Security Directory

O

Office du Tourisme et des Congrès de la métropole de Lyon

visiterlyon.com

69

The website www.visiterlyon.com serves as the official tourism portal for Lyon and its metropolitan area, operated by the Office du Tourisme et des Congrès de la métropole de Lyon. It provides comprehensive tourism information, online booking services for hotels, restaurants, leisure activities, and city passes such as the Lyon City Card. The site targets tourists, families, business travelers, and groups, positioning itself as an authoritative and trusted source for visiting Lyon. The content is rich, professionally presented, and available in multiple languages, enhancing accessibility and user experience. Technically, the website employs modern web technologies including Alpine.js for interactivity, Swiper.js for sliders, and MapLibre GL for mapping. It integrates Google Tag Manager and Google reCAPTCHA for analytics and security. The site is mobile-optimized, accessible, and SEO-friendly, with good performance metrics. Security best practices are observed with HTTPS enforcement, security headers, and secure forms, although explicit security policy and incident response information are not published. The security posture is strong with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, GDPR adherence, and consent mechanisms. However, WHOIS data for the domain is missing or unavailable, which is unusual for an official entity and slightly impacts trustworthiness. Despite this, the website's certifications, social media presence, and comprehensive content support its legitimacy. Overall, the website is a high-quality, secure, and user-friendly platform for promoting tourism in Lyon. Strategic recommendations include publishing a dedicated security policy, incident response contacts, and a vulnerability disclosure policy to further enhance trust and transparency.

S

Social Intents, LLC

socialintents.com

10

Social Intents, LLC operates a professional SaaS platform specializing in live chat and AI chatbot solutions integrated with popular collaboration tools such as Microsoft Teams, Slack, Google Chat, Zoom, and Webex. Their platform enables businesses to engage customers across multiple channels including websites, WhatsApp, Messenger, and SMS, leveraging AI to automate routine inquiries and improve customer support efficiency. The company targets small businesses, entrepreneurs, and marketing teams seeking to enhance customer engagement and sales through streamlined communication tools. Their market position is strong within the niche of AI-powered chat solutions integrated with collaboration platforms, supported by clear pricing tiers and agency reseller options. Technically, the website employs a modern technology stack including JavaScript frameworks like Alpine.js and jQuery, along with integrations for analytics and marketing tools such as Google Tag Manager, Facebook Pixel, Bing Ads, and Weglot for multilingual support. The site is well-optimized for mobile and accessibility, with good SEO practices and fast loading performance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers could be more visible. No critical vulnerabilities or exposed sensitive data were detected. The security posture is mature with good privacy compliance evidenced by comprehensive privacy and cookie policies and GDPR adherence. However, the absence of WHOIS domain registration data raises concerns about domain legitimacy and ownership transparency. No direct contact emails or phone numbers were found, and no public security or incident response contacts are provided, which could impact trustworthiness from a security perspective. Overall, the website presents a professional, trustworthy, and technically sound platform for AI-driven live chat services. Strategic recommendations include verifying domain registration details, enhancing visible security headers, publishing incident response contacts, and providing clearer direct contact information to improve business credibility and security transparency.

T

TwentyThree

twentythree.net

71

TwentyThree is a leading European video software company specializing in a comprehensive video marketing platform designed for businesses to leverage video content across customer journeys. The company positions itself as a pioneer with a full suite of video tools including webinars, video libraries, and personal video capabilities, targeting medium-sized to large enterprises primarily in the technology sector. The website reflects a mature digital presence with modern infrastructure, leveraging HubSpot CMS, Amazon Cloudfront hosting, and advanced analytics tools such as Google Analytics and Google Tag Manager. The site is well-optimized for mobile and SEO, providing an excellent user experience with clear navigation and professional branding. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is robust, featuring a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the domain registration data corroborates the business legitimacy and history, supporting a high trust level.

D

Dinas Lingkungan Hidup Provinsi Kalimantan Selatan

dlhprovkalimantanselatan.id

53

Dinas Lingkungan Hidup Provinsi Kalimantan Selatan is a government agency dedicated to environmental protection and quality improvement in South Kalimantan, Indonesia. The website serves as an official portal providing information on environmental programs, services, and public engagement. The site is well-structured with clear navigation and modern frontend technologies, indicating a moderate level of digital maturity. However, the domain WHOIS data shows inconsistencies such as a future registration date and a registrar not directly linked to the government, which may require further verification. Security posture is generally good with HTTPS and Cloudflare DNS usage, but lacks some security headers and formal policies such as privacy and cookie policies. Overall, the site is professional and trustworthy for its intended audience but could improve compliance and transparency aspects.

D

Dinas Lingkungan Hidup Provinsi Kalimantan Tengah

dlhkalimantantengah.id

54

Dinas Lingkungan Hidup Provinsi Kalimantan Tengah is the official environmental agency for Central Kalimantan Province, Indonesia, dedicated to environmental preservation, pollution control, waste management, and public education. The website serves as a public information portal offering access to official documents, programs, and complaint mechanisms. The site targets local residents, government officials, and environmental stakeholders. Technically, the website uses modern frontend technologies such as Alpine.js and Laravel Livewire, hosted behind Cloudflare DNS services, ensuring moderate performance and mobile responsiveness. Security posture is generally good with HTTPS enabled and clientTransferProhibited domain status, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced compliance and security policies.

D

Dinas Lingkungan Hidup Provinsi Aceh

dlhbali.id

53

Dinas Lingkungan Hidup Provinsi Aceh operates as a government environmental agency responsible for managing environmental preservation, waste management, pollution control, and public services related to environmental issues in Aceh Province, Indonesia. The website serves as an official portal providing information, news, and services to residents and stakeholders. The site is well-structured with clear navigation and contact information, targeting the general public and government stakeholders. Technically, the website employs modern web technologies including Laravel Livewire, Alpine.js, and Swiper.js, hosted behind Cloudflare DNS services. The site is mobile optimized and offers a good user experience with moderate performance. However, some SEO and accessibility features could be improved. From a security perspective, the site uses HTTPS and has domain transfer protection enabled, but lacks DNSSEC and important security headers. There is no published privacy, cookie, or incident response policy, which limits compliance with privacy regulations. The WHOIS data raises concerns due to a future domain creation date and registrant mismatch, which may indicate registration anomalies. Overall, the website is functional and professional but requires improvements in privacy compliance, security headers, and domain registration transparency to enhance trust and security posture.

K

Kulturbüro Riehen

riehenevents.ch

69

Riehen Events is a municipal cultural event platform operated by the Kulturbüro Riehen, serving the local community and visitors by providing comprehensive event listings, cultural information, and support for event organizers. The website is positioned as a trusted local hub for cultural engagement in Riehen, Switzerland, with a focus on accessibility and community involvement. Technically, the site is built on Drupal 10 with modern JavaScript frameworks and includes privacy-conscious analytics via Matomo. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site demonstrates good digital maturity and professionalism, supporting its role as a public service platform.

Z

Zaha Hadid Design

zaha-hadid-design.com

71

Zaha Hadid Design is a luxury design brand established in 2006, now part of the Zaha Hadid Foundation, offering high-end homeware products through a professionally maintained Shopify e-commerce platform. The website reflects a strong brand identity with consistent design and rich content targeting luxury consumers and design enthusiasts. Technically, the site leverages modern web technologies including Shopify's platform, JavaScript modules, and multiple analytics and marketing tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced, cookie consent mechanisms, and use of hCaptcha, though lacks explicit public security policies or incident response contacts. The absence of WHOIS registration data for the domain introduces some trust concerns, but the overall digital presence and branding suggest legitimacy. Strategic recommendations include verifying domain registration status, publishing security policies, and enhancing transparency around incident response.

R

Royal Institute of British Architects

architecture.com

73

The Royal Institute of British Architects (RIBA) is a leading professional body and membership organization dedicated to advancing architecture. The website serves architects, students, and related professionals by providing education, resources, awards, and advocacy. The site is well-branded, professionally designed, and offers comprehensive content relevant to its audience. Technically, it uses modern JavaScript frameworks, Umbraco CMS, and integrates multiple analytics and tracking tools with proper cookie consent mechanisms. Security posture is good with HTTPS enforced and secure forms, though some security headers and explicit policies could be improved. WHOIS data is unavailable due to privacy protection, which is justified for this type of organization. Overall, the website is trustworthy, professional, and compliant with privacy regulations.

Z

Zug Estates Holding AG

zugestates.ch

59

Zug Estates Holding AG is a Swiss real estate company specializing in sustainable development and management of living spaces primarily in the Zug region. The company emphasizes creating value through sustainable and innovative real estate solutions, targeting investors, tenants, and partners interested in environmentally responsible property management. Their website reflects a professional corporate presence with comprehensive investor relations and sustainability reporting. Technically, the site uses modern JavaScript libraries, Google Tag Manager for analytics, and Usercentrics for cookie consent, hosted on DigitalOcean infrastructure. The website is mobile-optimized and well-structured, providing a good user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though the absence of a publicly available security policy and incident response contact is noted. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

B

bexio AG

bexio.ch

74

bexio AG is a Swiss-based company founded in 2013, providing comprehensive business software solutions tailored for small businesses, startups, and self-employed individuals. Their SaaS platform offers a wide range of services including contact management, sales process automation, expense and accounting management, payroll, and integrated e-banking. Positioned as a trusted Swiss SME software provider, bexio serves over 90,000 customers and benefits from strong partnerships with reputable organizations such as Mobiliar and UBS. The website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the website employs modern web technologies including Alpine.js, Google Tag Manager, and Usercentrics for consent management, ensuring a fast, mobile-optimized, and SEO-friendly platform. Security best practices are observed with HTTPS enforcement, security headers, and secure form handling. However, explicit security policies and incident response information are not publicly available, representing an area for improvement. The security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The absence of WHOIS domain registration details is a notable concern, slightly impacting business credibility, but the overall digital presence and trust signals mitigate this risk. Overall, bexio demonstrates a mature digital infrastructure and a secure, privacy-conscious environment suitable for its target SME audience. Strategic recommendations include publishing detailed security policies, incident response plans, and vulnerability disclosure information to enhance transparency and trust further.

Truwant + Rodet + is a small architecture and design studio based in Basel, Switzerland, specializing in innovative architectural projects, competitions, research studios, and exhibitions. Their portfolio includes a variety of projects primarily in Switzerland with some international collaborations, emphasizing adaptive reuse, artistic installations, and academic design studios. The website reflects a professional and artistic brand image targeting architecture professionals, clients, and academic institutions. Technically, the website employs modern JavaScript frameworks such as Alpine.js and GSAP, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, but lacks security headers and formal privacy or cookie policies. The presence of Google Analytics without a configured tracking ID and absence of privacy compliance mechanisms indicate areas for improvement. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security practices.

H

Herzog & de Meuron Basel Ltd.

herzogdemeuron.com

46

Herzog & de Meuron Basel Ltd. is an internationally renowned architectural practice based in Basel, Switzerland. The company specializes in architectural design, project development, exhibitions, and publications, serving a global audience including cultural institutions and design professionals. Their website reflects a strong market position with a comprehensive portfolio and professional presentation. The technical infrastructure is built on WordPress with modern JavaScript frameworks such as Alpine.js and jQuery, supplemented by Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized, accessible, and SEO-friendly, though some security headers are missing which could be improved. Security posture is generally strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the absence of certain security headers and a cookie consent mechanism indicates room for enhancement in compliance and security best practices. Overall, the website is professional, trustworthy, and content-rich, but the lack of WHOIS data for the domain introduces some uncertainty about domain registration legitimacy. Strategic verification of domain registration and implementation of additional security headers and privacy mechanisms are recommended.

F

FC Zürich

fcz.ch

66

FC Zürich operates an official website serving as both an information portal and an e-commerce platform for club merchandise. The site targets football fans and customers interested in official FC Zürich products and club news. The business holds a strong market position as a leading Swiss football club with a professional digital presence. Technically, the website is built on the Shopify platform, leveraging modern web technologies and multiple analytics and marketing tools, including Google Analytics, Microsoft Clarity, and Facebook Pixel. The site employs a consent management platform (Usercentrics) to address privacy compliance. Security posture is solid with HTTPS enforced and no visible sensitive data exposure; however, some security headers are missing, and no explicit security or incident response policies are published. Overall, the website is professional, trustworthy, and well-branded, with room for improvement in privacy policy transparency and security header implementation.

A

Am Hof 8 Betriebs GmbH

amhof8.com

60

Am Hof 8 Betriebs GmbH operates Vienna's first private members club, offering exclusive access to a private house, curated events, and partner benefits. The business targets affluent individuals seeking a discreet and refined social environment in a central Vienna location. The website reflects a professional and consistent brand image, emphasizing exclusivity and community. Technically, the site uses modern web technologies including Livewire and Alpine.js, with a CMS likely based on Strapi. The site is mobile-optimized and performs moderately well, though some security enhancements are recommended. Security posture is solid with HTTPS and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is transparent and includes phone, email, and physical address. Overall, the domain registration is consistent with the business claims, supporting legitimacy. Strategic improvements in security headers and privacy mechanisms would enhance trust and compliance.

Z

Zest Event Serviices

zestgroupindia.in

49

Zest Event Serviices is a small Indian event management company specializing in customized solutions for trade exhibitions and conferences, including online and onsite registration services. The website presents basic but relevant content targeting event organizers and exhibitors in India. The technical infrastructure is built on older but functional technologies such as jQuery 1.11.1 and Bootstrap, with some modern additions like Alpine.js. The site is moderately optimized for mobile and SEO but lacks advanced features and comprehensive policies. Security posture is basic, with no visible security headers and use of outdated libraries, which poses potential risks. No privacy or cookie policies are present, indicating compliance gaps. Overall, the website is functional and moderately trustworthy but requires improvements in security, privacy compliance, and technical modernization to enhance its digital maturity and risk profile.

D

Discover-Culture

discover-culture.com

63

Discover-Culture is a small media company based in Germany, specializing in digital cultural tours, VR experiences, and interactive cultural media. The website offers digital tours and cultural films accessible without restrictions after purchase, targeting a general audience interested in culture and art. The business model is primarily e-commerce focused on digital content delivery. Technically, the website is built on WordPress with WooCommerce, integrating modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and HubSpot. Hosting is via Amazon AWS infrastructure, ensuring reliable performance and scalability. Security posture is good with HTTPS enforced and domain transfer protection, though the absence of DNSSEC and explicit security headers suggests room for improvement. Privacy compliance is partial, with a cookie policy and consent mechanism present but lacking explicit privacy and terms of service pages. Overall, the website is professional, well-branded, and functional, with moderate trustworthiness and a solid technical foundation.

R

rockit GmbH

rockit.at

44

rockit GmbH is a specialized TYPO3 CMS agency based in Vienna, Austria, offering comprehensive web development services including responsive design, accessibility, SEO, and GDPR-compliant solutions. The company holds certifications as TYPO3 integrators and serves a diverse client base including government and large organizations, positioning itself as a trusted technology service provider in the Austrian market. Their business model focuses on delivering tailored TYPO3 websites with ongoing maintenance and quality assurance. Technically, the website is built on a modern TYPO3 CMS platform with a rich technology stack including PHP, TailwindCSS, JavaScript frameworks like Vue.js and Alpine.js, and uses Matomo for privacy-conscious analytics. The site is well-optimized for mobile devices, accessibility, and SEO, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, there is room for improvement in publishing explicit security policies, incident response contacts, and implementing additional HTTP security headers. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional and trustworthy digital presence with strong compliance and technical maturity. The lack of WHOIS data limits domain trust verification but does not detract from the evident business legitimacy. Strategic recommendations include enhancing security header implementation and publishing formal security policies to further strengthen trust and compliance.

F

FLINC CYCLES

flinccycles.com

43

FLINC CYCLES is a small Swiss-based company specializing in compact cargo bicycles designed for urban customers who need versatile transport solutions. The website presents a professional and consistent brand image with clear product information, a journal, and an online shop. The business model focuses on direct sales and customer engagement through test rides and detailed product specs. Technically, the site uses modern JavaScript frameworks such as Alpine.js and Flickity for UI components and employs Plausible Analytics for privacy-conscious visitor tracking. Hosting is provided by hosttech.ch, a Swiss hosting provider, ensuring local infrastructure. Security posture is generally good with HTTPS enforced and domain transfer protection, but lacks DNSSEC and some security headers. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, though no cookie consent mechanism is present. Overall, the site is trustworthy, well-designed, and suitable for its target audience.

P

PLAYMIT GmbH

playmit.com

60

PLAYMIT GmbH operates Austria's largest free learning and quiz portal aimed at career starters and students seeking apprenticeships and jobs. The platform offers gamified quizzes, rankings, certificates, and job listings, positioning itself as a leading educational resource certified by the Austrian Federal Ministry of Education. The website is professionally designed, mobile-optimized, and provides a seamless user experience with clear navigation and relevant content. Technically, the site uses modern frontend technologies including Alpine.js and Tailwind CSS, and employs Matomo analytics with user consent, reflecting a mature digital infrastructure. Security posture is good with HTTPS and CSRF protections, though explicit security headers and incident response information are absent, representing areas for improvement. Overall, the site is trustworthy, privacy compliant, and well-positioned in the Austrian education sector.

The website partytimer.at is a professionally maintained event listing platform focused on party and nightlife events in Vienna, Austria. It is operated by Falter Verlagsgesellschaft m.b.H., a reputable media company. The platform offers curated event information sourced from Falter:WOCHE, targeting residents and visitors interested in local nightlife. The business model appears to be media and advertising-driven, leveraging partnerships and event promotions. The website demonstrates a good level of digital maturity, employing modern technologies such as Laravel Livewire, Alpine.js, and integrating consent management via Didomi. It uses Google Tag Manager and ad networks like Adition for analytics and advertising purposes. Security-wise, the site enforces HTTPS, implements cookie consent mechanisms, and includes standard security headers, reflecting a solid security posture with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent banner, aligning with GDPR requirements. However, the site lacks explicit terms of service, security policy, and incident response contact information, which are recommended for enhanced trust and compliance. Overall, the website is trustworthy, professionally designed, and serves its niche audience effectively.

A

Arbeiter-Samariter-Bund Österreichs

samariterbund.net

68

The Arbeiter-Samariter-Bund Österreichs is a well-established non-profit organization founded in 1927, providing a wide range of healthcare, emergency, social, and humanitarian services primarily in Austria with international outreach. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and includes standard analytics and marketing tools. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and a dedicated security policy page are absent. The WHOIS data is unavailable, which limits domain registration trust verification, but the overall site and external references indicate legitimacy. Privacy compliance is well addressed with a detailed privacy policy and cookie management. Overall, the site is professional, trustworthy, and safe for general audiences.

E

edition8

edition8.ch

48

edition8.ch is the online presence of a small Swiss literary publishing house focused on German-language books, author promotion, and cultural literary events. The website provides news, book information, author details, and event schedules, targeting literary readers and cultural audiences primarily in Switzerland and German-speaking regions. The business model centers on publishing and event organization with a niche market position in the literary media sector. Technically, the site uses modern frontend technologies including Tailwind CSS, Laravel Livewire, Alpine.js, and Statamic CMS, indicating a moderate level of digital maturity. The site is mobile optimized and has good navigation and content quality, though accessibility and SEO could be improved. Security posture is moderate with HTTPS usage and no visible sensitive data exposure, but lacks security headers and explicit security policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or GDPR indicators. Overall, the site is professional and trustworthy but could enhance compliance and security practices.

F

FALTER.at

falter.at

71

FALTER.at is a prominent Austrian independent journalism media outlet offering news, cultural content, podcasts, newsletters, and event information. It operates a professional website with a strong market position in Austria's media sector, targeting a general audience interested in politics, culture, and local events. The business model includes subscription services, advertising, and an e-commerce shop for related products. Technically, the website employs modern web technologies such as Livewire, Alpine.js, and integrates multiple analytics and advertising platforms, ensuring a fast, mobile-optimized, and accessible user experience. Security-wise, the site enforces HTTPS, uses security headers, and manages cookie consent via Didomi, reflecting a mature security posture. However, explicit security policies and incident response contacts are not publicly available, representing areas for improvement. Overall, the domain registration data aligns well with the business claims, supporting the site's legitimacy and trustworthiness.

E

EW Wald AG

ew-wald.ch

46

EW Wald AG is a Swiss regional energy company and electrical installation service provider focused on serving the municipalities of Wald, Rüti, Hinwil, and Dürnten. The company offers electrician services, energy supply, and customer portal functionalities, positioning itself as a trusted local utility. The website is professionally designed using TYPO3 CMS and integrates modern web technologies such as Algolia search and Google Analytics, reflecting a moderate to advanced digital maturity. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is trustworthy, well-structured, and compliant with basic GDPR requirements.

W

Welthaus Österreich

welthaus.at

51

Welthaus Österreich is a non-profit consortium of seven Catholic development organizations operating across multiple Austrian regions. The website serves as an educational platform offering workshops, materials, and guest encounters focused on global justice and development policy. It targets educators, activists, and the general public interested in development issues. The organization is small-sized, founded in 2017, and maintains a consistent brand presence across its regional partners. Technically, the site is built on WordPress with modern plugins like Yoast SEO and Matomo analytics, ensuring good SEO and moderate performance. Mobile optimization and accessibility are adequate but could be improved. Security posture is solid with HTTPS and cookie consent implemented, though lacks explicit security policies and incident response information. Overall, the site is trustworthy, professional, and compliant with basic privacy standards, though it could enhance transparency and security documentation.

B

Beyond Growth Conference Italia

beyondgrowth.it

64

Beyond Growth Conference Italia is a newly established non-profit organization focused on hosting a major sustainability conference in Italy in 2024. The event aims to foster dialogue on sustainable prosperity, post-growth, and degrowth models, targeting activists, academics, politicians, and engaged citizens. The website is professionally designed with excellent content quality, clear navigation, and mobile optimization. Technically, it uses modern frameworks such as Laravel Livewire and Alpine.js, ensuring a responsive and performant user experience. Security posture is solid with HTTPS and secure form handling, though improvements like DNSSEC and security headers are recommended. Privacy compliance is well addressed with clear privacy and cookie policies, though no explicit incident response or vulnerability disclosure policies are published. Overall, the website presents a trustworthy and credible digital presence for the conference.

B

Bündnis für Gemeinnützigkeit

buendnis-gemeinnuetzigkeit.org

49

Bündnis für Gemeinnützigkeit is a German non-profit coalition representing the third sector, including culture, sports, nature conservation, and welfare organizations. It acts as a collective voice advocating for civic engagement and democratic participation in society. The organization is well-established since 2010 and collaborates with leading umbrella organizations and civil society experts. The website provides information about its mission, members, positions, and events, targeting stakeholders in the non-profit and civic sectors in Germany. Technically, the site is built on WordPress with modern plugins and frameworks, offering good SEO and mobile optimization. Security posture is solid with HTTPS and domain transfer protection, but lacks DNSSEC and some security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact is primarily via email and a contact form, with no phone numbers or social media links visible. Overall, the site is professional, trustworthy, and serves its audience effectively.

V

Ville de Vernier

vernier.ch

52

Ville de Vernier operates as the official municipal government website for the city of Vernier, Switzerland, serving approximately 37,000 residents. The site provides comprehensive information on local administration, practical services, cultural activities, news, and events, targeting a broad audience including seniors, youth, families, new inhabitants, associations, and enterprises. The business model is centered on public service delivery and community engagement, positioning itself as a trusted local authority. Technically, the website is built on Drupal 10, leveraging modern JavaScript frameworks like Alpine.js and privacy-focused analytics via Plausible. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. The infrastructure reflects a mature digital presence suitable for a government entity. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a dedicated incident response contact, which are recommended best practices. Privacy compliance is partial, with a basic privacy policy present but no cookie consent mechanism, potentially impacting GDPR adherence. Overall, the website presents a low-risk profile with strong business credibility and technical implementation. Strategic improvements in privacy compliance and security hardening would enhance trust and regulatory alignment.

C

Coolify

tivtools.de

45

Coolify is an open-source and self-hostable alternative to popular deployment platforms such as Heroku, Netlify, and Vercel. The website serves primarily as a login portal for users of the Coolify platform, targeting developers and technology users seeking deployment solutions. The business model revolves around providing an open-source platform that users can self-host, positioning itself as a niche alternative in the deployment ecosystem. The website branding is moderately consistent, with a clear focus on the Coolify product name and logo. Technically, the website employs modern frontend technologies including Alpine.js and Laravel Livewire, with DOMPurify used for sanitizing HTML content to prevent XSS attacks. Hosting is provided via Hetzner, a reputable German hosting provider, as indicated by the nameservers. The site demonstrates moderate performance and good mobile optimization, though accessibility and SEO optimizations are basic. The login form includes CSRF protection, and password fields have visibility toggling features enhancing usability. From a security perspective, the site shows some best practices such as CSRF tokens and input sanitization but lacks visible security headers and publicly available security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is weak, with no privacy or cookie policies found, and no GDPR compliance indicators. Business credibility is moderate due to the lack of contact information and trust indicators. Overall, the website is functional and technically sound for its purpose but would benefit from enhanced privacy compliance, security transparency, and contact information to improve trust and regulatory adherence.

D

Digital Hub Rhein-Neckar GmbH

5-ht.com

61

5-HT Chemistry & Health operates as a digital innovation hub connecting established companies in the chemistry and health sectors with tech startups globally. The organization fosters collaboration, innovation, and digital transformation through workshops, scouting, matchmaking, and events. Their market position is that of a specialized ecosystem facilitator in the Rhein-Neckar region with global outreach. Technically, the website employs modern frontend technologies such as Alpine.js, Swiper.js, and Laravel Livewire, with a responsive and well-structured design. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks explicit security headers and published security policies. The absence of WHOIS registration data reduces trustworthiness, though the professional content and social media presence support legitimacy. Overall, the site is well-built and business-focused but would benefit from enhanced transparency and security disclosures.

HFDnetzwerk is a German-based community platform operated by the Hochschulforum Digitalisierung, a prominent think-and-do tank focused on digital transformation in higher education. The platform facilitates networking, knowledge exchange, and visibility of informal engagement in digital teaching through features like member search, discussion groups, and a Community Certificate. The website is professionally designed, mobile-optimized, and uses modern web technologies such as Laravel Livewire and Alpine.js, hosted on AWS infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit incident response policies are absent. Overall, the site is trustworthy, GDPR compliant, and serves a medium-sized educational community effectively.

L

Lehner Versand

lehner-versand.ch

73

Lehner Versand is a well-established Swiss mail order and e-commerce company specializing in bedding and home textiles. The company offers a broad product catalog with a focus on quality and affordability, supported by fast and flexible delivery options and a 24-hour customer service. Their market position is that of a trusted Swiss retail brand with both online and physical store presence. Technically, the website is built on Magento 2 using the modern Hyvä theme, integrating advanced search and recommendation services via Boxalino, and employing Google Tag Manager and TrackJS for analytics and error tracking. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS, uses security headers, and implements cookie consent mechanisms compliant with GDPR. However, explicit security policies and incident response information are not publicly available, and no vulnerability disclosure program is evident. Overall, the website is professional, secure, and trustworthy, with moderate user tracking and good privacy compliance.

W

webgo GmbH

webgo.de

11

webgo GmbH is a German-based web hosting and online services provider established in 2004, offering a comprehensive portfolio including web hosting, virtual and dedicated servers, domain registration, website builders with AI features, and online marketing tools. The company positions itself as a performance-driven and environmentally conscious hosting provider, leveraging 100% green energy and emphasizing customer support availability year-round. Their market position is reinforced by multiple awards such as the Stiftung Warentest rating and the German Customer Award, indicating strong customer satisfaction and product quality. Technically, the website employs modern web technologies including Alpine.js, FontAwesome, hCaptcha for bot protection, and Microsoft Clarity for analytics. The site is built on the Statamic CMS platform, optimized for fast performance, mobile responsiveness, and accessibility. Security best practices are observed with HTTPS enforcement, comprehensive security headers, and no visible vulnerabilities or exposed sensitive data. From a security posture perspective, webgo demonstrates a mature approach with strong SSL configuration and bot mitigation. However, explicit security policies, incident response details, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. Overall, webgo presents a trustworthy and professional online presence with a high degree of business credibility and technical maturity. The domain registration data, while limited due to DENIC privacy restrictions, aligns with the company's German market focus and business claims. No signs of malicious activity or content safety concerns are detected, making webgo a reliable hosting provider in its sector.

P

pixx.io GmbH

pixx.io

75

pixx.io GmbH operates a German-based Digital Asset Management (DAM) platform leveraging artificial intelligence to enhance media management workflows. The company targets businesses and teams requiring secure, GDPR-compliant cloud solutions for organizing, tagging, licensing, and sharing digital media assets. With over 1,600 customers and a strong ROI claim, pixx.io positions itself as a reliable and efficient DAM provider in the German and broader European market. The website is professionally designed, mobile-optimized, and rich in content including extensive customer testimonials and detailed product information. Technically, the site uses modern frameworks such as Alpine.js and Tailwind CSS, integrates Google Tag Manager and Usercentrics for analytics and consent management, and employs reCAPTCHA for form security. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers could be confirmed. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. WHOIS data is unavailable due to a malformed query response, limiting domain registration transparency, but the overall business credibility and website professionalism support legitimacy. Strategic recommendations include publishing incident response contacts and vulnerability disclosure policies to enhance trust further.

M

Müpa

mupa.hu

51

Müpa is a well-established Hungarian cultural institution providing a broad spectrum of arts and entertainment programs including concerts, festivals, and family events. The website serves as a comprehensive platform for event information, ticket sales, and loyalty programs, targeting a general audience interested in cultural activities. Technically, the site employs modern frameworks such as Laravel and Livewire, with Alpine.js for interactivity and Tailwind CSS for styling, indicating a mature and modern digital infrastructure. The site is mobile-optimized and offers a good user experience with clear navigation and professional design. Security-wise, the website enforces HTTPS and includes CSRF protection, but lacks explicit published security policies or incident response contacts. Privacy and cookie policies are present and appear GDPR compliant, with Google Tag Manager used for analytics and tracking. Overall, Müpa's website is trustworthy, professionally maintained, and aligned with its business goals as a cultural venue.

N

NABU

nabu-netz.de

59

NABU-Netz is a digital collaboration platform operated by NABU, a well-established German non-profit environmental organization. The website serves as a hub for information, communication, and resource sharing among NABU volunteers and staff. It offers multiple integrated services such as a Wiki, Chat, Media Library, Publishing tools, E-Learning, and an Education Calendar, all aimed at supporting the organization's mission and community engagement. The platform emphasizes ease of access through a centralized NABU-Login system, enhancing user experience and security. Technically, the website is built on modern web technologies including Laravel Livewire and Alpine.js, with a focus on responsive design and moderate performance. It employs Matomo analytics for privacy-conscious user tracking and integrates third-party services like CleverReach for newsletter management. The site uses HTTPS with proper CSRF protections and demonstrates good security hygiene, although explicit security headers and incident response policies are not publicly documented. From a security perspective, the site shows a mature posture with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, with comprehensive privacy and cookie policies in place, aligned with GDPR requirements. However, the absence of a dedicated security policy or vulnerability disclosure program suggests room for improvement in transparency and incident readiness. Overall, NABU-Netz presents a trustworthy, professional, and well-maintained digital presence for a non-profit organization. The platform effectively supports its community with relevant services and maintains a good balance between usability, privacy, and security. Strategic enhancements in security documentation and header implementation could further strengthen its security posture and user trust.

#

#clicksgefühle

clicksgefuehle.at

49

Clicksgefühle is a Vienna-based digital agency specializing in TYPO3 and WordPress web development, AI optimization, SEO, and UX consulting. They serve B2B clients, medium-sized enterprises, government agencies, universities, and public institutions primarily in Austria, Germany, and Switzerland. The agency positions itself as a trusted partner with a strong focus on user-friendly, scalable, and future-proof websites and online shops. Their market presence is reinforced by long-term client relationships and multiple certifications, including Google Partner and Certified Web Accessibility Expert. Technically, the website leverages modern web technologies such as WordPress CMS, Gravity Forms, Yoast SEO, Google Tag Manager, and various JavaScript libraries like Alpine.js and GSAP. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, contributing to a fast and professional user experience. Tracking and marketing tools are integrated responsibly, with standard industry ad networks and pixels. From a security perspective, the site uses HTTPS and shows no obvious vulnerabilities or exposed sensitive data. However, it lacks explicit security headers and published privacy or cookie policies, which are important for GDPR compliance and user trust. The absence of WHOIS data limits domain trust verification, but the website's content quality and certifications mitigate some concerns. Overall, Clicksgefühle presents a professional and credible digital agency with strong technical and business maturity. To enhance security posture and compliance, they should publish comprehensive privacy and cookie policies, implement security headers, and provide clear contact information for incident response.

S

Società nazionale di mutuo soccorso Cesare Pozzo ETS

cesarepozzoperte.it

60

The website secure.cesarepozzoperte.it serves as a secure login portal for the Società nazionale di mutuo soccorso Cesare Pozzo ETS, a non-profit mutual aid society based in Italy. The organization provides membership services to individuals and groups, particularly those under collective agreements. The site facilitates member access with a user code and password system, supported by clear instructions and assistance contact information. The business is positioned as an established mutual aid entity with a focus on social support and membership management. Technically, the website employs modern web technologies including Alpine.js for interactivity, SVG for branding graphics, and standard CSS and JavaScript assets. The site is mobile-optimized with a responsive design and includes accessibility considerations. Performance is moderate, with deferred script loading and structured content. SEO and metadata are basic but sufficient for the site's purpose. From a security perspective, the site enforces HTTPS with a valid SSL configuration and includes CSRF tokens in forms, indicating good security hygiene. However, security headers are not explicitly detected, and no incident response or vulnerability disclosure policies are published. No vulnerabilities or exposed sensitive data were found. Privacy compliance is strong with a clear privacy policy and cookie consent mechanism. Overall, the website presents a trustworthy and professional front for the mutual aid society, with a solid security posture and good privacy practices. Recommendations include enhancing security headers, publishing incident response contacts, and adding terms of service to improve compliance and user trust.

A

aspern Seestadt

aspern-seestadt.at

45

aspern Seestadt is a visionary urban development project located in Vienna, Austria, targeting investors, companies, and individuals seeking modern urban living by the lake. The website presents a professional and consistent brand image with a focus on real estate and city planning services. Technically, the site employs modern JavaScript frameworks such as Vue.js and Alpine.js, integrates Matomo for analytics, and uses Pimcore for personalization, indicating a mature digital infrastructure. Security measures including HTTPS and security headers are well implemented, though privacy and cookie policies are absent, which is a compliance gap. Overall, the site is trustworthy and well-positioned in its market segment but would benefit from enhanced privacy compliance and clearer contact information.

ISWEB S.p.A. is an Italian technology company specializing in software solutions for public administration transparency and compliance, notably through its eTRASPARENZA suite. The company targets public sector entities such as local governments, healthcare organizations, and universities, providing integrated tools to meet legal obligations under Italian transparency laws. The website demonstrates a mature digital presence with modern technologies and compliance with GDPR and accessibility standards. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. However, incident response and vulnerability disclosure information are not explicitly provided. Overall, ISWEB presents a trustworthy and professional profile with clear business focus and technical competence.

K

Keeo

keeo.com

53

Keeo is a specialized digital communication agency based in Valenciennes, France, focusing primarily on the healthcare sector. They offer a comprehensive suite of services including custom website and application development, visual identity creation, SEO, content creation, and secure hosting with cybersecurity measures. The company has an established market presence since 2005 and serves healthcare organizations with tailored digital solutions. Technically, the website is built on WordPress with modern JavaScript frameworks and privacy-respecting analytics (Matomo). The site is well optimized for SEO, mobile-friendly, and provides clear navigation and professional content. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

V

viadee Unternehmensberatung AG

viadee.de

69

viadee Unternehmensberatung AG is a well-established German IT consulting firm founded in 1994, specializing in software development, process automation, organizational development, and IT security. The company serves a broad range of industries with a strong presence in Münster, Köln, and Dortmund. Their website reflects a mature digital infrastructure with modern technologies such as Alpine.js, Matomo analytics, and Usercentrics for privacy compliance. The security posture is solid with HTTPS enforced and privacy mechanisms in place, though some security headers could be improved. Overall, the website and domain data indicate a trustworthy and professional business with a strong market position and comprehensive service offerings.

H

Heel

heel.de

58

Heel Deutschland is a pharmaceutical company specializing in the development, production, and distribution of healthcare products based on natural ingredients for both humans and animals. The website presents a professional and well-structured digital presence, targeting healthcare consumers and veterinary professionals primarily in Germany. The company offers a range of products and health-related content, demonstrating a clear business focus and market positioning within the healthcare sector. Technically, the website employs modern frameworks such as Alpine.js, Kentico CMS, and integrates consent management via Usercentrics, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and privacy consent mechanisms in place, although explicit privacy policies and terms of service pages are not detected in the provided content. Overall, the site is trustworthy and professionally maintained, with room for improvement in transparency and accessibility.

I

ipcom GmbH

rcodezero.com

71

RcodeZero is a specialized DNS service provider leveraging Anycast technology to deliver fast, reliable, and resilient DNS solutions for enterprises, ISPs, and registries. The company is positioned as a leading DNS provider in Europe, supported by ISO 27001 certification and GDPR compliance, reflecting a strong commitment to security and data protection. Their product offerings cater to a diverse B2B audience, emphasizing high availability and security of DNS infrastructure. Technically, the website employs modern frameworks such as Tailwind CSS and Alpine.js, integrates Matomo for privacy-conscious analytics, and demonstrates good performance and accessibility standards. Security posture is robust with HTTPS enforcement, security headers, and a comprehensive cookie consent mechanism. However, the absence of a Terms of Service page and explicit incident response contacts are minor gaps. Overall, the website and business present a trustworthy and professional image with strong compliance and security practices.

T

TECH.LAND

techland.org

56

TECH.LAND is a well-established Dutch-German innovation collaboration platform focused on boosting technology and innovation in the East Netherlands and North Westphalia regions. The website presents a professional and comprehensive digital presence with clear cluster focus areas including Advanced Manufacturing & Robotics, Energy, Health & MedTech, and Circular Economy. The business model centers on ecosystem collaboration, project coordination, and knowledge sharing to enhance regional competitiveness. TECH.LAND maintains a strong market position as a regional innovation hub with a medium-sized footprint and a founding date consistent with the domain age.

Holding Graz is the largest municipal service provider in southern Austria, delivering essential services daily to the citizens and businesses of Graz and its surroundings. The organization operates multiple subsidiaries across sectors such as energy, transportation, and public utilities, positioning itself as a key player in the regional public service market. The website reflects a mature digital presence with comprehensive information, clear navigation, and multilingual support, targeting local residents and stakeholders. Technically, the site is built on WordPress with modern JavaScript frameworks and analytics tools, ensuring good performance and user experience across devices. Security measures include HTTPS enforcement and a robust Content Security Policy, though explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. Overall, Holding Graz presents a professional, trustworthy, and well-maintained online presence consistent with its public service mandate.

D

D+H Verwertung Gmbh

dh-verwertung.de

50

D+H Verwertung Gmbh is a German company specializing in waste management, recycling, and container rental services. The company targets businesses and individuals in the Kamp-Lintfort region and offers a range of services including acceptance and delivery catalogs, container ordering, and environmental protection consulting. The website presents a professional and consistent brand image with clear contact information and legal documentation, supporting its credibility in the regional market. Technically, the website employs modern frontend technologies such as Alpine.js and Tailwind CSS, hosted on Strato servers. The site is mobile-optimized and uses HTTPS with appropriate security headers, indicating a good level of digital maturity. However, there is no visible cookie consent mechanism or advanced analytics, suggesting room for improvement in privacy compliance and data transparency. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and CSRF token usage, but lacks published security policies or incident response contacts. No vulnerabilities or suspicious patterns were detected in the provided content. Overall, the security posture is solid but could be enhanced by formalizing policies and improving user privacy controls. The overall risk assessment is moderate with a recommendation to implement cookie consent, publish security and incident response policies, and consider adding a vulnerability disclosure framework. These steps would improve compliance, user trust, and security readiness, aligning the company with best practices in digital governance.

B

Berlinale Talents

berlinale-talents.de

63

Berlinale Talents is a well-established annual summit and networking platform affiliated with the Berlin International Film Festival, targeting creatives in film and drama series. The website effectively communicates its mission, upcoming events, and partner collaborations, positioning itself as a key player in the international film talent development space. The technical infrastructure leverages modern JavaScript libraries and Cloudflare DNS, ensuring reliable delivery and moderate performance. Security posture is solid with HTTPS and Cloudflare usage, though improvements in security headers and explicit privacy mechanisms are recommended. Overall, the site presents a professional and trustworthy digital presence with room for enhanced privacy compliance and security transparency.

Ö

Österreichische Forschungsförderungsgesellschaft FFG

ffg.at

65

The Österreichische Forschungsförderungsgesellschaft (FFG) is Austria's national funding agency dedicated to supporting business-related research, development, and innovation. The organization operates a professional and comprehensive website that provides detailed information about funding programs, initiatives, and services targeted at Austrian companies and research institutions. The site is well-structured, mobile-optimized, and built on Drupal 10, reflecting a modern technical infrastructure. Analytics tracking is implemented via etracker, and a cookie consent mechanism is active, indicating attention to privacy compliance, although no explicit privacy policy or terms of service were found in the analyzed content. Security posture is moderate with HTTPS implied and some best practices observed, but there is room for improvement in publishing security policies and incident response contacts. Overall, the domain registration data aligns well with the organization's profile, supporting its legitimacy and trustworthiness.