Security Directory

W

World Vision Schweiz und Liechtenstein

myworldvision.ch

47

World Vision Schweiz und Liechtenstein operates as a humanitarian non-profit organization focused on child welfare and development aid. The website myWorldVision.ch serves as a portal for donors and sponsors, providing login access, donation links, and contact information. The organization holds a reputable market position within Switzerland's NGO sector, targeting individuals and entities interested in supporting children and humanitarian causes. Technically, the site is built on TYPO3 CMS with modern web technologies including Bootstrap and integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, and Visual Website Optimizer. Security measures include HTTPS enforcement and RSA encryption for login forms, though explicit security policies and headers are lacking. Privacy compliance is indicated by cookie consent mechanisms and links to comprehensive privacy policies on the main domain. Overall, the site is professional, trustworthy, and aligned with its non-profit mission.

R

Romandie Médias SA

romandiemedias.ch

58

Romandie Médias SA is a Swiss company specializing in the transport and diffusion of DAB+ digital radio signals across the French-speaking region of Switzerland. Established in 2014, it operates a network of over 60 transmitters broadcasting 15 private radio stations, positioning itself as a key regional digital radio infrastructure provider. The website is professionally designed, mobile-optimized, and provides clear information about the company's services and coverage. Technically, the site uses WordPress CMS with Bootstrap framework, integrates Google Maps API for coverage visualization, and employs Google Analytics with IP anonymization for user tracking. Security posture is solid with HTTPS enforcement and standard security headers, although there is room for improvement in incident response and vulnerability disclosure transparency. Privacy compliance is good, featuring a cookie consent banner and a privacy policy page in French. Overall, the website reflects a trustworthy and credible business with a moderate to good digital maturity level.

Ifjúsági Ház Debrecen is a small non-profit community center established in 2011 in Debrecen, Hungary, focused on providing cultural, leisure, and youth-oriented programs and services. The website serves as an information portal for events, room rentals, and community activities targeting children, youth, and young families. The business model revolves around community engagement and event hosting, supported by local partnerships. Technically, the site is built on WordPress with a moderate tech stack including jQuery and several plugins for galleries and news tickers. The site is mobile-optimized and uses HTTPS, but lacks advanced security headers and cookie consent mechanisms. Security posture is adequate but could be improved with formal policies and enhanced headers. Overall, the website is professional, trustworthy, and content-rich for its target audience, with clear contact information and consistent branding. The domain age and WHOIS data align well with the business history, supporting legitimacy.

Navigator is a Serbian technology company specializing in comprehensive software solutions including ERP systems, warehouse management, mobile sales applications, and IT consulting services. Established since 2004, the company has a solid regional presence and offers a portfolio of products aimed at optimizing business processes across various sectors such as production, trade, and hospitality. The website reflects a professional and consistent brand image with clear service offerings and client testimonials, targeting business clients in need of IT modernization. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Maps API, and several performance and multilingual plugins. The site is mobile-optimized and uses lazy loading for images, providing a moderate performance experience. SEO and accessibility are addressed at a basic to good level. From a security perspective, the site uses HTTPS and Google reCAPTCHA v3, and implements cookie consent mechanisms. However, it lacks explicit security headers and published security or incident response policies, which could be improved to enhance trust and compliance. No vulnerabilities or suspicious activities were detected in the content or WHOIS data. Overall, Navigator presents a trustworthy and professional online presence with room for improvement in security policies and technical hardening. The domain registration is consistent with the business profile, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and continuous monitoring for vulnerabilities.

D

DKV Debreceni Közlekedési Zrt.

dkv.hu

11

DKV Debreceni Közlekedési Zrt. is the primary public transportation operator in Debrecen, Hungary, providing bus, trolleybus, and tram services. The company offers ticket and pass sales, travel planning, and maintains a strong digital presence with a modern, well-structured website. Their market position is solid as a key local transportation provider serving a broad audience including daily commuters and visitors. The website is professionally designed, mobile-optimized, and integrates essential services such as ticket purchasing and real-time travel information. Technically, the site leverages modern frameworks like React and Next.js, integrates Google Maps API for location services, and uses tracking tools such as Google Analytics and Facebook Pixel with proper consent mechanisms. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers could be improved. Overall, the site reflects a mature digital infrastructure supporting a large transportation business with clear contact information and trust signals. No critical vulnerabilities or suspicious content were detected.

S

Schweizerischer Handball-Verband (SHV)

handball.ch

65

The Schweizerischer Handball-Verband (SHV) operates as the national governing body and competence center for handball in Switzerland. The website serves as an information hub for players, clubs, fans, and stakeholders, providing match schedules, league data, player profiles, and event information. The organization holds a strong market position as the official federation for handball in Switzerland, focusing on sport governance and promotion. Technically, the website is built on the Umbraco CMS platform, leveraging modern JavaScript libraries and integrations such as Google Tag Manager, HubSpot, and Cookiebot for analytics and compliance. The site demonstrates good digital maturity with responsive design and SEO optimization. Security posture is solid with HTTPS enforcement, security headers, and anti-CSRF protections, although explicit security and incident response policies are not publicly detailed. Privacy compliance is well addressed through a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional, trustworthy, and aligned with the organization's mission.

Tagstream is a German-language technology service provider specializing in digital channel acceleration and digital transformation for businesses. Their offerings focus on process management, business integration, and measurable marketing and sales results. The website is built on WordPress with common plugins and integrates marketing tools such as Mailchimp and Payrexx for payments. The site is professionally designed, mobile-optimized, and includes GDPR-compliant privacy and cookie policies. However, no direct company contact emails or phone numbers are provided, only a contact form. The WHOIS data for the domain is missing, which raises concerns about domain registration legitimacy despite the active and professional website presence. Security posture is moderate with HTTPS enabled but lacks security headers and published security policies. Overall, the site is functional and trustworthy for business visitors but would benefit from improved transparency and security practices.

S

StubHub

stubhub.com

74

StubHub is a leading global online ticket marketplace specializing in the buying and selling of tickets for sports, concerts, theater, and festivals. Owned by Viagogo, it serves a broad audience of ticket buyers and resellers with a comprehensive event catalog and user account management features. The website demonstrates a mature digital infrastructure leveraging modern web technologies such as React, Mapbox GL, and Google Maps API, hosted on AWS with integrated security measures including AWS WAF and Google reCAPTCHA for bot protection. While HTTPS is enforced and some security best practices are observed, the site lacks explicit security headers and published security or privacy policies, which are recommended for enhanced compliance and trust. The website content is professionally designed, mobile-optimized, and safe for general audiences, with extensive use of analytics and advertising networks to support marketing efforts. WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, StubHub presents a strong business and technical profile with room for improvement in privacy and security transparency.

A

ARC Print | Transform Your Space with Banners, Custom Posters & Yard Signs

arcprint.com

65

ARC Print is a retail e-commerce website specializing in banners, custom posters, and yard signs aimed at general consumers and businesses looking to transform their spaces. The website uses modern web technologies such as Angular, Google Fonts, Google Maps API, Microsoft Clarity, and Google Tag Manager, indicating a moderate level of digital maturity. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. Security posture is moderate with HTTPS likely enabled but lacking visible security headers and privacy policies. The site lacks clear contact information and compliance documentation, which impacts trust and privacy compliance scores. Overall, the website is functional and safe for general audiences but requires improvements in security and compliance to enhance credibility and trustworthiness.

M

MAF Schweiz

maf-schweiz.ch

49

MAF Schweiz is a Swiss non-profit organization specializing in humanitarian aviation, operating a fleet of small aircraft to provide access and aid to remote regions worldwide. The organization supports over 1400 partners across 24 countries, focusing on delivering essential services and relief to isolated communities. Their business model relies heavily on donations and sponsorships, supported by transparent communication and recognized certifications such as ZEWO. The website reflects a professional and consistent brand image, targeting donors, volunteers, and partners interested in mission aviation and humanitarian aid. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Maps API, and multilingual support via WPML. While the site is mobile-optimized and performs moderately well, there is room for improvement in accessibility and security headers. The Google Analytics plugin is installed but not configured, resulting in minimal user tracking. SEO and navigation are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks several important security headers and does not publicly disclose security policies or incident response procedures. There is no vulnerability disclosure or security.txt file. The overall security posture is moderate, with recommendations to enhance header implementation and formalize security policies. Overall, MAF Schweiz presents a trustworthy and professional online presence with strong business credibility and good content quality. The site is safe for general audiences, with no adult or questionable content. The WHOIS data confirms the legitimacy and consistency of the domain registration with the organization's claims. Strategic improvements in security and privacy compliance would further strengthen the organization's digital maturity and trustworthiness.

D

Deutsche Säge- und Holzindustrie Bundesverband e.V. (DeSH)

saegewerke.de

58

The website saegewerke.de is the official platform of the Deutsche Säge- und Holzindustrie Bundesverband e.V. (DeSH), a German sawmill and wood industry association. It provides a comprehensive directory of wood suppliers, types of wood, and assortments, targeting industry professionals and businesses in the manufacturing and wood processing sectors. The platform facilitates connections between suppliers and buyers, offering detailed supplier profiles and industry news. The website is well-branded, consistent, and professionally designed, reflecting its role as an industry association hub. Technically, the site uses a modern tech stack including Bootstrap, jQuery, Popper.js, FontAwesome, and Google Maps API. It employs a custom CMS backend and includes a consent management system for GDPR compliance. The site is mobile-optimized and performs moderately well, with basic SEO and accessibility features implemented. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms. However, it lacks explicit published security policies and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is good, with clear privacy and cookie policies present. The WHOIS data is minimal but consistent with the business's German identity. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic recommendations include publishing a formal security policy, adding security headers, and providing incident response contact information to enhance trust and security posture.

K

Kirche in Not

kirche-in-not.ch

63

Kirche in Not is a Swiss-based Catholic non-profit organization dedicated to supporting persecuted and impoverished Christians worldwide. The website serves as an informational and awareness platform, highlighting their mission and activities. The organization appears established with consistent branding and a clear focus on charitable aid. Technically, the website is built on modern frameworks such as Next.js and React, with integration of Google Maps and Google Tag Manager for enhanced user experience and analytics. Security posture is adequate with HTTPS enabled, but lacks visible security headers and formal privacy and cookie policies, which are critical for compliance and user trust. No signs of blocking or WAF interference were detected, allowing full content access. Overall, the site demonstrates a good level of professionalism and credibility, though improvements in privacy compliance and security best practices are recommended.

O

Ottakringer Brauerei GmbH

ottakringerbrauerei.at

10

Ottakringer Brauerei GmbH is a historic brewery based in Vienna, Austria, established in 1837. The company offers a range of services including beer production, brewery tours, event hosting, and an online shop. The website reflects a mature and professional brand with a strong local market position and a focus on hospitality and beverage sales. Technically, the site is built on WordPress with WooCommerce, integrating modern web technologies such as jQuery, Google Tag Manager, and Cookiebot for privacy compliance. The site is mobile optimized and provides a good user experience with clear navigation and rich content. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and policies could be improved. The absence of WHOIS data limits full domain trust verification, but the website content and business information appear consistent and legitimate. Overall, the site is well maintained, compliant with GDPR, and targets a mature audience due to alcohol-related content and age verification.

E

Eglise des Uttins

eglise-uttins-yverdon.ch

50

Eglise Evangélique des Uttins is a small, community-focused evangelical church based in Yverdon-les-Bains, Switzerland. The organization emphasizes proximity, diversity, and conviviality, offering public worship services, youth activities, and community events. The website reflects a well-maintained digital presence using WordPress with the Avada theme and several plugins to manage events, membership, and contact forms. Social media integration and structured data for events enhance community engagement and search visibility. Technically, the site uses modern web technologies and APIs, including Google Maps and reCAPTCHA for spam protection. However, the absence of explicit privacy and cookie policies indicates a compliance gap with GDPR and related regulations. Security posture is generally good with HTTPS and some security best practices, but could be improved by adding explicit security headers and publishing incident response information. Overall, the website is professional, trustworthy, and serves its target audience effectively, though it should address privacy compliance to reduce risk.

P

PURE BIO

pure-bio.at

54

PURE BIO is a small Austrian company specializing in organic energy drinks and tonic waters, emphasizing natural ingredients and sustainability. The website is built on WordPress with Elementor and includes product information, certifications, and dealer information. The technical infrastructure is modern but lacks some advanced security headers and privacy compliance documentation. Security posture is adequate with HTTPS and cookie consent but could be improved with explicit policies and incident response details. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

ASKÖ Steiermark operates the ASKÖ Ferienbetreuung website, providing holiday and sports camps for children and youth aged 5 to 16 in Austria. The organization focuses on holistic health, creativity, and active outdoor experiences, supporting families and working parents. The website is professionally designed using the Jimdo CMS platform, with clear navigation and mobile optimization. It integrates third-party services such as POWr.io widgets and Google Maps, and includes cookie consent mechanisms compliant with GDPR. Contact information and social media links are clearly presented, enhancing trust and accessibility. Security posture is adequate with HTTPS and cookie controls, though additional security headers could improve defenses. No critical vulnerabilities or suspicious content were detected, and the domain registration aligns with the organization's profile, indicating legitimacy and trustworthiness.

A

ASKÖ Steiermark

aktiv-gesund-steiermark.at

66

AKTIV GESUND STEIERMARK operates as the movement and education competence center under the umbrella of ASKÖ Steiermark, providing a broad range of health and fitness courses targeted at all age groups in the Steiermark region of Austria. The organization emphasizes quality in both offerings and execution, supported by a team of trainers and movement experts. Their business model is non-profit and educational, focusing on community health and fitness engagement. The website is professionally designed using the Jimdo CMS platform, featuring clear navigation, mobile responsiveness, and compliance with GDPR through comprehensive cookie and privacy policies. Technically, the site leverages modern web technologies including jQuery, Google Maps, and embedded YouTube videos, hosted by Jimdo GmbH. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though improvements in HTTP security headers are recommended. No critical vulnerabilities or suspicious domains were detected. Overall, the site presents a trustworthy and professional digital presence aligned with its mission and regional focus.

E

Europcar

europcar.at

69

Europcar Austria operates as a leading car rental service provider with a strong market position in Europe and worldwide. The company offers a broad fleet including electric vehicles and tailored business solutions, targeting both general consumers and corporate clients. The website reflects a mature digital infrastructure using modern frameworks like Nuxt.js and integrates performance and monitoring tools such as Dynatrace. Security posture is robust with HTTPS enforcement and security headers, though explicit security policies and incident response details are not prominently published. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie regulations.

C

CLICKDOC - Arzttermine online buchen & Gesundheits-Apps

clickdoc.de

48

Clickdoc.de is an established German online platform specializing in healthcare appointment booking and health app discovery. The website targets patients and healthcare users in Germany, offering services such as booking appointments with general practitioners, gynecologists, dentists, and more. The platform leverages modern web technologies including Angular and integrates marketing and analytics tools like Google Tag Manager and Qualtrics. The site demonstrates moderate technical maturity with good mobile optimization and basic SEO and accessibility features. Security posture is adequate with HTTPS enabled but lacks important security headers and explicit privacy and cookie policies. No contact or security incident information is provided, which limits transparency and user trust. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security best practices to improve user confidence and regulatory adherence.

V

Verein Jakobsweg.ch

jakobswegplus.ch

65

The website jakobswegplus.ch represents a non-profit initiative by Verein Jakobsweg.ch to provide a wheelchair-accessible pilgrimage route across Switzerland from Konstanz to Genf. The project is positioned as a niche service targeting wheelchair users interested in spiritual and cultural pilgrimage experiences. The site is built on the Jimdo CMS platform, leveraging standard web technologies and third-party widgets for enhanced functionality. It demonstrates good digital maturity with mobile responsiveness, cookie consent mechanisms, and clear contact information. Security posture is adequate with HTTPS enforced and cookie management in place, though explicit security headers and incident response policies are absent. Overall, the site is trustworthy and professionally presented, supporting its mission effectively.

H

Heinze GmbH

baunetz-maps.de

58

BauNetz Maps is a well-established interactive platform dedicated to showcasing contemporary architecture projects worldwide. Operated by Heinze GmbH, a subsidiary of Infopro Digital, the platform aggregates over 10,000 architectural projects and related content from multiple BauNetz services, including news, architect profiles, and educational resources. The website targets a broad audience interested in architecture, including professionals and enthusiasts, and offers additional services such as job listings in the architecture and construction sectors. Technically, the website employs modern web technologies including JavaScript frameworks (likely Vue.js), Google Maps API for geolocation and mapping, and Cloudflare CDN for performance and security. Consent management and analytics are handled via ConsentManager and Webtrekk respectively, ensuring compliance with privacy regulations. The site is mobile-optimized and demonstrates good SEO and accessibility practices, though some accessibility improvements could be made. From a security perspective, the site enforces HTTPS and uses Cloudflare for DDoS protection and content delivery. Cookie consent mechanisms are implemented, and no critical vulnerabilities or exposed sensitive data were detected. However, explicit security headers could be enhanced, and the site lacks a public incident response or vulnerability disclosure policy. Overall, BauNetz Maps presents a professional, trustworthy, and content-rich platform with strong business credibility and compliance posture. Strategic improvements in security headers and incident response transparency would further strengthen its security maturity.

B

Bytebetrieb GmbH & Co KG

bytebetrieb.com

62

Bytebetrieb GmbH & Co KG is a small, established internet agency based in Stuttgart, Germany, specializing in web design, programming, consulting, and online marketing services. With over 21 years of experience and a certified Google Partner status, the company offers comprehensive digital solutions including websites, online shops, product configurators, and mobile apps. Their target audience primarily consists of businesses and organizations seeking professional digital presence and marketing support. The website is built on TYPO3 CMS and integrates modern technologies such as WordPress, Magento, Shopware, and Google Maps API, reflecting a mature technical infrastructure. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response information are absent. The missing WHOIS data for the domain introduces some trust concerns, but the overall professional presentation and clear contact information mitigate this risk. Strategic recommendations include enhancing security headers, publishing security policies, and regular vulnerability audits to strengthen trust and compliance.

F

Fédération Nationale des Transports de Voyageurs

fntv.fr

31

The Fédération Nationale des Transports de Voyageurs (FNTV) is a well-established French national federation representing passenger transport companies. Founded in 1999, it serves as a central body providing information, regulatory updates, employment and training resources, and member services. The website reflects a professional and consistent brand image, targeting transport companies and stakeholders in France. The technical infrastructure leverages modern JavaScript libraries and APIs, including Google Maps and Flockler embeds, hosted via GANDI registrar with a domain age supporting legitimacy. Security posture is solid with HTTPS and client-side CSRF protections, though improvements are recommended such as restricting API keys and publishing explicit security policies. Privacy compliance is addressed with cookie consent and a privacy policy, though terms of service and incident response details are lacking. Overall, the site is trustworthy, functional, and serves its business purpose effectively.

FUTOUR GmbH is a well-established German consultancy specializing in tourism and regional development with over 30 years of experience. The company offers a broad range of services including tourism concepts, regional management, feasibility studies, marketing consulting, and quality management. Their market position is strong within their niche, supported by multiple regional offices and a professional online presence. Technically, the website uses modern web technologies including Google Maps API and Google Fonts, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent implemented, though there is room for improvement in security headers and incident response transparency. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

L

LANDI

landi.ch

61

LANDI is a well-established Swiss retail company specializing in products for home, garden, agriculture, and pets, operating both physical stores and an extensive online shop. The website reflects a mature e-commerce platform with a broad product catalog and user-friendly navigation, targeting consumers in Switzerland interested in these sectors. Technically, the site uses modern web technologies including JavaScript frameworks, Google Maps API, Facebook Pixel, and Google Tag Manager, with a CMS likely based on Concrete5. The site is mobile-optimized and performs moderately well. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly available. WHOIS data confirms the domain's legitimacy and alignment with the parent company Fenaco. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations.

H

Holzwerk - Ballonteam

luftrebellen.de

44

Holzwerk - Ballonteam operates a specialized balloon flight service based in Celle, Germany, offering scenic balloon rides over local and regional landmarks. Established since 2011, the company maintains a small but professional presence with a focus on personalized customer experience and event participation. Their website reflects a well-structured, content-rich platform with clear business information and active social media engagement. Technically, the site is built on WordPress with modern plugins and SEO optimization, delivering moderate performance and good mobile responsiveness. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements in security headers and privacy compliance mechanisms are recommended. Overall, the business demonstrates credibility and trustworthiness with clear contact channels and consistent branding.

C

Crest

crestpontoonboats.com

71

Crest Pontoon Boats is a well-established manufacturer specializing in luxury pontoon and tritoon boats, including electric models, targeting families and boating enthusiasts. The company emphasizes craftsmanship, premium materials, and customization options, positioning itself as a premium brand in the transportation sector. The website reflects a mature digital presence with rich multimedia content, clear navigation, and mobile optimization. Technically, the site employs modern analytics and marketing tools such as Google Analytics, Facebook Pixel, and Microsoft Application Insights, hosted on a reliable infrastructure with Google Cloud DNS and Squarespace Domains. Security posture is strong with HTTPS enforced and reCAPTCHA protecting forms, though some security headers could be improved. Privacy compliance is robust with clear policies and consent mechanisms. Overall, the site is professional, trustworthy, and aligned with industry best practices.

A

Venues | AXS Map

axsmap.com

57

AXS Map is an accessibility-focused online platform designed to help users find and map inclusive venues and community spaces. The website leverages modern web technologies including React and Google Maps API to deliver an interactive user experience. The platform supports community engagement through mapathons and team collaboration features, targeting individuals seeking accessibility information. The domain is well-established since 2010, indicating a mature presence in its niche. Technically, the website is built on a modern JavaScript framework with integration of Google services and is hosted with DNS managed by Cloudflare. Performance and mobile optimization are adequate, though accessibility features could be enhanced. Security posture is reasonable with HTTPS enforced and domain protections in place, but lacks DNSSEC and security headers which are recommended for improved security. From a compliance perspective, the site currently lacks visible privacy, cookie, and terms of service policies, which are important for GDPR and general privacy compliance. No contact or incident response information is provided, limiting transparency and user trust. Google Analytics is used for tracking without a visible consent mechanism, indicating potential privacy compliance gaps. Overall, AXS Map presents a focused and professional service with good technical foundations but would benefit from enhanced security practices and privacy compliance measures to strengthen trust and regulatory adherence.

The website www.rkk-reinach.ch represents the Roman Catholic Parish St. Nikolaus located in Reinach, Switzerland. It serves as an informational portal for parishioners and the local community, providing updates on religious services, sacraments, community events, and social services. The site targets local church members and those interested in parish life, operating as a non-profit religious organization. The content is well-structured, relevant, and presented in German, with clear navigation and a consistent branding approach. Technically, the website is built on the Jimdo Creator CMS platform, utilizing standard web technologies including jQuery UI and POWr.io widgets. It is hosted by Jimdo GmbH and employs HTTPS with a cookie consent mechanism, ensuring basic privacy compliance. The site is moderately optimized for performance and mobile responsiveness, though accessibility features are basic. SEO optimization is present but could be enhanced. From a security perspective, the website enforces HTTPS and includes cookie consent controls, but lacks advanced security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website's local and religious nature, supporting legitimacy. No WAF or blocking mechanisms interfere with content access. Overall, the website demonstrates a solid foundation for a small non-profit parish site with good content quality and privacy compliance. Strategic improvements in security headers, incident response policies, and SEO could enhance its posture and trustworthiness further.

J

Jungwacht Blauring Schweiz

jubla.ch

56

Jungwacht Blauring Schweiz is a well-established non-profit youth organization focused on providing meaningful leisure activities and camps for children and adolescents in the German-speaking part of Switzerland. The organization operates through a large network of approximately 400 local groups, offering structured programs and volunteer opportunities. The website reflects a professional and consistent brand image, targeting families and youth participants. Technically, the site leverages modern web technologies including Google Tag Manager, Hotjar, and Google Maps API, built on the TYPO3 Neos CMS framework. The site is mobile-optimized with good SEO and accessibility basics. Security posture is solid with HTTPS and some security best practices, though explicit security headers and policies are not fully implemented. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the domain registration aligns well with the organization's claims, supporting legitimacy and trustworthiness.

C

Caritas

carteculture.ch

54

CarteCulture.ch is a Swiss non-profit website operated under the auspices of Caritas, providing a free personal discount card to financially disadvantaged adults and children aged five and above. The card offers up to 70% discounts on over 4200 cultural, sports, educational, and health offers across Switzerland. The website is multilingual, with French as the primary language for this domain, and supports other Swiss national languages via related domains. The business model focuses on social inclusion and cultural participation, positioning CarteCulture as a trusted national social program supported by Caritas and certified by ZEWO. Technically, the site is built on TYPO3 CMS with a modern but stable technology stack including Bootstrap, jQuery, and Google services for analytics and tag management. The site is mobile-optimized and SEO-friendly, with good navigation and content quality. Security posture is solid with HTTPS enforced and privacy-conscious analytics configurations, though explicit security policies and incident response contacts are not published. Overall, the domain registration data aligns well with the website's claims, indicating legitimacy and trustworthiness.

V

Venuzle

venuzle.at

49

Venuzle is an Austrian-based online platform specializing in the discovery and booking of sports venues, courses, and camps. It serves sports enthusiasts and local communities by providing a comprehensive directory and booking system for various sports facilities such as football fields, tennis courts, gyms, and specialized courses. The platform is supported by local government and regional partners, enhancing its credibility and reach within Austria. Technically, the website is built on WordPress with WooCommerce and WP Job Manager plugins, integrating Google Analytics and Facebook Pixel for marketing and analytics purposes. While the site is well-structured and offers a good user experience with mobile optimization, it uses outdated WordPress and WooCommerce versions, which may pose security risks. Security posture is moderate with HTTPS enforced but lacking some modern security headers and cookie consent mechanisms. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR, but would benefit from technical updates and enhanced security practices.

C

Caritas

kulturlegi.ch

57

KulturLegi.ch is a Swiss non-profit initiative operated by Caritas that provides a discount card to individuals with limited financial means, enabling access to over 4,200 offers in culture, sports, education, and health sectors across Switzerland. The website is well-branded, consistent, and targets socially disadvantaged groups to promote inclusion. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates Google Analytics and Tag Manager for analytics. The site is mobile-optimized and SEO-friendly with good navigation and content quality. Security posture is solid with HTTPS enforced and privacy compliance evident through cookie consent and a comprehensive privacy policy. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the domain registration aligns well with the business claims, enhancing trust and legitimacy.

W

webEdition e.V.

webedition.org

47

webEdition e.V. operates the website www.webedition.org, offering an open source web application framework and content management system established since 2001. The platform targets developers, agencies, and content editors seeking scalable and flexible CMS solutions with full control over code. The business model is community-driven, supported by a partner network and licensing variants. The website is professionally designed, content-rich, and well-structured, primarily in German, reflecting a mature and active technology project. Technically, the site uses the webEdition CMS platform with PHP, MySQL, JavaScript, Bootstrap, and jQuery, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS and Content-Security-Policy headers, though some CSP directives allow 'unsafe-inline' scripts, which could be improved. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent modal, and GDPR adherence. However, WHOIS data is unavailable or malformed, limiting domain trust verification. Overall, the site demonstrates high professionalism and trustworthiness with minor areas for security enhancement.

Claire & George's website is minimalistic and currently serves primarily as a frontend shell with a loading spinner and no visible business content or contact information. The site uses modern web technologies, likely Angular, and integrates Google Analytics and Google Maps APIs, indicating some level of digital maturity. However, the lack of visible content, privacy policies, and contact details limits its effectiveness and trustworthiness. Security posture is weak due to missing security headers and no visible incident response or data protection information. Overall, the site presents a low-risk profile but also low transparency and professionalism, suggesting it may be under development or poorly maintained.

3W-Room is a Swiss-based company specializing in creating virtual 360-degree tours using advanced 3D scanning technology to produce digital twins of physical spaces. Their business model uniquely integrates sustainability and social inclusion by supporting global reforestation projects, reducing CO2 emissions, and making spaces accessible to people with mobility or cognitive impairments. The website reflects a professional and consistent brand image with good content quality and clear navigation aimed at businesses and organizations interested in sustainable virtual tours and inclusive tourism. Technically, the website employs modern web technologies including Google Maps API, Facebook Pixel, Google Analytics, and YouTube background video integration. The site is mobile-optimized with good performance and basic accessibility features. Security posture is strong with HTTPS enforced and appropriate security headers, although explicit security and privacy policies are missing. Cookie consent is managed via a third-party service, indicating some level of privacy compliance. Security-wise, the site shows no critical vulnerabilities or exposed sensitive data. However, it lacks a vulnerability disclosure policy and incident response contact information, which are recommended for enhanced security maturity. The WHOIS data confirms a legitimate Swiss registration consistent with the website's claims, supporting high trustworthiness. Overall, 3W-Room presents a credible and professional online presence with a focus on sustainability and inclusion. Strategic improvements in privacy policy transparency and security disclosure would further strengthen their security posture and compliance standing.

VDMA is a prominent German and European industry association representing approximately 3,600 companies in the machinery and plant engineering sector. The organization focuses on innovation, export orientation, and supporting medium-sized enterprises. Their website reflects a mature digital presence with comprehensive content, professional design, and clear navigation tailored to industry professionals and stakeholders. The technical infrastructure is based on the Liferay CMS platform, leveraging modern JavaScript frameworks and analytics tools, ensuring a responsive and accessible user experience. Security posture is strong with HTTPS enforcement, consent management, and use of security best practices, although explicit security headers could be enhanced. Overall, the site demonstrates compliance with GDPR and provides clear contact and privacy information, supporting trust and credibility.

G

Goldsmiths College

goldsmithscca.art

46

Goldsmiths Centre for Contemporary Art (Goldsmiths CCA) is an educational and cultural institution affiliated with Goldsmiths College in London, UK. The organization focuses on contemporary art exhibitions, events, residencies, and engagement programs targeting artists, students, and the general public interested in art. The website reflects a well-established institution with a clear mission to foster creativity and debate in the arts sector. The domain registration aligns with the institution's identity and geographic location, supporting its legitimacy. Technically, the website is built on WordPress with a custom theme and integrates modern technologies such as Google Analytics, Google Tag Manager, and Shopify Buy Button SDK for e-commerce capabilities. The site demonstrates good mobile optimization, SEO practices, and moderate performance. However, some accessibility features are basic, and there is room for improvement in security headers and DNS security. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers. There are no visible incident response or security policies published, which could be improved to enhance trust and compliance. Privacy compliance is basic, with a privacy policy and cookie consent mechanism present but no explicit GDPR compliance statements. Analytics usage is moderate, with user tracking via multiple services. Overall, the website is professional, trustworthy, and serves its educational and cultural mission effectively. Strategic recommendations include enhancing DNS security, implementing security headers, publishing security policies, and improving privacy compliance to strengthen the security posture and user trust.

F

fenaco Genossenschaft

landi.swiss

53

LANDI is a Swiss cooperative network supporting farmers and rural populations through services in agriculture, retail, and energy sectors. The website reflects a mature digital presence using modern technologies such as Angular and Google APIs, with a professional design and clear branding. Privacy and cookie policies are well implemented, demonstrating compliance with GDPR standards. Security posture is good with HTTPS and domain transfer protections, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Overall, the domain registration aligns well with the business entity, indicating legitimacy and trustworthiness.

G

Groupement FLO

groupement-flo.com

56

Groupement FLO operates as a French transport and logistics network comprising 110 member companies distributed across France. Established since 1993, it offers diversified services in seven transport and logistics sectors, emphasizing productivity and innovation. The website presents a professional and consistent brand image with comprehensive content including member listings, news updates, and service descriptions. Technically, the site is built on CMS Made Simple with modern JavaScript libraries and Google services integration, providing good mobile optimization and user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking some advanced security headers and explicit incident response policies. The absence of WHOIS registration data for the domain is a notable concern, impacting domain legitimacy verification. Overall, the site is credible and business-focused but would benefit from enhanced transparency on domain registration and security policies.

A

Astre

astre.fr

61

Astre is a well-established European logistics and transportation network headquartered in France, providing tailored transportation, logistics, and palletized shipment solutions through its extensive member company network. The website reflects a professional and consistent brand image, targeting businesses requiring scalable and environmentally responsible supply chain services across Europe. Technically, the site is built on WordPress with modern JavaScript libraries and Google Analytics integration, offering good mobile optimization and accessibility. Security posture is solid with HTTPS enforcement and security headers, though explicit security policies and vulnerability disclosures are not published. Privacy compliance is moderate with a cookie consent mechanism but lacks a clearly accessible privacy policy. Overall, the domain WHOIS data is privacy protected, which is typical for .fr domains, and the website content aligns with legitimate business operations.

A

Alliance Française de Bâle

af-bale.ch

55

The Alliance Française de Bâle is a small non-profit cultural association dedicated to promoting the French language and culture in the Basel region and surrounding border areas. The website serves as a platform to announce and organize francophone events such as conferences, guided visits, courses, theatre, cinema, concerts, and clubs. It targets French speakers and cultural enthusiasts locally, positioning itself as a niche cultural promoter within the community. Technically, the website is built on WordPress with common plugins such as Events Manager and uses jQuery for interactivity. The site is served over HTTPS with a valid SSL certificate, but lacks advanced security headers and cookie consent mechanisms. The site is moderately optimized for performance and accessibility, with basic mobile responsiveness and SEO features. From a security perspective, the site enforces HTTPS but does not implement key HTTP security headers like CSP or HSTS. There is no visible privacy or cookie policy compliance mechanism, and no incident response or vulnerability disclosure information is provided. Analytics tracking is present via a plugin but not configured, indicating minimal user tracking. Overall, the website is trustworthy and professionally maintained for its purpose but would benefit from enhanced security practices and privacy compliance improvements to better protect users and meet regulatory requirements.

E

EVH GmbH & Co. KG

evholz.de

50

EVH GmbH & Co. KG operates as a purchasing alliance for wood dealers in Germany, established in 2012 and part of the hagebau group. The company focuses on optimizing purchasing conditions and supporting its members through a network of over 50 sales locations and more than 100 supplier relationships. The website reflects a professional business presence targeting wood dealers and suppliers, emphasizing collaboration and market strength. Technically, the website is built on the Contao CMS platform, utilizing jQuery and Rocksolid Slider for interactive elements. It is hosted with INWX and uses HTTPS with proper session and CSRF protections. The site is mobile-optimized with basic accessibility and SEO features, though some security headers could be improved. From a security perspective, the site enforces HTTPS and includes a GDPR-compliant cookie consent mechanism. However, explicit security policies and incident response contacts are not present. No vulnerabilities or suspicious elements were detected. WHOIS data aligns well with the business information, supporting domain legitimacy. Overall, the website presents a trustworthy and professional image with good privacy compliance and moderate technical sophistication. Recommendations include enhancing security headers, adding explicit security policies, and expanding analytics and marketing transparency for improved digital maturity.

T

Tred Union

tredunion.fr

45

Tred Union is a French transport group established in 2009, focusing on regional transport and logistics services across diverse sectors including industrial, construction, agro-food, and e-commerce. The group aims to foster synergies among transport companies to offer competitive and specialized transport solutions such as refrigerated transport and large volume shipments. The website demonstrates a moderate level of digital maturity, leveraging modern web technologies like React, Google Maps API, and Google Analytics. However, it lacks explicit privacy and cookie policies, and no visible contact information was found in the analyzed content. Security measures include HTTPS and reCAPTCHA, but there is room for improvement in publishing security policies and headers. Overall, the site is professional and trustworthy with a strong market position in France's transport sector.

G

Groupe Pole

groupe-pole.com

56

Groupe Pole operates as a network of specialized transporters focusing on pallet distribution and logistics across France and Europe. Established in 2009, the company leverages a collaborative business model to optimize delivery efficiency and environmental impact. Their market position is supported by a sizable network of 64 members and significant annual transport volumes. Technically, the website is built on Joomla! CMS with standard web technologies including jQuery, Bootstrap, and Google services, hosted by OVH sas. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features. Security posture is adequate with HTTPS enabled and domain protections in place, but lacks DNSSEC and security headers, and does not provide privacy or cookie policies, which are critical for GDPR compliance. Overall, the website is professional and trustworthy but could improve in privacy and security transparency.

A

Atlas Estate Agents

atlasestateagents.co.uk

45

Atlas Estate Agents is a well-established real estate agency specializing in residential and commercial property sales, lettings, and management in Liverpool, UK. The company emphasizes competitive pricing, family business values, and customer service, positioning itself as a trusted local market player since 1965. Their website provides property search functionality, valuation requests, and detailed service information targeting buyers, sellers, landlords, and tenants in the Liverpool area. Technically, the website employs a modern tech stack including jQuery, Bootstrap, Google Maps API, Google reCAPTCHA, Google Tag Manager, and Facebook Pixel. The site is mobile-optimized with good navigation and SEO practices, though some accessibility features are basic. Security measures include HTTPS enforcement and spam protection via reCAPTCHA, but lack certain HTTP security headers and cookie consent mechanisms. From a security perspective, the site shows a moderate maturity level with no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and formal privacy/cookie consent banners indicates room for improvement in compliance and defense-in-depth. The WHOIS lookup failed due to querying a subdomain rather than the registered domain, limiting domain trust verification. Overall, the site is professional and trustworthy but could enhance its security posture and privacy compliance. Strategically, the company should prioritize implementing security headers, cookie consent mechanisms, and publishing security policies to strengthen user trust and regulatory compliance. Additionally, clarifying domain registration details and improving accessibility would further enhance their digital maturity and risk management.

Studierendenwerk Aachen is a regional non-profit organization providing essential student services such as housing, dining, and social support primarily for the academic community in Aachen, Germany. The website serves as an informational portal targeting students and university affiliates. The technical infrastructure relies on established but somewhat dated technologies including jQuery 1.12.4, Materialize CSS, and Google Maps API, with consent management handled by Usercentrics, indicating some GDPR awareness. However, the website lacks explicit privacy and cookie policies, which is a compliance gap. Security posture is moderate with HTTPS implied but no visible security headers or modern security practices. No contact or business certification information is readily available in the provided content, limiting trust signals. Overall, the site is functional but could benefit from modernization and enhanced compliance documentation.

C

Consorzio Cooperativo Finanziario per lo Sviluppo

fin4coop.it

40

FIN4COOP is a cooperative financial intermediary operating nationally in Italy, focusing on providing financial services and support to cooperative members. The website serves as an information portal offering details on financial activities, brochures, membership procedures, financial statements, and news updates. The company targets cooperative organizations and mutual societies, positioning itself as a niche player in the cooperative finance sector with strategic partnerships and a cooperative business model. The website is professionally designed, consistent in branding, and includes trust signals such as privacy compliance and social media presence. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Maps API, and Google Analytics integrated with consent management. The site shows moderate performance and good mobile optimization. SEO practices are well implemented with proper meta tags and structured data. However, a visible PHP warning indicates a plugin issue that should be resolved to improve security and user experience. From a security perspective, the site uses HTTPS with excellent SSL configuration and employs a cookie consent mechanism via Iubenda. No critical vulnerabilities were detected, but the absence of security headers and the PHP warning reduce the security posture score. No incident response or security policy pages were found, suggesting room for improvement in transparency and preparedness. Overall, the website is trustworthy and professional with a good balance of content quality, technical implementation, and privacy compliance. Addressing the minor security issues and enhancing security headers would further strengthen the site's security and user trust.

A

axapharm ag

diabetes-care.ch

51

The website www.diabetes-care.ch represents axapharm ag's Healthpro brand, specializing in diabetes care products such as blood glucose meters, test strips, lancets, and related accessories. The company positions itself as a niche healthcare provider offering modern, user-friendly devices with features supporting effective diabetes management. The site targets individuals managing diabetes and healthcare professionals seeking reliable measurement tools. Technically, the website is built on WordPress with Elementor and Yoast SEO, leveraging modern web technologies and Google Analytics for user insights. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS with a valid SSL certificate and anonymizes IPs in Google Analytics, but lacks some security headers and displays minor PHP notices, which could expose information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information is comprehensive and transparent, enhancing business credibility. Overall, the site is trustworthy and professionally maintained but would benefit from addressing minor security and privacy gaps.