Security Directory

N

nextron internet team GmbH

nextron.ch

11

nextron internet team GmbH is a Swiss web agency based in Basel, established in 1996. The company specializes in web development, web design, and hosting services, targeting primarily medium-sized businesses and organizations in Basel and across Switzerland. Their offerings include custom web applications, WordPress and WooCommerce solutions, and various hosting options including ColdFusion and vServer hosting. The website reflects a mature market position with a professional and consistent brand presence supported by client references and social media engagement. Technically, the website is built on WordPress CMS with modern technologies such as jQuery, FontAwesome, and animation libraries. It integrates analytics tools like Google Analytics and Matomo for user tracking and performance insights. The site is mobile-optimized, fast-loading, and SEO-friendly, indicating a high level of digital maturity. From a security perspective, the site uses HTTPS with good SSL configuration and employs some security best practices such as honeypot anti-spam measures. However, it lacks explicit security headers like Content-Security-Policy and does not provide a security policy or incident response contact information. No vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy, professional, and safe for general audiences. The main areas for improvement include implementing a cookie consent mechanism to enhance privacy compliance and publishing a security policy and incident response contacts to strengthen security posture and transparency.

T

Team Deutschland Paralympics

teamdeutschland-paralympics.de

45

Team Deutschland Paralympics is the official German Paralympic team website, providing comprehensive information about athletes, events, news, and partners related to Paralympic sports in Germany. The site serves as an authoritative platform for fans, athletes, and stakeholders interested in Paralympic activities. It is supported by official government and sports federation entities, enhancing its credibility and trustworthiness. Technically, the website is built on TYPO3 CMS and employs modern front-end libraries and privacy-conscious analytics (Matomo) with GDPR compliance. The site is well-structured, mobile-optimized, and accessible, offering a professional user experience. Security posture is good with HTTPS enforced and privacy mechanisms in place, though some security headers could be improved. No critical vulnerabilities or suspicious patterns were detected. Overall, the website demonstrates a mature digital presence suitable for its non-profit, government-affiliated sports mission.

S

Sommercasino Basel

sommercasino.ch

49

Sommercasino Basel is a small cultural venue located in Basel, Switzerland, offering a diverse program of concerts, theater, workshops, and community events. It also operates a café (Café Stoa) that serves seasonal meals and private event catering. The website is built on WordPress with modern plugins and technologies, providing a good user experience with clear navigation and event information. Social media integration and partner logos enhance its community presence. Security posture is adequate with HTTPS and email obfuscation, but lacks advanced security headers and cookie consent mechanisms. The domain uses privacy protection which is justified for this type of organization. Overall, the site is professional, trustworthy, and well-maintained.

P

Preiss Werbe- und Internetagentur

contao-themes-shop.de

44

The website www.contao-themes-shop.de represents Preiss Werbe- und Internetagentur, a small German company specializing in providing professional Contao CMS themes, templates, and extensions. Their business model focuses on e-commerce sales of digital products tailored for Contao CMS users, alongside offering custom theme development and support services primarily targeting agencies and businesses seeking customizable web solutions. The site is well-structured, with clear navigation and comprehensive legal and privacy documentation, reflecting a professional and trustworthy online presence. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern JavaScript libraries such as jQuery, AOS, and mmenu for enhanced user experience and mobile responsiveness. Hosting is provided via kasserver.com, consistent with the domain's nameservers. Performance is moderate with good mobile optimization and basic accessibility features. The site employs secure form handling with CSRF tokens but lacks explicit HTTP security headers. From a security perspective, the site uses HTTPS and secure form tokens, indicating a baseline security posture. However, the absence of security headers and a formal security policy or incident response contact reduces the overall security maturity. Privacy compliance is strong with a comprehensive GDPR-compliant privacy policy, though no cookie consent mechanism is detected. Business credibility is high due to clear contact information, official Contao partner certifications, and consistent branding. Overall, the website presents a low-risk profile with good business credibility and technical implementation. Strategic improvements in security headers, cookie consent, and incident response documentation would enhance the security posture and compliance further.

T

Team Deutschland

teamdeutschland.de

43

Team Deutschland operates an official website dedicated to supporting and promoting German Olympic athletes and events. The platform provides news, event information, athlete profiles, multimedia content including podcasts and videos, and an online merchandise shop. It is supported by the German Federal Ministry of the Interior and the German Olympic Sports Confederation, indicating strong governmental and institutional backing. The website targets sports fans, supporters, and the general public interested in Olympic sports and Team Deutschland activities. Technically, the site is built on TYPO3 CMS and uses modern web technologies such as Bootstrap Icons, Swiper.js, and Matomo Analytics, ensuring a responsive and engaging user experience. Privacy and cookie policies are comprehensive and GDPR compliant, with explicit consent mechanisms implemented. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit incident response contacts are missing. Overall, the site is professional, trustworthy, and well-branded, serving as a reliable information and engagement hub for Olympic sports in Germany.

C

Convergence Media

convergencemedia.fr

57

Convergence Media is a French digital communication and marketing agency specializing in serving SMEs, artisans, independents, and liberal professions. With over 15 years of experience, the agency offers a comprehensive suite of services including digital strategy, SEO, social media management, editorial content, video production, and print media. Their market position is that of a trusted, client-focused agency with a multi-lever approach to enhancing client visibility and brand reputation. The website reflects a professional and consistent brand image with clear service offerings and client testimonials, indicating a solid reputation in their sector. Technically, the website is built on CMS Made Simple and leverages modern web technologies such as Bootstrap, jQuery, Vimeo API, and Matomo analytics. The site is mobile-optimized with good SEO practices and moderate performance. Security posture is strong with HTTPS enforced and secure form handling, though some security headers are missing and no explicit security policy or incident response information is published. Overall, the security posture is good with no visible vulnerabilities or exposed sensitive data. Privacy compliance is mostly addressed with a clear privacy policy and GDPR references, but lacks a cookie consent mechanism. The WHOIS data is unavailable, which slightly reduces trust but the professional presentation and contact transparency mitigate concerns. Strategically, the agency should enhance security headers, implement cookie consent, and publish security and incident response policies to improve compliance and trust. Regular audits of third-party scripts and continued focus on privacy will further strengthen their security and compliance stance.

The website klosterkilbi.ch represents the traditional Swiss festival 'Klosterkilbi' organized by the Musikgesellschaft St. Urban. It serves as an informational platform for visitors and participants, providing event dates, program details, and links to social media. The site is built on the ClubDesk Vereinssoftware platform, utilizing modern JavaScript libraries such as jQuery, Featherlight, and Owl Carousel to enhance user experience. The design is consistent and mobile-optimized, offering clear navigation and relevant content for its regional audience. Security posture is adequate with HTTPS usage and no visible vulnerabilities, though security headers and explicit policies are absent. Privacy compliance is basic with a privacy policy and cookie consent implemented, but GDPR compliance is not explicitly confirmed. Overall, the site is trustworthy and professionally maintained, reflecting a small community organization with a long-standing tradition.

C

Convergence Media

cvgmedia.fr

57

Convergence Media is a French digital communication agency specializing in integrated marketing services including SEO, social media, editorial content, video production, and print media. With approximately 15 years of experience, the agency targets SMEs, artisans, independents, and liberal professionals, positioning itself as a trusted partner for multi-channel digital visibility and brand development. The website reflects a professional and consistent brand image with comprehensive service offerings and client testimonials, indicating a solid market presence in the media sector. Technically, the website is built on CMS Made Simple and leverages modern web technologies such as Bootstrap, jQuery, and Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized with good SEO practices and a moderate performance profile. Security posture is generally good with HTTPS enforced and secure form handling, though the absence of security headers and explicit cookie consent mechanisms suggests room for improvement. The WHOIS data is unavailable, which slightly impacts trustworthiness but does not detract significantly from the overall legitimacy given the professional content and contact transparency. No WAF or blocking mechanisms were detected, and the site is fully accessible. Overall, Convergence Media presents a credible and professional digital presence with strong business and technical foundations, though enhancements in security headers and privacy compliance would further strengthen its posture.

D

Dinas Sosial Kabupaten Mojokerto

dinsoskabmojokerto.org

56

Dinas Sosial Kabupaten Mojokerto is a government social service agency responsible for assisting the Walikota in social affairs within the Mojokerto Regency, Indonesia. The website provides information about its functions, organizational structure, and recent news updates related to social services. The site targets local citizens and stakeholders interested in social welfare programs. Technically, the website uses a modern front-end stack including Bootstrap, jQuery, and various UI libraries, hosted behind Cloudflare DNS. The site is mobile optimized and presents a professional design with clear navigation. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. The WHOIS data shows inconsistencies with a future domain creation date, which raises trust concerns. No privacy or cookie policies are present, indicating compliance gaps. Overall, the site is functional and informative but requires improvements in security and privacy compliance to enhance trust and regulatory adherence.

D

Dinas Sosial Kabupaten Lamongan

dinsosnakertranslamongan.com

56

Dinas Sosial Kabupaten Lamongan is a local government social services agency in Indonesia focused on social rehabilitation, social protection, empowerment, and poverty alleviation. The website serves as an official portal providing information, news, and public service announcements to the community. The agency is relatively small with a staff of 27 civil servants and 17 non-ASN personnel. The website is built using modern frontend technologies such as Bootstrap, jQuery, and various UI libraries, hosted behind Cloudflare DNS services. The site is mobile optimized and provides clear navigation and relevant content for its target audience. However, the domain registration data shows inconsistencies, including a future creation date, which raises questions about domain legitimacy or data accuracy. Security posture is moderate with HTTPS enabled but lacks important security headers and DNSSEC. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the website is functional and professional but requires improvements in security and privacy compliance to enhance trust and regulatory adherence.

Z

Zürcher Schneesportverband

zsv.ch

47

The Zürcher Schneesportverband (ZSV) is a Swiss non-profit sports association dedicated to promoting youth participation in various winter sports disciplines including Alpine skiing, cross-country skiing, biathlon, ski jumping, snowboarding, and freestyle skiing. The organization operates primarily within the Zurich region and serves as a key regional player in winter sports development. Their website provides event information, educational workshops, and resources to support athletes and enthusiasts. The site is well-structured, professionally designed, and uses modern web technologies to deliver content effectively to its target audience. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and several popular plugins such as Yoast SEO and Contact Form 7. It employs Google Analytics and Tag Manager for user tracking and performance monitoring. The site is mobile-optimized and uses HTTPS with a strong SSL configuration, ensuring secure data transmission. However, it lacks some advanced security headers and a cookie consent mechanism, which are recommended for enhanced compliance and security. From a security perspective, the site demonstrates good practices such as secure forms and no visible exposure of sensitive data. There is no evidence of a published security policy or incident response contacts, which could be improved to enhance trust and readiness. The WHOIS data aligns well with the website's claims, showing consistent registrant information and no privacy protection, supporting the site's legitimacy. Overall, the ZSV website is a credible, well-maintained platform serving its community effectively. Strategic improvements in privacy compliance and security policy transparency would further strengthen its security posture and user trust.

S

Swiss Sailing

swiss-sailing.ch

65

Swiss Sailing is the official Swiss national association dedicated to sailing, windsurfing, kitesurfing, and wingfoiling. It serves as the governing body for these sports in Switzerland, providing event organization, training programs, and athlete development. The website reflects a well-established organization with a clear focus on both recreational and competitive sailing communities. It maintains strong partnerships with recognized insurers and sport promotion entities, and is affiliated with international sailing bodies such as World Sailing and Swiss Olympic. The target audience includes sailing clubs, athletes, officials, and enthusiasts across Switzerland. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, incorporating modern web technologies such as Google Tag Manager for analytics and Google Fonts for typography. The site is mobile optimized, accessible, and SEO friendly, with a clear navigation structure and professional design. Performance is moderate, with no major technical issues detected. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks publicly available formal security policies and incident response contacts. No security headers were detected in the provided data, suggesting room for improvement in hardening the site against common web threats. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, Swiss Sailing presents a trustworthy and professional online presence with strong business credibility and compliance posture. Strategic recommendations include publishing a formal security policy, enhancing security headers, and providing incident response contact information to improve transparency and security readiness.

F

Freight and Transit Company Limited (FTL)

ftl.mu

56

Freight and Transit Company Limited (FTL) is a well-established logistics service provider founded in 1994, operating primarily in Mauritius, Madagascar, and South Africa. The company offers a comprehensive range of logistics services including air and sea freight, customs clearing, warehousing, project cargo management, and handling of perishable and dangerous cargo. Their website reflects a professional and consistent brand image, targeting businesses requiring reliable logistics solutions in the Indian Ocean and African regions. Technically, the website is built on Drupal 9 and incorporates modern web technologies such as Google Analytics, Facebook Pixel, and Google reCAPTCHA to enhance user experience and security. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security-wise, the website enforces HTTPS and uses CAPTCHA to protect forms, but lacks some security headers and explicit security policies. The WHOIS data is unavailable due to privacy protection, which is common but reduces transparency. Overall, the website is trustworthy and professional, with room for improvement in privacy compliance and security documentation.

Digitales Schaudepot is a small non-profit initiative based in Switzerland focused on digitally connecting and curating cultural heritage collections. The website presents a professional and well-structured platform that highlights their projects, technology use, and partnership ecosystem. Their target audience includes cultural institutions, researchers, and the general public interested in cultural heritage. Technically, the site uses modern front-end frameworks such as Bootstrap and integrates Google Analytics for visitor tracking, though it lacks a cookie consent mechanism. Security posture is moderate with HTTPS implied but no visible security headers or published security policies. Contact information is clearly provided via email, physical address, and a contact form, but no phone numbers or incident response contacts are found. Overall, the website is trustworthy and safe, with no adult or questionable content detected.

D

Deutscher Olympischer Sportbund e.V.

sportdeutschland.de

44

Sportdeutschland is the official digital platform of the Deutscher Olympischer Sportbund e.V., Germany's leading sports organization. It promotes sports participation nationwide, offering digital tools such as an interactive sports club map, a club app, and website services tailored for sports clubs and associations. The platform supports Olympic and Paralympic initiatives and targets sports enthusiasts, clubs, and volunteers across Germany. Technically, the website is built on TYPO3 CMS with modern front-end libraries and uses Matomo for privacy-conscious analytics. The site is well-structured, mobile-optimized, and professionally designed, reflecting a mature digital presence. Security posture is solid with HTTPS and secure forms, though it lacks some security headers and a cookie consent mechanism. Privacy compliance is strong with a comprehensive GDPR-aligned privacy policy. Overall, the site is trustworthy and authoritative in its domain.

Jugendmusik Glattal is a small, community-focused youth music organization based in Switzerland's Glattal region. The website serves as an informational and engagement platform for youth musical education, orchestras, and community concerts. It is supported by local sponsors and maintains an active presence on social media platforms such as Facebook and Instagram. The technical infrastructure is built on a modern stack including jQuery, Owl Carousel, and Clubdesk CMS, providing a responsive and user-friendly experience. Security measures include HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not evident. Overall, the website is well-structured and trustworthy, with no signs of malicious content or vulnerabilities. Strategic improvements could focus on enhancing security headers, publishing clear security and incident response policies, and providing more direct contact information to improve user trust and compliance.

I

Instructure

learnplatform.com

72

Instructure operates a professional and enterprise-grade educational technology platform focused on evidence-based management of K–12 edtech investments. The website demonstrates a mature digital infrastructure leveraging Drupal 10 CMS, modern JavaScript libraries, and extensive marketing and analytics tools such as Google Tag Manager, Marketo, and Microsoft Clarity. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and policies are not visible in the provided content. The absence of WHOIS data is a notable anomaly but does not detract from the professional presentation and comprehensive service offerings. Overall, Instructure presents as a credible and established player in the education technology sector with a focus on compliance, safety, and data-driven decision-making.

I

Instructure

portfolium.com

73

Instructure is a leading educational technology company specializing in learning management systems (LMS) and edtech solutions for K–12, higher education, and business sectors. Their flagship product, Canvas LMS, is widely adopted and supported by a robust ecosystem of partners and community engagement. The company positions itself as a comprehensive provider of digital learning tools that empower educators and learners alike. Technically, the website is built on Drupal 10 CMS and leverages a modern technology stack including Google Tag Manager, Marketo, Microsoft Clarity, and various front-end libraries for performance and user experience. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs multiple security headers, and integrates cookie consent mechanisms indicating GDPR compliance. Certifications such as SOC 2 and ISO 27001 further demonstrate a commitment to security standards. However, the absence of a publicly accessible security policy and incident response contact details suggests room for improvement in transparency and readiness. Overall, Instructure's website reflects a professional, trustworthy, and well-maintained digital presence aligned with its enterprise market position. The missing WHOIS data is a notable anomaly but does not significantly detract from the overall credibility given the strong branding and operational indicators.

I

Instructure

masteryconnect.com

72

Instructure operates a professional and comprehensive K–12 assessment and data solution platform branded as Mastery. The website demonstrates a mature digital infrastructure leveraging Drupal 10 CMS, modern JavaScript libraries, and multiple marketing and analytics tools such as Google Tag Manager, Marketo, Microsoft Clarity, and Intellimize. The site is well-optimized for mobile and accessibility, with clear navigation and rich content focused on educational outcomes. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and vulnerability disclosures are absent. WHOIS data is unavailable, which limits domain trust verification, but the website's professionalism and integrations suggest a legitimate enterprise presence. Overall, the site scores well on content quality, technical implementation, and business credibility, with room for improvement in privacy compliance and security transparency.

I

Instructure

kimonocloud.com

72

Instructure is a prominent education technology company offering a comprehensive ecosystem of tools for K-12, higher education, and business sectors, including the well-known Canvas LMS platform. Their website demonstrates a mature digital presence with extensive use of modern marketing and analytics technologies, indicating a strong digital marketing strategy and customer engagement focus. However, the absence of publicly available WHOIS data and lack of visible privacy and terms of service policies on the analyzed page present some concerns regarding transparency and compliance. The website is well-designed, mobile-optimized, and provides a professional user experience aligned with enterprise standards.

R

Ramasuri

ramasuri.at

39

Ramasuri is a small hospitality business operating a restaurant located in Vienna's 2nd district. The restaurant offers Austrian and internationally inspired cuisine with a focus on local ingredients, serving breakfast, lunch, and dinner alongside house-made drinks and coffee. The business emphasizes friendly and attentive service and provides a summer garden with Italian flair. The website is well-structured and professionally designed, providing clear contact details, location, and menu access. Technical infrastructure includes modern JavaScript libraries such as jQuery, Bootstrap, and GSAP, supporting a responsive and visually appealing user experience. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website presents a trustworthy and professional image consistent with a legitimate small hospitality business.

E

el Gaucho Steakhouse

elgaucho.at

67

el Gaucho Steakhouse is a medium-sized hospitality business operating multiple steakhouse locations in Austria and Germany. The company focuses on premium beef dining experiences, combining urban lifestyle with fine dining. Their website is professionally designed using WordPress and modern web technologies, featuring good SEO and mobile optimization. The technical infrastructure includes common marketing and analytics tools such as Google Analytics, Facebook Pixel, and Google Tag Manager. Security posture is solid with HTTPS enforced and cookie consent implemented, though security headers are not explicitly detected. Privacy policies are present and GDPR compliant. No direct contact information is visible on the homepage, which may affect user engagement. Overall, the website reflects a legitimate and trustworthy business with a good digital presence.

The Middle East Waste & Recycling Awards (MEWAR Awards) website serves as a professional platform to recognize and celebrate excellence in waste management and recycling within the Middle East region. Established in 2018, the awards event is organized by Waste & Recycling magazine and hosts industry leaders, sponsors, and partners to promote sustainable environmental practices. The website provides information about the awards, categories, key dates, sponsors, and media content such as videos and galleries. The target audience includes professionals and organizations involved in waste management and recycling sectors. Technically, the website employs a modern front-end stack including Bootstrap, jQuery, and popular UI libraries like Slick Carousel and Flickity for interactive elements. It integrates Google Analytics and Google Tag Manager for user tracking and analytics. The site is mobile responsive and has a moderate performance profile. However, it lacks a known CMS and some advanced SEO and accessibility features. From a security perspective, the website uses HTTPS but lacks DNSSEC and important security headers, which are recommended for enhanced protection. No privacy, cookie, or terms of service policies are published, which impacts compliance and user trust. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. The domain registration is consistent with the business timeline and shows no suspicious patterns, indicating legitimacy. Overall, the website is functional and professional but would benefit from improved privacy compliance, security hardening, and clearer contact information to enhance trust and regulatory adherence.

S

stafftastic GmbH

praktikumswoche.de

60

Praktikumswoche.de is a German educational platform operated by stafftastic GmbH that facilitates internship weeks for students across over 200 regions in Germany. The platform enables students to explore different companies and professions by participating in daily internships during the holidays. It serves both students and companies, offering free registration and participation. The website is well-positioned in the education sector with strong media recognition and a broad regional presence. Technically, the website employs a modern tech stack including Bootstrap, jQuery, FontAwesome, and Cookiebot for cookie consent management. Hosting is managed via Google Domains, and privacy-respecting analytics are implemented using Plausible Analytics. The site is mobile-optimized with good SEO and accessibility basics. From a security perspective, the site uses HTTPS with no visible vulnerabilities or exposed sensitive data. Cookie consent is properly implemented, and privacy is respected with no-cookie YouTube embeds. However, security headers are not explicitly detected, and no public security policy or incident response contacts are provided, which could be improved. Overall, the website is trustworthy, professional, and compliant with GDPR. It lacks explicit contact information on the main page but provides social media links and a privacy policy. The domain registration is consistent and legitimate, supporting the platform's credibility.

I

Instructure

instructure.com

59

Instructure is a leading education technology company specializing in learning management systems and edtech solutions for K–12, higher education, and business sectors. Their flagship product, Canvas LMS, is recognized as the world's most-loved LMS, supported by additional offerings such as Mastery for assessments and Parchment for credential management. The company maintains a strong market position with a global customer base and a comprehensive partner ecosystem. Technically, the website is built on Drupal 10 and integrates modern analytics, marketing, and tracking technologies, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is solid with HTTPS enforced and no evident vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website reflects a professional, trustworthy, and mature digital presence.

H

HANSAINVEST Hanseatische Investment-GmbH

hansainvest.de

59

HANSAINVEST Hanseatische Investment-GmbH is a leading German capital management company specializing in fund administration and comprehensive fund solutions across all relevant asset classes. The company positions itself as a trusted partner for fund partners and asset managers, offering services including insourcing and Luxembourg-based fund solutions through its subsidiary HANSAINVEST LUX S.A. The website is professionally designed, content-rich, and targets institutional investors and potential employees. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and frameworks, hosted by Schlund Technologies, and optimized for mobile devices. Security posture is strong with HTTPS and GDPR compliance via Usercentrics, though some security headers could be improved. No blocking or WAF challenges were detected, and the domain registration is consistent with the business claims, indicating a legitimate and trustworthy online presence.

V

VIZUAL Grafik und Code GmbH

vizual.ch

51

VIZUAL Grafik und Code GmbH is a Swiss-based agency specializing in visual and digital communication, offering services in graphic design, user-friendly websites, and practical applications. The company positions itself as a niche provider focusing on the harmonious integration of form, content, and functionality, targeting businesses and organizations seeking professional digital communication solutions. The website is built on TYPO3 CMS and incorporates modern web technologies such as jQuery, GSAP, and Flickity, reflecting a moderate to advanced digital maturity. The site is well-designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and explicit incident response policies are absent. Privacy compliance is basic with a privacy policy present but lacking a cookie consent mechanism. Overall, the website and domain registration data indicate a legitimate, professional small agency with a solid online presence.

D

DocLX Holding GmbH

lighthousefestival.tv

64

Lighthouse Festival is a well-established boutique electronic music festival organizer with over 12 years of experience, operating events primarily in Croatia, Austria, and Tanzania. The company focuses on creating intimate, exclusive festival experiences branded as 'electronic music on vacation'. The website reflects a professional digital presence with clear event information, social media integration, and a consistent brand image. Technically, the site uses modern web technologies including Bootstrap, jQuery, and various JavaScript libraries to deliver a responsive and engaging user experience. However, some areas such as cookie consent and security headers could be improved to enhance privacy compliance and security posture. The domain registration data is consistent with the business claims, supporting the legitimacy of the site.

S

S optic spol. s r. o.

soptic.cz

49

S optic spol. s r. o. operates a well-established private optical retail business in Prague, Czech Republic, with over 30 years of tradition. The company offers comprehensive eye care services including eyeglasses, contact lenses, eye examinations, and repairs, targeting consumers seeking professional and personalized optical solutions. The website reflects a mature digital presence with modern technologies such as Cookiebot for consent management, Google Tag Manager for analytics, and slick interactive UI components. The business demonstrates strong customer trust through detailed team profiles and positive customer reviews. Security posture is solid with HTTPS and consent mechanisms, though explicit security headers and formal privacy policies are missing, representing areas for compliance improvement. Overall, the website is professional, user-friendly, and trustworthy, supporting the company’s market position as a leading local optical retailer.

F

Formedil

formedil.it

64

Formedil is a prominent Italian non-profit organization dedicated to training and safety in the construction sector. It operates nationally to promote professional qualification, safety standards, and workforce development through various training programs, certifications, and observatories. The organization maintains a strong market position as a leader in construction sector education and safety, supported by a comprehensive website with rich content and multiple regional presences. Technically, the website employs modern web technologies including jQuery, Slider Revolution, and Google Fonts, and is built on the Simplex CMS platform. It is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and secure embedded content, but lacks some security headers and explicit incident response information. Privacy compliance is evidenced by a detailed privacy policy, though cookie consent mechanisms are absent. Overall, the domain registration data aligns well with the organization's identity, supporting its legitimacy.

H

Häussler GmbH

haeussler.de

44

Häussler GmbH is a well-established German company specializing in the rental of high-quality gastronomy and event equipment, including cutlery, glasses, tableware, linens, furniture, buffet and banquet supplies, and coffee culture products. Founded in 1991, the company serves both business and private clients, focusing on large-scale events such as trade fairs, weddings, and corporate anniversaries. Their market position is strong with a reputation for quality and reliability, supported by two related brands: Häussler Leihservice and dishcounter, which extend their service offerings in the event rental space. Technically, the website employs a modern but basic tech stack including jQuery, Bootstrap, AOS for animations, and Google Maps API. The site is mobile-optimized and well-structured, though some external resources are loaded over HTTP, which could cause mixed content issues. No CMS was detected, and hosting is provided by a German hosting provider consistent with the company’s location. From a security perspective, the site lacks visible security headers and a cookie consent mechanism, which impacts privacy compliance. No forms or sensitive data collection points were found, reducing immediate risk exposure. The WHOIS data aligns with the company’s claimed history and location, supporting legitimacy. Overall, the security posture is moderate but could be improved by enforcing HTTPS on all resources and adding security headers. The overall risk assessment is low, with recommendations focusing on improving security best practices, privacy compliance, and technical modernization to enhance trust and user experience.

D

Deutsches Ausschreibungsblatt GmbH

deutsches-ausschreibungsblatt.de

52

Deutsches Ausschreibungsblatt GmbH operates a well-established online platform for public and private procurement in Germany, offering comprehensive tender and contract opportunities across various industries. The company leverages a TYPO3 CMS-based website with modern web technologies and integrates GDPR-compliant consent management to ensure privacy and legal compliance. The platform targets businesses seeking public contracts and provides services such as eVergabe solutions, tender document access, and email notifications. Security posture is solid with HTTPS and consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the website is professional, trustworthy, and functionally rich, supporting the company's market position as a central procurement portal in Germany.

T

Turismo Asturias

turismoasturias.es

64

Turismo Asturias operates the official regional tourism portal for Asturias, Spain, providing comprehensive information on natural landscapes, cultural heritage, gastronomy, and travel planning. The website targets tourists and visitors interested in exploring Asturias, offering multi-language support and detailed content to facilitate trip organization. Technically, the site is built on the Liferay CMS platform, leveraging modern JavaScript libraries such as jQuery, AUI, and Senna.js for SPA capabilities, with integrations for Google Analytics and Facebook social features. The site demonstrates good mobile optimization and SEO practices, although accessibility could be improved. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, but lacks explicit security headers and incident response disclosures. WHOIS data confirms domain legitimacy consistent with an official government tourism entity. Overall, the site is professional, trustworthy, and well-positioned to serve its audience effectively.

N

Nesil Grup Teknoloji Tic. A.Ş

cerezgo.com

70

Nesil Grup Teknoloji Tic. A.Ş operates the Cerezgo platform, a cookie consent management solution designed to help websites comply with Turkish KVKK and GDPR regulations. The company has over 15 years of experience in technology and data protection consultancy, serving a broad range of sectors in Turkey. Their website reflects a professional and trustworthy business with clear service offerings and certifications such as ISO 27001. Technically, the site uses modern web technologies including Bootstrap and jQuery, and integrates multiple analytics and marketing tools. Security posture is solid with HTTPS and domain transfer protections, though improvements like DNSSEC and security headers are recommended. Privacy compliance is partially addressed with a detailed cookie policy and consent mechanism, but lacks a dedicated privacy policy and terms of service pages. Overall, the website and business demonstrate a mature digital presence with room for enhanced security and compliance documentation.

1

1749

1749.hu

45

1749.hu is a Hungarian literary and cultural media platform founded in 2020, offering a variety of content including prose, poetry, essays, interviews, and news. The website targets a general audience interested in literature and culture, positioning itself as a niche content provider with a consistent brand and good content quality. Technically, the site uses modern frontend technologies such as Bootstrap, AOS, and integrates analytics tools like Gemius, Hotjar, and Google Tag Manager. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is solid with HTTPS enforced and no exposed sensitive data, but lacks security headers and a formal security policy. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the site is trustworthy and professionally maintained but could improve in privacy and security transparency.

A

Asturias Paraíso Natural Film Commission

filmcommissionasturias.com

60

Asturias Paraíso Natural Film Commission is a regional entity dedicated to facilitating audiovisual production in Asturias, Spain. The website offers comprehensive information on filming locations, permits, professional directories, subsidies, and industry news, targeting audiovisual professionals, property owners, and producers. The site is well-branded and consistent with its official regional government affiliation, although WHOIS data is missing, raising questions about domain registration legitimacy. Technically, the site uses Liferay CMS with modern JavaScript libraries and frameworks, providing a responsive and user-friendly experience. Security posture is strong with HTTPS and security headers, but lacks published security policies and incident response contacts. Privacy compliance is good with cookie consent and GDPR-aligned policies. Overall, the site is professional and trustworthy but would benefit from clarifying domain registration and enhancing security transparency.

F

FIGARO drukarnia i agencja reklamowa

figaro.pl

43

FIGARO drukarnia i agencja reklamowa is a well-established printing and advertising agency based in Ryki, Poland, with over 27 years of experience. The company offers a comprehensive range of services including graphic design, printing, promotional gadgets, and website development, positioning itself as the largest printing house in the region. Their business model focuses on serving local businesses and individuals requiring high-quality advertising and printing solutions. The website reflects a professional image with consistent branding and clear contact information, supported by positive customer reviews and social media presence. Technically, the website is built on WordPress using modern plugins and libraries such as Oxygen Builder, Rank Math SEO, and various JavaScript libraries for animations and Instagram feed integration. The site is mobile-optimized and SEO-friendly, though performance is moderate. Analytics and tracking are implemented via Google Analytics and Tag Manager, indicating a moderate level of user tracking. From a security perspective, the site uses HTTPS with good SSL configuration but lacks advanced security headers and explicit security policies. No privacy or cookie policies were found, which is a compliance gap, especially under GDPR. The domain WHOIS data is consistent with the business identity, showing a mature domain registration without privacy protection, supporting legitimacy. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security practices to improve user trust and regulatory adherence.

S

Saturnales

saturnales.ch

59

Saturnales is a well-established student association based in Geneva, Switzerland, with a history spanning over 120 years. The organization is composed of third-year students from medical, dental, and biomedical science faculties who organize annual events, including parties and social gatherings, targeting the student community and local attendees. Their business model revolves around event management, ticket sales, and merchandise offerings, positioning them as a key player in the local student event scene. The website reflects a consistent brand identity and provides essential contact information and social media links to engage their audience. Technically, the website is built using the Infomaniak Site Creator platform and leverages modern frontend technologies such as jQuery, Bootstrap, and animation libraries. Hosting is provided by Infomaniak, a reputable Swiss hosting provider. The site demonstrates moderate performance and good mobile optimization, though accessibility and SEO could be improved. The cookie consent mechanism is implemented, indicating some level of privacy compliance. From a security perspective, the site enforces HTTPS and disables right-click on images to protect content. However, it lacks important security headers and does not provide explicit security policies or incident response contacts. No privacy policy or terms of service pages were found, which may impact compliance and user trust. Overall, the security posture is moderate but could benefit from enhancements in headers, policies, and transparency. The overall risk assessment is low to moderate, with no signs of malicious content or blocking mechanisms. Strategic recommendations include implementing comprehensive privacy and security policies, adding security headers, improving accessibility, and enhancing transparency to build greater trust with users and comply with regulations.

F

FONDO FAST

fondofast.it

54

FONDO FAST operates as a healthcare assistance fund specifically targeting employees within the tourism sector in Italy. Established in 2006, it provides integrative health plans, contribution management, and reimbursement services. The organization positions itself as a niche non-profit entity serving a defined audience of tourism sector workers. The website reflects this focus with content primarily in Italian and some multilingual support. Technically, the site is built on ASP.NET WebForms with modern JavaScript libraries for UI enhancements, offering a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and cookie consent implemented, though it lacks advanced security headers and explicit incident response policies. Privacy compliance is supported by a clear privacy policy and cookie management mechanisms. Overall, the site is professional, trustworthy, and consistent with the organization's business model and sector.

H

Hopp Foundation for Computer Literacy & Informatics gGmbH

hopp-foundation.de

50

The Hopp Foundation for Computer Literacy & Informatics gGmbH is a small non-profit organization based in Germany focused on promoting digital education in the Rhein-Neckar metropolitan region. Their website offers comprehensive information about workshops, teaching materials, and support services for teachers, school leaders, students, and parents. The foundation emphasizes practical and innovative learning formats to foster digital literacy and informatics skills. Technically, the website is built on a modern stack with Kirby CMS, uses JavaScript libraries for UI enhancements, and is hosted on a domain managed by DomainControl. The site is mobile-optimized, well-structured, and provides clear navigation and professional design. Security-wise, the site enforces HTTPS and cookie consent but lacks explicit security policies or incident response contacts. No tracking or advertising scripts were detected, reflecting a privacy-conscious approach. WHOIS data is minimal but consistent with a legitimate educational entity. Overall, the website is trustworthy, professional, and well-suited for its educational mission.

K

Kallinich Media Digital GmbH

kallinich-media.de

52

Kallinich Media Digital GmbH is a German-based marketing and digital agency specializing in brand development, communication, web design, SEO, social media marketing, and e-commerce solutions. The company positions itself as a future-oriented agency focused on authentic storytelling and digital transformation for businesses seeking to connect with their customers effectively. The website demonstrates a professional and consistent brand presence with comprehensive service offerings and strong trust indicators such as Google Partner certification and positive customer reviews. Technically, the website is built on TYPO3 CMS with modern frontend technologies including Bootstrap, GSAP, and Swiper.js, ensuring a responsive and engaging user experience. Consent management is handled via Usercentrics, and analytics are implemented through Matomo, Hotjar, and Leadinfo, reflecting a moderate level of user tracking balanced with privacy compliance. The site is well-optimized for SEO and mobile devices, with structured data enhancing search visibility. From a security perspective, the site uses HTTPS and employs best practices such as CAPTCHA for form submissions and consent management. However, explicit security headers and a published security policy or incident response contact are absent, representing areas for improvement. No vulnerabilities or suspicious WHOIS patterns were detected, supporting the site's legitimacy. Overall, the website is professional, secure, and compliant with GDPR, offering a trustworthy digital presence for Kallinich Media Digital GmbH. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining transparency in data protection practices.

V

Virtualisers, BV.

virtualisers.be

54

Virtualisers, BV. is a Belgium-based digital consulting firm established in 2002, specializing in platform building, demand generation, scaling internet businesses, event moderation, coaching, technology strategy, ICT audits, and MVP launchpad services. The company targets startups, enterprises, and technology companies seeking sustainable growth through expert consulting and management. Their market position is strengthened by over 20 years of experience and more than 300 successful projects, supported by strong trust indicators such as client testimonials and professional team profiles. Technically, the website employs modern frontend technologies including Bootstrap 5.3, Bootstrap Icons, and AOS for animations, hosted likely behind Cloudflare. The site is mobile-optimized, fast-loading, and accessible, with a clean and professional design. However, explicit security headers are not detected, and privacy and cookie policies are absent, indicating areas for compliance improvement. From a security perspective, the site uses HTTPS and embeds secure third-party contact forms, but lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. No vulnerabilities or suspicious content were found. The domain WHOIS data is consistent with the business claims, showing a long-established presence since 2002. Overall, Virtualisers presents a professional and trustworthy online presence with excellent content quality and business credibility. To enhance security posture and compliance, the company should implement privacy and cookie policies, add security headers, and publish incident response and vulnerability disclosure information.

A

Assist

grc-assist.com

62

Assist is a newly launched compliance management platform (established 2024) that offers an all-in-one solution for managing compliance, audits, risks, and documents. The platform targets businesses of all sizes, providing modular and scalable SaaS and on-premise deployment options. The website is built on WordPress with modern frontend technologies and presents a professional, business-focused image with clear service descriptions and calls to action. Technically, the site uses standard plugins and libraries but lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled and domain protections in place, but missing DNSSEC and security headers. Privacy compliance is partial with a privacy policy and terms of service present but no cookie consent mechanism. Contact is primarily via web forms, with no direct emails or phone numbers visible. Overall, the site is legitimate and appropriate for a new business but could improve in security and privacy transparency.

D

digidor GmbH

digidor.de

68

digidor GmbH is a German-based company specializing in providing professional online tools and digital marketing platforms tailored for insurance intermediaries, insurers, and distribution networks. Their business model focuses on enabling insurance brokers and financial service providers to enhance their online presence, automate marketing, and increase customer engagement through a SaaS platform. The company holds a solid market position with thousands of users and partnerships with over 50 insurers and distributors. The website content is well-structured, professionally designed, and targets a B2B audience in the finance sector. Technically, the website employs a modern technology stack including Bootstrap 4, jQuery, FriendlyCaptcha for bot protection, and Google Tag Manager for analytics. The site is mobile-optimized and uses HTTPS with good SSL configuration. The presence of cookie consent mechanisms and a comprehensive privacy policy indicates a mature approach to privacy compliance. However, some security headers are missing, and no explicit security or incident response policies are published. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and CAPTCHA integration on login forms, but lacks published security policies and vulnerability disclosure mechanisms. No critical vulnerabilities or suspicious patterns were detected. The domain WHOIS data is consistent with the website's business claims, supporting legitimacy. Overall, digidor.de presents a trustworthy, professional digital platform with a strong focus on the insurance and finance sectors. Strategic improvements in security headers and transparency around incident response could further enhance trust and compliance.

P

Pixels Brand

pixelsbrand.de

48

Pixels Brand is a creative digital communication agency specializing in web development, design, and digital marketing services with a strong focus on delivering measurable results. The company targets businesses seeking to enhance their online presence through modern websites, e-commerce solutions, branding, and marketing strategies. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive service descriptions. Multiple language versions indicate an international approach, primarily targeting German and Portuguese-speaking markets. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various analytics and marketing tools such as Google Tag Manager, Google Analytics, Facebook Pixel, and Calendly for scheduling. Hosting appears to be managed by Pressidium, a reputable WordPress hosting provider. The site implements GDPR-compliant cookie consent mechanisms with multi-language support, demonstrating a commitment to privacy compliance. From a security perspective, the site uses HTTPS with good SSL configuration and employs cookie consent to manage tracking scripts. However, no explicit security headers were detected in the HTML content, and no published security or incident response policies were found. No vulnerabilities or exposed sensitive data were identified. The WHOIS data shows consistent domain usage, though hosting DNS suggests Portuguese infrastructure while the site targets Germany, which aligns with the company's international presence. Overall, Pixels Brand presents a trustworthy, professional digital agency with a solid technical foundation and good privacy practices. Strategic improvements in security headers and published security policies could further enhance their security posture and trustworthiness.

P

Pixels Brand

pixelsbrand.com

11

Pixels Brand is a Portuguese digital communication agency specializing in web development, design, branding, and digital marketing services. Established in 2013, the company has built a solid market position with a portfolio of notable clients and projects, targeting businesses seeking to enhance their digital presence and marketing effectiveness. Their business model focuses on delivering customized digital solutions including corporate websites, e-commerce platforms, and integrated marketing campaigns. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and jQuery, enhanced by analytics and marketing tools like Google Tag Manager, Google Analytics, and Facebook Pixel. The site demonstrates good digital maturity with responsive design, SEO optimization, and a comprehensive cookie consent mechanism supporting GDPR compliance. From a security perspective, the site uses HTTPS with a clientTransferProhibited domain status, indicating domain transfer protection. However, DNSSEC is not enabled, and some recommended HTTP security headers are missing. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed through detailed cookie policies and consent management. Overall, Pixels Brand presents a professional, trustworthy, and technically sound online presence with minor areas for security enhancement. The risk profile is low, and the company appears credible and compliant with relevant privacy regulations.

K

k5|Next Entwicklungspartner

k5next.at

62

k5|Next is a specialized Austrian software solution provider focused on modernizing municipal administration through digital services and efficient management tools. Their platform offers modules for contact management, election processing, citizen services, and resident registration, targeting local government entities. The website is professionally designed, leveraging TYPO3 CMS and modern frontend technologies, with a focus on usability and mobile responsiveness. Security posture is solid with HTTPS and two-factor authentication mentioned, though some security headers are missing and no explicit security policy is published. Privacy compliance is strong with a GDPR-compliant privacy policy and cookie consent mechanism. Overall, the site reflects a trustworthy and mature business with strong local partnerships and a clear market position in government technology.

S

Stiftung Südtiroler Sparkasse

sparkassengalerie.it

57

The Stiftung Südtiroler Sparkasse operates as a non-profit foundation supporting the Südtiroler Sparkasse AG's extensive art collection and cultural initiatives in the Tirol region of Italy. The foundation manages a collection of approximately 500 artworks, focusing on promoting local artists and preserving cultural heritage. The website serves as a digital gallery and informational platform for art enthusiasts and the local community. Technically, the site uses a variety of JavaScript libraries for UI enhancements and carousel displays, with a basic but functional mobile-optimized design. Security posture is moderate with HTTPS enabled but lacking advanced security headers and DNSSEC. Privacy compliance is adequate with clear cookie and privacy policies, though no explicit security or incident response policies are published. Overall, the site is trustworthy and professionally maintained, reflecting the foundation's cultural mission.

D

Dijon métropole

metropole-dijon.fr

50

Dijon métropole is the official metropolitan government entity serving Dijon and its 23 associated communes in France. The website provides comprehensive information and services related to urban planning, environmental quality, transportation, housing, social services, and citizen participation. It positions itself as a high-quality environmental metropolitan authority with a focus on community engagement and sustainable development. The site targets residents, local businesses, and stakeholders within the metropolitan area. Technically, the website is built on WordPress with a modern technology stack including Yoast SEO for optimization, Matomo for privacy-conscious analytics, and various JavaScript libraries for enhanced user experience such as Leaflet for mapping and AOS for animations. The site is mobile-optimized, accessible, and SEO-friendly, with a cookie consent mechanism that complies with GDPR requirements. From a security perspective, the site enforces HTTPS and uses cookie consent tools to manage user privacy. However, it lacks explicit security headers and does not publish a security policy or incident response contact information. The WHOIS data is not publicly available, which reduces transparency but is not uncommon for government domains. No vulnerabilities or suspicious content were detected. Overall, Dijon métropole's website demonstrates a solid digital presence with good content quality and technical implementation. Strategic improvements in transparency around privacy policies, security disclosures, and WHOIS data would enhance trust and compliance further.

M

mesrdv.com

mesrdv.com

54

mesrdv.com is a French-based online appointment scheduling platform established in 2014, offering professionals a SaaS solution to optimize their appointment management and client interactions. The website promotes its mobile applications for iOS and Android, targeting professionals and their clients seeking efficient scheduling tools. The business operates in the technology sector with a small company size and a clear focus on user-friendly, real-time appointment management. Technically, the website uses a combination of jQuery, AOS for animations, and tarteaucitron.js for cookie consent management. The site is moderately optimized for mobile devices and performance, with basic SEO and accessibility features. Hosting and domain registration are consistent and transparent, though DNSSEC is not enabled, and no advanced security headers were detected. From a security perspective, the site implements basic protections such as captcha on contact forms and cookie consent mechanisms. However, it lacks published security policies, incident response contacts, and vulnerability disclosure information. The absence of DNSSEC and security headers suggests room for improvement in hardening the site against attacks. No critical vulnerabilities or blocking mechanisms were detected. Overall, mesrdv.com presents a professional and trustworthy online presence with moderate technical maturity and security posture. Strategic improvements in security policies, DNS security, and enhanced privacy compliance would strengthen its risk profile and user trust.