Security Directory

Z

Zweckverband Personennahverkehr Saarland (ZPS)

zps-online.de

10

Zweckverband Personennahverkehr Saarland (ZPS) operates as a regional public transportation authority in Saarland, Germany, focusing on coordinating and planning local passenger transport services including rail and bus networks. The website serves residents and commuters in the region, providing information on transport tasks, schedules, and news. The organization positions itself as a key regional player in public transport management with a medium-sized operational scale. Technically, the website is built on WordPress using Elementor and Yoast SEO plugins, indicating a modern and maintainable infrastructure. It employs Matomo analytics for privacy-conscious user tracking and Borlabs Cookie for GDPR-compliant cookie management. The site is mobile-optimized and accessible, with good SEO practices and structured navigation. From a security perspective, the site uses HTTPS with good SSL configuration and cookie consent mechanisms. However, explicit security headers are not clearly detected, and no public security or incident response policies are found. No vulnerabilities or suspicious content are evident, and the site maintains a good security posture overall. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving its public sector transportation role effectively. Strategic improvements in security headers and incident response transparency could further enhance its security maturity and stakeholder trust.

V

Verkehrsverbund Rhein-Neckar GmbH

vrn.de

49

Verkehrsverbund Rhein-Neckar GmbH operates as a regional public transportation authority in the Rhein-Neckar area of Germany, providing comprehensive services including bus, train, and tram schedules, ticketing, and mobility solutions such as carsharing and e-scooters. The website serves as a central portal for journey planning, traffic updates, and customer service, targeting commuters and general public users in the region. The business model is focused on facilitating public transport and mobility services within a defined geographic area, positioning VRN as a key regional transport provider. Technically, the website is built on the Imperia CMS platform and leverages modern web technologies including jQuery, Leaflet for maps, and Foundation for responsive design. It integrates Matomo analytics with user consent, demonstrating a mature approach to data privacy. Accessibility features such as skip links and visual assistance tools are implemented, enhancing usability for diverse users. Performance is moderate with good mobile optimization and SEO practices. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security policy documentation and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is limited but consistent with a legitimate regional transport entity. Overall, the site demonstrates a solid security posture with room for improvement in transparency and security policy communication. The overall risk is low given the nature of the business and the absence of suspicious indicators. Strategic recommendations include publishing a dedicated security policy, providing incident response contact details, enhancing HTTP security headers, and considering a vulnerability disclosure policy to further strengthen trust and compliance.

R

Regentalbahn GmbH

zugsammen.de

51

Die Länderbahn GmbH, betrieben unter Regentalbahn GmbH, ist ein führendes privates Eisenbahnverkehrsunternehmen im regionalen Personennahverkehr in Deutschland und Tschechien. Die Website präsentiert umfassende Karriere- und Ausbildungsangebote, unterstützt durch moderne Technologien wie Talention für Recruiting und Matomo sowie Google Tag Manager für Analytics. Die technische Infrastruktur ist modern, mobiloptimiert und nutzt Cloudflare als Hosting- und DNS-Anbieter. Die Sicherheitslage ist solide mit HTTPS und Cookie-Consent-Mechanismen, jedoch fehlen explizite Sicherheitsrichtlinien und Incident-Response-Kontakte. Die Website ist vertrauenswürdig, professionell gestaltet und bietet klare Kontaktinformationen, was die Glaubwürdigkeit stärkt.

F

FEGIME Deutschland

fegime.de

59

FEGIME Deutschland is a German association of medium-sized electrical wholesalers, providing extensive services to its 45 family-owned member companies and their partners. The organization holds a leading market position in the German electrical wholesale sector, representing a significant turnover and a broad network of locations. The website is professionally designed using TYPO3 CMS, with moderate technical maturity including Matomo analytics for user tracking. Security posture is adequate with HTTPS enabled but lacks visible security headers and explicit privacy or cookie policies. Contact is primarily via web forms, with no direct emails or phone numbers clearly presented. Overall, the site is trustworthy, business-focused, and safe for general audiences.

C

CONCEPTNET GmbH

conceptnet.de

53

CONCEPTNET GmbH is a well-established media agency based in Regensburg, Germany, founded in 1996. The company specializes in creative and technical services including web development, app development, marketing, SEO, corporate design, and digital business solutions. They leverage TYPO3 CMS and operate their own hosting infrastructure, ensuring data security and performance. Their market position is strong regionally with a Silver Membership in the TYPO3 Association and a comprehensive portfolio of services targeting businesses seeking professional media and digital solutions. The website reflects a professional and consistent brand image with clear navigation and detailed service descriptions. Technically, the site uses modern web technologies and analytics tools such as Matomo and Google Analytics, with a good security posture including a strict Content-Security-Policy. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the site is trustworthy, well-maintained, and suitable for its target audience.

F

Frogblue

frogblue.com

61

Frogblue is a German-based company specializing in smart home and building technology solutions that emphasize simplicity, wireless connectivity, and security. The company targets consumers and businesses interested in modern, flexible smart home systems. Their market position is that of a niche manufacturer with a focus on German engineering quality. The website is professionally designed, multilingual, and optimized for user experience and SEO. Technically, the site is built on WordPress with modern plugins and analytics tools, including GDPR-compliant cookie consent mechanisms and hCaptcha for form security. Security posture is good with HTTPS enforced and privacy-conscious analytics configurations, though explicit security headers could be improved. The absence of WHOIS registration data is a notable concern, potentially indicating domain registration issues or privacy protection, which slightly reduces trustworthiness. Overall, the site presents a credible and professional business presence in the smart home technology sector.

A

Aarau Regio

aarau-regio.ch

44

Aarau Regio is a regional governmental entity focused on coordinating cooperation and projects within the Aarau region in Switzerland. The website serves as an information portal highlighting current projects, regional cooperation efforts, and news relevant to residents and stakeholders. The organization emphasizes regional development, spatial and traffic planning, and nature and landscape protection. The website is built on the TYPO3 CMS platform and incorporates modern web technologies including jQuery, Owl Carousel, and analytics tools such as Google Analytics and Matomo. While the site is well-structured and professionally designed, it lacks visible cookie consent mechanisms and detailed privacy compliance features, which may pose GDPR compliance challenges. Security posture is moderate with HTTPS enforced but missing advanced security headers and explicit security policies. Overall, the domain registration and WHOIS data align well with the website's governmental nature, indicating legitimacy and trustworthiness.

SPIRIT Slovenia Business Development Agency operates as a government-backed entity focused on promoting business and investment opportunities in Slovenia. The website serves as a portal for investors and companies interested in the Slovenian market, offering information on industries, business environment, events, and success stories. The agency positions itself as a key facilitator for economic development and international business relations in Slovenia. Technically, the website employs modern web technologies including Bootstrap 5 for responsive design, jQuery, Chart.js for data visualization, and integrates analytics tools such as Matomo and Google Tag Manager. The site is mobile-optimized, accessible, and includes cookie consent mechanisms compliant with GDPR, reflecting a mature digital infrastructure. From a security perspective, the site uses HTTPS with excellent SSL configuration and implements cookie consent for privacy compliance. However, it lacks published formal security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced trust and compliance. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the website presents a professional and trustworthy front for the agency with clear contact information and a consistent brand. The risk profile is low, but improvements in security transparency and formal policies would strengthen the security posture and stakeholder confidence.

K

Kabi d.o.o.

kabi.info

68

Kabi d.o.o. is a Slovenian technology company specializing in web development, IT maintenance, CRM solutions, and security products. Established in 1994, it serves primarily Slovenian businesses with a comprehensive portfolio including website and e-commerce development, business software platforms like BananaCloud, and security partnerships such as WithSecure. The company maintains a strong local presence with multiple client references and certifications, including the F-Secure Gold Partner status. Technically, the website employs modern analytics tools like Google Analytics and Matomo, uses a custom CMS (Bananadmin), and implements cookie consent mechanisms, reflecting a moderate to good digital maturity level. Security posture is solid with HTTPS and CAPTCHA protections, though improvements in security headers and published policies are recommended. Overall, the website is professional, well-structured, and trustworthy, though WHOIS data is unavailable, which slightly impacts transparency.

P

Pigolabs

piwigo.com

47

Piwigo.com is a mature and reputable online image library and digital asset management platform operated by Pigolabs, founded in 2008. The company targets a broad range of professional users including travel and tourism organizations, public sector entities, businesses, non-profits, and photographers. Their SaaS business model offers a free trial and subscription pricing, emphasizing ease of use, collaboration, and GDPR compliance. The website is professionally designed with clear navigation and rich content, supporting multiple languages and showcasing strong trust indicators such as client logos and testimonials. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and Matomo analytics, hosted under a domain registered with Gandi SAS. The site is mobile optimized and performs moderately well. Security posture is good with HTTPS enforced and domain transfer protection, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, but lacks a cookie consent mechanism. Security evaluation shows no critical vulnerabilities or exposed sensitive data. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure policy are areas for improvement. Overall, the site is trustworthy, safe, and professionally maintained with a high AI score reflecting content quality, technical implementation, security, privacy, and business credibility.

C

CCI Business

ccibusiness.fr

44

CCI Business is a French B2B platform established in 2014 that facilitates connections between businesses and major market order givers, serving over 12,500 member companies. It operates through multiple regional territories and sector-specific communities, focusing on energy, manufacturing, and government sectors. The website is built on Drupal 10 and employs Matomo for analytics and tarteaucitron for cookie consent, reflecting a moderate level of digital maturity. While the site is well-structured and mobile-optimized, it lacks explicit privacy and terms of service pages, which are important for compliance and user trust. Security posture is solid with HTTPS and no visible vulnerabilities, but could be improved with additional security headers and clearer contact information for incident response. Overall, the site presents a professional and trustworthy business presence with room for enhancement in privacy and security transparency.

N

NordNet SA (Registrar)

tourisme-en-champagne.com

57

The website tourisme-en-champagne.com serves as a comprehensive regional tourism portal for the Champagne region in France, offering information on destinations, cultural heritage, accommodations, and activities. It targets tourists and visitors interested in exploring the Champagne terroir and related experiences. The site is well-established with a domain age dating back to 1999, indicating a mature presence in the tourism sector. Technically, the site is built on Drupal 7 with a variety of JavaScript libraries for UI enhancements and analytics, including Matomo and Google Analytics. While the site is functional and provides good content quality and navigation, it uses some outdated JavaScript libraries that may pose security risks. Security posture is moderate with HTTPS enabled but lacks visible security headers and DNSSEC. Privacy compliance is weak due to the absence of explicit privacy and cookie policies or consent mechanisms. Overall, the site is credible and trustworthy but would benefit from improvements in security and privacy compliance.

V

VPOD/SSP

vpod.ch

11

VPOD/SSP is a well-established Swiss trade union representing employees in the public service sector, including education, healthcare, transportation, and government. The organization offers membership services, educational programs, advocacy on labor rights, and regional support through multiple subdomains. The website reflects a mature digital presence with clear branding, comprehensive content, and active social media engagement. Technically, the site is built on the ProcessWire CMS with modern JavaScript libraries and privacy-conscious analytics via Matomo. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements in security headers and cookie consent mechanisms are recommended. Overall, the site is professional, trustworthy, and well-aligned with its mission and audience.

C

Conseil départemental des Vosges

vosges.fr

58

The website www.vosges.fr is the official online presence of the Conseil départemental des Vosges, a regional government entity in France. It serves as a comprehensive portal for residents and visitors, offering information on public services, cultural events, tourism, and local governance. The site is positioned as a trusted source for regional information and services, targeting a broad audience including citizens, businesses, and tourists. Technically, the site is built on WordPress with Elementor, leveraging modern web technologies such as jQuery, FontAwesome, and various analytics tools including Matomo and Facebook Pixel. The infrastructure supports good mobile optimization, accessibility, and SEO practices, reflecting a mature digital presence. From a security perspective, the site enforces HTTPS, implements key security headers, and avoids exposing sensitive data. While no critical vulnerabilities were detected, the absence of a publicly available security policy and incident response contact suggests room for improvement in transparency and preparedness. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, the website demonstrates a strong legitimacy and trustworthiness profile consistent with an official government entity. The lack of WHOIS data is likely due to privacy protection policies common in French domains. Strategic recommendations include publishing explicit security and incident response policies, enhancing monitoring of third-party scripts, and considering a vulnerability disclosure program to further strengthen security posture.

C

Conseil départemental de la Haute-Marne

haute-marne.fr

52

The Conseil départemental de la Haute-Marne operates as the official local government authority for the Haute-Marne department in France, providing a wide range of public services including road maintenance, education management, social support, and cultural activities. The website serves as a comprehensive portal for residents and stakeholders to access information and services. Technically, the site is built on WordPress using Elementor and Yoast SEO, with Matomo analytics for user tracking. The site demonstrates good design quality, mobile optimization, and SEO practices, though accessibility could be improved. Security posture is solid with HTTPS and security headers properly configured, but lacks published security policies or incident response details. Privacy compliance is limited due to absence of explicit privacy and cookie policies. Overall, the domain registration data aligns well with the website's governmental nature, supporting high legitimacy and trustworthiness.

D

Département de la Marne

marne.fr

56

The Département de la Marne website serves as the official digital portal for the regional government of the Marne department in France. It provides comprehensive information about the department's missions, actions, elected officials, and public services. The site targets residents and stakeholders within the region, offering resources such as contact information, news, tourism details, and access to administrative procedures. The website maintains a professional and consistent brand image aligned with government standards. Technically, the site is built on WordPress with modern plugins like Yoast SEO and Matomo for analytics. It employs accessibility features and cookie consent management, ensuring compliance with basic privacy norms. The site is mobile-optimized and uses HTTPS, contributing to a secure and user-friendly experience. However, some advanced security headers and explicit privacy policies are not evident, indicating areas for improvement. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits full trust verification, but the official .fr domain and government affiliation support legitimacy. Overall, the site presents a moderate to high security posture with room for enhanced transparency and policy documentation. Strategically, the website effectively supports the department's public service mission, providing clear navigation and relevant content. It integrates social media channels to extend outreach and engagement. Recommendations include publishing detailed privacy and security policies, implementing additional security headers, and establishing a vulnerability disclosure process to strengthen trust and compliance.

S

Stadtmuseum Aarau

stadtmuseum.ch

68

Stadtmuseum Aarau is a Swiss cultural institution dedicated to collecting, conserving, and presenting the history and stories of the city of Aarau and its population. It serves a broad audience including families, schools, and local visitors by offering exhibitions, events, educational programs, and digital content. The museum operates under the auspices of the city of Aarau, positioning itself as a trusted local government-affiliated entity with a clear cultural mission. Technically, the website is built on the GOViS CMS platform, a Swiss eGovernment content management system, and employs modern web technologies such as jQuery, Font Awesome, and Matomo analytics. The site is well-optimized for mobile devices and accessibility, with good SEO practices and a clear navigation structure. Security-wise, the website enforces HTTPS and uses a comprehensive cookie consent mechanism, though it lacks explicit security headers and a published security policy or incident response contact. Overall, the site demonstrates a solid security posture with no visible vulnerabilities or suspicious content. The domain registration data aligns well with the website's claims, reinforcing its legitimacy. Strategic recommendations include enhancing HTTP security headers, publishing a security policy, and considering a vulnerability disclosure program to further strengthen trust and security posture.

M

Mobimo Management AG

aeschbachquartier.ch

61

The website www.aeschbachquartier.ch represents the Aeschbachquartier Aarau, a mixed-use urban development project managed by Mobimo Management AG, a reputable Swiss real estate company. The site offers detailed information about residential, commercial, and community spaces, targeting residents, businesses, and visitors in Aarau. The business model centers on real estate development and management, with a medium-sized market presence in Switzerland. Technically, the website is built on Drupal 10 with Bootstrap 5, featuring embedded Vimeo videos and Matomo analytics configured to respect DoNotTrack settings. The site is mobile-optimized, accessible, and SEO-friendly, with moderate performance. Security posture is good with HTTPS enforced and some security headers present, though improvements are recommended in cookie consent and explicit security policies. No critical vulnerabilities or suspicious content were detected. Privacy compliance is adequate with a comprehensive privacy policy, but lacks a visible cookie consent mechanism. Contact information is clear, though no direct email addresses are published. Overall, the site is professional, trustworthy, and aligned with the parent company Mobimo Management AG.

E

ESYLUX Deutschland GmbH

services-esylux.de

49

ESYLUX Deutschland GmbH operates a professional website offering intelligent automation and lighting solutions focused on energy efficiency and human-centric lighting. The company targets business and professional customers in the technology and energy sectors, providing a broad product portfolio and digital tools. The website is built on TYPO3 CMS with modern technologies and includes comprehensive privacy and cookie consent mechanisms, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and no exposed sensitive data, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and well-optimized for user experience and compliance.

S

safetytest

safetytest.eu

50

safetytest.biz is a German-based business specializing in providing complete solutions for VDE electrical safety testing. The company offers products, support portals, and a knowledge database targeting professionals and businesses requiring compliance with electrical safety standards. The website is built on WordPress and uses modern web technologies including jQuery, FontAwesome, and Cookiebot for cookie consent management. The presence of support and service portals indicates a mature service model. Security posture is generally good with HTTPS enforced and cookie consent implemented, but lacks explicit security policies and incident response information. WHOIS data is unavailable, which reduces trustworthiness but the website content and external references support legitimacy. Overall, the site is professional, well-structured, and compliant with GDPR cookie consent requirements.

E

ESYLUX GmbH & Co. KG

esylux.com

10

ESYLUX GmbH & Co. KG is a medium-sized German technology company specializing in intelligent automation and lighting solutions, targeting business sectors such as offices, education, healthcare, and outdoor environments. The company offers a broad portfolio including presence and motion detectors, lighting systems, and control technologies, positioning itself as an established specialist with international reach. The website reflects a mature digital presence with a professional design, multilingual support, and comprehensive product and service information. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and analytics tools, delivering good performance and mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, though there is room for improvement in published security policies and incident response transparency. The absence of WHOIS registration data slightly impacts domain trust but is mitigated by the professional and consistent web presence. Overall, ESYLUX demonstrates a solid business and technical foundation with good compliance and security practices.

S

smARTec Veranstaltungstechnik AG

smartec.com

38

smARTec Veranstaltungstechnik AG is a Swiss-based company specializing in mobile event technology and digital events, offering services such as lighting, sound, and video technology rental and operation. Positioned as a Swiss industry leader with approximately 2000 projects annually, the company targets corporate, public, and exhibition event organizers. The website is professionally designed, content-rich, and well-structured, reflecting a mature digital presence. Technically, the site uses TYPO3 CMS with modern JavaScript libraries and integrates analytics tools like Google Analytics and Matomo, indicating a good level of digital maturity. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies are absent. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional website and certifications. Overall, the site is trustworthy and business credible but would benefit from improved transparency in domain registration and security policies.

C

Coop Rechtsschutz AG

cooprecht.ch

64

Coop Rechtsschutz AG is a Swiss legal protection insurance provider offering comprehensive insurance products for private individuals, businesses, and special sectors such as health insurers and unions. The company maintains a professional online presence with clear navigation, multi-language support, and a blog providing relevant legal content. Their market position is supported by numerous partnerships with reputable Swiss organizations, enhancing trust and reach. Technically, the website uses a proprietary CMS (SharedGWA), integrates Matomo analytics for privacy-conscious tracking, and employs modern frontend technologies like Swiper.js for UI elements. Security posture is solid with HTTPS enforced and secure form handling, though explicit security headers and policies are not published. Privacy compliance is strong with clear cookie consent and a comprehensive privacy policy. Overall, the website reflects a mature digital infrastructure aligned with business goals and regulatory requirements.

B

Busbetrieb Aarau AG (BBA)

busaarau.ch

52

Busbetrieb Aarau AG (BBA) is a regional public transportation company operating bus services in Aarau, Switzerland. The company provides comprehensive transit services including bus lines, schedules, ticketing options, and customer support. Their website is designed to serve local commuters and visitors with real-time information and service updates. The business operates in the transportation sector with a medium-sized organizational footprint and a clear focus on regional mobility solutions. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager, indicating a moderate level of digital maturity. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and uses a secure CMS platform but lacks some advanced security headers and does not publish a formal security or incident response policy. Privacy compliance is partially addressed with a privacy policy and cookie information, though no explicit cookie consent mechanism is present. Overall, the website is professional, trustworthy, and well-aligned with the company's business objectives.

D

DB InfraGO AG

dbinfrago.com

65

DB InfraGO AG is a subsidiary of Deutsche Bahn focused on the future of railway infrastructure in Germany. The company aims to set new standards in efficient and climate-friendly railway infrastructure management. The website reflects a professional and comprehensive digital presence with strong branding consistent with Deutsche Bahn. The technical infrastructure uses CoreMedia CMS, Matomo analytics, and Usercentrics for cookie consent, indicating a mature digital setup with GDPR compliance. Security posture is strong with HTTPS and modern best practices, though explicit security headers and incident response information are not clearly published. The absence of WHOIS registration data for the domain www.dbinfrago.com is a notable concern, potentially indicating privacy protection or an unregistered domain, which slightly reduces trust from a domain registration perspective. Overall, the website is well-structured, accessible, and trustworthy in content and design, serving business and stakeholder audiences in the German transportation sector.

G

Giersiepen GmbH & Co. KG

gira.de

56

Gira is a well-established German company specializing in smart home technology products such as switches, sockets, and security systems. The company operates a professional partner network to distribute and install its products, targeting private customers, architects, and electrical professionals. The website is professionally designed, mobile-optimized, and rich in content, providing extensive product information, technical documentation, and customer support resources. The digital infrastructure leverages modern analytics and marketing tools with a strong emphasis on user consent and privacy compliance. Security posture is robust with HTTPS enforcement and consent-based tracking, though explicit security policies are not publicly disclosed. Overall, Gira presents a trustworthy and mature online presence consistent with its market position as a leading smart home technology provider in Germany.

T

TRILUX GmbH & Co. KG

trilux.com

69

TRILUX GmbH & Co. KG is a well-established company specializing in innovative and energy-efficient lighting solutions tailored for industries, offices, retail, and outdoor environments. The company positions itself as a leader in sustainable and smart lighting technologies, targeting business clients seeking customized lighting solutions. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content that supports its business objectives. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager. The integration of OneTrust for cookie consent demonstrates a commitment to privacy compliance. The site is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured navigation. From a security perspective, the website enforces HTTPS and employs standard security headers, contributing to a strong security posture. However, the absence of a publicly accessible security policy or vulnerability disclosure page suggests areas for improvement in transparency and incident response readiness. No critical vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website presents a low-risk profile with strong business credibility and compliance adherence. The missing WHOIS data is a notable anomaly but does not detract significantly from the trustworthiness given the professional nature of the site and its compliance features.

S

Siemens

siemens.de

74

Siemens is a global technology leader specializing in electrification, automation, and digitalization solutions. The company positions itself as a strong partner and innovator in multiple sectors including energy and transportation. The website reflects a mature digital presence with modern technologies such as Vue.js, Apollo GraphQL, and advanced analytics tools like Matomo and Adobe Analytics. Privacy and cookie compliance are well implemented with Usercentrics consent management. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though additional security headers could enhance protection. The absence of WHOIS data is unusual but does not detract from the overall legitimacy given the professional branding and extensive corporate content. Overall, the site is fast, accessible, and trustworthy, targeting business professionals and industry partners.

S

safetytest

safetytest.biz

50

safetytest.biz is a German-based business specializing in providing complete solutions for VDE electrical safety testing. The company offers a range of products and services including testing equipment and support portals, targeting professionals and businesses in the electrical safety sector. The website is professionally designed using WordPress CMS and integrates modern technologies such as Cookiebot for consent management and Matomo for analytics. The site is well-structured, mobile-optimized, and provides clear navigation to service and support resources. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. WHOIS data is unavailable, which slightly impacts domain trustworthiness, but the overall website content and external links indicate a legitimate and professional operation.

V

Ville de Vandœuvre

vandoeuvre.net

52

The website www.vandoeuvre.fr serves as the official digital presence of the city of Vandœuvre in France, providing residents and visitors with access to city news, event agendas, and a variety of public services including online administrative procedures. The site is positioned as a municipal government portal with a medium-sized audience primarily localized to the city and surrounding region. The content is well-structured, professionally presented, and consistent with official city branding, targeting a general audience with information relevant to local governance and community engagement. Technically, the site is built on WordPress CMS, utilizing common plugins such as Yoast SEO for search optimization and Matomo for privacy-conscious analytics. The technology stack includes modern JavaScript libraries and UI frameworks, ensuring a good user experience with mobile responsiveness and moderate performance. However, some accessibility features could be improved, and security headers are not explicitly detected in the provided data. From a security standpoint, the site enforces HTTPS and includes a GDPR-compliant cookie consent mechanism, reflecting awareness of privacy regulations. No critical vulnerabilities or exposed sensitive data were identified in the HTML content. However, the absence of a published privacy policy, terms of service, and security incident contact information represents compliance and transparency gaps. The WHOIS data for the domain is unavailable, which reduces trust signals but may be due to AFNIC's query restrictions or privacy protections. Overall, the website demonstrates a solid foundation for municipal digital services with good content quality and technical implementation. Strategic improvements in security headers, privacy documentation, and WHOIS transparency would enhance trust and compliance. The risk profile is moderate with no immediate critical issues detected.

V

Verein Rüeblimärt Aarau

rueblimaert-aarau.ch

43

Verein Rüeblimärt Aarau organizes one of Switzerland's largest annual markets focused on regional products, sustainability, and community engagement. The website effectively communicates the event's nature, schedule, and cultural significance, targeting a general audience interested in local produce and natural experiences. Technically, the site employs modern web standards including responsive images and privacy-conscious analytics via Matomo. However, it lacks explicit privacy and cookie policies, and security headers are not evident, which are areas for improvement. The domain registration data aligns well with the website's claims, enhancing trustworthiness. Overall, the site is professional and trustworthy but could benefit from enhanced privacy and security disclosures.

F

FC Aarau

fcaarau.ch

45

FC Aarau is a Swiss football club with a long history dating back to 1902, competing in the Swiss Challenge League. The website serves as the official digital presence for the club, providing information about matches, teams, ticketing, membership, and merchandising. It targets football fans and supporters primarily in Switzerland. The business model revolves around sports entertainment, fan engagement, sponsorships, and merchandise sales. The club maintains a solid market position within Swiss football and leverages digital channels effectively to engage its audience. Technically, the website is built on WordPress with modern web technologies including SVG graphics, responsive design, and Matomo analytics for privacy-conscious tracking. The site is hosted by a Swiss provider (h2g.ch) and demonstrates good performance and accessibility standards. SEO and content structure are well implemented, supporting discoverability and user experience. From a security perspective, the site uses HTTPS and disables cookies for analytics, showing a privacy-aware approach. However, it lacks some security headers like Content-Security-Policy and X-Frame-Options, and does not provide explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is good but could be improved with additional headers and transparency. The overall risk assessment is low, with the site being trustworthy and professionally maintained. Strategic recommendations include implementing a cookie consent mechanism, enhancing security headers, and publishing security and incident response policies to improve compliance and user trust.

V

Visus Service GmbH

wisym.ch

50

The Wirtschaftssymposium Aargau website represents a well-established Swiss event organizer, Visus Service GmbH, hosting the 21st annual economic symposium in Aarau. The event targets professionals from business, politics, and society, focusing on Switzerland's stability amidst global challenges. The site is professionally designed with clear navigation, high-quality content, and structured data enhancing search engine visibility. Technical infrastructure includes privacy-conscious Matomo analytics and modern web technologies, hosted on reliable Swiss infrastructure. Security posture is good with HTTPS and privacy-respecting analytics, though improvements are recommended in cookie consent and security headers. Overall, the site reflects a credible and trustworthy business presence with strong regional partnerships.

F

fbmt, Fachverband für Biomedizintechnik

fbmt.de

36

The fbmt is a well-established German professional association specializing in biomedical technology, founded in 1984. It serves as a competence network offering certifications, seminars, and large-scale industry events such as the annual Fachtagung. The website reflects a medium-sized organization focused on healthcare technology professionals and companies. Technically, the site is built on WordPress with modern plugins like Elementor and WooCommerce, supported by privacy-conscious analytics via Matomo. Security posture is solid with HTTPS and no visible vulnerabilities, though lacking advanced security headers and formal policies. Privacy compliance is incomplete due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced compliance and security transparency.

N

National Bank of Belgium

nbb.be

77

The National Bank of Belgium operates as the central financial institution of Belgium, providing essential banking and monetary services. The website serves a broad audience including the general public, financial professionals, and researchers, offering multilingual support and comprehensive information about the bank's functions. The site is built on Drupal 10, leveraging modern web technologies and analytics platforms such as Matomo and Google Analytics, with a strong emphasis on privacy and cookie consent compliance. Technically, the website demonstrates a mature digital infrastructure with good mobile optimization, accessibility, and SEO practices. Security posture is robust with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers could be improved. No vulnerabilities or suspicious activities were detected in the content or scripts. Overall, the domain WHOIS data is privacy protected, which is justified for a governmental financial institution. Despite the lack of WHOIS transparency, the website exhibits strong trust indicators and professionalism. The risk assessment is low, with recommendations focusing on enhancing security headers and publishing security policies to further strengthen trust and compliance.

W

WFB Wirtschaftsförderung Bremen GmbH

wfb-bremen.de

62

WFB Wirtschaftsförderung Bremen GmbH is a regional economic development agency responsible for promoting and strengthening the business location of Bremen, Germany. The organization provides a comprehensive range of services including business consulting, funding support, real estate and land management, marketing, tourism, and startup assistance. The website reflects a professional and well-structured digital presence targeting businesses, investors, and stakeholders interested in Bremen's economic growth. Technically, the site uses a modern tech stack including Matomo analytics, Bootstrap, and jQuery, with good mobile optimization and accessibility features. Security posture is solid with HTTPS and secure forms, though lacks some advanced security headers and explicit security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professionally maintained, supporting the organization's mission effectively.

B

BlachReport

blachreport.de

49

BlachReport is a specialized German media platform focusing on live communication, live marketing, and live events. It provides timely and factual news, trend analysis, and event coverage targeted at professionals and businesses in the live communication and event marketing sectors. The website is well-structured, professionally designed, and optimized for mobile devices, reflecting a mature digital presence. Technically, it is built on WordPress with a modern tech stack including Matomo for analytics and Borlabs Cookie for consent management, hosted via INWX nameservers. Security posture is solid with HTTPS and privacy-conscious analytics, though it lacks published privacy policies and security incident response information, which are areas for improvement. Overall, the site is trustworthy and professional, with no signs of blocking or adult content, but would benefit from enhanced compliance documentation and security transparency.

C

Consent

consent.hr

10

Consent.hr is a Croatian-based consultancy specializing in GDPR and data privacy compliance services. The company offers a comprehensive suite of services including full GDPR adaptation, data protection impact assessments, external data protection officer roles, consent management, contract regulation with third parties, and privacy by design consulting. The website positions Consent as a niche player focused on fostering a culture of privacy among businesses and organizations in Croatia. The content is professionally presented with a clear focus on GDPR compliance and education, supported by a regularly updated blog authored by experts.

Nachbarschaftshilfe NRW is a regional initiative under the Kuratorium Deutsche Altershilfe, focused on promoting neighborhood help for people with care needs in North Rhine-Westphalia, Germany. The website serves as an information hub offering educational courses, materials, and guidance to volunteers and care recipients. It is positioned as a trusted non-profit supported by government entities and regional offices. Technically, the site is built on WordPress with modern plugins and themes, ensuring good accessibility, mobile optimization, and SEO. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. Security posture is solid with HTTPS and no evident vulnerabilities, though DNSSEC is not enabled and some security headers are missing. Overall, the site is professional, trustworthy, and well-aligned with its mission.

T

Taquiri GmbH & Co. KG

taquiri.de

50

Taquiri GmbH & Co. KG is a well-established German internet agency specializing in WordPress website development, online shops, SEO, advertising, and web hosting services. With over 25 years of experience, the company targets businesses seeking professional digital presence and marketing solutions. The website reflects a mature digital infrastructure built on WordPress with modern frameworks like Bootstrap and privacy-respecting analytics via Matomo. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The company demonstrates strong business credibility through consistent branding, comprehensive contact information, and excellent customer reviews. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

S

Statistics Iceland

statice.is

65

Statistics Iceland is the official national statistical institute of Iceland, providing comprehensive and authoritative data on population, society, business sectors, economy, and environment. The website serves a broad audience including researchers, policymakers, businesses, and the general public, offering access to statistical databases, tailored statistics, microdata services, and a variety of publications. The organization is well-established, with a domain registered since 1998, and holds recognized certifications such as ISO 9001 and ISO 27001, reinforcing its credibility and commitment to quality and security. Technically, the website employs modern web technologies including jQuery, Matomo analytics, Google Fonts, and Datawrapper for interactive charts. It is hosted by a local Icelandic hosting provider, 1984 Hosting, and demonstrates good performance, mobile optimization, and accessibility. The site uses HTTPS with a good SSL configuration, although some security headers are missing. No WAF or blocking mechanisms are detected, allowing full content accessibility. From a security perspective, the site follows best practices such as HTTPS enforcement and absence of exposed sensitive data. However, it lacks explicit cookie consent mechanisms and a published vulnerability disclosure policy. The WHOIS data aligns well with the website's official status, showing consistent registration details and domain age appropriate for a government entity. Overall, the website is professional, trustworthy, and secure with minor areas for improvement in privacy compliance and security header implementation. It effectively supports its mission as Iceland's official statistical authority.

G

www.greindubetur.is

greindubetur.is

59

The website www.greindubetur.is appears to be an informational site related to a competition or educational event, likely based in Iceland given the domain and timezone references. The site is built on the Squarespace platform, leveraging its standard templates and integrations such as Matomo for analytics and Google Fonts for typography. The business focus is on providing information about the competition, including rules, schedules, and educational materials, targeting participants and interested audiences in Iceland. The site links to a partner domain statscompetition.eu for registration, indicating a partnership or service relationship. From a technical perspective, the site is hosted on Squarespace, ensuring reliable infrastructure and HTTPS security. The site is moderately optimized for mobile and has a good design quality with clear navigation. However, there is a lack of advanced SEO and accessibility features. The site does not implement common security headers, which could be improved to enhance security posture. Security-wise, the site uses HTTPS and does not expose sensitive data or vulnerable libraries in the provided content. However, the absence of privacy and cookie policies, terms of service, and contact information reduces compliance with GDPR and general privacy best practices. No incident response or vulnerability disclosure information is present, which is a gap for security readiness. Overall, the site is functional and professionally presented but lacks several compliance and security best practices. The domain WHOIS data is not publicly available, which is common for Icelandic domains but slightly reduces trust. There are no indications of malicious activity or adult content, making the site safe for general audiences. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance trust and security posture.

M

medhochzwei Verlag

medhochzwei-verlag.de

52

medhochzwei Verlag is a specialized German publishing company focused on healthcare media, providing knowledge and resources related to the health system, hospital management, nursing, dementia, and case management. The company targets healthcare professionals and institutions, offering journals, books, and online subscription services. The website reflects a professional and consistent brand presence with a clear focus on its niche market. Technically, the site employs modern web technologies including Bootstrap for responsive design, Matomo for privacy-conscious analytics, and Cookiebot for GDPR-compliant cookie management. Hosting is provided by SchlundTech, a reputable German hosting provider. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though additional security headers could improve defenses. No critical vulnerabilities or exposed sensitive data were detected. The website demonstrates good privacy compliance and transparent advertising practices. Overall, the site is well-structured, user-friendly, and trustworthy, supporting the company's position as a reputable healthcare media publisher.

K

Kuratorium Deutsche Altershilfe

forum-seniorenarbeit.de

57

Forum Seniorenarbeit NRW is a non-profit project under the Kuratorium Deutsche Altershilfe, focused on community-oriented senior work and engagement in the North Rhine-Westphalia region of Germany. The website serves as an information hub, providing resources, event information, and networking opportunities for professionals and volunteers involved in senior citizen work. It emphasizes themes such as health promotion, mobility, participation, and social space development. The project is publicly funded and maintains a professional online presence with clear branding and consistent messaging. Technically, the website is built on WordPress 6.7.2, utilizing a variety of plugins including Contact Form 7, Events Manager, and Complianz GDPR Cookie Consent. It uses Matomo for analytics, ensuring privacy compliance with cookie consent mechanisms. Hosting is provided by rzone.de, with stable DNS and HTTPS enforced. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a moderate to good technical maturity. From a security perspective, the site employs HTTPS and cookie consent but lacks explicit security headers in the HTML content. No vulnerabilities or exposed sensitive data were detected. The absence of a public security policy or incident response contact is noted. Overall, the security posture is adequate for a non-profit informational site but could be improved with additional headers and transparency. The overall risk assessment is low, with no signs of malicious activity or content safety concerns. Strategic recommendations include enhancing security headers, maintaining up-to-date software, and publishing security and incident response information to increase trust and compliance.

N

Nuvia Group

nuvia.com

62

Nuvia Group is an international company specializing in nuclear technology, offering a comprehensive range of services including engineering, EPC, services and works, and products. The company operates under the parent company Vinci Construction Group, positioning itself as a key player in heavily regulated environments such as nuclear, healthcare, defense, and industrial sectors. The website reflects a professional and consistent brand image targeting business clients and professionals in these industries. Technically, the website is built on WordPress with modern libraries such as jQuery, Owl Carousel, and Leaflet, and integrates privacy-conscious analytics via Matomo. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, though some security headers are not detected and no explicit security policy or incident response information is published. The absence of WHOIS data for the domain is a notable gap, reducing transparency and trust slightly. Overall, the website is well-designed, compliant with privacy regulations, and safe for general audiences.

G

Gesellschaft Anthroposophischer Ärzte in Deutschland

gaed.de

51

The Gesellschaft Anthroposophischer Ärzte in Deutschland (GAÄD) operates a professional and comprehensive website focused on promoting Anthroposophic Medicine in Germany. The organization provides education, research, publications, events, and networking opportunities primarily targeting medical professionals, students, and patients interested in this integrative medical approach. The website is well-structured, content-rich, and professionally designed, reflecting a mature digital presence. Technically, the site is built on Drupal 9 with modern libraries and frameworks, and it employs Matomo analytics with privacy-conscious settings. Security posture is good with HTTPS enforced, though some improvements in security headers and incident response transparency are recommended. Privacy compliance is mostly met with a clear privacy policy, but cookie consent mechanisms are missing. Contact information is clearly provided, enhancing business credibility. WHOIS data is limited but does not raise concerns. Overall, the site scores well in content quality, technical implementation, and business credibility, with room for improvement in privacy and security best practices.

K

KRKA, d.d., Novo mesto

krka.ba

10

KRKA, d.d., Novo mesto is a leading generic pharmaceutical company with nearly 70 years of experience, operating internationally including Bosnia and Herzegovina. The company specializes in the development, production, marketing, and sale of prescription medicines, over-the-counter products, and veterinary health products. Their website reflects a professional and consistent brand image targeting healthcare professionals, patients, and the general public. The site is well-structured, multilingual, and provides comprehensive corporate and product information. Technically, the website uses modern frameworks such as Nuxt.js and Vue.js, with integrated analytics via Matomo and Google Tag Manager. The site is mobile-optimized and accessible, with good SEO practices. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy policies are present and GDPR compliant, but cookie consent mechanisms could be enhanced. Overall, the website demonstrates high business credibility and trustworthiness.

E

European Diamond Capacity Hub (EDCH)

diamas.org

52

The European Diamond Capacity Hub (EDCH) is a newly established collective focused on supporting Diamond Open Access scholarly publishing in Europe. It provides a range of services including a registry and forum for community collaboration, training platforms, resources and guidelines, and quality assurance tools. The initiative is part of the OPERAS program and funded by the European Union, positioning it as a key regional player in the open access ecosystem. The website is professionally designed using Drupal 10, with good mobile optimization and accessibility features. Privacy compliance is well addressed with GDPR-compliant cookie consent management and clear policies. Security posture is solid with HTTPS and domain management best practices, though DNSSEC is not enabled and security headers are not detected. Overall, the site is trustworthy, informative, and well-aligned with its mission.

N

NORMA Sàrl

norma.fr

60

NORMA Sàrl operates as a discount food retailer primarily serving the French market with additional presence in Germany, Austria, and the Czech Republic. The website offers consumers access to discount offers, interactive catalogues, and store locators, targeting general consumers interested in affordable groceries and regional or organic products. The business model focuses on discount retail with a medium-sized footprint of 71 stores in the Grand-Est region of France. Technically, the website employs modern JavaScript libraries such as jQuery and Bootstrap, uses Matomo for privacy-conscious analytics, and is hosted behind Akamai CDN services, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though some security headers are not evident in the HTML content. The absence of WHOIS data is a concern but does not detract significantly from the site's legitimacy given the professional presentation and consistent branding. Overall, the site is well-structured, mobile-optimized, and compliant with GDPR cookie consent requirements.

T

Tours City Pass

tourscitypass.com

65

Tours City Pass is a small-sized tourism-focused business founded in 2020, offering digital city passes and related tourism packages for visitors to Tours, France. The website serves as an e-commerce platform enabling users to purchase passes, access interactive maps, and benefit from discounts and cultural offers. The business is positioned as a local tourism enabler with a clear target audience of tourists and visitors seeking cultural and leisure activities in the Tours metropolitan area. The parent company is Otipass, which provides the technological platform and payment processing services. Technically, the website employs a modern technology stack including Bootstrap, jQuery, React, and various analytics and tracking tools such as Matomo and Facebook Pixel. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and integrates cookie consent mechanisms compliant with GDPR. However, some security headers are missing, and DNSSEC is not enabled, representing areas for improvement. From a security perspective, the site demonstrates good practices such as encrypted communications, cookie consent, and no visible sensitive data exposure. There is no evidence of a published security policy or incident response plan, and no vulnerability disclosure mechanism is present. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the company’s founding date and no privacy protection, which supports transparency. Overall, the website is professional, trustworthy, and compliant with privacy regulations, with moderate technical sophistication and a solid security posture. Recommendations include enhancing security headers, enabling DNSSEC, and publishing formal security and incident response policies to further strengthen trust and compliance.