. Overall, the website is professional, trustworthy, and compliant with privacy regulations. The domain WHOIS data is partially consistent with the website content, supporting legitimacy. No blocking or WAF challenges were detected, allowing full content analysis.

U

Universitätsklinikum Ulm

uniklinik-ulm.de

65

Universitätsklinikum Ulm is a prominent university hospital in Germany, providing advanced medical care, research, and education. The website reflects a well-structured institution focused on patient services, clinical studies, and academic excellence. The digital infrastructure is built on TYPO3 CMS with modern frontend technologies, ensuring a responsive and accessible user experience. Privacy compliance is robust, leveraging Usercentrics for consent management and self-hosted Matomo for analytics, indicating a strong commitment to data protection. Security posture is good with HTTPS enforced, though the absence of certain security headers suggests room for enhancement. Overall, the domain registration and website content align well, confirming legitimacy and trustworthiness.

Sporthotel Fuchsbachtal GmbH operates a regional hotel located in the Deisterlandschaft near Hannover, Germany, offering a blend of accommodation, gastronomy, wellness, and sports activities. The hotel targets general audiences including leisure travelers and sports professionals, with a notable reputation for hosting football teams. The website is built on TYPO3 CMS and integrates modern web technologies including jQuery and Google Analytics with privacy-conscious configurations such as IP anonymization and cookie consent mechanisms. The site is well-structured, mobile-optimized, and provides clear contact information and customer testimonials, enhancing trust and user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though formal security policies and incident response contacts are absent. Overall, the website reflects a professional hospitality business with good digital maturity and compliance with GDPR requirements.

Holz-Zentralblatt is a leading German trade magazine specializing in forestry and the wood industry, operated by DRW-Verlag. It offers professional news, premium articles, classifieds, and event information targeting industry professionals. The website is built on WordPress with a modern plugin ecosystem supporting content management, advertising, and GDPR-compliant cookie consent. The site demonstrates good digital maturity with mobile optimization and privacy-conscious analytics via Matomo without cookies. Security posture is solid with HTTPS enforced and cookie management in place, though security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected. Overall, the site is professional, trustworthy, and compliant with European privacy regulations.

P

Papoo Software & Media GmbH

ccm19boros.de

47

The website ccm19boros.de serves as a login portal for CCM19, a cookie consent management software product developed by Papoo Software & Media GmbH. The business focuses on providing software solutions to help website operators manage cookie consent in compliance with privacy regulations. The site targets businesses requiring cookie consent management and offers a multilingual login interface. The market position appears niche, with a small company footprint and limited publicly available business information. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, and jQuery. The infrastructure is hosted on servers indicated by the nameservers your-server.de and second-ns.de. The site shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. No CMS or major frameworks are detected beyond custom theme scripts. From a security perspective, the site uses HTTPS (assumed from URL) and a POST login form with autocomplete attributes. However, no security headers such as Content-Security-Policy or HSTS are present, and no privacy or cookie policies are visible on the login page. There is no contact information or incident response details provided, which limits transparency and trust. The WHOIS data is minimal, showing only nameservers without registrant details, reducing domain trustworthiness. Overall, the website is functional for its login purpose but lacks comprehensive privacy, security, and business transparency features. The risk level is moderate due to missing policies and security headers. Strategic improvements in privacy compliance, security hardening, and business information disclosure are recommended to enhance trust and compliance.

Kuhn Organ Builders Ltd is a Swiss-based company specializing in the manufacturing, restoration, and maintenance of pipe organs. With a heritage spanning approximately 150 years, the company emphasizes Swiss craftsmanship and quality, producing organs entirely in Switzerland. Their website reflects a professional and well-structured digital presence, targeting musicians, churches, concert halls, and cultural institutions worldwide. The company maintains a consistent brand image and provides clear contact information and multilingual support, enhancing its international appeal. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern JavaScript libraries such as jQuery and Swipe.js for interactive features. The site is mobile-optimized with good SEO practices, though performance is moderate. Security-wise, HTTPS is used, but explicit security headers and policies are not evident. No cookie consent mechanism or detailed privacy compliance indicators are present, suggesting room for improvement in GDPR adherence. The security posture is adequate with no visible vulnerabilities or exposed sensitive data, but the absence of a published security policy or incident response contact limits transparency. The WHOIS data aligns well with the company's claims, showing a consistent and legitimate registration. Overall, the website is trustworthy, professional, and safe, with minor gaps in privacy and security policy disclosures.

F

Fondation Beyeler

fondationbeyeler.ch

51

Fondation Beyeler is a well-established Swiss museum specializing in modern and contemporary art, located in Riehen/Basel. The institution offers a rich program of exhibitions, educational workshops, events, and a museum shop, targeting art enthusiasts, families, and educators. The website reflects a mature digital presence with multilingual support and comprehensive visitor information. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates various third-party services for analytics and marketing. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

A

AFTRAL

aftral.com

64

AFTRAL is a leading French organization specializing in professional training and education in the transport and logistics sectors. The website offers a comprehensive catalog of courses ranging from CAP to BAC+6 levels, supported by a network of over 120 training centers and multiple campuses. The business targets professionals and students seeking qualifications and certifications in transport, logistics, and supply chain management. The site is well-structured, with clear navigation and a professional design consistent with its market position. Technically, the website is built on Drupal 7 with a variety of contributed modules and libraries such as jQuery UI and Apache Solr for search functionality. It integrates modern tracking and consent management tools including Google Tag Manager, TikTok Pixel, and Cookiebot, indicating a moderate level of digital maturity. Performance and mobile optimization are adequate, though some technical debt is implied by the use of older jQuery versions. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible advanced security headers and explicit security or incident response policies. The absence of WHOIS domain registration data raises concerns about domain legitimacy, though the website content and branding strongly suggest a legitimate and established entity. No critical vulnerabilities or exposed sensitive data were detected. Overall, AFTRAL's website presents a professional and trustworthy front for its educational services, but would benefit from enhanced transparency in privacy policies, contact information, and domain registration details to strengthen trust and compliance.

S

SORA Bern

sora-bern.ch

56

SORA Bern is a Swiss non-profit organization providing social support services primarily targeting families with children up to 18 years and young adults including young parents. Their services focus on strengthening parenting competencies, child welfare, housing skills, and personal development. The website is built on the Plone CMS platform and uses modern web technologies such as jQuery and Handlebars.js. It features a clear navigation structure and is mobile optimized, providing a good user experience. Security-wise, the site enforces HTTPS but lacks several security headers and explicit security policies. Privacy compliance is partially met with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional but could improve in security and privacy transparency.

E

Eidgenössische Turnveteranen-Vereinigung (ETVV)

etvv.ch

66

The Eidgenössische Turnveteranen-Vereinigung (ETVV) is a Swiss non-profit association dedicated to veteran gymnasts aged 50 and above within the Swiss Gymnastics Federation. The organization promotes camaraderie, ethical values, and the ideals of Swiss gymnastics, while also supporting youth sports through sponsorships. The website is bilingual (German and French), professionally designed, and provides clear organizational and contact information. Technically, it is built on the Jimdo Creator CMS platform, uses modern web technologies, and includes standard privacy and cookie consent mechanisms. Security posture is good with HTTPS enforced and appropriate security headers, though no explicit security policy or incident response information is provided. Overall, the site is trustworthy, compliant with GDPR, and serves its niche audience effectively.

The website www.grossenhain.de is the official online presence of the city administration of Großenhain, Germany. It serves as a comprehensive information portal for residents, visitors, and local businesses, offering city news, event calendars, citizen services, and tourism information. The site is well-structured, primarily in German, and reflects the identity and functions of a municipal government entity. The business model is focused on public service and community engagement, positioning itself as a trusted local government resource. Technically, the website is built on the Contao Open Source CMS platform and leverages several JavaScript libraries such as jQuery, bxSlider, and Usercentrics for cookie consent management. Hosting is provided by heitech.net, as indicated by the nameservers. The site demonstrates moderate performance and good mobile optimization, with basic accessibility features and solid SEO practices. The presence of structured data (JSON-LD) enhances search engine understanding. From a security perspective, the site uses HTTPS with a good SSL configuration and employs a consent management platform to comply with GDPR. However, explicit security headers are not detected, and no dedicated security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data aligns well with the website's claims, supporting its legitimacy and trustworthiness. Overall, the website is professional, trustworthy, and suitable for its intended audience. It maintains good privacy compliance and provides clear contact information. Strategic improvements could include adding explicit security headers, publishing security policies, and enhancing accessibility features to further strengthen its security posture and user experience.

D

digicube AG

bienen.ch

58

bienen.ch is a comprehensive Swiss platform dedicated to providing high-quality, scientifically grounded information about honey and wild bees, beekeeping, and environmental issues. The platform is supported by organizations focused on improving bee health and habitats, offering educational resources, services, and a marketplace for beekeeping supplies. The website targets beekeepers, environmentalists, and the general public interested in bees within Switzerland. Technically, the site is built on a modern WordPress infrastructure with a rich plugin ecosystem, optimized for performance, mobile responsiveness, and accessibility. Security posture is solid with HTTPS enforced and no obvious vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and minimal user tracking via Plausible Analytics. Overall, the site demonstrates high professionalism, trustworthiness, and a strong alignment between WHOIS data and business claims.

The Deutscher Behindertensportverband e.V. (DBS) is the largest disabled sports association globally, serving as the National Paralympic Committee for Germany. The website provides comprehensive information about disabled sports, athlete support, events, and educational resources, targeting individuals interested in Paralympic and disabled sports. The organization operates as a non-profit entity with a strong market position in Germany. Technically, the website is built on the Contao CMS platform, utilizing modern JavaScript libraries such as jQuery and Colorbox, and is hosted by agenturserver. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security-wise, the site enforces HTTPS, uses CSRF protection cookies, and implements a cookie consent mechanism with GDPR compliance. However, it lacks explicit security policy pages and incident response contacts. Overall, the website is professional, trustworthy, and well-maintained, with active social media engagement and clear branding.

C

ClubDesk

clubdesk.com

61

ClubDesk is a Swiss-based online club management software provider offering a comprehensive SaaS platform for associations and clubs to manage members, accounting, events, and websites. The company targets a broad range of clubs including sports, cultural, and hobby groups, with a strong presence in Switzerland and Germany. The website is professionally designed, mobile-optimized, and integrates modern technologies such as Contao CMS, jQuery, and Google Tag Manager. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers and explicit privacy policies are missing. The business demonstrates legitimacy through transparent WHOIS data and partnerships with reputable financial and sports organizations. Overall, ClubDesk presents a mature digital infrastructure with a strong market position in the club management software niche.

D

DRDH Architects

drdharchitects.co.uk

41

DRDH Architects is a London-based architectural practice with a portfolio showcasing cultural, residential, and civic projects across Europe, including Belgium and the UK. The firm targets clients seeking architectural design and masterplanning services, positioning itself as an established mid-sized player in the real estate and architectural sector. The website presents a professional portfolio with clear contact information but lacks modern privacy and security disclosures. Technically, the site relies on legacy JavaScript libraries and does not show evidence of modern CMS or hosting details. Security posture is weak due to missing HTTPS confirmation and security headers, and no privacy or cookie policies are present, which may impact compliance. The absence of WHOIS data for the domain raises concerns about domain legitimacy, although the website content itself appears professional and trustworthy. Overall, the site demonstrates moderate digital maturity but requires improvements in security and compliance to enhance trust and risk posture.

Ostschweizer Gästekarte GmbH operates a regional guest card service called 'Oskar' that provides tourists in Eastern Switzerland with access to free public transportation on the Ostwind network and discounts or free entry to various leisure activities. The company partners with local accommodations to issue these cards, targeting travelers seeking convenient and cost-effective regional travel and experiences. The website is professionally designed with a clear focus on user experience, offering multilingual support (German and English) and interactive features such as hotel booking forms and image sliders showcasing regional attractions. The business maintains a consistent brand presence and provides comprehensive legal and privacy documentation, reflecting a mature approach to compliance and customer trust.

A

Aargau Tourismus AG

aargautourismus.ch

48

Aargau Tourismus AG operates as the regional tourism authority for the canton of Aargau in Switzerland, providing comprehensive tourism information, event promotion, and services such as meeting location facilitation and an online shop for vouchers. The website targets tourists, cultural enthusiasts, families, and event attendees, positioning itself as a trusted regional tourism hub with strong partnerships and certifications like Swisstainable. Technically, the site employs modern tracking and analytics tools including Google Analytics and Facebook Pixel, uses Bootstrap and jQuery UI for UI components, and is likely powered by the ZMS CMS platform. The site is mobile-optimized with good navigation and content quality. Security posture is solid with HTTPS enforced and cookie consent implemented, though it lacks explicit security policies and incident response information. Overall, the domain registration data aligns well with the business identity, supporting legitimacy and trustworthiness.

G

Gemeinde Hasliberg

hasliberg.ch

54

Gemeinde Hasliberg is the official municipal government website serving the Hasliberg region in Switzerland. It provides local administrative information, community services, tourism details, event announcements, and educational resources. The site targets residents and visitors, offering comprehensive local content in German. The business model is that of a government entity focused on public service and community engagement. Technically, the website is built on the concrete5 CMS platform, utilizing common JavaScript libraries and Google services such as Analytics and reCAPTCHA to enhance functionality and security. The site is mobile optimized and presents a professional design with clear navigation. Security posture is solid with HTTPS enforced and reCAPTCHA protecting forms, though it lacks some advanced security headers and explicit incident response policies. Privacy compliance is partially met with a privacy policy present but no cookie consent mechanism. Overall, the website is trustworthy, legitimate, and well-maintained, reflecting its role as a government portal.

V

Vogt

vogt-la.com

10

Vogt is a professional landscape architecture firm presenting a well-structured website featuring their projects, case studies, publications, and news. The firm appears to have an international presence with awards and recognitions highlighted. The website targets professionals and clients interested in landscape architecture services. Technically, the site uses a range of JavaScript libraries including jQuery, Select2, and Slick Carousel, indicating a moderately modern tech stack. The site is mobile optimized and includes cookie consent mechanisms, reflecting awareness of privacy compliance. Security posture is solid with HTTPS enforced, though security headers are not explicitly detected. No critical vulnerabilities or exposed sensitive data were found. WHOIS data is unavailable, which reduces trust slightly but the professional presentation and social media presence support legitimacy. Overall, the site is well-maintained, secure, and compliant with basic privacy standards.

S

Schulthess Klinik

schulthess-klinik.ch

71

Schulthess Klinik is a leading orthopedic healthcare provider in Switzerland and Europe, specializing in a wide range of orthopedic surgeries and related medical services. The website reflects a mature digital presence with comprehensive content targeting patients, referring physicians, and healthcare professionals. It supports multiple languages and offers clear pathways for appointment scheduling and patient referrals. Technically, the site is built on Drupal 10 with modern front-end technologies and integrates Google Tag Manager for analytics. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, although explicit security policies and vulnerability disclosures are not publicly detailed. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR requirements.

L

lernando

lernando.de

72

lernando.de is a German e-commerce website specializing in educational materials such as school books, learning aids, and exercise booklets for children of all school grades. The platform targets parents and children seeking verified publisher materials with convenient shipping options. Technically, the site is built on Drupal 11 with Commerce 3, leveraging modern web technologies including jQuery UI, Cookiebot for consent management, Google Tag Manager, and Meta Pixel for marketing and analytics. The website demonstrates good digital maturity with mobile optimization and SEO best practices. Security-wise, the site enforces HTTPS and employs a comprehensive cookie consent mechanism, but lacks explicit security policies or incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR, though it could improve by adding Terms of Service and security disclosure information.

Hublot is a renowned Swiss luxury watch brand specializing in high-end timepieces for men and women. The company operates a professional and visually appealing website built on Drupal 10, showcasing its collections and brand heritage. The website demonstrates a mature digital infrastructure with modern technologies such as Google Tag Manager, reCAPTCHA, and AB Tasty for marketing and analytics. Security posture is strong with HTTPS enforced and standard security headers likely in place, although explicit security policies and incident response contacts are not publicly visible. Privacy compliance is partially addressed through a cookie consent mechanism, but the absence of a clear privacy policy and terms of service pages limits full compliance assurance. The domain WHOIS data is unavailable, which is unusual but likely due to privacy protection or registry limitations rather than malicious intent. Overall, the website is trustworthy, professional, and well-optimized for user experience and SEO.

C

ClubGolf Online Shop

clubgolfshop.ch

49

ClubGolf Online Shop is a Swiss-based e-commerce retailer specializing in golf-related products including apparel, equipment, and accessories. The website targets golf enthusiasts primarily in German-speaking Switzerland and operates on the PrestaShop platform. The site features a clear product catalog, partner golf club links, and standard e-commerce functionalities. Technically, the site uses modern web technologies and modules for payment and legal compliance, with good mobile optimization and basic accessibility. Security posture is solid with HTTPS and cookie consent implemented, though security headers are not evident. Privacy compliance is adequate with a privacy policy and cookie banner present. Contact is provided via a contact form, but no direct emails or phone numbers are visible. Overall, the site is professional and trustworthy with a moderate to good AI score of 79.

Q

Querfeld's Wiener Kaffeehaus GesmbH

cafe-wien.at

66

Querfeld's Wiener Kaffeehaus GesmbH operates an e-commerce platform dedicated to selling gift vouchers for its chain of cafés and restaurants in Vienna, Austria. The website offers a user-friendly interface with multiple voucher categories, a voucher value checking feature, and digital delivery options. The business targets general consumers looking to gift hospitality experiences. The company is positioned as a reputable regional hospitality brand with a medium-sized operation and consistent branding across its digital presence. Technically, the website employs a modern technology stack including Vue.js, jQuery, and various tracking and analytics tools such as Google Analytics, Facebook Pixel, and eTracker. It uses the Incert e-commerce system, which is specialized for tourism and hospitality sectors. The site is mobile-optimized and includes accessibility and SEO best practices, though accessibility could be further enhanced. From a security perspective, the site enforces HTTPS, implements cookie consent mechanisms via Klaro, and uses security headers to protect users. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure information, which are recommended for improved security posture. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. It effectively supports the business model of online voucher sales for hospitality services. Strategic recommendations include publishing security policies, adding incident response contacts, and enhancing accessibility features to further strengthen trust and compliance.

D

DenkBunt

denkbunt-thueringen.de

42

DenkBunt is a regional German program dedicated to promoting democracy, tolerance, and openness in the state of Thüringen. The website serves as an informational and resource platform for citizens, organizations, and institutions involved in democratic education, project funding, and social initiatives. The program offers project support, advisory services, training, and public relations activities aimed at strengthening democratic values and preventing extremism. Technically, the website is built on WordPress and employs common JavaScript libraries such as jQuery and FlexSlider to enhance user experience. It is hosted by a German hosting provider, ensuring regional relevance and performance. Security-wise, the site uses HTTPS but lacks advanced security headers and a cookie consent mechanism, which are recommended for improved compliance and protection. No vulnerabilities or suspicious elements were detected, and the site is fully accessible without WAF or blocking mechanisms. Overall, DenkBunt presents a professional, trustworthy, and content-rich platform aligned with its mission as a government or non-profit initiative.

L

Lucas Muñoz Muñoz

lucasmunoz.com

47

Lucas Muñoz Muñoz is a designer and artist specializing in sustainable, experimental, and upcycled furniture and installations. The website serves as a comprehensive portfolio showcasing a wide range of projects from 2006 through 2025, including collaborations with galleries and participation in international design festivals. The target audience includes design enthusiasts, galleries, and cultural institutions interested in innovative and sustainable design. Technically, the website uses modern JavaScript libraries such as jQuery, Masonry, and Vimeo API for dynamic content presentation, with a responsive design suitable for mobile devices. However, there is no evidence of HTTPS or security headers, and no privacy or cookie policies are present, indicating compliance and security gaps. The WHOIS data is missing, raising concerns about domain legitimacy, though the website content is professional and active. Overall, the site demonstrates good content quality and technical implementation but requires improvements in security, privacy compliance, and domain legitimacy verification.

A

ASKO - NÁBYTEK

asko-nabytek.cz

59

ASKO - NÁBYTEK is a prominent Czech furniture retailer offering a wide range of furniture and home accessories through its e-commerce platform. The website presents a comprehensive catalog of products including beds, chairs, tables, wardrobes, sofas, and various home textiles and decorations, targeting general consumers seeking quality home furnishings. The company appears to have a large market presence in the Czech Republic with a well-structured online shopping experience. Technically, the website employs modern JavaScript libraries such as jQuery, Splide, and Slick for UI components and galleries, alongside Google Tag Manager for analytics and marketing. The site is mobile-optimized and includes cookie consent mechanisms, indicating a moderate level of digital maturity. However, the absence of detailed WHOIS data limits the ability to fully verify domain legitimacy and ownership. From a security perspective, the site enforces HTTPS and includes basic security headers, but lacks advanced headers like Content-Security-Policy and HSTS. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is basic, with cookie consent present but no explicit privacy policy or terms of service found in the analyzed content. Overall, the website is professionally designed and functional, with a good user experience and clear navigation. The lack of WHOIS transparency and limited privacy documentation are areas for improvement. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and terms policies, and improving accessibility features to strengthen compliance and trust.

The International Fairs Directory, operated by Mulpor Company S.R.L., is a well-established online platform providing a comprehensive global overview of fairs and exhibitions. It serves as a key resource for fair exhibitors, visitors, and industry professionals seeking business connections worldwide. The platform offers detailed listings of fairs, exhibitors, and related business contacts, positioning itself as a leading directory in the international trade show and events sector. The business is headquartered in Costa Rica and has been operational since at least 2016, with the domain registered in 2021. Technically, the website employs a custom-built solution leveraging Bootstrap and jQuery frameworks, with integrations for Google Analytics and Tag Manager for user tracking and analytics. The site is hosted by HOSTINGER operations, UAB, a reputable hosting provider. The website demonstrates good mobile optimization and moderate performance, with a professional design and clear navigation structure. Cookie consent mechanisms are implemented, enhancing privacy compliance, though the privacy policy is basic and lacks explicit GDPR compliance details. From a security perspective, the site uses HTTPS with a valid SSL certificate and displays a Norton Secured seal, indicating a trustworthy encryption standard. However, DNSSEC is not enabled, and several security headers are missing, which could be improved to enhance protection against common web threats. There is no publicly available security policy or incident response information, which limits transparency in security governance. The WHOIS data is consistent with the website's business claims, showing no privacy protection and a domain age appropriate for the business history. Overall, the website presents a moderate risk profile with good business credibility and technical implementation but could benefit from enhanced security practices and more comprehensive privacy and security disclosures. Strategic improvements in these areas would strengthen trust and compliance, supporting the platform's role as a global business connector.

G

Genolve

genolve.com

54

Genolve operates as an AI-assisted design platform specializing in generating AI images, videos, and graphics from user input phrases. The website targets creative professionals and enthusiasts seeking to leverage AI technologies for content creation, offering tools such as AI image and video generators, WordPress plugins, and social media graphic makers. The platform integrates modern web technologies and Google services to enhance user experience and authentication. However, the absence of WHOIS registration data and lack of visible privacy or cookie policies present concerns regarding domain legitimacy and compliance. The site is visually appealing, mobile-optimized, and provides a moderate level of technical sophistication.

N

NAJU (Naturschutzjugend im NABU)

trashbusters.de

47

Trashbusters.de is a German non-profit youth environmental campaign website operated under the umbrella of NAJU, the youth organization of NABU. The site focuses on mobilizing youth and environmental activists to combat plastic pollution through cleanup actions, political engagement, and educational initiatives. The website is well-branded, consistent, and provides relevant content for its target audience. Technically, it is built on the Jimdo Creator CMS platform, leveraging jQuery UI and third-party widgets such as POWr.io and Google Maps. The site is mobile-optimized and uses HTTPS with cookie consent mechanisms, reflecting good privacy compliance. However, explicit contact information and formal security or incident response policies are not present, which limits direct communication and security transparency. Overall, the site is trustworthy and professionally maintained, suitable for its non-profit mission.

D

Diözese St. Pölten

aufsendung.at

66

The website www.aufsendung.at serves as an informational and community engagement platform for the Diocese of St. Pölten, Austria. It focuses on the Synodal Process initiated by the Catholic Church, providing resources, event information, and contact details for church members and the general public. The site is part of a broader diocesan web presence and links to official church and charitable organizations. Technically, the site uses the siteswift CMS platform with a modern JavaScript stack including jQuery and cookie consent management via Klaro. While the site is well-structured and mobile-optimized, some SEO metadata is incomplete and accessibility features are basic. Security posture is moderate with CSRF protections and cookie consent but lacks explicit security headers and published incident response policies. Overall, the site is legitimate, trustworthy, and serves its community purpose effectively.

1

1&1 Internet Inc

moneyyy.me

56

moneyyy.me is an online platform launched in 2018 that facilitates users in requesting money via multiple popular payment platforms such as Venmo, PayPal, Cash App, Patreon, and OnlyFans through a single aggregated link. The service targets individuals and content creators who receive payments across these platforms, offering convenience and streamlined payment requests. The website is professionally designed with good user experience and mobile optimization, leveraging common web technologies including jQuery, Bootstrap, and FontAwesome, and integrates Google Analytics for user tracking. From a technical perspective, the site is hosted under the registrar IONOS SE (1&1 Internet Inc), with a domain age consistent with the business timeline. The technical stack is modern but lacks advanced security configurations such as DNSSEC and security headers. The site uses HTTPS, but no explicit security headers were detected in the HTML content. Privacy and cookie policies are absent, which impacts compliance and user trust. The registration form collects sensitive user data including email, username, password, and payment platform links, but no visible security or privacy disclosures are provided. Security posture is moderate with room for improvement. The absence of DNSSEC, security headers, and privacy policies are notable gaps. No incident response or vulnerability disclosure information is available. The domain registration is transparent and consistent with the website content, indicating legitimacy. No adult or explicit content is present, making the site safe for general audiences. Overall, moneyyy.me presents a niche financial service with a good user interface and functional design but requires enhancements in privacy compliance, security best practices, and transparency to improve trust and regulatory adherence.

R

Robert Steiner

robertsteiner.at

47

Robert Steiner is a family entertainer based in Austria, offering a diverse range of media content including radio shows on ORF Radio Wien, TV programming on ORF 1, podcasts for children, and publishing the KidsKrone magazine. The website serves as a hub for his media presence and family entertainment ventures, targeting families and children. Technically, the site is built on WordPress with a modern theme and plugins, delivering a good user experience with mobile optimization and moderate performance. Security posture is solid with HTTPS and cookie consent, though lacks some advanced security headers and a privacy policy. WHOIS data is unavailable due to registry quota limits, limiting domain trust analysis. Overall, the site is professional, content-rich, and trustworthy for its audience.

H

Hallesche Wasser und Stadtwirtschaft GmbH

hws-halle.de

61

Hallesche Wasser und Stadtwirtschaft GmbH is a regional utility company based in Halle, Germany, providing essential municipal services including water supply, wastewater management, waste disposal, and city cleaning primarily targeting private customers. The company operates as part of the larger SWH Gruppe, which encompasses multiple related entities in energy, transportation, and municipal services. Their website reflects a structured and comprehensive presentation of services, targeting local residents and businesses with clear navigation and service menus. Technically, the website employs modern frontend technologies such as jQuery, FontAwesome, and Slick Carousel, alongside privacy-conscious tools like Usercentrics for consent management and Matomo for analytics. The site is mobile optimized and demonstrates moderate performance and accessibility standards. However, some security headers are not explicitly detected, and there is no visible security policy or incident response information. From a security perspective, the site enforces HTTPS and uses consent management, but lacks published security policies and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were found in the provided content. The WHOIS data aligns well with the website's claims, indicating a legitimate and trustworthy domain registration. Overall, the website presents a professional and trustworthy digital presence for a municipal utility provider, with room for improvement in security policy transparency and enhanced privacy compliance documentation.

N

NETZ HALLE GmbH

netzhalle.de

60

NETZ HALLE GmbH operates as a regional energy network operator in Halle (Saale), Germany, providing essential services such as electricity, gas, and heat network connections, metering, and customer support. The company is part of the larger Stadtwerke Halle group, which includes various utility and service subsidiaries. The website reflects a professional and regionally focused utility provider with clear service offerings and customer engagement channels. Technically, the website employs a legacy CMS (SixCMS) with common JavaScript libraries like jQuery and Modernizr, enhanced by user consent management via Usercentrics and analytics through Matomo. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Hosting appears to be managed by EVH, consistent with the regional focus. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible advanced security headers and a public security policy or vulnerability disclosure. No critical vulnerabilities or suspicious content were detected. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent. Overall, the website is trustworthy, professionally maintained, and suitable for its target audience. Recommendations include enhancing security headers, publishing a security policy, and improving accessibility features to further strengthen compliance and security posture.

E

Erzdiözese Salzburg

edsbg.at

59

Erzdiözese Salzburg operates as a large, established Catholic diocese serving the Salzburg region and Tiroler Unterland in Austria. The website functions as an informational and community engagement platform, offering news, event details, and religious content tailored to its Catholic audience. The organization maintains a consistent brand presence and leverages social media channels to extend its outreach. Technically, the site uses the siteswift CMS platform with modern JavaScript libraries, ensuring a responsive and user-friendly experience. Security measures include HTTPS enforcement, CSRF protection on forms, and a comprehensive cookie consent mechanism, although explicit security headers and incident response policies are not publicly documented. Overall, the site demonstrates a good balance of content quality, technical implementation, and privacy compliance, reflecting the organization's credibility and commitment to user trust.

S

Stadtwerke Halle GmbH

swh.de

62

Stadtwerke Halle GmbH is a large municipal utility company serving the city of Halle (Saale) and surrounding region in Germany. The company provides a broad range of essential services including electricity, natural gas, district heating, water supply, waste management, public transportation, and leisure facilities. It operates through multiple subsidiaries and partner organizations, reflecting a diversified municipal service portfolio. The website presents these services clearly and professionally, targeting local residents and businesses. Technically, the website uses a modern technology stack including jQuery, Slick Carousel, FontAwesome, and a consent management platform (Usercentrics) alongside Matomo analytics for privacy-conscious user tracking. The site is mobile optimized and structured for good SEO and accessibility, though some accessibility features could be enhanced. Hosting and CMS appear stable and appropriate for the business scale. From a security perspective, the site enforces HTTPS and uses consent management for cookies, indicating good privacy practices. However, no explicit security policy, incident response contacts, or vulnerability disclosure mechanisms are publicly available, which could be improved. No vulnerabilities or suspicious content were detected in the analysis. Overall, the website is trustworthy, professionally maintained, and aligned with the business's public utility role. Strategic improvements in transparency around security policies and GDPR compliance documentation would enhance trust and compliance posture.

Indiebookday.de is a German initiative by the mairisch Verlag aimed at promoting independent book publishing through an annual event encouraging readers to purchase books from indie publishers and share their support on social media. The website serves as an informational platform providing event details, downloadable promotional logos, and multilingual access. The business operates as a small cultural initiative with a niche market position and a focus on community engagement rather than commercial sales. Technically, the website is built on the Jimdo Creator CMS platform, hosted via domaincontrol.com nameservers, and uses standard web technologies including jQuery and Jimdo's proprietary scripts. The site is mobile-optimized with moderate performance and basic SEO and accessibility features. Privacy and cookie policies are implemented with a consent mechanism, reflecting compliance with GDPR requirements. From a security perspective, the site enforces HTTPS and includes cookie consent but lacks explicit security headers and documented incident response policies. No vulnerabilities or exposed sensitive data were detected. The domain registration data is consistent and legitimate, supporting the trustworthiness of the site. Overall, the website presents a professional and trustworthy front for its cultural mission, with room for improvement in security hardening and enhanced business contact transparency.

Z

Zusammen für Demokratie

zusammen-fuer-demokratie.de

41

Zusammen für Demokratie is a German non-profit coalition comprising 73 civil society organizations dedicated to defending democracy and human rights. The website serves as a platform to provide resources, campaign materials, and support for local initiatives and activists. It positions itself as a significant player in the democratic advocacy space within Germany, offering workshops, donation facilitation, and educational content. The target audience includes civil society groups, activists, and the general public interested in democratic values. Technically, the website is built on WordPress 6.8.3, utilizing common libraries such as jQuery and jQuery UI, along with plugins like Udesly WP App and Koko Analytics for analytics. Hosting is provided by agenturserver, indicated by the nameservers. The site demonstrates moderate performance with good mobile optimization and basic accessibility features. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the site enforces HTTPS with excellent SSL configuration but lacks several security headers that could enhance protection. No vulnerabilities or exposed sensitive data were detected. However, the absence of a cookie consent mechanism and explicit security or incident response policies indicates room for improvement in compliance and security posture. Overall, the website is professional, trustworthy, and well-aligned with its non-profit mission. Strategic recommendations include implementing GDPR-compliant cookie consent, adding security headers, publishing a vulnerability disclosure or security.txt file, and enhancing incident response transparency to strengthen trust and compliance.

The Deutscher Verlagspreis website represents an official German federal government cultural initiative aimed at supporting and awarding independent publishers in Germany. The site provides comprehensive information about the award, participation, jury, and prize winners, targeting publishers and cultural stakeholders. The business model is government-funded, focusing on cultural promotion rather than commercial activities. Technically, the site is built on the Contao CMS platform, leveraging modern JavaScript libraries such as jQuery and Modernizr to enhance user experience. The site is mobile-optimized, accessible, and SEO-friendly with clear navigation and structured content. Security posture is solid with HTTPS enforced and basic session and CSRF protections, though some advanced security headers and policies are missing. Privacy compliance is good, with a cookie consent mechanism and a privacy policy in place, but no explicit terms of service or security policy pages were found. Overall, the site is trustworthy, professional, and safe for general audiences.

M

MyGiftCard

mygiftcard.it

68

MyGiftCard is an established Italian e-commerce platform specializing in the sale of gift cards from major brands across various sectors including retail, food, electronics, and travel. The website offers services such as online activation and balance verification of gift cards, targeting Italian consumers seeking convenient gifting solutions. The platform also features MyGiftCardPlus, a loyalty or enhanced service program. Technically, the site is built on Magento with a mix of modern and legacy JavaScript libraries, and integrates Google Analytics and Tag Manager with privacy-conscious configurations like IP anonymization. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though improvements in security headers and explicit security policies are recommended. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the site scores well on content quality, privacy compliance, and business credibility, making it a trustworthy platform for gift card purchases.

G

GEOMAR Helmholtz-Zentrum für Ozeanforschung Kiel

geomar.de

50

GEOMAR Helmholtz-Zentrum für Ozeanforschung Kiel is a prominent German research institution specializing in oceanographic and climate research. The website serves as a comprehensive platform for scientific information, research programs, expeditions, and public outreach. It targets researchers, students, policymakers, and the general public interested in marine and climate sciences. Affiliated with the Helmholtz Association, GEOMAR holds a strong market position in the education and government research sectors. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries such as jQuery and Slick Slider, providing a responsive and accessible user experience. The site demonstrates good SEO practices and mobile optimization, though performance is moderate. Security posture is solid with HTTPS enforced and some security headers present, but could be improved by adding more comprehensive headers and visible incident response policies. Overall, the site is trustworthy and professional, with clear branding and consistent content quality. However, it lacks a visible cookie consent mechanism and explicit security contact information, which are areas for improvement. The domain registration data aligns well with the website content, reinforcing legitimacy and trustworthiness.

K

Katholische Kirche Steiermark

graz-seckau.at

68

Katholische Kirche Steiermark operates as the official Catholic Diocese of Graz-Seckau, Austria, providing religious, educational, and community services. The website serves as a comprehensive portal for diocesan news, parish information, faith education, and community engagement. It holds a strong regional position as a trusted religious authority with a history dating back to 1218. Technically, the site is built on the siteswift-CMS platform, leveraging modern JavaScript libraries such as jQuery and Swiper.js, and integrates Google Maps and Matomo analytics. The site is mobile-optimized and accessible, with a clear navigation structure and professional design. Security posture is solid with HTTPS, security headers, and CSRF protections, though explicit security policies and incident response details are not publicly disclosed. Privacy compliance is well managed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is trustworthy, professional, and well-maintained, serving its target audience effectively.

B

Berlin Buch

berlin-buch.com

57

Berlin Buch is a well-established biomedical and healthcare cluster located in Berlin, Germany, with a history dating back over 100 years in medical research and clinical care. The website serves as a portal to the cluster's institutes, companies, and services, targeting healthcare professionals, researchers, and the general public interested in health and biomedical innovation. The business model focuses on fostering collaboration and innovation within the life sciences sector, supported by reputable partners and EU funding. Technically, the website uses a modern but traditional tech stack including jQuery, Bootstrap, and Matomo analytics configured for privacy. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS and domain transfer protection, but lacks DNSSEC and security headers, and does not provide explicit security or incident response policies. Privacy compliance is partially met with a privacy policy and GDPR-respecting analytics, but lacks a cookie consent mechanism. Overall, the website is professional, trustworthy, and serves its audience well, though improvements in security headers and privacy transparency are recommended.

T

Touch Medical Media IME

touchime.org

68

Touch Medical Media IME operates as a global leader in independent medical education, providing healthcare professionals worldwide with trusted, faculty-led educational content across multiple specialized therapy areas. The company emphasizes scientific integrity, collaboration, and innovation to improve patient care outcomes. Their business model leverages a multi-platform approach with dedicated therapy area websites and a broad global reach, serving healthcare professionals in over 150 countries. Technically, the website is built on WordPress with modern front-end technologies including jQuery, Select2, and FontAwesome, optimized for performance using WP Rocket and served via Cloudflare infrastructure. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, although some security headers and DNSSEC are missing. From a security perspective, the site enforces HTTPS and uses Cloudflare DNS but lacks DNSSEC and some recommended security headers like CSP and X-Frame-Options. No privacy policy or terms of service pages were found, which is a compliance gap. Cookie consent is implemented via Borlabs Cookie plugin, and tracking includes Facebook Pixel and Google Tag Manager. No critical vulnerabilities or WAF blocking were detected. Overall, the website presents a professional, trustworthy, and well-structured platform for medical education with strong business credibility. Strategic improvements in privacy compliance and security hardening are recommended to enhance trust and regulatory adherence.

M

Medical Informatics Initiative

medizininformatik-initiative.de

58

The Medical Informatics Initiative is a German government-funded program aimed at enhancing medical research and patient care through improved data integration and sharing across university hospitals and research institutions. The initiative operates a comprehensive website built on Drupal 10, featuring multilingual content, a cookie consent mechanism, and privacy-respecting analytics via Matomo. The site demonstrates strong digital maturity with good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforced and consent-based tracking, though explicit security policies and incident response contacts are not published. Overall, the website reflects a professional, trustworthy, and well-maintained digital presence aligned with its healthcare research mission.

M

Münchener Hypothekenbank eG

muenchenerhyp.de

53

Münchener Hypothekenbank eG is a well-established cooperative bank specializing in long-term real estate financing for private and commercial clients, with a strong emphasis on sustainability and member benefits. The bank operates primarily in Germany with additional presence in Western Europe and the USA. Their website reflects a mature digital presence built on Drupal 10, incorporating modern web technologies and analytics tools such as Matomo and Google Tag Manager. The site is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content including press releases, career opportunities, and investor information. Security posture is solid with HTTPS enforced and cookie consent managed via Cookiebot, though some security headers and explicit security policies could be improved. WHOIS data aligns well with the business claims, indicating a trustworthy and legitimate domain. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations.

A

Associazione per la Decrescita

decrescita.it

53

The website decrescita.it represents the Associazione per la Decrescita, a small Italian non-profit organization dedicated to promoting the philosophy and practice of degrowth, ecological sustainability, and social equity. The site serves as a platform for publishing articles, organizing events, and fostering community engagement around these themes. The organization has a well-established presence since 2005, supported by a domain with consistent WHOIS data and DNSSEC enabled for security. Technically, the website is built on WordPress 6.8.3, utilizing a range of plugins such as Events Manager, Photo Gallery, Contact Form 7, and Cookie Notice, alongside modern JavaScript libraries like jQuery and Owl Carousel. The site is hosted behind Cloudflare services, including the Turnstile captcha for form security, and employs HTTPS with good SSL configuration. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site follows best practices including HTTPS enforcement, DNSSEC, and CAPTCHA protection on forms. However, it lacks explicit security policies, vulnerability disclosure mechanisms, and advanced security headers. Privacy compliance is well addressed with a cookie consent banner and a privacy policy page in Italian, indicating GDPR awareness. Overall, the website is trustworthy, professionally maintained, and focused on its niche audience. There are no indications of malicious activity or content safety concerns. Strategic recommendations include enhancing security policies, adding a security.txt file, and improving accessibility compliance to further strengthen the site's security posture and user experience.