Security Directory

B

Business at OECD

biac.org

11

Business at OECD (BIAC) is a well-established advocacy organization representing the private sector's interests at the OECD. Founded in 1962, it connects over 55 national business and employer bodies, facilitating dialogue between business and government to promote economic growth and sustainable development. The website reflects a professional and authoritative presence with comprehensive policy content, reports, and event information targeting business leaders, policymakers, and OECD stakeholders. Technically, the site is built on HubSpot CMS, leveraging modern web technologies and analytics tools, with good mobile optimization and accessibility. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is evident with a clear privacy policy and cookie consent mechanisms. Overall, the site demonstrates high business credibility and trustworthiness, though WHOIS data is unavailable due to privacy protection, which is justified given the organization's nature.

W

Reiseberichte :: Welt bereisen

welt-bereisen.de

47

The website 'Welt bereisen' is a niche travel blog primarily focused on European travel, with a strong emphasis on cultural, historical, and religious sites. It offers detailed travel reports, photo galleries, and rich content aimed at travel enthusiasts interested in history and culture. The site is small-scale and appears to be managed by an individual or small team, with content quality rated as good and consistent branding. Technically, the site uses a custom CMS, modern web fonts, and common JavaScript libraries such as jQuery, along with Google Analytics and Piwik for tracking. It employs HTTPS and includes a cookie consent mechanism, indicating some level of GDPR compliance. However, explicit privacy policies and terms of service are missing, and no direct contact information is provided, which limits business credibility and privacy transparency. Security posture is moderate with HTTPS but lacks security headers and formal security policies. Overall, the site is safe, professional, and well-structured but could improve in privacy and security documentation.

T

Toimintakykyinen Suomi

toimintakykyinensuomi.fi

67

Toimintakykyinen Suomi is a Finnish non-profit initiative focused on promoting physical activity and improving functional capacity among the Finnish population. The website serves as a platform for campaigns, partner engagement, and public awareness, coordinated by the Finnish Olympic Committee (Suomen olympiakomitea). It targets a broad audience including individuals, workplaces, educational institutions, and organizations to foster healthier lifestyles and societal resilience. The initiative leverages partnerships with national organizations and integrates social media to amplify its message. Technically, the website is built on WordPress with modern JavaScript libraries and integrates third-party services such as Google Tag Manager, CookieHub for cookie consent, and Juicer for social media feeds. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Performance is moderate with room for optimization. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit advanced security headers. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with a comprehensive privacy policy linked from the parent organization’s domain. Contact information is limited to email addresses and partner site links, with no direct phone numbers found. Overall, the website presents a trustworthy and professional front for a national health campaign. It demonstrates good digital maturity and compliance with privacy regulations, though it could improve security header implementation and provide clearer direct contact options.

S

Suomisport

suomisport.fi

69

Suomisport is a Finnish digital platform designed to streamline the operations of sports clubs by providing comprehensive membership management, payment processing, event management, and communication tools. Supported by the Finnish Olympic Committee (Suomen Olympiakomitea), it holds a strong market position as a trusted and modern service for sports organizations of all sizes and disciplines. The platform targets sports clubs, athletes, and recreational sports participants, offering a unified mobile application and web services to enhance user experience and operational efficiency. Technically, the website is built on WordPress with modern integrations such as Gravity Forms, hCaptcha, and Google Tag Manager, ensuring a robust and user-friendly interface with good mobile optimization and accessibility. Security measures include HTTPS enforcement, spam protection via hCaptcha, and secure payment processing through Svea Payments, with regular security audits mentioned. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism, trustworthiness, and technical maturity, making it a reliable platform for its target audience.

S

Suomalaisen Työn Liitto

avainlippu.fi

52

Suomalaisen Työn Liitto is a well-established non-profit organization dedicated to promoting Finnish work and products through certification marks such as Avainlippu. The website serves as a comprehensive platform to inform consumers and businesses about the certification criteria, benefits, and application processes. The organization enjoys a strong market position in Finland with thousands of companies using its marks, reflecting trust and recognition in the Finnish market. Technically, the website is built on WordPress with modern plugins for SEO, analytics, and GDPR compliance, hosted on a reliable provider. Security posture is solid with HTTPS, cookie consent, and no evident vulnerabilities, though some security headers could be enhanced. Overall, the site is professional, user-friendly, and compliant with privacy regulations, supporting the organization's mission effectively.

E

EMMA-Espoo Museum of Modern Art

emmazone.fi

46

EMMA Zone is a digital content platform operated by EMMA – Espoo Museum of Modern Art, providing multimedia content such as articles, videos, interviews, and podcasts focused on modern art. The platform targets art enthusiasts and the general public interested in cultural content, positioning itself as a niche digital museum experience. Technically, the site is built on Angular 13, integrates Google Tag Manager for analytics, and uses Enzuzo for cookie consent management, reflecting a modern and compliant digital infrastructure. Security posture is solid with HTTPS enforced and no exposed sensitive data, though security headers and incident response information could be improved. Overall, the site is professional, trustworthy, and aligned with the museum's branding and mission.

П

ПАШОВИ КАРС ООД

pashovcars.com

57

Pashov Cars is a Bulgarian company specializing in the sale of high-quality used cars sourced from Europe, the USA, and Canada. The company offers a comprehensive range of services including free consultations, preferential leasing and credit terms, vehicle registration assistance, insurance services, and professional car servicing. Positioned as a trusted partner in the Bulgarian used car market, Pashov Cars targets individual and business customers seeking reliable automotive solutions. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, enhancing user experience and trust. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, with integration of Google Tag Manager and Facebook Pixel for analytics and marketing. The platform is built on a custom e-commerce solution by Valival Commerce, with moderate performance and good SEO practices. Security posture is solid with HTTPS enabled and domain transfer protections, though some security headers could be improved. Privacy compliance is addressed with visible privacy and cookie policies and a consent mechanism. Overall, the security posture is adequate for the business size, with no critical vulnerabilities detected. The domain registration data aligns well with the business claims, indicating legitimacy and transparency. Strategic recommendations include enhancing security headers, publishing a formal security policy, and continuous monitoring of third-party scripts to maintain security and compliance standards.

P

PraneKilimi.bg

pranekilimi.bg

51

PraneKilimi.bg is a small local Bulgarian business specializing in professional carpet and textile cleaning services in Sofia. The company offers a range of services including washing carpets, rugs, mats, blankets, and other textiles with free pickup and delivery within Sofia. The website demonstrates a solid market position with over 10 years of experience and a loyal customer base including institutions. Technically, the website uses modern web technologies such as Bootstrap, jQuery, and Google Tag Manager, providing a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though it lacks advanced security headers and explicit security policies. Privacy compliance is partial, with no visible cookie consent mechanism and only a basic privacy policy. Overall, the site is professional, trustworthy, and safe for general audiences.

E

Elinor.bg

elinor.bg

50

Elinor.bg is a Bulgarian e-commerce website specializing in the sale of perfumes, cosmetics, and makeup products. The site targets a general audience interested in beauty products and offers a large catalog with over 30,000 items. The business model is retail-focused, leveraging online sales channels to reach customers primarily in Bulgaria. The website presents a professional and consistent brand image with good content quality and user experience. Technically, the site integrates multiple modern marketing and analytics tools such as Google Analytics, Facebook Pixel, Criteo, and SendPulse, indicating a mature digital marketing infrastructure. Mobile optimization and SEO practices are adequately implemented, contributing to a positive user experience.

A

AMC+

amcplus.com

71

AMC+ is a subscription-based streaming service operated by AMC Networks, offering access to popular TV shows, movies, and live channels. The service targets a general audience interested in entertainment content, particularly fans of AMC's original programming and affiliated brands. The website is professionally designed, mobile-optimized, and integrates modern analytics and marketing technologies such as Google Tag Manager, Google Analytics, and mParticle. Cookie consent mechanisms are implemented, reflecting a basic level of privacy compliance. However, explicit privacy policy and terms of service pages were not found on the analyzed page, which is a compliance gap. The security posture is generally good with HTTPS enforced and no visible vulnerabilities, but lacks explicit security headers and published security policies or incident response contacts. WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency, though the website branding and content strongly indicate legitimacy as part of AMC Networks. Overall, the site scores well on content quality and business credibility but should improve privacy and security disclosures to enhance trust and compliance.

A

Alaya Tsanova

alayaart.com

53

Alaya Tsanova operates an online art gallery and e-commerce platform specializing in original artworks, prints, jewelry, and related artistic products. The website targets art enthusiasts and collectors, primarily in Bulgaria but accessible internationally. The business model focuses on direct sales through WooCommerce integrated into a WordPress site, supplemented by exhibition events and custom orders. The site demonstrates a consistent brand presence with clear navigation and professional design. Technically, the website leverages modern WordPress technologies including Elementor for page building, WooCommerce for e-commerce, and NitroPack for performance optimization. It integrates analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and Hotjar, indicating a mature digital marketing approach. The site is mobile-optimized and performs well with good SEO practices. From a security perspective, the site enforces HTTPS and includes standard security headers, cookie consent mechanisms, and privacy policies aligned with GDPR. However, there is a lack of explicit security policy, incident response contacts, and vulnerability disclosure information. The absence of WHOIS domain registration data raises concerns about domain legitimacy, which should be investigated further. Overall, the website is professional and trustworthy in content and presentation but would benefit from enhanced transparency in domain registration and contact information to improve business credibility and security posture.

E

EquipmentShare

equipmentshare.com

68

EquipmentShare is a large US-based construction equipment rental and technology company offering a wide range of rental equipment, sales of new and used machinery, and a proprietary fleet tracking platform called T3. The company operates a nationwide network of 348 locations, targeting construction firms and jobsite managers with integrated technology and service solutions. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the site leverages modern web technologies including Webflow CMS, Google Tag Manager, Datadog RUM, and Google Maps API, ensuring good performance and user experience. Security posture is strong with HTTPS, security headers, and privacy-conscious analytics implementation, though the absence of a public security policy or incident response contact is noted. The lack of WHOIS data limits domain trust verification but the overall site professionalism and business consistency support legitimacy. Strategic recommendations include publishing a vulnerability disclosure policy, incident response contacts, and enhancing accessibility compliance.

R

Regenerate Hub

regeneratehub.org

56

Regenerate Hub is a platform focused on promoting circular economy principles and nature-based solutions. The website presents minimal content with a clear title and description but lacks detailed business information, contact details, or policy documentation. The platform appears to target a general audience interested in sustainability and environmental solutions. Technically, the site uses modern web technologies such as React, Webpack, and integrates third-party services like Hotjar and Google Tag Manager for analytics and user engagement. However, the absence of privacy and cookie policies despite the use of tracking scripts indicates a gap in privacy compliance. Security posture is limited by lack of visible security headers and unknown SSL configuration. The WHOIS data is unavailable, likely due to privacy protection or query failure, which reduces transparency and trustworthiness. Overall, the site is functional but basic in content and security maturity.

A

AMC Networks

amc.com

74

AMC Networks operates a prominent media streaming platform offering a wide range of TV shows and movies, including popular series such as The Walking Dead and Better Call Saul. The website serves a broad audience interested in entertainment content, providing streaming, video extras, blogs, and e-commerce merchandise. The platform is well-positioned in the media industry with a strong brand presence and partnerships with related streaming and merchandise sites. Technically, the site leverages modern web technologies including React and integrates multiple analytics and advertising tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is evident with GDPR-aligned policies and cookie management. Overall, the site demonstrates high professionalism and trustworthiness, though the absence of WHOIS data is notable but likely due to privacy or registry configurations. Strategic recommendations include enhancing transparency around security policies and incident response, and adding vulnerability disclosure mechanisms.

DIRECTV is a major US-based telecommunications company specializing in satellite and streaming television services. The website promotes subscription-based offerings such as Genre Packs and sports packages, targeting a broad general audience interested in entertainment content. The company maintains a strong market position as a leading provider in the US TV streaming and satellite sector. Technically, the website is built on modern frameworks like Next.js and Material UI, with good mobile optimization and SEO practices. The use of multiple analytics and advertising platforms indicates a mature digital marketing strategy. Security-wise, the site enforces HTTPS and avoids exposing sensitive data, but lacks some security headers and explicit privacy and cookie policies, which are areas for improvement. Overall, the site is professional, trustworthy, and well-branded, though the absence of WHOIS data slightly reduces domain transparency and trust.

C

CEPIC

cepic.org

64

CEPIC is a well-established international non-profit organization serving as the global hub for visual media licensing and copyright advocacy. It provides networking opportunities, industry guidelines, and advocacy services to visual media professionals, trade associations, and companies worldwide. The website reflects a professional and consistent brand image, targeting a specialized audience in the media licensing sector. Technically, the site is built on modern platforms like Webflow and integrates membership management and analytics tools, indicating a mature digital infrastructure. Security posture is generally strong with HTTPS and no exposed sensitive data, though improvements in security headers and cookie consent mechanisms are recommended. The WHOIS data is incomplete, which slightly reduces domain trustworthiness, but the overall business credibility and website quality remain high.

O

Omidyar Network

omidyar.com

70

Omidyar Network is a well-established philanthropic organization focused on shaping the digital future through investments and advocacy in technology culture, governance, and business. The website reflects a mature digital presence with professional design, clear messaging, and comprehensive content aligned with its mission. Technically, the site is built on WordPress with modern frameworks and analytics tools, hosted with reputable providers and secured with HTTPS and domain locking mechanisms. Security posture is strong though lacking explicit published security policies or incident response contacts. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site presents a low-risk profile with high trustworthiness and professionalism.

Y

yeswecan!cer gGmbH

yeswecan-cer.org

58

yeswecan!cer gGmbH operates Germany's largest digital self-help group for cancer patients, providing a platform for patient exchange, expert interaction, and community support. The organization is positioned as a trusted non-profit in the healthcare sector, leveraging digital tools including a mobile app and online events to empower patients and their families. Their market position is strong within Germany, supported by partnerships and a medical advisory board. Technically, the website is built on WordPress with modern SEO and consent management plugins, ensuring good performance and compliance with GDPR. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though improvements could be made in DNSSEC and security headers. Overall, the site is professional, trustworthy, and well-optimized for its audience.

X

XO Life GmbH

impactmonitor.io

66

XO Life GmbH operates the brite™ platform, a unique meta-platform designed to provide digital product and therapy support for pharmaceutical and medical product companies. The platform serves as a one-stop-shop for digital treatment accompaniment, aiming to improve patient satisfaction, adherence, and engagement. The company targets pharma and medical product manufacturers, healthcare providers, and patients, positioning itself as an innovative leader in the European digital health market. The website is professionally designed, well-branded, and provides comprehensive information about the platform's benefits and partner ecosystem. Technically, the website leverages modern web technologies including Webflow CMS, jQuery, Google Tag Manager, and Microsoft Clarity for analytics, hosted likely behind Cloudflare infrastructure. The site is fast, mobile-optimized, and accessible, with strong SEO practices. Privacy compliance is well addressed with a detailed privacy policy and cookie consent mechanism. From a security perspective, the site uses HTTPS and includes CAPTCHA protections on forms, but lacks explicit security headers and published security policies or incident response information. The absence of WHOIS data is a notable anomaly, raising questions about domain registration transparency, though the professional nature of the site and contact details support legitimacy. Overall, the site presents a low risk with good security posture and privacy compliance, but would benefit from enhanced security disclosures and verification of domain registration details.

S

S-Markt & Mehrwert GmbH & Co. KG

s-reisewelt.de

68

S-Reisewelt is a German travel portal operated by S-Markt & Mehrwert GmbH & Co. KG, affiliated with the Sparkasse banking group. The website offers a wide range of travel services including package holidays, cruises, hotels, flights, car rentals, and travel insurance. It targets German-speaking travelers seeking quality and affordable travel options with a focus on customer service and personalized recommendations. The platform integrates multiple partners such as Booking.com, GetYourGuide, and PAYBACK to enhance user experience and loyalty benefits. Technically, the website is built using modern web technologies like React and Apollo GraphQL, hosted likely on T-Systems infrastructure, and optimized for mobile devices with good SEO practices. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although no dedicated security policy or incident response contacts are published. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the site is professional, trustworthy, and well-positioned in the German travel market.

S

Simple Plan Foundation

simpleplanfoundation.org

59

The Simple Plan Foundation website represents a small non-profit organization established in 2005 by the band Simple Plan to support young people in need and victims of life-threatening illnesses. The foundation operates primarily in Canada and targets youth and charitable supporters. The website is built on the Squarespace platform, leveraging modern web technologies including Google Tag Manager and Facebook Pixel for analytics and marketing. The site is mobile-optimized with good design quality and clear navigation, though it lacks visible privacy and cookie policies, which impacts privacy compliance scores. Security posture is strong with HTTPS and HSTS enabled, but additional security headers could enhance protection. The absence of public WHOIS data suggests privacy protection, which is reasonable for a non-profit entity. Overall, the site is professional and trustworthy but could improve transparency and compliance documentation.

B

Band T-Shirts

bandtshirts.com.au

60

Band T-Shirts is an Australian e-commerce retailer specializing in official licensed band merchandise including T-shirts, hoodies, vinyl, and other music-related products. The website is professionally designed with a clear focus on music fans seeking authentic merchandise from a wide range of artists. The business operates under LP/ATM Pty Ltd, part of the Mushroom Group, indicating a solid market position within the music merchandising niche. The site demonstrates a commitment to sustainability through carbon neutral shipping partnerships. Technically, the website uses modern JavaScript libraries and tracking tools, hosted likely on AWS infrastructure, with good mobile optimization and SEO practices. Security posture is strong with HTTPS and secure payment integrations, though improvements are recommended in security headers and privacy compliance mechanisms. Overall, the site is trustworthy and professionally maintained, though WHOIS data is unavailable due to privacy protection, limiting full domain trust analysis.

D

deutsche Automobilberatung Oranienburg

dabag.de

48

The website www.dabag.de represents deutsche Automobilberatung Oranienburg, a small-sized automobile consulting and brokerage service based in Germany. The company offers services including automobile brokerage, fleet management, custom vehicle procurement, and financing solutions. The website is professionally designed using WordPress CMS with SEO optimization and targets automobile customers and fleet managers primarily in the German market. The business has been active since at least 2014, consistent with the domain age. Technically, the website employs a modern technology stack including jQuery, Google Tag Manager, Google Analytics, Meta Pixel, and Cookiebot for cookie consent management. The site is hosted likely on your-server.de, a German hosting provider, and uses HTTPS with good SSL configuration. Performance is moderate with good mobile optimization and basic accessibility features. SEO is well implemented with meta tags and structured data. From a security perspective, the site uses HTTPS and cookie consent with blocking mode, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. The site uses multiple third-party analytics and marketing scripts, indicating extensive user tracking but with GDPR-compliant consent mechanisms in place. Overall, the website is safe, professional, and trustworthy with no adult or questionable content. The domain registration and hosting details align with the business claims, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving accessibility to further strengthen the security posture and compliance.

V

VGN Medien Holding GmbH

vgn.at

72

VGN Medien Holding GmbH is Austria's leading magazine publisher, established in 1992 with a strong portfolio of print and digital media brands. The company targets the Austrian population with content spanning politics, society, lifestyle, business, and entertainment. Their business model integrates traditional publishing with digital innovation and content marketing services, positioning them as a market leader in the Austrian media sector. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, and OneTrust for cookie consent, ensuring a compliant and user-friendly experience. The site is mobile-optimized and SEO-conscious, reflecting a mature digital infrastructure. Security-wise, the website enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security policy pages and incident response contacts, which are recommended for enhanced transparency and readiness. Overall, the website is professional, trustworthy, and compliant with GDPR, with no detected critical vulnerabilities or suspicious content.

A

Alzheimer Schweiz

alzheimer-schweiz.ch

53

Alzheimer Schweiz is a well-established Swiss non-profit organization dedicated to supporting people affected by dementia and Alzheimer’s disease. The organization provides comprehensive information, advice, support services, and community engagement platforms tailored to patients, families, healthcare professionals, and interested parties. It operates nationally with regional sections covering all Swiss cantons, demonstrating broad reach and local presence. The website is professionally designed, content-rich, and highly user-friendly, reflecting a mature digital presence. Technically, the website is built on TYPO3 CMS and leverages modern web technologies including jQuery, Google Tag Manager, and Facebook Pixel for analytics and marketing. The site is mobile-optimized and accessible, with good SEO practices and performance. Security posture is solid with HTTPS enforced and cookie consent implemented, though some advanced security headers and explicit security policies are not publicly disclosed. From a security and compliance perspective, the site shows good GDPR compliance with clear privacy and cookie policies. Contact information is transparent and complete, enhancing trust. No critical vulnerabilities or suspicious activities were detected. The domain registration data aligns well with the organization's identity, supporting legitimacy. Overall, Alzheimer Schweiz presents a trustworthy, professional, and well-managed online presence suitable for its healthcare and non-profit mission. Strategic improvements could include publishing explicit security policies, incident response information, and enhancing HTTP security headers to further strengthen security posture.

R

Reformierte Kirche Kanton Luzern

reflu.ch

62

The website www.reflu.ch serves as the official online presence of the Reformed Church of the Canton of Luzern, Switzerland. It provides information about church services, pastoral care, community events, and regional church congregations. The site targets local German-speaking community members seeking spiritual support and church-related activities. The business model is non-profit and government-affiliated, focusing on community and religious services. The website is well-branded and consistent with the church's identity, featuring event calendars and news updates that demonstrate active engagement with its audience. Technically, the site employs modern web technologies including HTML5, CSS3, JavaScript, and integrates tracking pixels from TikTok, Facebook, and Google Tag Manager. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. However, it lacks explicit privacy and cookie policies, which is a notable compliance gap. Security posture is generally good with HTTPS enforced, but the absence of security headers and explicit incident response contacts reduces the overall security maturity. From a security and compliance perspective, the site does not present critical vulnerabilities or exposed sensitive data. The WHOIS data aligns well with the website's claims, showing consistent registrant information appropriate for a regional church organization. No WAF or blocking mechanisms were detected, allowing full content access. The site does not contain any adult or NSFW content, making it safe for general audiences. Overall, the website is credible and professionally maintained but would benefit from enhanced privacy compliance measures and improved security headers. Adding clear contact information for security incidents and a vulnerability disclosure policy would further strengthen trust and compliance.

D

Derendinger AG

derendinger.ch

72

Derendinger AG is the largest supplier of automotive spare parts and consumables in the Swiss aftermarket, serving professional garages and workshops. The company offers a wide range of products including parts for passenger cars, commercial vehicles, motorcycles, tires, lubricants, and workshop equipment, supported by consulting and training services. Their market position is strong as a key player within the Swiss Automotive Group. Technically, the website is built on Neos CMS with modern JavaScript libraries such as Swiper.js and integrates analytics and consent management tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and privacy compliance evident through clear policies and consent mechanisms, though formal security policies and incident response contacts are not publicly disclosed. Overall, the website is professional, trustworthy, and well-optimized for user experience and SEO, supporting the company's business credibility and market presence.

S

Strauhof

strauhof.ch

49

Strauhof is a small Swiss cultural institution and museum dedicated to literature, offering exhibitions, events, and educational programs. The website serves as an information portal for current and upcoming exhibitions and literary events, targeting literature enthusiasts and the general public interested in cultural activities. The business model revolves around cultural promotion and education rather than commercial sales. Technically, the website is built on WordPress using common plugins such as Contact Form 7 and jQuery, with Google Tag Manager integrated for analytics. The site is mobile-optimized and presents a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure; however, it lacks security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and no consent mechanism. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security practices.

C

Carxpert Automotive

carxpert.ch

67

Carxpert Automotive operates a network of independent quality garages in Switzerland, offering comprehensive automotive services including consultation, diagnosis, maintenance, and repair for all vehicle brands. The website positions itself as a trusted network with ongoing partner additions and a focus on quality service. Technically, the site is built on the Neos CMS platform using the Flow PHP framework, integrating modern tools such as Google Tag Manager and Usercentrics for analytics and consent management. The site is multilingual and mobile-optimized, providing a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms but lacks explicit security policies or incident response information. No critical vulnerabilities or exposed sensitive data were detected, indicating a solid security posture. Overall, the website is trustworthy, compliant with GDPR, and well-positioned in its market niche.

Pfarrei St. Theodul Littau is a local parish community serving the Littau-Luzern area in Switzerland. The website provides comprehensive information about religious services, community events, social projects, and educational offerings targeted at families, youth, seniors, and the broader local community. The organization operates as a non-profit religious entity with a strong focus on community engagement and spiritual support. Technically, the website uses modern web technologies including Google Tag Manager and OpenStreetMap, with a responsive design and moderate performance. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies are missing. Overall, the site is trustworthy, professionally presented, and compliant with basic privacy regulations.

K

Katholische Kirche Stadt Luzern

kathluzern.ch

10

Katholische Kirche Stadt Luzern is a non-profit religious organization serving the community of Luzern and beyond. The website provides comprehensive information about their services, including religious sacraments, social support, youth and family programs, and community engagement. The organization maintains a strong local presence with clear contact information and active social media channels. Technically, the website is built on TYPO3 CMS, uses HTTPS, and integrates Google Analytics and Tag Manager with consent mechanisms, reflecting a mature digital infrastructure. Security posture is good with no critical vulnerabilities detected, though improvements in security headers and incident response disclosures are recommended. Overall, the site is professional, trustworthy, and compliant with GDPR, making it a reliable resource for its audience.

A

Augenweide Kommunikation GmbH

augenweide.swiss

11

Augenweide Kommunikation GmbH is a Swiss communication agency based in Solothurn, specializing in advertising, branding, and comprehensive communication services. The company targets businesses and organizations seeking professional communication strategies and creative advertising solutions. Their market position is that of a reputable regional agency with a portfolio of diverse projects and notable clients, emphasizing quality and meaningful content. Technically, the website is built on WordPress with modern optimizations including Yoast SEO, Google Tag Manager, and WP Rocket for performance. The site features rich multimedia content such as embedded Vimeo videos and is well-optimized for mobile devices, providing an excellent user experience. SEO and accessibility practices are strong, supporting the agency's professional image. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and dedicated security or incident response pages. No vulnerabilities or exposed sensitive data were detected. WHOIS data is privacy protected, which is common and justified for this business type, and does not raise suspicion. Overall, Augenweide presents a trustworthy, professional online presence with strong content quality and technical implementation. Strategic improvements in security headers and transparency around security policies could further enhance their security posture and trustworthiness.

F

Faires Lager

faires-lager.ch

36

Faires Lager is a Swiss non-profit initiative dedicated to promoting sustainable practices in youth camps by providing educational tools, competitions, and resources to camp leaders, kitchen teams, and trainers. The project is supported by recognized youth and church organizations and aims to foster ecological and social responsibility among young participants. The website is professionally designed using TYPO3 CMS, with multilingual support and integration of modern analytics tools such as Google Analytics and Tag Manager. It features clear navigation, relevant content, and trust signals including testimonials and partner logos. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and policies could be improved. Contact information is comprehensive, including physical address, phone, and contact forms. WHOIS data confirms domain legitimacy and consistency with the organization's profile.

B

Buchkatalog

buchkatalog.de

62

Buchkatalog.de is a German online bookstore offering millions of books with options for local pickup and shipping. It operates a large network of bookstores and provides advanced search capabilities for customers. The website uses modern web technologies including Next.js and React, and integrates Google Tag Manager for analytics. The site is well-structured, mobile-optimized, and provides a good user experience with clear navigation and professional design. However, it lacks visible privacy and cookie policies, security headers, and explicit contact information such as emails or phone numbers, which are important for trust and compliance. The domain appears legitimate with active registration and appropriate name servers, though registrant details are not fully disclosed. Overall, the site is functional and professional but could improve its privacy compliance and security posture.

The Fédération Suisse des Parlements des Jeunes (FSPJ) is a Swiss non-profit organization dedicated to youth political education and participation. It serves as a neutral competence center supporting 65 youth parliaments across Switzerland and Liechtenstein. The website provides comprehensive information about its mission, services, and offers tailored for young people, educators, and local governments. Multilingual support and partnerships with organizations like easyvote.ch and engage.ch enhance its outreach and impact. Technically, the site is built on WordPress with modern plugins and optimizations, delivering a responsive and accessible user experience. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with detailed policies and consent mechanisms. Overall, the site reflects a professional, trustworthy, and mission-driven organization with a strong digital presence.

S

Swiss Athletics

swiss-athletics.ch

57

Swiss Athletics is the official national federation for athletics in Switzerland, focusing on promoting elite sports, youth development, and broad participation. The organization operates a comprehensive website offering event registration, licensing, athlete support, coaching education, and competition results. The site targets athletes, coaches, officials, and athletics enthusiasts within Switzerland. Technically, the website is built on WordPress with modern plugins and integrates Google advertising and analytics tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response information are lacking. Overall, the website is professional, trustworthy, and well-optimized for SEO and mobile use, supporting the federation's mission effectively.

B

Bosch Energy and Building Solutions

go-to-bosch.com

56

Bosch Energy and Building Solutions is a large, well-established business entity operating in Germany, specializing in integrated building technologies including security systems, energy efficiency, building automation, and digital services. The website reflects a professional and comprehensive digital presence with strong Bosch branding, targeting commercial building operators, planners, and partners. The company offers a broad portfolio of services and maintains active engagement through events and webinars. Technically, the site uses modern web technologies, including Google Tag Manager and custom Bosch frameworks, with good mobile optimization and accessibility. Security posture is solid with HTTPS and consent management, though some security headers could be improved. WHOIS data is unavailable, which slightly impacts trust but is mitigated by the strong brand presence and professional content. Overall, the site is trustworthy, well-maintained, and compliant with GDPR regulations.

M

meister-boxx GmbH

fachkraft-boerse.de

55

FACHKRAFT-BÖRSE is a German online recruitment platform operated by meister-boxx GmbH, focusing on connecting employers with skilled professionals across various sectors such as industry, healthcare, and services. The platform offers job seekers the ability to create profiles and receive job offers anonymously, while employers can post jobs and search for candidates. The website is well-structured, professionally designed, and targets a German-speaking audience with localized content. Technically, the site uses modern JavaScript libraries including jQuery and integrates Google Tag Manager for analytics, alongside a robust cookie consent mechanism compliant with GDPR requirements. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the site demonstrates a mature digital presence suitable for its niche market.

M

meister-boxx GmbH

fortbildung24.com

53

FORTBILDUNG24, operated by meister-boxx GmbH, is a German-language online platform specializing in the comparison of seminars, further education courses, master schools, and professional training. The website serves individuals and companies seeking to enhance their skills and qualifications by providing a comprehensive comparison and search assistant service. The platform positions itself as a trusted intermediary connecting learners with educational providers across various sectors including industry, health, IT, and management. Technically, the website employs a modern tech stack including jQuery, Bootstrap, Font Awesome, and integrates Google Tag Manager and Analytics for tracking. It uses consentmanager.net for GDPR-compliant cookie consent management, ensuring user privacy and regulatory adherence. The site is mobile-optimized and features structured data for SEO enhancement, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and provides a granular cookie consent mechanism. However, it lacks explicit security headers and a published security policy or incident response page. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data is a minor concern but is mitigated by the professional presentation and compliance indicators. Overall, FORTBILDUNG24 presents a low-risk profile with a solid business model focused on education services. Strategic recommendations include enhancing security headers, publishing a security.txt file, and improving accessibility compliance to further strengthen trust and security posture.

F

Fernstudium Direkt

fernstudium-direkt.de

58

Fernstudium Direkt operates as a leading German online comparison portal specializing in distance learning and continuing education. The platform offers comprehensive information on courses, providers, costs, prerequisites, and user reviews, targeting individuals seeking flexible educational opportunities. It partners with over 120 educational providers, providing a broad catalog of nearly 5,000 courses and 1,200 study programs, positioning itself strongly in the German education market. Technically, the website is built on Drupal 10, leveraging modern web technologies including Google Tag Manager and Usercentrics for consent management, ensuring GDPR compliance. The site is well-optimized for mobile devices, fast loading, and accessible, with a professional design and clear navigation enhancing user experience. From a security perspective, the site enforces HTTPS and integrates consent-based script loading, but could improve by implementing explicit security headers like Content-Security-Policy and publishing a security.txt file. No critical vulnerabilities or exposed sensitive data were detected. Privacy policies and cookie consent mechanisms are present and comprehensive, supporting regulatory compliance. Overall, Fernstudium Direkt demonstrates a mature digital presence with strong business credibility and trust indicators. The absence of direct contact emails or phone numbers on the homepage slightly limits immediate contact transparency but is mitigated by extensive social media presence and legal pages. Strategic improvements in security policy transparency and incident response information would further enhance trust and security posture.

I

Infogram

infogr.am

10

Infogram is a well-established technology company specializing in AI-powered interactive data visualization tools. Their platform enables users to create infographics, charts, dashboards, maps, and social media graphics with ease, targeting businesses, marketers, educators, and nonprofits. The website reflects a mature digital presence with modern technologies such as React, Google Analytics, Hotjar, and cookie consent mechanisms, indicating a high level of digital maturity and user experience focus. Security posture is solid with HTTPS enforcement and domain registration protections, though some enhancements like DNSSEC and explicit security policies could improve trust further. Overall, the site is professional, trustworthy, and well-optimized for performance and accessibility.

P

Portes Ouvertes Suisse

portesouvertes.ch

66

Portes Ouvertes Suisse is a well-established Swiss non-profit organization dedicated to supporting persecuted Christians worldwide since 1955. The website serves as a comprehensive portal for information, prayer campaigns, donation facilitation, and awareness raising, primarily targeting French-speaking audiences. It maintains a strong market position within the non-profit sector focused on religious freedom and humanitarian aid. Technically, the site leverages modern frameworks such as Bootstrap and Microsoft PowerApps Portal, integrating multiple analytics and marketing tools including Google Tag Manager, Microsoft Clarity, and Facebook Pixel. The hosting and telemetry suggest a robust Microsoft Azure infrastructure. Security posture is solid with HTTPS enforcement, security headers, and consent management, though explicit security policies and incident response contacts are absent. Overall, the site demonstrates good digital maturity, professional design, and trustworthy content aligned with its mission.

O

OpenSesame

opensesame.com

73

OpenSesame is a well-established online training platform founded in 2011, offering a vast catalog of expert-led courses aimed at helping businesses close skill gaps and develop their workforce. The company leverages AI-powered recommendations and curated content to deliver scalable learning solutions. Their market position is strong within the corporate training and e-learning sectors, supported by a professional website with rich multimedia and comprehensive resources. Technically, the site uses WordPress CMS with integrations including HubSpot, Wistia, and Google Tag Manager, reflecting a mature digital infrastructure. Security posture is solid with HTTPS, security headers, and secure forms, though public vulnerability disclosure and incident response information are lacking. Overall, the website is professional, trustworthy, and well-optimized for SEO and user experience, but WHOIS data is incomplete or protected, slightly reducing transparency.

D

Dorint Hotels & Resorts

dorint.com

59

Dorint Hotels & Resorts is a well-established hospitality company operating approximately 65 hotels across Germany, Austria, and Switzerland. The website serves as a comprehensive platform for hotel bookings, event hosting, and culinary experiences targeting both leisure and business travelers. The company demonstrates a strong market position with a large footprint in the DACH region. Technically, the website is built on TYPO3 CMS, integrates modern analytics and marketing tools, and provides a GDPR-compliant cookie consent mechanism. Security posture is solid with HTTPS enforced and domain registration consistent with business claims, though improvements such as enabling DNSSEC and adding security headers are recommended. Overall, the site is professional, trustworthy, and user-friendly, supporting the company's business objectives effectively.

L

Liechtenstein Marketing

liechtenstein-business.li

64

The website www.liechtenstein-business.li serves as an official platform promoting Liechtenstein as a prime business and economic location. It provides comprehensive information on the economic advantages, company formation processes, business news, and the financial and industrial sectors of Liechtenstein. The site targets businesses, entrepreneurs, and professionals interested in establishing or expanding operations in Liechtenstein. The business model is governmental and marketing-oriented, positioning Liechtenstein as a competitive and attractive business hub. Technically, the website is built on the Concrete5 CMS and utilizes modern web technologies including jQuery, Matomo and Google Analytics for tracking, Google Tag Manager, and Usercentrics for consent management. The site is mobile optimized with good SEO practices and a clear navigation structure, although accessibility features are basic. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS, employs standard security headers, and integrates consent mechanisms for cookies, reflecting a good security posture. No vulnerabilities or exposed sensitive data were found. However, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced security maturity. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. It effectively supports Liechtenstein's business promotion objectives while maintaining a secure and user-friendly environment. Strategic recommendations include adding explicit security and incident response policies, improving accessibility, and providing terms of service to further enhance compliance and user trust.

P

Papenfuss | Atelier

atelierpapenfuss.de

51

Papenfuss | Atelier is a specialized agency based in Germany offering communication, design, web development (notably TYPO3 CMS), and interior architecture services. Established in 1990, the agency focuses on sectors such as nature & environment, culture, tourism, and UNESCO World Heritage projects. Their website reflects a mature, professional business with a strong portfolio and long-term client relationships. The technical infrastructure leverages TYPO3 CMS, Google Tag Manager, Google Analytics, and Klaro for consent management, indicating a modern and privacy-conscious digital presence. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Overall, the website is well-designed, mobile-optimized, and provides clear contact information, enhancing trust and user experience.

G

Give

give.do

10

Give.do is an online donation platform focused on facilitating donations to verified NGOs and social causes primarily in India. The platform offers monthly giving missions, gift cards, and supports fundraisers, positioning itself as a trusted and leading donation platform in the Indian non-profit sector. The website demonstrates a modern technical infrastructure using React and Next.js, hosted on AWS, and integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, and CleverTap. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the platform is credible and trustworthy but would benefit from enhanced privacy and security disclosures.

W

WEMAG

wemag.com

46

WEMAG is a regional German energy and internet service provider specializing in sustainable solutions such as certified green electricity, natural gas, photovoltaic systems, heat pumps, and fiber-optic internet. The company targets private customers, businesses, and municipalities with tailored energy and telecommunications products. The website is built on Drupal 10 and incorporates modern technologies including lazy loading images and consent management via Usercentrics. Security posture is solid with HTTPS and consent mechanisms, though explicit privacy and security policies are not clearly presented. WHOIS data is unavailable, which slightly impacts trust but the professional presentation and clear service offerings support legitimacy. Overall, WEMAG demonstrates a mature digital presence with room for improvement in transparency and security disclosures.

Finform AG is a Swiss company specializing in digitalized compliance services tailored for financial institutions, focusing on client onboarding and compliance back-office support. Their unique real-time onboarding process, supported by expert intervention for complex cases, positions them as an innovative service provider in the finance sector. The website reflects a professional and trustworthy image, supported by client testimonials and partnerships with recognized financial entities such as PostFinance AG and Yuh Ltd. Technically, the site is built on the Contao CMS with modern web technologies including Bootstrap, jQuery, and integrates security measures like hCaptcha and HTTPS. Privacy and cookie policies are well implemented, indicating GDPR compliance. However, the absence of a terms of service page and explicit security or incident response policies suggests areas for improvement. Overall, the site demonstrates a strong security posture with no critical vulnerabilities detected, and the WHOIS data aligns well with the business claims, supporting legitimacy.