Security Directory

W

Water Group d.o.o.

watergroup.me

46

Water Group d.o.o. is a Montenegrin company specializing in the distribution and sale of beverages and Horeka-related products, including mineral and spring water, espresso coffee, and hot and cold drinks for hotels. Established in 2006, the company operates multiple distribution centers across Montenegro and serves the Horeka market segment with a broad product portfolio including brands like RADA, Suza, MOAK, and Tchibo. The website reflects a professional business presence with consistent branding and relevant content tailored to its target audience. Technically, the website is built on Joomla CMS with the Gridbox framework and uses common libraries such as jQuery and Bootstrap. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. Hosting and DNS infrastructure align with the business location, and the domain is privacy protected but registered through a reputable registrar. Performance is moderate with no blocking or WAF detected. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure mechanisms are present. Social media integration is evident, enhancing trust and engagement. Overall, the security posture is adequate but could be improved with standard best practices and compliance documentation. The overall risk assessment indicates a moderate risk profile primarily due to compliance gaps and missing security headers. Strategic recommendations include implementing privacy and cookie policies, adding security headers, enabling DNSSEC, and establishing vulnerability disclosure processes to enhance trust and security maturity.

F

Finews AG

finews.ch

61

finews.ch is a leading Swiss financial news portal operated by Finews AG, providing continuously updated news and insights for professionals in the finance industry. The website targets finance professionals, investors, and industry stakeholders with high-quality journalism, sponsored content, and multimedia offerings such as podcasts and videos. The site demonstrates a mature digital presence with a modern Joomla CMS infrastructure, integration of advanced analytics (Matomo and Google Analytics), and a consent management platform ensuring GDPR compliance. Security posture is strong with HTTPS enforcement and privacy-conscious tracking, though there is room for improvement in explicit security policies and vulnerability disclosure. Overall, finews.ch presents a professional, trustworthy, and well-branded platform with extensive social media engagement and advertising partnerships.

P

Pragmatis GmbH

pragmatis.de

56

Pragmatis GmbH is a specialized technology company focused on providing laboratory and technical data management software solutions, including LIMS, LES, LIS, CAQ, AQS, MES, and ELN systems. With over 30 years of experience, the company offers both on-premises and cloud-based solutions tailored to laboratory and technical environments. Their market position is that of a niche expert with long-standing customer relationships and a modernized product portfolio. The website reflects a professional and consistent brand image targeting laboratory and technical professionals seeking reliable data management systems. Technically, the website is built on Joomla CMS with Bootstrap and jQuery frameworks, integrating Google Analytics and Google Tag Manager for analytics and marketing. The site is mobile-optimized and performs moderately well, with a cookie consent mechanism compliant with GDPR. Hosting appears to be via rzone.de nameservers, indicating a German hosting provider. The technical infrastructure is modern but could benefit from enhanced security headers and accessibility improvements. From a security perspective, the site enforces HTTPS and employs email cloaking and cookie consent for privacy. However, no explicit security policies or incident response contacts are published, and security headers are not detected. There are no visible vulnerabilities or exposed sensitive data. The overall security posture is moderate, with room for improvement in formalizing security policies and enhancing technical defenses. Overall, the website is trustworthy, professional, and compliant with privacy regulations. It serves its target audience effectively but could enhance its security transparency and technical hardening to further strengthen its risk profile.

P

Prevo-System AG

prevo.ch

58

Prevo-System AG is a Swiss-based software company specializing in providing the PAKT management system tailored for collective life insurance providers. The company is a joint venture involving msg systems ag, Baloise, and Helvetia Versicherungen, positioning it strongly within the Swiss insurance software market. Their product PAKT supports the entire lifecycle of collective life insurance administration, including BVG and over-obligatory occupational benefits, offering a comprehensive and integrated solution for insurers. The website reflects a professional and consistent brand image with clear business focus and customer testimonials from reputable insurance companies, indicating a solid market position. Technically, the website is built on Joomla CMS with modern frameworks such as Bootstrap and jQuery, enhanced by custom MSG group scripts and third-party integrations like hCaptcha for bot protection. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Security measures include HTTPS enforcement and CSRF tokens, though some security headers are missing. Privacy compliance is well addressed with a clear cookie consent mechanism and a comprehensive privacy policy. The security posture is generally strong with no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy, incident response contacts, or vulnerability disclosure mechanisms suggests room for improvement in transparency and readiness. The domain registration aligns well with the business claims, supporting legitimacy and trustworthiness. Overall, Prevo-System AG presents a credible, professional, and secure online presence suitable for its target audience in the Swiss insurance sector. Strategic enhancements in security transparency and incident response communication would further strengthen trust and compliance.

M

msg industry advisors ag

msg-advisors.com

63

msg industry advisors ag is a consulting firm specializing in the life sciences and chemicals industries, providing expert services in organizational change, manufacturing excellence, compliance, digital health, data management, SAP transformation, and project management. The company positions itself as a trusted partner for complex and highly regulated markets, leveraging deep industry knowledge and digital expertise. The website reflects a professional and comprehensive digital presence, with clear navigation, rich content, and multi-language support. Technically, the site is built on Joomla CMS with modern libraries and includes consent management and analytics tools, indicating a mature digital infrastructure. Security posture is generally strong with HTTPS and consent mechanisms, though some security headers are not evident, and no explicit incident response or vulnerability disclosure information is provided. The absence of WHOIS data for the domain is a notable anomaly that warrants further verification. Overall, the website and business appear credible and well-managed, serving a medium-sized enterprise audience primarily in Germany.

D

Dream Technologies Group doo

crnobelo.rs

58

CRNOBELO.rs is a Serbian lifestyle and entertainment portal operated by Dream Technologies Group doo, established in 2016. The website offers diverse content including horoscopes, lifestyle articles, entertainment news, and interactive quizzes, targeting a general audience interested in lifestyle and leisure topics. The business model relies primarily on advertising revenue, with Google Adsense and Facebook Ads integrated. The site maintains a consistent brand presence with active social media channels and a clear content focus.

C

CRNOBELO.com

crnobelo.mk

50

CRNOBELO.com is a Macedonian lifestyle and news portal established in 2008, offering a wide range of content including news, horoscopes, recipes, interviews, and quizzes. The site targets a general Macedonian-speaking audience and maintains a consistent brand presence with active social media channels. Technically, the website is built on Joomla CMS with common web technologies such as jQuery, Bootstrap, and integrates advertising and analytics SDKs. The site is mobile optimized and performs moderately well. Security posture is good with HTTPS enforced and standard security headers present, though lacks explicit security policies and vulnerability disclosures. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional, serving as a regional media outlet with advertising revenue as the primary business model.

J

Jutarnji list

jutarnji.hr

55

Jutarnji list is a leading Croatian daily news portal operated by Hanza Media, providing comprehensive news coverage in politics, sports, culture, and economy. The website targets a general audience with a business model based on advertising and premium content subscriptions. It holds a strong market position as a primary news source in Croatia. Technically, the site is built on Joomla CMS with Bootstrap framework, leveraging modern advertising and analytics technologies such as Google Tag Manager, Prebid.js, and Microsoft Clarity. The site is well-optimized for mobile and SEO, with good performance and accessibility standards. Security posture is strong with HTTPS, reCAPTCHA, and consent management via Didomi, though explicit privacy and terms policies are not found in the provided content. Overall, the site demonstrates a mature digital infrastructure and trustworthy business presence, with room for improvement in privacy transparency and incident response disclosures.

P

pma - Projekt Management Austria

pma.at

62

Projekt Management Austria (pma) is a well-established non-profit organization based in Austria, specializing in project management certifications, networking, and education. The organization offers internationally recognized certifications aligned with IPMA standards, targeting project management professionals and young professionals under 30. Their services include certification programs, events, workshops, and membership benefits, positioning them as a key player in the Austrian and international project management community. Technically, the website is built on Joomla CMS with modern frontend technologies such as Bootstrap 5 and jQuery. It is mobile-optimized and includes standard analytics via Google Analytics with IP anonymization. The site demonstrates moderate performance and good SEO practices but lacks some advanced accessibility features. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms. However, it lacks visible security headers and a published security policy or incident response contacts. The absence of WHOIS data limits domain trust verification, but the professional content and partner affiliations support legitimacy. Overall, the website is professional and trustworthy with minor gaps in privacy policy visibility and security best practices. Strategic improvements in these areas would enhance compliance and security posture.

C

CRNOBELO.com

crnobelo.com

49

CRNOBELO.com is a Macedonian lifestyle and news portal offering a wide range of content including news, horoscopes, entertainment, recipes, and interviews. The site targets Macedonian-speaking audiences interested in lifestyle and cultural topics. It operates on a Joomla CMS platform with modern web technologies and integrates multiple advertising networks for monetization. The website is professionally designed with good navigation and mobile optimization. Security posture is moderate with HTTPS enabled and some security best practices observed, but lacks explicit security policies and cookie consent mechanisms. WHOIS data is unavailable, which raises concerns about domain legitimacy, although the website content and branding appear consistent and trustworthy. Overall, the site is a functional and relevant media portal with room for improvement in privacy compliance and security transparency.

I

International Arctic Science Committee

iasc.info

56

The International Arctic Science Committee (IASC) is a non-governmental organization dedicated to fostering international cooperation in Arctic research. The website serves as a hub for Arctic scientists, policymakers, and stakeholders, providing information on working groups, capacity building programs, events, and news related to Arctic science. The organization positions itself as a key facilitator in Arctic research collaboration, with a focus on scientific advancement and community engagement. Technically, the website is built on Joomla CMS with modern front-end technologies including Bootstrap and jQuery. It employs HTTPS with good SSL configuration and uses Google Analytics for visitor tracking. The site is mobile-optimized and features a professional design with clear navigation, although accessibility features could be improved. The presence of CSRF tokens in forms indicates attention to security in user input handling. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks several security headers and does not provide publicly accessible security policies or incident response information. Privacy compliance is limited due to the absence of explicit privacy and cookie policies, which is a notable gap given GDPR requirements. The WHOIS data is privacy protected, which is typical for NGOs, and does not raise immediate concerns. Overall, the website is trustworthy and professional, serving its niche audience effectively. Strategic improvements in privacy compliance, security headers, and incident response transparency would enhance its security posture and regulatory adherence.

A

AQ Viande Suisse / Agriquali

aq-viandesuisse.ch

47

AQ Viande Suisse operates a Swiss quality assurance program focused on meat producers, ensuring adherence to strict agricultural standards and providing certification to member farms. The website serves as an information hub for producers and buyers, offering program details, directives, and ordering options for certification materials. Technically, the site is built on Joomla CMS with Bootstrap and modern web technologies, delivering a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS and CSRF protections, but lacks advanced security headers and explicit privacy compliance mechanisms. Overall, the domain registration and website content align well, indicating a legitimate and trustworthy entity.

Q

QM Schweizerfleisch

qm-schweizerfleisch.ch

46

QM Schweizerfleisch operates a quality management program focused on Swiss meat producers, ensuring adherence to good agricultural practices and strict quality standards. The website serves as an information and resource hub for producers and consumers, providing documentation, ordering options for certification vignettes, and updates on regulatory changes. The business is positioned as a niche quality assurance entity within the Swiss agricultural sector, supported by certifications such as ISO 9001 and IQNet, and operated under Agriquali. Technically, the website is built on Joomla CMS with Bootstrap and jQuery, offering a modern and responsive design. It integrates Google Analytics for visitor tracking but lacks visible privacy and cookie policies, which is a compliance shortfall. The site is accessible without WAF or blocking mechanisms, indicating good availability. From a security perspective, HTTPS is enforced, and CSRF tokens are used in forms, but the absence of security headers and incident response contacts suggests room for improvement. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is professional and trustworthy but should enhance privacy compliance and security headers to improve its security posture and regulatory adherence.

D

dwif-Consulting GmbH

dwif.de

67

dwif-Consulting GmbH is a well-established German tourism consultancy with a 75-year history, specializing in tourism research, market data, and strategic consulting for destinations and hospitality sectors. The website is professionally designed using Joomla CMS and modern frameworks, providing a rich user experience with clear navigation and mobile optimization. Security posture is solid with HTTPS, GDPR-compliant cookie consent, and CSRF protections, though some security headers could be improved. The site uses Google Analytics and Tag Manager for user tracking with moderate privacy compliance. Overall, the website reflects a credible and trustworthy business with strong market positioning in the tourism consulting industry.

S

SkyAlps

skyalps.com

68

SkyAlps is a regional airline company focused on providing air transportation services primarily in the Alpine region. The company offers flight booking services through its website, which is professionally designed and built on a modern technology stack including Joomla CMS and popular JavaScript libraries. The website is well-structured, mobile-optimized, and includes a cookie consent mechanism to comply with privacy regulations. However, the absence of a visible privacy policy and terms of service pages is a gap in compliance. The WHOIS data for the domain is missing, which raises questions about domain registration legitimacy and requires further verification. Overall, the website presents a trustworthy and professional front for the airline business.

C

Cleaning Service SA

cleaning-service.ch

46

Cleaning Service SA is a professional cleaning and facility services company operating primarily in the Suisse Romande region of Switzerland, with agency locations in Geneva, Nyon, Lausanne, and Fribourg. The company offers a broad range of services including general cleaning, concierge services, special cleaning tasks, medical and pharmaceutical disinfection, waste collection, handyman services, and a flexible 'One Stop Shopping' concept. The website reflects a well-established regional business with multiple certifications such as ISO 9001, 14001, 45001, and various local labels indicating quality and corporate responsibility. The target audience includes businesses and organizations seeking reliable cleaning and facility management services.

V

Verein Jobdach

jobdach.ch

50

Verein Jobdach is a Swiss non-profit organization established in 1996, providing survival aid and harm reduction services in the canton of Luzern. Their key offerings include emergency shelter (Notschlafstelle), long-term housing for individuals with addiction and mental health challenges (Obdach), and day structure programs (Wärchstatt). The website is built on Joomla CMS and incorporates modern web technologies such as Bootstrap and jQuery, with Google Analytics for visitor tracking. The site is well-structured, mobile-optimized, and presents a professional image consistent with its social mission. However, it lacks visible contact information on the homepage and does not implement cookie consent mechanisms, which may affect privacy compliance.

O

Open Source Matters, Inc.

joomla.org

72

Joomla.org represents the official website for Joomla!, a widely recognized open source content management system (CMS) established in 2005 and maintained by Open Source Matters, Inc. The platform empowers website creators with a flexible, mobile-friendly, and extensible CMS solution supported by a large global community. Joomla offers downloads, free hosted sites, training, certification, and a rich ecosystem of extensions and templates. The website reflects a mature and professional presence with consistent branding and comprehensive content aimed at developers, site administrators, and community members. Technically, the site leverages modern web technologies including Joomla CMS, Bootstrap 5, FontAwesome, Google Fonts, and various JavaScript libraries. It is hosted by Rochen and integrates analytics tools such as Google Analytics and Pingdom RUM for performance monitoring. The site is mobile-optimized, accessible, and SEO-friendly, providing a fast and user-friendly experience. From a security perspective, Joomla.org enforces HTTPS and employs CSRF tokens in forms, with regular security announcements published. However, explicit HTTP security headers and a dedicated security policy or incident response contact are not evident, representing areas for improvement. The WHOIS data is unavailable or malformed, limiting domain registration trust verification, but the website's content and ecosystem strongly support its legitimacy. Overall, Joomla.org demonstrates a strong digital maturity and business credibility with minor gaps in security transparency and WHOIS data availability. Strategic enhancements in security policy publication and domain registration transparency would further strengthen trust and compliance.

A

African Network Information Centre

afrinic.net

76

AFRINIC is the Regional Internet Registry (RIR) for Africa, responsible for the allocation and management of Internet number resources including IPv4, IPv6, and ASNs. Established in 1999, AFRINIC serves a critical role in supporting the African internet community, including ISPs, network operators, governments, and other stakeholders. The organization offers a range of services such as resource management, DNS support, routing security, training, and policy development, positioning itself as a key infrastructure entity in the African internet ecosystem. Technically, the website is built on Joomla CMS with modern frameworks like Bootstrap and Helix3, incorporating various third-party libraries such as jQuery and Font Awesome. It integrates analytics tools including Google Analytics and Matomo, and employs a comprehensive cookie consent mechanism via OneTrust, demonstrating a mature digital presence. The site is mobile-optimized and SEO-friendly, with structured data enhancing search engine visibility. From a security perspective, AFRINIC enforces HTTPS and demonstrates good security practices including the use of DNSSEC and RPKI programs. However, explicit security headers are not fully confirmed, and no dedicated security policy or incident response contacts are published, indicating areas for improvement. The WHOIS data is consistent with the organization's identity and history, reinforcing trustworthiness. Overall, AFRINIC's website reflects a professional, credible, and secure platform aligned with its mission. Strategic recommendations include enhancing security header implementation, publishing a formal security policy and incident response contacts, and improving accessibility features to further strengthen compliance and user experience.

G

Great Place To Work® Institute

greatplacetowork.com

75

Great Place To Work® Institute operates a comprehensive platform focused on building high-trust workplace cultures through employee surveys, certification, and employer recognition lists. The company targets employers and HR professionals seeking to improve workplace culture and employee engagement. The website demonstrates a mature digital presence with a Joomla CMS, modern JavaScript libraries, and integrated marketing and analytics tools such as Google Tag Manager and Marketo. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response information are absent. The WHOIS data is unavailable, which slightly reduces trust but the website's professional content and branding strongly support legitimacy. Overall, the site is well-designed, user-friendly, and compliant with privacy regulations.

G

Gymnase de Renens

gyre.ch

54

Gymnase de Renens is a Swiss educational institution providing secondary education including commerce, general culture, and bilingual maturity programs. The website serves as an official portal offering resources and information for students, staff, and administration. The site is well-structured with clear navigation and professional design, targeting primarily French-speaking users in Switzerland. Technically, the site is built on Joomla CMS with Bootstrap and jQuery, providing a responsive and moderately performant experience. Security posture is adequate with HTTPS enabled, but lacks important security headers and privacy compliance elements such as privacy and cookie policies. No forms or analytics scripts are detected, indicating minimal data collection. Overall, the domain registration aligns well with the institution's identity, supporting legitimacy and trustworthiness.

D

DUKOMETAL S.A.

dukometal.ch

38

DUKOMETAL S.A. is a Swiss-based specialist in industrial sheet metal work and thermopowder coating, offering a comprehensive range of manufacturing services including laser cutting, locksmithing, bending, and tank fabrication. The company targets industrial clients requiring high-quality sheet metal solutions and operates from modern facilities equipped with advanced machinery. The website is professionally designed using Joomla CMS and Bootstrap, providing a good user experience with clear navigation and relevant content. However, the site lacks visible privacy and cookie policies, which impacts compliance with GDPR and related regulations. Security posture is moderate with HTTPS usage but missing security headers and no visible incident response information. Overall, the website presents a credible and trustworthy business presence but would benefit from enhanced privacy and security practices.

C

CENTR VZW/ASBL

centr.org

57

CENTR is a well-established association founded in 1998 that represents European country code top-level domain (ccTLD) registries. It serves as a forum for information exchange, policy advocacy, and industry data analytics, positioning itself as a key voice in the European DNS community. The website reflects a professional and consistent brand image, targeting members and stakeholders in the domain registry sector. Technically, the site is built on Joomla CMS with modern libraries such as jQuery and Bootstrap, and it integrates Matomo for analytics, indicating a mature digital infrastructure. Security posture is solid with HTTPS and domain transfer protections, though improvements like enabling DNSSEC and adding security headers are recommended. Privacy compliance is partially addressed with clear privacy and cookie policies, but lacks explicit consent mechanisms. Overall, the domain registration data aligns well with the website content, supporting high legitimacy and trustworthiness.

C

CookieScript

cookie-script.com

65

CookieScript is a specialized SaaS provider offering comprehensive cookie compliance solutions tailored to meet GDPR, CCPA, and other global privacy regulations. The company positions itself as a Google CMP Gold Partner with strong market presence and high customer satisfaction ratings. Their key services include cookie banners, scanners, privacy policy generation, consent management, and advanced reporting, targeting website owners, agencies, and businesses requiring privacy compliance. Technically, the website is built on Joomla CMS, hosted on DigitalOcean with EU-based servers, and integrates modern web technologies and tracking tools such as Google Tag Manager and PageSense. Security posture is solid with HTTPS, CSRF protections, and EU data residency compliance, though improvements like DNSSEC and security headers are recommended. Overall, the website is professional, well-structured, and trustworthy, with no signs of malicious activity or content blocking.

Latvijas Valsts mežzinātnes institūts "Silava" is a Latvian government research institute specializing in forestry science. The organization provides scientific research, publications, consulting services, and organizes events related to forestry. The website serves as an information portal targeting researchers, forestry professionals, government entities, and the general public interested in forestry science. Technically, the website is built on Joomla CMS with modern JavaScript libraries such as jQuery and Bootstrap, and includes Google Tag Manager for analytics. The site is mobile-optimized and presents a professional design with clear navigation. Security posture is adequate with HTTPS enabled and CSRF tokens in forms, but lacks important security headers and a published security policy. Privacy compliance is partial with a cookie consent mechanism but no visible privacy or terms of service pages. Overall, the domain WHOIS data is consistent and trustworthy, matching the business profile. The website is safe with no adult or questionable content detected.

R

Russell Bedford Fiduciaire Genève SA

rbfg.ch

53

Russell Bedford Fiduciaire Genève SA is a well-established independent fiduciary and audit services provider based in Geneva, Switzerland, founded in 1987. The company operates two entities offering complementary services including fiduciary management, audit, tax expertise, company creation, and governance consulting. It benefits from membership in the global Russell Bedford International network, enhancing its international reach and expertise. The website is professionally designed using Joomla CMS and Bootstrap framework, with multilingual support and modern web technologies. Cookie consent is implemented, and Google Tag Manager is used for analytics. Security posture is generally good with HTTPS enforced, but lacks explicit security headers and published security policies. No blocking or WAF mechanisms were detected, and the domain registration data aligns well with the business profile, indicating legitimacy. Overall, the website presents a trustworthy and professional image suitable for its target audience of businesses and individuals seeking fiduciary and audit services.

G

GenerazionePiù Anziani OCST

generazionepiu.ch

57

GenerazionePiù is a Swiss non-profit association focused on supporting elderly individuals who have reached retirement age and wish to remain active and socially engaged. The organization offers a variety of social activities, events, and publications tailored to its target audience in the Ticino region. The website reflects a local community-oriented business model with a clear mission to enhance the quality of life for seniors. Technically, the website is built on the Joomla CMS platform, utilizing the Yootheme framework and UIkit for responsive design. It incorporates modern JavaScript libraries such as jQuery and Awesomplete, and integrates a newsletter system via AcyMailing. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. From a security perspective, the site enforces HTTPS and employs Joomla's built-in security features. However, it lacks explicit security headers like Content-Security-Policy and X-Frame-Options, which could enhance protection. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partially met with a privacy policy and GDPR consent in the newsletter form, but the absence of a cookie consent banner is a notable gap. Overall, the website presents a trustworthy and professional online presence for a small non-profit organization. Strategic improvements in security headers and privacy mechanisms would further strengthen its posture and compliance.

The website represents the Tripartite Berufsbildungskonferenz (TBBK), a Swiss governmental entity under the Staatssekretariat für Bildung, Forschung und Innovation (SBFI). It serves as a coordination platform linking operational committees with national political vocational education meetings. The site provides news, reports, and information about vocational education initiatives, targeting stakeholders in Swiss vocational training and government officials. The business model is governmental coordination and information dissemination with a medium-sized organizational footprint in Switzerland. Technically, the site is built on Joomla CMS with Bootstrap and jQuery, using Matomo for privacy-conscious analytics. The site is mobile-optimized and professionally designed with consistent branding. Security posture is good with HTTPS and form protections but lacks security headers and explicit privacy/cookie policies, which are compliance gaps. Overall, the domain registration and WHOIS data align well with the website's governmental nature, indicating high legitimacy and trustworthiness.

S

Syna

zusammen-stark.ch

59

Syna is a well-established Swiss trade union focused on promoting fair working conditions, solidarity, and security for employees across various sectors. With approximately 60,000 members, it offers services including collective labor agreements, legal advice, educational support, and partial reimbursement of professional contributions. The website is professionally designed, mobile-optimized, and provides comprehensive membership forms and information in German, French, and Italian. The technical infrastructure is based on Joomla CMS with modern UI frameworks and analytics tools such as Matomo and Facebook Pixel, indicating a mature digital presence. Security posture is good with HTTPS enforced and encrypted data collection, though some security headers could be improved. Privacy and cookie policies are present with consent mechanisms, reflecting GDPR compliance. Overall, the site is trustworthy, transparent, and serves its target audience effectively.

A

Airport Helicopter AHB AG

airportheli.ch

56

Airport Helicopter AHB AG is a well-established Swiss company specializing in helicopter flights and pilot training since 1993. The company operates multiple locations across Switzerland including Luzern-Beromünster, Basel, Grenchen, and Zürich, offering a wide range of services such as sightseeing flights, VIP and taxi flights, glacier flights, romantic and wedding flights, events, heli-skiing, and comprehensive pilot training programs. Their website reflects a professional and consistent brand image with clear navigation and relevant content targeting aviation enthusiasts and potential pilot trainees. Technically, the website is built on Joomla CMS with modern frontend technologies including Bootstrap, jQuery, and Owl Carousel. It is mobile-optimized and integrates Google Analytics and Tag Manager for user tracking. The site uses HTTPS with a good SSL configuration and implements GDPR-compliant cookie consent mechanisms. However, there is room for improvement in security headers and publishing explicit security policies. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, CSRF protection, and cookie consent. No critical vulnerabilities or suspicious content were detected. The WHOIS data aligns well with the business claims, showing a consistent and legitimate registration since 1993. Overall, the site presents a low risk profile with a solid security posture and compliance with privacy regulations. Strategically, the company should consider enhancing its security posture by adding security headers, publishing a security policy, and possibly a vulnerability disclosure policy. Improving accessibility features and expanding transparency around data retention would further strengthen trust and compliance.

A

Air-Glaciers SA

air-glaciers.ch

53

Air-Glaciers SA is a well-established Swiss aerial transport and mountain rescue company operating since 1965. The company offers a broad range of services including mountain rescue, helicopter transport, heliski, pleasure flights, agricultural aerial treatments, and flight training. It holds a strong market position as a leader in alpine aerial services in Switzerland, supported by multiple bases across key Swiss alpine regions. The website reflects a professional and consistent brand image with clear service offerings and contact information. Technically, the site is built on Joomla CMS with modern JavaScript libraries and integrates common marketing and analytics tools such as Google Analytics and Facebook Pixel. Security posture is good with HTTPS and CSRF protections, but lacks some advanced security headers and explicit privacy and cookie policies, which are compliance gaps. Overall, the website is trustworthy and serves its target audience effectively, though improvements in privacy compliance and security disclosures are recommended.

T

TUAG Triebwerk Unterhalt AG

tuag.ch

52

TUAG Triebwerk Unterhalt AG is a specialized helicopter engine maintenance and repair company based in Geneva, Switzerland. It operates as an official Safran Helicopter Engines approved center, servicing key engine models such as Arriel, Arrius, and Makila. The company is part of the Europavia Group, which provides a broader ecosystem of helicopter sales, maintenance, and spare parts services. TUAG's market position is solid within the European helicopter maintenance sector, serving clients in Switzerland, France, Belgium, and globally. The website reflects a professional business with clear service offerings and certifications, targeting helicopter operators and aviation maintenance providers. Technically, the website is built on Joomla CMS with common web technologies like jQuery and Bootstrap. It features a responsive design with moderate performance and basic SEO and accessibility features. The site uses HTTPS but lacks advanced security headers, which is a notable area for improvement. The contact mechanisms include multiple emails, phone numbers, and a contact form with a simple CAPTCHA, indicating basic data collection practices. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data but misses several security best practices such as security headers and robust CAPTCHA solutions. There is no visible privacy or cookie consent mechanism, which may impact GDPR compliance. The WHOIS data is consistent with the business claims, showing a legitimate and established domain registration. Overall, TUAG's website presents a trustworthy and professional image with room for enhancement in privacy compliance and security hardening. Strategic improvements in these areas would strengthen the company's digital trust and regulatory adherence.

S

Swiss Helicopter Maintenance AG

shm-ag.ch

50

Swiss Helicopter Maintenance AG is a specialized service provider in the helicopter maintenance sector, holding key certifications such as EASA Part-145 and CAMO approvals. The company operates multiple service centers in Switzerland and Liechtenstein, offering maintenance, avionics, continuing airworthiness management, and logistics services. Their market position is strong within the aviation maintenance niche, supported by authorized partnerships with major helicopter manufacturers and avionics dealers. The website reflects a professional and consistent brand image with clear service offerings targeted at helicopter operators and aviation clients. Technically, the website is built on Joomla CMS using the Astroid framework and SP Page Builder, incorporating modern web technologies such as jQuery and FontAwesome. It is mobile-optimized with good SEO practices and uses Matomo for analytics, indicating a moderate level of digital maturity. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security policies and incident response contacts. No critical vulnerabilities or exposed sensitive data were found. The WHOIS data is consistent with the business claims, enhancing trustworthiness. Overall, the security posture is solid but could be improved by adding security headers and formal policies. The overall risk assessment is low, with the website presenting a trustworthy and professional front for its business operations. Strategic recommendations include enhancing security transparency, adding incident response contacts, and continuous monitoring of third-party components to maintain security and compliance.

S

Syna

syna.ch

57

Syna is a well-established Swiss trade union dedicated to advocating for fair working conditions and balancing work and leisure for employees across various sectors. The website serves as a platform for membership engagement, legal advice, campaigns, and regional contact points. It targets employees in Switzerland and promotes petitions and initiatives relevant to labor rights. Technically, the site is built on Joomla CMS with modern UIkit framework and uses popular analytics and marketing tools such as Matomo, Facebook Pixel, and Google Tag Manager. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security headers and published security policies. WHOIS data confirms the domain's legitimacy and consistency with the organization's identity. Overall, the site is professional and trustworthy but could improve privacy compliance and contact transparency.

A

ASP Construction

asp-construction.org

48

ASP Construction is a well-established non-profit organization based in Quebec, Canada, specializing in health and safety training and resources for the construction industry. The website serves as a comprehensive portal offering mandatory safety courses, publications, and documentation to workers, employers, and associations. The organization maintains a strong market position as a trusted provider of construction safety education, supported by a mature domain and consistent branding. Technically, the website is built on Joomla CMS and integrates modern tools such as Google Analytics, Google reCAPTCHA, and CookieFirst for consent management. The site is mobile-optimized with good navigation and SEO practices, although some improvements in accessibility and security headers could enhance its posture. The domain is secured with HTTPS and registrar locks, but DNSSEC is not enabled. Security-wise, the site follows best practices including HTTPS enforcement and CAPTCHA protection on forms. However, the absence of DNSSEC and Content-Security-Policy headers are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms in place. Overall, ASP Construction's website demonstrates a solid security posture and professional digital presence, supporting its credibility and trustworthiness. Strategic enhancements in security headers and DNS security would further strengthen its defenses.

P

Progetto Yaya

progettoyaya.org

54

Progetto Yaya is a small non-profit organization focused on raising awareness and collecting testimonies about racial and ethnic profiling in Italy. The website serves as an advocacy platform to inform the public and support victims, leveraging partnerships with organizations such as Occhio Ai Media and Associazione Cittadini del Mondo Ferrara. The content is well-structured, multilingual, and targeted at a socially conscious audience. Technically, the site is built on Joomla CMS with Yootheme and UIkit frameworks, providing a modern and responsive user experience. Security posture is adequate with HTTPS enforced and GDPR-compliant cookie consent, though improvements like enabling DNSSEC and adding security headers are recommended. Overall, the website demonstrates good business credibility and privacy compliance, with clear contact information and no suspicious content detected.

H

Hugi Pro Sport GmbH

hugiprosport.ch

49

Hugi Pro Sport GmbH is a Swiss-based company founded in 2011, serving as the official Swiss general representative for the tennis and squash brand Tecnifibre. The company operates a professional website targeting both end customers and registered dealers, offering an online shop for sports products. The business model combines B2C and B2B e-commerce, focusing on retail distribution within Switzerland. The website is well-branded, consistent, and provides clear contact information, enhancing trust and credibility. Technically, the website is built on Joomla CMS with modern frameworks like Bootstrap 5 and integrates various libraries such as jQuery and Smart Slider 3. It uses Google Analytics for visitor tracking and is mobile-optimized with good SEO practices. Performance is moderate, and accessibility is basic but functional. Security is enforced via HTTPS with anonymized IP tracking in analytics, though some security headers are missing, and no explicit cookie consent mechanism is present. The security posture is solid but could be improved by adding standard security headers and formalizing incident response policies. No vulnerabilities or suspicious activities were detected. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Overall, the website presents a professional and secure platform for its retail operations. Strategic recommendations include implementing a cookie consent banner to enhance GDPR compliance, adding missing security headers, and publishing a security policy or incident response contact to improve transparency and readiness.

C

Cittadini del Mondo

cittadinidelmondo.org

54

Cittadini del Mondo is a small non-profit organization based in Ferrara, Italy, focused on supporting immigrant integration and protecting immigrant rights. Founded in 1993, it offers services such as Italian language courses and after-school programs. The organization also engages in social monitoring projects related to racial profiling and media discrimination. The website reflects a community-oriented mission with clear contact information and multimedia content supporting its cause. Technically, the site is built on Joomla CMS with Yootheme and UIkit frameworks, providing a modern and responsive user experience. Security posture is adequate with HTTPS and GDPR-compliant cookie consent, though it lacks advanced security headers and formal security policies. Overall, the site is trustworthy and professionally maintained, though WHOIS data is privacy protected, limiting domain registration transparency.

L

Logos Translations

logos.net

68

Logos Group is a professional translation and localization service provider with over 40 years of experience, specializing in technical, marketing, scientific, legal, and corporate content translation across more than 250 language combinations. The company targets businesses requiring comprehensive language services and offers a broad range of solutions including website localization, software and app localization, multimedia services, and eLearning solutions. Their market position is that of an established, reliable player with ISO certifications and a strong client portfolio. Technically, the website is built on Joomla CMS with modern frameworks and includes structured data for SEO. The site uses Matomo analytics, indicating a moderate level of user tracking with some privacy considerations. Security posture is good with HTTPS and CSRF protections, but lacks some security headers and explicit privacy/cookie policies. WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency. Overall, the website is professional, trustworthy, and well-structured but would benefit from enhanced privacy compliance and clearer domain registration information.

A

Associazione Cittadini del Mondo Ferrara

occhioaimedia.org

54

Occhio ai media is a non-profit organization affiliated with Associazione Cittadini del Mondo Ferrara, focusing on media monitoring, social justice, and immigrant rights advocacy in Italy. The website provides news, reports, videos, and projects related to anti-racism and social inclusion. It targets the Italian public interested in social issues and community activism. The organization operates through awareness campaigns, media content, and community projects, positioning itself as a niche player in the non-profit social justice sector. Technically, the website is built on Joomla CMS with the Yootheme template and UIkit framework, leveraging modern web technologies including jQuery and cookie consent plugins. The site is mobile-optimized, accessible, and performs moderately well. It uses HTTPS with a valid SSL certificate, although some security headers are missing. Cookie consent is implemented with an opt-in mechanism, indicating good privacy compliance. From a security perspective, the site shows good practices such as HTTPS enforcement and cookie consent blocking session cookies until consent. However, it lacks explicit security headers and does not provide visible security or incident response policies. WHOIS data is unavailable due to privacy protection, which is common for non-profits and does not raise immediate concerns. No vulnerabilities or suspicious patterns were detected. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. Strategic improvements could include adding security headers, publishing security policies, and implementing a vulnerability disclosure mechanism to enhance security posture and trust.

B

berufundfamilie Service GmbH

berufundfamilie.de

48

berufundfamilie Service GmbH operates as a specialized consulting and auditing firm focused on family-conscious personnel policies and employer branding in Germany. The company offers certifications such as audit berufundfamilie and audit beruf&vielfalt, alongside consulting services and training seminars targeted at employers, HR professionals, employees, and educational institutions. Their market position is that of an established medium-sized enterprise with a strong reputation in promoting work-life balance and diversity in the workplace. Technically, the website is built on Joomla CMS with modern frameworks like Helix and Bootstrap, ensuring responsive design and moderate performance. The site integrates standard web technologies including jQuery and FontAwesome, and employs Google Analytics and Tag Manager for user tracking, balanced with a comprehensive cookie consent mechanism to ensure GDPR compliance. From a security perspective, the site enforces HTTPS and uses cookie consent banners effectively. However, it lacks explicit security policies, incident response contacts, and advanced security headers, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, the website demonstrates a professional and trustworthy online presence with good content quality and compliance posture. Strategic recommendations include publishing a dedicated security policy, adding incident response information, and enhancing security headers to further strengthen the security posture.

O

Ordine Dei Medici Chirurghi e Odontoiatri della Provincia di Verona

omceovr.it

57

The website represents the Ordine Dei Medici Chirurghi e Odontoiatri della Provincia di Verona, a professional medical association serving the Verona region in Italy. It provides regulatory, informational, and service support to medical and dental professionals, positioning itself as a trusted regional authority. The site is well-structured, professionally designed, and targets healthcare professionals and the public within the province. Technically, it is built on Joomla CMS with modern frontend technologies like Bootstrap and jQuery, ensuring good mobile responsiveness and accessibility. Security posture is solid with HTTPS, DNSSEC, and cookie consent mechanisms, though explicit security headers and incident response policies are absent. Overall, the site is trustworthy, compliant with GDPR, and free from suspicious content or blocking mechanisms.

O

Ordine Dei Medici Chirurghi e Degli Odontoiatri della Provincia di Chieti

omceoch.it

57

The website represents the Ordine Dei Medici Chirurghi e Degli Odontoiatri della Provincia di Chieti, a professional regulatory body for medical and dental practitioners in the Chieti province of Italy. It provides regulatory information, professional services, continuing education, and member support. The site is well-structured, professionally designed, and compliant with GDPR and cookie regulations, targeting healthcare professionals and the public interested in medical regulatory matters. Technically, it is built on Joomla CMS with modern libraries like Bootstrap and jQuery, ensuring good performance and mobile responsiveness. Security posture is strong with HTTPS, DNSSEC, and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or suspicious activities were detected. Overall, the site is trustworthy, legitimate, and serves its professional audience effectively.

O

Ordine dei Medici Chirurghi e degli Odontoiatri della Provincia di Lucca

ordmedlu.it

54

The website www.ordmedlu.it represents the official online presence of the Ordine dei Medici Chirurghi e degli Odontoiatri della Provincia di Lucca, a professional regulatory body for medical doctors and dentists in the Lucca province of Italy. It serves as an information hub and service portal for registered professionals and the general public, offering access to professional registration, continuing education, news, and online services. The site is well-positioned as a local authoritative entity within the healthcare regulatory sector. Technically, the site is built on Joomla CMS with modern frontend frameworks like Bootstrap 5 and jQuery, ensuring a responsive and accessible user experience. The use of Matomo analytics with GDPR-compliant cookie consent reflects a mature approach to privacy and data protection. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the site is professional, trustworthy, and compliant with relevant regulations, supporting its role as a key resource for medical professionals in the region.

O

Ordine dei Medici Chirurghi e degli Odontoiatri della Provincia di Pescara

omceopescara.it

54

The website represents the Ordine dei Medici Chirurghi e degli Odontoiatri della Provincia di Pescara, a professional regulatory body for medical doctors and dentists in the Pescara province of Italy. It serves as an authoritative portal providing information, continuing education (ECM) events, online services, and regulatory updates to its members. The organization is well-established with a domain age of over 10 years, reflecting its longstanding presence in the healthcare sector. The site targets medical professionals and related stakeholders within the region, offering a range of services including professional registration, certificate issuance, and educational resources. Technically, the website is built on Joomla CMS with modern frontend technologies such as Bootstrap 5 and jQuery. It employs Matomo analytics for user tracking and has implemented GDPR-compliant cookie consent mechanisms. The site is mobile-optimized, accessible, and SEO-friendly, with a consistent and professional design. Security measures include HTTPS with DNSSEC enabled, though additional HTTP security headers could enhance its posture further. From a security perspective, the site shows good maturity with no visible vulnerabilities or blocking mechanisms. Privacy policies and cookie policies are clearly presented, supporting GDPR compliance. However, the absence of a published security policy or incident response contact limits transparency in security governance. Overall, the website is trustworthy, professional, and safe for general audiences. Strategically, the organization should consider publishing detailed security policies, implementing additional security headers, and maintaining up-to-date third-party libraries to further strengthen its security posture. Enhancing transparency around incident response and vulnerability disclosure would also improve trust and compliance.

O

Ordine dei Medici Chirurghi e degli Odontoiatri della Provincia di Taranto

omceota.it

53

The website https://omceota.it/ serves as the official online presence for the Ordine dei Medici Chirurghi e degli Odontoiatri della Provincia di Taranto, a professional regulatory body for medical and dental practitioners in the Taranto province of Italy. The site provides regulatory information, member services, and public resources consistent with its role as a government-subsidiary entity. The business model is focused on professional regulation and public service within the healthcare sector, targeting medical professionals and local citizens. Technically, the website is built on Joomla CMS with Bootstrap 5.3.3 and jQuery, indicating a mature but standard web infrastructure. The site employs Cookiebot for cookie consent management, ensuring GDPR compliance. The presence of DNSSEC and HTTPS with a valid certificate enhances domain and transport security. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site demonstrates good practices including HTTPS enforcement, DNSSEC, and cookie consent mechanisms. However, it lacks explicit security policy or incident response pages and could improve by adding security headers like Content-Security-Policy and publishing a security.txt file. No vulnerabilities or suspicious content were detected. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. It is suitable for its intended audience and purpose, with recommendations to enhance security posture and accessibility for further maturity.

O

Ordine Provinciale dei Medici Chirurghi e degli Odontoiatri di Venezia

omceovenezia.it

54

The Ordine Provinciale dei Medici Chirurghi e degli Odontoiatri di Venezia is a regional professional regulatory body for medical and dental practitioners in the Venezia province of Italy. The organization provides a range of services including membership management, professional training, certification issuance, and online service portals. The website reflects a well-structured and professional digital presence, targeting medical professionals with clear navigation and comprehensive content. Technically, the site is built on Joomla CMS with modern libraries such as Bootstrap and jQuery, ensuring good mobile responsiveness and accessibility. Security posture is solid with HTTPS enforced and GDPR-compliant cookie consent mechanisms, though some security headers could be improved. Overall, the site demonstrates a mature digital infrastructure suitable for a professional association, with strong trust indicators and compliance adherence.

O

Ordine Provinciale dei Medici Chirurghi e degli Odontoiatri di Vicenza

medicivicenza.org

58

The Ordine Provinciale dei Medici Chirurghi e degli Odontoiatri di Vicenza is a professional medical order representing physicians and dentists in the Vicenza province of Italy. The website serves as an official portal providing information, services, and resources to its members and the public, including registration, professional guidelines, continuing education, and online services. It holds a recognized position as a governmental subsidiary entity supporting healthcare professionals. The site is well-structured, professionally designed, and targets medical professionals and local citizens. Technically, it is built on Joomla CMS with modern libraries such as Bootstrap and jQuery, hosted by Register SpA, and employs HTTPS with domain security measures. The security posture is solid with GDPR-compliant cookie consent and domain locking, though it lacks DNSSEC and explicit security policies. Overall, the site is trustworthy, compliant, and functional with moderate performance and good accessibility.

U

Unione Professionale FARmacisti per i Medicinali Orfani

upfarm.it

60

UPFARM is a non-profit professional association of pharmacists in Italy specializing in the management and provision of orphan medicines for patients with rare diseases. The organization aggregates pharmacists nationwide to leverage their expertise in galenic preparations and support patients with rare conditions. The website reflects a niche healthcare focus with partnerships involving key Italian health agencies and federations. Technically, the site is built on Joomla CMS with a modern responsive design and uses common web libraries such as Bootstrap and jQuery. Security posture is adequate with HTTPS enforced and cookie consent implemented, though formal security policies and headers are absent. Overall, the site is professional, trustworthy, and well-aligned with its healthcare mission.