Security Directory

Euroflorist is a well-established European flower delivery service specializing in online sales of fresh flowers and gifts with a strong presence in Denmark. The company offers same-day delivery services domestically and international shipping to over 140 countries through a large network of florists. The website demonstrates a mature digital infrastructure built on modern frameworks such as Nuxt.js and Vue.js, providing a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly available. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though the lack of WHOIS data limits domain registration trust verification.

V

VGL Publishing AG

vergleich.org

57

Vergleich.org is a German-language independent test and comparison portal operated by VGL Publishing AG, based in Berlin. The site offers consumers detailed product comparisons and tests across various categories, leveraging affiliate marketing as its primary business model. It maintains a professional and consistent brand presence with comprehensive privacy and cookie policies, including GDPR compliance and a designated data protection officer contact. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, with performance optimizations and mobile responsiveness. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response information are not publicly available. The absence of WHOIS data due to a malformed response slightly impacts trust but does not detract significantly from the overall legitimacy and professionalism of the site.

The website aloula.sba.sa appears to be a minimal or placeholder site with very limited accessible content. It uses modern JavaScript technologies such as Nuxt.js and is hosted via Akamai CDN, with performance monitoring and analytics scripts like Boomerang and Google Tag Manager integrated. However, the site lacks visible business information, contact details, privacy or cookie policies, and any user-facing content. The absence of WHOIS data for the domain raises concerns about the legitimacy and registration status of the domain. Security posture is weak due to missing security headers and lack of visible security policies. Overall, the site is accessible but provides minimal information, resulting in a low trust and credibility score.

Regenschori.cz is a Czech online platform specializing in Christian songs and liturgical music, serving as the largest such platform in the Czech Republic. It is part of the ProScholy.cz family, indicating a focused niche in religious and liturgical content. The platform offers extensive categorization and search capabilities for songs, targeting Czech-speaking Christian communities and related audiences. Technically, the website employs modern web technologies such as Nuxt.js, Google Fonts, and FontAwesome, hosted likely by WEDOS, a Czech hosting provider. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and Google Tag Manager for analytics but lacks visible security headers and formal privacy or cookie policies, which are areas for improvement. No contact information or incident response channels are publicly available, limiting transparency. Overall, the site is safe, professional, and trustworthy within its niche but would benefit from enhanced privacy compliance and security best practices.

H

HubSpot

inbound.com

69

INBOUND.com is the official website for HubSpot's annual marketing and sales conference, INBOUND, scheduled for September 3-5, 2025. The site serves as a comprehensive platform for event information, registration, and resources targeting marketing professionals and sales teams. It positions itself as a leading event in the marketing technology space, leveraging HubSpot's strong brand presence. The website demonstrates a modern technical infrastructure built on Nuxt.js and Tailwind CSS, ensuring fast performance and excellent mobile responsiveness. Security best practices are observed with HTTPS and multiple security headers, although dedicated security and incident response policies are not publicly available. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy compliance. The absence of WHOIS data is a notable gap but does not detract significantly from the site's legitimacy given the strong branding and content quality. Overall, the site is professional, secure, and well-optimized, serving its business purpose effectively.

I

incognito digitale lösungen

incognito.ms

55

Incognito digitale lösungen is a small German technology service provider specializing in digital solutions including conception, UI/UX design, programming, and hosting since 2006. The website is professionally designed using modern web technologies such as Nuxt.js and TailwindCSS, providing a good user experience and mobile optimization. However, the absence of WHOIS registration data raises concerns about domain legitimacy despite the active and professional web presence. Security posture is moderate with HTTPS likely enabled but lacking visible security headers and formal privacy or cookie policies. The site uses Matomo analytics, indicating moderate user tracking but lacks clear privacy compliance indicators. Overall, the business appears credible but would benefit from improved transparency and security practices.

P

Planetum

planetum.cz

58

Planetum is a Czech educational and cultural organization operating a modern planetarium and multiple observatories. The website provides detailed program schedules, branch information, and educational offerings targeting astronomy enthusiasts and the general public interested in space. The technical infrastructure is modern, leveraging Nuxt.js and Vue.js frameworks, with integration of Google Fonts and Google Tag Manager for analytics. The site is well-designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and standard security headers present, though there is room for improvement in publishing explicit privacy and security policies. The absence of WHOIS registration data is a concern for domain legitimacy but does not detract from the professional presentation and operational transparency of the website. Overall, Planetum demonstrates a mature digital presence suitable for its educational mission.

A

Advenir Formations (implied from content)

je-roule-en-electrique.fr

63

The website www.je-roule-en-electrique.fr serves as a comprehensive national platform dedicated to electric mobility information and training in France. It targets a broad audience including individuals, students, local authorities, and property managers, offering educational content, training programs under the Advenir Formations initiative, and guidance on financing aids. The platform is supported by reputable partners such as Avere-France, the French Ministry of Ecological Transition, and ADEME, reinforcing its authoritative position in the market. Technically, the site employs modern web technologies including Nuxt.js and Vue.js, ensuring a responsive and user-friendly experience across devices. The site demonstrates good SEO practices, accessibility, and performance, although some improvements in security headers and explicit privacy documentation are recommended. From a security perspective, the site uses HTTPS and secure form inputs but lacks visible security headers and a published vulnerability disclosure policy. The absence of WHOIS registrant data slightly impacts trust but is mitigated by the professional presentation and strong institutional partnerships. Overall, the site is a well-designed, authoritative resource for electric mobility education in France, with moderate technical and security maturity. Strategic enhancements in privacy transparency and security policies would further strengthen its trustworthiness and compliance posture.

É

École de Management des Industries Créatives (EMIC Paris)

emic-paris.com

63

EMIC Paris is a specialized educational institution focused on management training within the creative industries, including music, audiovisual, and live performance sectors. Founded in 2016, it offers master's level programs and short courses designed to prepare students for immediate professional engagement through practical and operational learning methods. The institution maintains strong industry partnerships with major players such as Mediawan, Sony Music, Deezer, and Believe, enhancing its market position and student employability. Technically, the website is built on modern frameworks like Nuxt.js and Vue.js, integrating essential marketing and analytics tools such as Google Tag Manager and Facebook Pixel. The site demonstrates good mobile optimization, accessibility, and SEO practices, providing a professional and user-friendly experience. Cookie consent is managed comprehensively via CookieYes, ensuring GDPR compliance. From a security perspective, the site uses HTTPS with a good SSL configuration and enforces domain status protections. However, it lacks DNSSEC and advanced security headers, and does not publish incident response or vulnerability disclosure information, which are areas for improvement. No critical vulnerabilities or suspicious content were detected. Overall, EMIC Paris presents a credible, professional online presence with strong business credibility and compliance posture. Strategic enhancements in security policies and transparency could further strengthen trust and resilience.

P

Peterbilt

peterbilt.com

11

Peterbilt is a leading American manufacturer specializing in diesel and electric trucks for various applications including long-haul and local delivery. The company maintains a strong market position with a comprehensive product lineup and dealer network. The website reflects a mature digital presence with modern technologies such as Nuxt.js and integrates multiple analytics and marketing tools to optimize user experience and business insights. Security posture is solid with HTTPS enforcement, security headers, and cookie consent mechanisms, although dedicated security and incident response policies are not publicly available. The absence of WHOIS data for the www subdomain is noted but does not detract from the overall legitimacy given the professional branding and content. Strategic recommendations include publishing explicit security policies and incident response contacts to enhance trust and compliance.

A

Agence Pan !

pan-lesite.com

52

Agence Pan ! is a French digital communication agency founded in 2011, specializing in bespoke website design, digital strategy, branding, and social media management. The agency targets a broad range of clients from small to large enterprises seeking creative and personalized digital solutions. Their market position is that of a creative and experimental agency with a recognized reputation for excellence. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, hosted by OVH sas, and integrates WordPress CMS for content management. The site demonstrates good performance, mobile optimization, and SEO practices. Security-wise, the site uses HTTPS with domain protections but lacks some security headers and DNSSEC. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional, trustworthy, and well-maintained.

G

GYMIFY

gymify.app

53

GYMIFY is a fitness software platform targeting gym operators and fitness businesses, providing tools for fitness management. The website analyzed is primarily a login page with minimal content, built using modern JavaScript frameworks such as Vue.js and Nuxt.js, and styled with Vuetify. The technical infrastructure indicates a moderate level of digital maturity with good mobile optimization but lacks comprehensive SEO and accessibility features. Security posture is weak due to absence of security headers, privacy policies, and incident response information. No WAF or blocking mechanisms were detected, and the domain registration data aligns well with the business claims, indicating legitimacy. Overall, the website is functional but requires improvements in security, privacy compliance, and business transparency to enhance trust and user confidence.

G

GYMIFY

gymify.cz

64

GYMIFY.cz is a Czech-based fitness software provider specializing in online reservation systems, membership management, and integrated tools for gyms and sports centers. The company offers a SaaS model with mobile applications for Android and iOS, targeting fitness centers, yoga studios, wellness centers, and other sports facilities primarily in the Czech Republic and Slovakia. The website demonstrates a professional digital presence with modern technologies such as Nuxt.js, Vue.js, and Vuetify, and integrates third-party services like Stripe for payments and Microsoft Clarity for analytics. Customer testimonials and Trustpilot reviews indicate a positive market reputation. However, the site lacks explicit privacy and cookie policies, which impacts compliance and user trust.

K

Kristamedia

kristaonline.com

41

Kristamedia operates a business matching platform under the website kristaonline.com, primarily targeting business professionals seeking connections and partnerships. The platform appears to be a small-scale operation founded around 2019, with a focus on facilitating business matching services. The website uses modern frontend technologies such as Nuxt.js and Bootstrap, hosted on Amazon AWS infrastructure, indicating a moderate level of technical maturity. However, the site lacks comprehensive privacy, cookie, and terms of service policies, and does not provide explicit contact or incident response information, which limits its compliance and trustworthiness. Security posture is basic with no detected security headers or advanced protections, and no analytics or tracking services are evident, suggesting minimal user tracking. Overall, the site is accessible without WAF or blocking mechanisms and contains safe, business-oriented content.

S

Stadia Maps, Inc.

stadiamaps.com

54

Stadia Maps, Inc. is a technology company specializing in providing location APIs including maps, geocoding, routing, and navigation services. Founded in 2016, the company targets developers and businesses requiring reliable and privacy-conscious location data solutions. Their market position is that of a niche provider offering transparent billing and strong privacy guarantees as an alternative to larger mapping providers. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, hosted on AWS infrastructure, and integrates MapLibre GL JS for mapping. The site is performant, mobile-optimized, and well-structured with good SEO and accessibility features. Security posture is strong with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and no explicit security policy or incident response information is published. Privacy compliance is good with a comprehensive privacy policy but lacks a cookie consent mechanism despite using Matomo analytics. Overall, the website is professional, trustworthy, and well-maintained, with clear business contact via email and active social media presence.

H

HoT Telekom und Service GmbH

hot.at

76

HoT Telekom und Service GmbH operates as a prepaid mobile telecommunications provider in Austria, offering affordable and flexible mobile and internet services without contractual obligations. The company is positioned as a leading low-cost provider, affiliated with the reputable HOFER retail brand, and has received awards for customer satisfaction and price-performance. The website is professionally designed, mobile-optimized, and provides comprehensive information about services, legal policies, and customer support. Technically, the site uses modern frameworks such as Nuxt.js and Vue.js, with strong security practices including HTTPS and Content-Security-Policy headers. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. No critical security vulnerabilities or blocking mechanisms were detected, indicating a mature and trustworthy online presence.

DF1 is a German media website offering documentaries, reportages, magazines, quiz shows, weather updates, and live sports including MotoGP, PENNY DEL, Formel-E, tennis, sailing, and football. The site targets a general audience interested in diverse media content and live sports coverage. The business model appears to be content streaming and broadcasting, with a focus on entertainment and sports media. The website uses modern web technologies such as Nuxt.js and Vue.js, built on a WordPress CMS backend, indicating a moderate level of digital maturity. Performance and mobile optimization are basic but functional. From a security perspective, the site implements a cookie consent mechanism with GDPR considerations, but lacks visible privacy policies, terms of service, or security headers. SSL configuration details are not provided, and no contact or incident response information is available. Google Analytics is used for user tracking at a moderate level. The absence of critical security issues is positive, but improvements are needed in security best practices and transparency. Overall, the website is accessible and safe for general audiences, with no adult or explicit content detected. The domain WHOIS data is consistent with a legitimate German media site, though limited registrant details are available. The site scores moderately on content quality, technical implementation, security posture, privacy compliance, and business credibility, resulting in an overall AI score of 66 out of 100.

H

Henkel AG & Co. KGaA

fritz-henkel.com

66

The website https://fritz-henkel.com/ is a professionally designed microsite dedicated to celebrating the 175-year legacy of Fritz Henkel, founder of Henkel AG & Co. KGaA. It provides rich historical content, brand heritage storytelling, and corporate culture insights targeted at a general audience including brand enthusiasts and stakeholders. The site leverages modern web technologies such as Nuxt.js and Vue.js, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent managed via OneTrust, although some security headers could be improved. The domain registration is consistent with the corporate identity and appropriate for a dedicated campaign site. Overall, the site demonstrates strong compliance with GDPR and presents trustworthy business information.

L

LOUPE

loupe.at

65

LOUPE is a specialized compliance management solution provider focusing on whistleblowing, anti-corruption, integrity management, and risk assessments. The company targets businesses needing to fulfill regulatory requirements such as the Corporate Sustainability Due Diligence Directive. Their market position is niche but professional, supported by ISO 27001 certification, indicating a strong commitment to information security. The website is well-designed, mobile-optimized, and uses modern technologies like Nuxt.js and Vue.js, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and a comprehensive cookie consent mechanism, although explicit incident response and vulnerability disclosure information are absent. Overall, the website and business present a trustworthy and professional image with moderate user tracking balanced by GDPR-compliant privacy practices.

W

Walz GmbH

babywalz.at

68

Walz GmbH operates the baby-walz.at website, a leading e-commerce platform specializing in baby equipment and articles for parents and caregivers in Austria and Germany. The website offers over 20,000 high-quality products including baby clothing, strollers, car seats, toys, and baby care items. It targets expectant mothers and families with young children, providing a comprehensive shopping experience with free returns and customer support. The company positions itself as a trusted and established retailer in the baby products market. Technically, the website is built on modern frameworks such as Nuxt.js and uses the Storyblok CMS, ensuring a responsive and well-structured user experience. The site includes structured data for SEO and contact information, enhancing discoverability and trust. Security posture is good with HTTPS and nonce usage, but lacks some security headers and cookie consent mechanisms. WHOIS data is unavailable due to quota limits, limiting domain registration verification. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

E

Europcar

europcar.at

69

Europcar Austria operates as a leading car rental service provider with a strong market position in Europe and worldwide. The company offers a broad fleet including electric vehicles and tailored business solutions, targeting both general consumers and corporate clients. The website reflects a mature digital infrastructure using modern frameworks like Nuxt.js and integrates performance and monitoring tools such as Dynatrace. Security posture is robust with HTTPS enforcement and security headers, though explicit security policies and incident response details are not prominently published. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie regulations.

L

Lexus

discoverlexus.com

60

DiscoverLexus.com serves as a global lifestyle and brand marketing platform for Lexus, a premium automotive brand. The website focuses on delivering luxury and lifestyle content that aligns with Lexus's market positioning as a leader in the transportation sector. The site targets luxury vehicle enthusiasts and Lexus customers worldwide, providing brand storytelling and vehicle-related information. The business model centers on brand engagement and lifestyle marketing rather than direct sales. The domain age and WHOIS data support the legitimacy and maturity of the brand presence online. Technically, the website employs modern frontend technologies including Vue.js and Nuxt.js, with a CMS likely based on Statamic. Hosting is supported by Microsoft Azure DNS infrastructure. The site demonstrates good mobile optimization and SEO practices, with cookie consent managed by Cookiebot. Performance is moderate, with room for improvement in accessibility and security headers. From a security perspective, the site uses HTTPS and enforces domain transfer protection. However, DNSSEC is not enabled, and security headers are not detected in the provided data. There is no visible privacy policy or terms of service, which are critical for compliance and user trust. No incident response or vulnerability disclosure mechanisms are found. The site integrates Google Tag Manager for analytics and tracking, balanced with a cookie consent mechanism. Overall, the website is professionally designed and trustworthy, with a strong brand presence. To enhance security posture and compliance, it is recommended to publish privacy and terms policies, enable DNSSEC, implement security headers, and provide clear contact information for incident response. These steps will improve user trust, regulatory compliance, and resilience against threats.

.

.LOUPE

loupe.link

65

The website loupe.link represents .LOUPE, a specialized provider of compliance management solutions focusing on whistleblowing, anti-corruption, integrity management, risk assessments, and corporate sustainability due diligence. The company targets businesses requiring turnkey compliance solutions, positioning itself as a niche player with ISO 27001 certification enhancing its credibility. The website is built on modern web technologies including Nuxt.js and Vue.js, with integrated analytics and cookie consent mechanisms reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and GDPR-compliant privacy and cookie policies, though some areas like explicit Terms of Service and vulnerability disclosure policies are missing. Overall, the site is professional, trustworthy, and safe for general audiences.

wunu webLab OG is a small Austrian digital agency specializing in tailored digital experiences that combine design, technology, and strategy. Their core services include app development, web solutions, and creative design, targeting startups and businesses seeking innovative digital products. The company maintains a professional online presence with clear branding, comprehensive privacy and cookie policies, and accessible contact information. Technically, the website leverages modern JavaScript frameworks such as Nuxt.js and Vue.js, and employs Matomo for privacy-conscious analytics. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not published. Overall, the website reflects a mature digital infrastructure and a trustworthy business model.

M

Museum für Gestaltung Zürich

museum-gestaltung.ch

51

Museum für Gestaltung Zürich is a leading Swiss museum specializing in design and visual communication, operating across three locations in Zurich. It is affiliated with the Zurich University of the Arts and supported by prominent cultural and corporate entities. The museum offers exhibitions, educational programs, publications, and an online shop, targeting a broad audience including groups, schools, families, and accessible audiences. The website reflects a mature digital presence with modern technologies such as Nuxt.js and Vue.js, and integrates Matomo analytics for user tracking. Security posture is strong with HTTPS and security headers implemented, though there is room for improvement in privacy compliance with the addition of cookie consent mechanisms and explicit security policies. Overall, the site is professional, trustworthy, and well-optimized for performance and accessibility.

E

EXPO EVENT – Swiss LiveCom Association

expo-event.ch

61

EXPO EVENT – Swiss LiveCom Association is a national industry association representing the Live Communication sector in Switzerland. The organization provides membership services, industry events, education, and sustainability consulting to its members. The website reflects a professional and well-established entity with a clear market position as a leading voice for LiveCom in Switzerland. The technical infrastructure is modern, leveraging Nuxt.js and Vue.js frameworks, with integration of common analytics and marketing tools such as Google Analytics and LinkedIn Insight Tag. Security posture is strong with HTTPS and security headers implemented, although cookie consent mechanisms and explicit terms of service are missing. Overall, the site is well-designed, mobile-optimized, and provides comprehensive contact and event information, supporting a high level of trust and credibility.

A

Abteilung Kultur, Präsidialdepartement des Kantons Basel-Stadt

museenbasel.ch

61

Museen Basel is a government-affiliated cultural platform representing 37 museums in Basel, Switzerland. It provides comprehensive information about museums, exhibitions, events, and educational contacts, targeting the general public, families, and cultural enthusiasts. The website is professionally designed with consistent branding and clear navigation, supporting multiple languages with German as the primary language. The platform serves as a central hub for cultural engagement in Basel, enhancing the visibility and accessibility of local museums. Technically, the website leverages modern frameworks such as Nuxt.js and Vue.js, styled with Tailwind CSS, and integrates analytics tools like Google Tag Manager and Microsoft Clarity. The site is mobile-optimized and performs moderately well, with good SEO and accessibility features. The content is rich and relevant, supporting a positive user experience. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security policies, incident response contacts, and cookie consent mechanisms, which are areas for improvement. No critical vulnerabilities or suspicious patterns were detected, and the domain registration aligns well with the website's government affiliation, indicating high legitimacy. Overall, Museen Basel presents a trustworthy and professional digital presence for cultural promotion, with recommendations to enhance privacy compliance and security transparency to further strengthen user trust and regulatory adherence.

O

Optimize AG

eventlokale.ch

62

eventlokale.ch is a well-established Swiss event portal operated by Optimize AG, offering a comprehensive marketplace for event locations, service providers, and event-related job listings. The platform targets event planners and individuals in Switzerland, positioning itself as the largest event portal in the country. The website provides rich content including editorial articles, event ideas, and the Swiss Location Award information, enhancing its market presence and user engagement. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, with integrations of Google Analytics, Google Tag Manager, and Hotjar for analytics and user behavior tracking. The site is mobile-optimized and features good SEO practices, although accessibility could be improved. Security-wise, the site enforces HTTPS and includes standard security headers, but lacks visible privacy and cookie policies, which are critical for GDPR compliance. No contact emails or phone numbers were found, which may impact user trust and compliance. Overall, the site is professional and trustworthy but should address privacy compliance and contact transparency to enhance its security posture and user confidence.

BDP is a large, internationally recognized multidisciplinary design practice specializing in architecture, engineering, urban planning, and design services. The company positions itself as a leader in creating sustainable and innovative environments, targeting clients in real estate, media, education, and other sectors. The website reflects a mature digital presence with professional branding, multimedia content, and comprehensive project showcases. Technically, the site is built on modern frameworks such as Nuxt.js and Tailwind CSS, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and incident response information are not publicly available. Privacy compliance is well addressed with clear cookie consent and privacy policies. The absence of WHOIS data limits domain trust assessment, but the overall professional presentation supports legitimacy. Strategic recommendations include publishing security and vulnerability disclosure policies and enhancing contact transparency for data protection officers.

B

Beisheim Holding

beisheim.com

61

Beisheim Holding operates as a holding and capital management company with a professional online presence focused on corporate stakeholders and investors. The website is structured using modern web technologies including Nuxt.js and integrates Cookiebot for comprehensive cookie consent management, reflecting a commitment to privacy compliance. However, the absence of WHOIS registration data raises concerns about domain legitimacy, despite the professional appearance and GDPR-compliant cookie practices. The site lacks explicit contact information, terms of service, and security policies, which limits transparency and user trust. Security posture is moderate with HTTPS enforced but missing key security headers and incident response information. Overall, the website is functional and compliant in privacy aspects but would benefit from enhanced transparency and security disclosures.

M

MPskin

mpskin.com

64

MPskin is a specialized technology company offering an overlay solution to enhance Matterport virtual tours with advanced features such as augmented reality, multilingual support, and virtual staging. The company targets real estate professionals and digital marketers seeking to create engaging digital twins and immersive virtual experiences. Their market position is niche but well-defined, supported by a professional website and ISO 27001 certified hosting infrastructure. Technically, the website leverages modern JavaScript frameworks like Vue.js and Nuxt.js, integrates multiple analytics and marketing tools, and demonstrates strong performance and mobile optimization. Security posture is robust with HTTPS enforcement, security headers, and certified hosting, though the absence of public WHOIS data and incident response contacts suggests areas for improvement. Overall, MPskin presents a trustworthy and professional digital presence with minor gaps in transparency and vulnerability disclosure.

S

SV Werder Bremen

werder.de

70

SV Werder Bremen operates a professional football club website providing fans and stakeholders with news, match schedules, ticketing, and media content. The site is built on a modern Nuxt.js framework with Tailwind CSS styling and integrates third-party services such as Cookiebot for consent management and Google Tag Manager for analytics. The website demonstrates good technical maturity with responsive design and accessibility considerations. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are absent. The domain registration aligns well with the business's German origin, supporting legitimacy. Overall, the site is professional, trustworthy, and well-positioned to serve its audience effectively.

S

Digitale Themen- und Erlebniswege – smarTrails

smartrails.ch

64

The website smartrails.ch presents itself as a digital platform focused on thematic and experience trails, likely serving a niche market in Switzerland. The site uses modern web technologies such as Nuxt.js, Vue.js, and Tailwind CSS, indicating a contemporary technical infrastructure with good mobile optimization and user experience. However, the content is basic and lacks comprehensive business and contact information, which limits the depth of user engagement and trust signals. Security posture is weak due to the absence of security headers and explicit policies, and privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site is functional and professionally designed but requires significant improvements in security, privacy, and business transparency to enhance trust and compliance.

S

Schweizer Milchproduzenten SMP Genossenschaft

swissmilk.ch

66

Swissmilk is the official online platform of the Schweizer Milchproduzenten SMP Genossenschaft, a Swiss dairy cooperative focused on promoting Swiss milk and milk products. The website serves as an online cookbook featuring seasonal recipes, kitchen tips, healthy nutrition information, and competitions, targeting a general audience interested in Swiss dairy products. The cooperative holds a strong market position within Switzerland as a trusted promoter of local dairy. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, with integration of Cloudinary for media and Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response information are not published. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the website is trustworthy, well-maintained, and serves its business purpose effectively.

O

OCHSNER SPORT

ochsnersport.ch

67

OCHSNER SPORT is a prominent Swiss sports retail company operating a comprehensive e-commerce platform offering over 30,000 sports articles and top brands. The website targets sports enthusiasts in Switzerland, providing a broad range of sportswear and equipment with value-added services such as free shipping and free in-store returns. The business model is focused on online retail complemented by physical stores, positioning itself as a leading player in the Swiss sports retail market. Technically, the website leverages modern web technologies including Vue.js and Nuxt.js frameworks, styled with Tailwind CSS, and integrates marketing and analytics tools such as Google Tag Manager and Dynamic Yield. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. Performance is moderate with room for improvement. From a security perspective, the site uses HTTPS with excellent SSL configuration but lacks visible security headers and explicit security policies. Cookie consent is managed via a consent manager, indicating some privacy compliance efforts. No critical vulnerabilities or blocking mechanisms were detected, suggesting a stable security posture but with opportunities for enhancement. Overall, the website is professional and trustworthy with a strong business presence. However, it would benefit from publishing clear privacy and terms of service policies and implementing additional security headers to strengthen its security and compliance posture.

A

Andermatt Sedrun Disentis

disentis-sedrun.ch

66

Andermatt Sedrun Disentis operates as a regional tourism destination website promoting the Disentis Sedrun area in Switzerland. The site targets tourists interested in mountain sports, cultural events, and leisure activities. The business model focuses on destination marketing and providing information and services related to tourism. The website is built on modern web technologies including Nuxt.js and integrates Google Analytics and Tag Manager for tracking. The technical infrastructure is moderately optimized for performance and mobile responsiveness. Security posture is good with HTTPS and security headers implemented, but lacks visible privacy and cookie policies, which impacts compliance. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and explicit contact information. Strategic recommendations include adding comprehensive privacy and cookie policies, improving accessibility, and publishing security and incident response information.

B

Beisheim Stiftung

beisheim-stiftung.com

62

Beisheim Stiftung is a non-profit foundation operating primarily in Germany and Switzerland, providing funding and support for various projects. The website serves as an informational portal offering downloadable resources such as funding criteria and application guidelines. The foundation targets applicants and partners interested in its funding programs. Technically, the website is built using the Nuxt.js framework and integrates Cookiebot for cookie consent management, ensuring compliance with privacy regulations. The site employs HTTPS and uses Piwik Analytics for visitor statistics, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks visible security headers and explicit security policies. The absence of WHOIS data and contact information slightly reduces trustworthiness. Overall, the website is professional and functional but could improve transparency and security documentation.

Sportabzeichen-Digital is a German digital platform dedicated to managing and facilitating the German Sports Badge program. It provides users with registration, login, and access to sport badge events and information, targeting sports participants and organizers within Germany. The platform leverages modern web technologies such as Nuxt.js and Vue.js and is hosted on Hetzner infrastructure, ensuring reliable performance and availability. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, including opt-in for analytics via Matomo. Security posture is adequate with HTTPS enforced and anti-bot measures in place, though improvements are recommended in implementing security headers and publishing incident response information. Overall, the website is professional, user-friendly, and trustworthy, serving a niche sports community effectively.

K

Kontainer

kontainer.com

62

Kontainer is a Denmark-based technology company specializing in digital asset management, product information management, and image bank solutions. Established in 2000, it serves businesses seeking efficient digital content management through a B2B SaaS platform. The website reflects a professional and consistent brand image with a focus on user experience and mobile responsiveness. Technically, the site leverages modern frameworks such as Nuxt.js and Vue.js, ensuring a contemporary and performant digital presence. Security posture is solid with HTTPS enabled and domain protections in place, though improvements like DNSSEC and explicit security policies could enhance trust further. Overall, Kontainer presents a credible and mature digital footprint suitable for its market segment.

Orms is a London-based architecture firm focused on delivering ultrapractical, deeply functional, and generous architectural solutions. Their website reflects a professional and modern digital presence built with Nuxt.js and Tailwind CSS, targeting clients seeking architectural design and consultancy services. The firm positions itself as an established player in the real estate sector with a clear focus on quality and client engagement. Technically, the website is well-structured, mobile-optimized, and uses modern frameworks, though performance is moderate and accessibility is basic. Security posture is adequate with HTTPS enforced but lacks advanced security headers and formal privacy or cookie policies. The absence of WHOIS data and domain registration details introduces some trust concerns, though the website content and contact information support business credibility. Overall, the site is professional but would benefit from enhanced privacy compliance and security best practices.

L

Lundhagem

lundhagem.no

57

Lundhagem is a small, award-winning architecture and urban design practice based in Oslo, Norway. The website presents a professional image focused on showcasing their design work and company identity. The business targets clients seeking architectural and urban design services, positioning itself as a specialized and reputable firm in its sector. The website uses modern web technologies such as Nuxt.js and Imgix for image optimization, indicating a moderate level of digital maturity. However, the site lacks visible contact information, privacy policies, and security headers, which impacts its overall security posture and compliance stance. No WHOIS data is publicly available, suggesting privacy protection for the domain registration, which is typical for small professional firms. Overall, the website is functional and professional but could improve in security and compliance transparency.

Davos Klosters is a prominent tourism organization promoting holidays and outdoor activities in the Swiss Alps, specifically in the Graubünden region. The website offers comprehensive information and booking options for skiing, hiking, biking, and cultural events, targeting tourists seeking alpine experiences. The company holds a strong market position as a leading alpine destination with a professional online presence and integrated e-commerce capabilities. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, ensuring fast performance, mobile optimization, and good SEO practices. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, although dedicated security and incident response policies are not explicitly found on the site. Privacy compliance is addressed with visible privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy, professional, and well-aligned with its business goals.

H

HEK (Haus der Elektronischen Künste)

hek.ch

61

HEK (Haus der Elektronischen Künste) is a well-established Swiss cultural institution and museum specializing in digital and electronic arts. It serves as a platform for interdisciplinary projects, exhibitions, and workshops, connecting art, science, and technology. The website reflects a professional and modern digital presence with multilingual support and a rich program offering. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, with good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and privacy compliance including cookie consent mechanisms. However, some areas like explicit security policies, incident response contacts, and terms of service are missing or not publicly visible. Overall, the domain registration and website content align well, indicating a legitimate and trustworthy entity.

C

Home – catapult

catapultbasel.ch

56

The website catapultbasel.ch represents a youth-focused funding platform based in Basel, Switzerland. It aims to support young people by providing a platform for project submissions and community engagement. The site is built using modern web technologies including Vue.js and Nuxt.js, with multimedia support via Video.js and audio recording libraries. Google Analytics is used for visitor tracking, though no visible consent mechanism is present. The website content is primarily in German and targets the local youth demographic. Security posture is basic with no advanced headers or policies detected, and privacy compliance is minimal due to the absence of privacy and cookie policies. WHOIS data confirms the domain's legitimacy and local registration, supporting the trustworthiness of the platform.

K

KAWAHARA KRAUSE ARCHITECTS

kawahara-krause.com

62

KAWAHARA KRAUSE ARCHITECTS is a small, specialized architectural practice based in Germany, founded in 2007. The firm offers architectural design services, academic research, exhibitions, and publications, targeting clients interested in innovative and contextually rich architecture. The website is professionally designed using modern technologies such as Nuxt.js, Vue.js, Tailwind CSS, and Sanity CMS, providing a good user experience and mobile optimization. However, the site lacks explicit privacy and cookie policies, contact information, and security headers, which are important for compliance and security. The domain registration is consistent with the business claims, indicating legitimacy and stability. Overall, the website is safe, professional, and moderately secure but would benefit from enhanced privacy compliance and security practices.

A

Amadeu Antonio Stiftung

swipeaway.de

50

SwipeAway is an educational self-learning tool designed to raise awareness about recognizing hostile narratives on social media platforms and to promote digital civil courage. The project is operated by the Amadeu Antonio Stiftung, a reputable non-profit foundation in Germany, and is supported by Stiftung Mercator. The website targets a general audience interested in social media literacy and digital rights education. The business model is non-commercial, focusing on social impact and education. Technically, the website is built using modern web technologies including Nuxt.js, JavaScript, HTML5, and CSS3. It is hosted on servers associated with agenturserver, with good mobile optimization and moderate performance. The site uses HTTPS with an excellent SSL configuration but lacks some security headers that could enhance protection. The site employs minimal user tracking via the privacy-conscious Umami analytics platform. From a security perspective, the website demonstrates a solid baseline with HTTPS enabled and no exposed sensitive data. However, it lacks security headers and a cookie consent mechanism, which are important for GDPR compliance and security best practices. No incident response or security policy information is provided, and no contact information is readily available on the main page, which could impact user trust and compliance. Overall, the website is professional, trustworthy, and focused on educational content without any adult or questionable material. The domain registration data aligns well with the website's stated purpose and parent organization, indicating legitimacy. Strategic recommendations include implementing security headers, adding a cookie consent mechanism, publishing security and incident response policies, and providing clear contact information to enhance trust and compliance.

The website 'Tajas Welt 2053' offers an interactive exploration experience themed around a futuristic world in the year 2053. It targets a general audience, including children, providing an educational and engaging map-based interface. The site is built using modern web technologies such as Nuxt.js and Leaflet.js, indicating a moderate level of digital maturity. However, the absence of business contact information, privacy policies, and security headers suggests limited compliance and security posture. The WHOIS data is incomplete due to TLD restrictions, which affects domain trustworthiness assessment. Overall, the site is functional and content-rich but lacks critical security and compliance elements.

N

NDK Wurzen

leerstellen-lkl.de

47

The website leerstellen-lkl.de is a well-structured non-profit project focused on documenting cases of right-wing violence in the Leipzig district. It provides a digital memorial and educational resource through a web documentary, peer networks, and workshops primarily targeting youth and affected communities. The project is funded by reputable organizations and operated by NDK Wurzen, indicating a credible and mission-driven initiative. Technically, the site uses modern frameworks like Nuxt.js and Vue.js, ensuring a responsive and user-friendly experience, though some improvements in accessibility and SEO could be made. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and cookie consent mechanisms, which are recommended for GDPR compliance. Overall, the site is trustworthy, professional, and safe for general audiences.

K

kolle.dev

kolle.dev

50

Kolle.dev is a small digital collaboration service based in Germany, focusing on supporting digital projects through project management, design, programming, and long-term support. The website presents a professional and clean design using modern technologies such as Nuxt.js and Tailwind CSS, indicating a good level of digital maturity. The site is fast, mobile-optimized, and provides clear information about its services and partner projects. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks security headers and formal privacy or cookie policies, which are important for compliance and trust. Overall, the risk is moderate with recommendations to improve privacy compliance and security headers to enhance trust and regulatory adherence.

S

Schweizer Tourismus-Verband

stv-fst.ch

62

The Schweizer Tourismus-Verband website represents a national umbrella organization for the Swiss tourism sector, focusing on interest representation and networking within the hospitality industry. The website content is primarily in German and targets tourism stakeholders in Switzerland. The business model is that of a membership and advocacy association with a medium-sized organizational footprint. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, with Tailwind CSS for styling, indicating a contemporary digital infrastructure. Performance and mobile optimization are good, though accessibility features are basic. Security posture is moderate, with HTTPS presumably enabled but lacking explicit security headers and policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced security and privacy disclosures.