Security Directory

F

FORTYEIGHT

dnn.ms

70

FORTYEIGHT is a professional marketing agency based in Münster, Germany, specializing in brand identity, web design, and performance marketing tailored for medium-sized enterprises in the Münsterland region. The company positions itself as a transparent and authentic partner, emphasizing collaboration and measurable results. The website reflects a strong regional focus and a commitment to quality communication services for the Mittelstand sector. Technically, the website is built on the Webflow platform, leveraging modern technologies such as Matomo for analytics and CookieFirst for consent management, indicating a mature digital infrastructure with privacy considerations. Hosting is via Amazon CloudFront CDN, ensuring fast content delivery and good performance. The site is mobile-optimized and accessible, with a professional design and clear navigation. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism, but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data limits domain trust analysis, but the presence of certifications and partner badges supports legitimacy. Overall, FORTYEIGHT demonstrates a solid business and technical foundation with good privacy and security practices, suitable for its target market. Enhancements in security policy transparency and domain registration data visibility would further strengthen trust and compliance.

S

Styrian Tourism Board

steiermark.com

68

The website steiermark.com serves as the official tourism portal for the Styria region in Austria, providing comprehensive information on travel, accommodation, events, and regional culture. It targets tourists and travelers seeking to explore Styria, positioning itself as a key regional destination marketing organization. The site offers booking capabilities and rich content to support holiday planning. Technically, the site employs modern web technologies including Matomo analytics, Google Tag Manager, and Cookiebot for consent management, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with a consistent and professional design. From a security perspective, the website enforces HTTPS, uses standard security headers, and integrates cookie consent mechanisms compliant with GDPR. However, it lacks publicly available security policies and incident response information, which could be improved to enhance trust and transparency. Overall, the site is well-built and trustworthy from a content and technical standpoint, but the absence of WHOIS registration data and explicit security documentation slightly reduces its domain registration trustworthiness. Strategic improvements in transparency and security communication are recommended.

S

Stadtwerke Kufstein GmbH

beecar.at

60

Beecar is a regional e-carsharing service operated by Stadtwerke Kufstein GmbH, providing environmentally friendly electric vehicle sharing in Kufstein and surrounding municipalities. The website is professionally designed using TYPO3 CMS and modern web technologies, offering clear navigation and comprehensive information about services, tariffs, and locations. Privacy compliance is well addressed with a GDPR-compliant privacy policy and use of Matomo analytics. Security posture is good with HTTPS enforced, but could be improved by adding security headers and incident response information. Overall, the website reflects a trustworthy and credible business with strong regional presence and sustainability focus.

S

Stadtwerke Kufstein GmbH - ECK Elektroinstallation

eck.at

59

ECK Elektroinstallation, a division of Stadtwerke Kufstein, is a reputable electrical installation service provider in Austria, targeting both businesses and private customers. Their offerings include comprehensive electrical services such as smart home solutions, photovoltaic installations, lighting, and security technology. The company maintains a strong regional presence and benefits from its affiliation with Stadtwerke Kufstein, enhancing its market credibility. The website is professionally designed, providing clear navigation and relevant content that supports their business model effectively. Technically, the website is built on TYPO3 CMS with modern frontend technologies like Bootstrap and jQuery, ensuring a responsive and user-friendly experience. The use of Matomo analytics reflects a privacy-conscious approach to user tracking. Security measures such as HTTPS and script loading optimizations are in place, though there is room for improvement in security headers and explicit incident response disclosures. From a security perspective, the site demonstrates good practices with no visible vulnerabilities or exposed sensitive data. However, the absence of a security.txt file and explicit cookie consent mechanisms are areas for enhancement. Overall, the website's security posture is solid but could benefit from additional compliance and transparency features. The overall risk assessment is low, with the website showing strong business credibility and technical maturity. Strategic recommendations include implementing a formal vulnerability disclosure policy, enhancing cookie consent mechanisms, and improving accessibility compliance to further strengthen trust and security culture.

S

Stadtwerke Kufstein GmbH

kufnet.at

58

KufNet, operated by Stadtwerke Kufstein GmbH, is a regional telecommunications provider in Tirol, Austria, offering bundled services including digital TV, ultrafast broadband internet, and cost-effective fixed-line telephony. The company emphasizes personal consultation and local service without binding contracts, serving over 15,000 customers across 16 municipalities. The website reflects a professional and consistent brand image with clear service offerings and customer support channels. Technically, the website is built on TYPO3 CMS with modern frontend frameworks like Bootstrap and jQuery, and employs privacy-conscious analytics via Matomo. The site is mobile-optimized and well-structured, though performance is moderate. Security posture is adequate with HTTPS enforced, but lacks explicit security headers and published security policies. Cookie consent mechanisms are not active despite cookie usage. Overall, the security posture is solid but could be improved with better header implementation and transparency on incident response. The domain WHOIS data aligns well with the business, indicating legitimacy and trustworthiness. No adult or questionable content is present, making the site safe for general audiences. Strategic recommendations include enhancing security headers, implementing cookie consent, publishing security and incident response policies, and maintaining regular security audits to strengthen compliance and trust.

D

Deutscher Musikrat

musikrat.de

47

The Deutscher Musikrat is a prominent German non-profit umbrella organization dedicated to supporting and promoting music culture across Germany. It represents approximately 16.9 million musicians and is recognized as the largest national music culture association worldwide. The organization offers a broad range of services including music advocacy, project funding, competitions, and educational initiatives. Their website is professionally designed, content-rich, and well-structured to serve musicians, cultural institutions, and the general public interested in music. The site is bilingual (German and English) and features extensive information about projects, events, and organizational structure. Technically, the website is built on the TYPO3 CMS platform, hosted on Schlundtech servers, and employs modern web technologies such as Matomo analytics with user consent, FontAwesome icons, and accessibility tools like eyeAble. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Overall, the security posture is solid with no critical vulnerabilities detected. The domain WHOIS data aligns well with the organization's identity and history, indicating legitimacy and trustworthiness. The website does not contain any adult or questionable content and is safe for general audiences. Strategic recommendations include enhancing security headers and publishing a vulnerability disclosure policy to further strengthen trust.

A

AlmavivA S.p.A.

almaviva.it

70

AlmavivA S.p.A. is a leading Italian Information & Communication Technology group with a strong presence in digital transformation services across multiple sectors including government, finance, energy, and telecommunications. The company offers a broad portfolio of services such as cloud computing, cybersecurity, ERP, big data, and AI-driven customer experience solutions. The website reflects a mature enterprise with consistent branding, professional content, and a clear focus on innovation and partnership. Technically, the site uses modern JavaScript libraries and frameworks, is mobile-optimized, and integrates privacy-respecting analytics tools like Matomo and Plausible. Security posture is good with HTTPS enforced and a voluntary vulnerability disclosure policy, though explicit privacy and security policies are not prominently found. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

S

SALTO

salto.bz

68

SALTO is a well-established technology company specializing in electronic locking and access control solutions, targeting businesses and organizations requiring advanced security systems. The website is professionally designed using Drupal 10 and Bootstrap, with good mobile optimization and clear navigation. The technical infrastructure includes modern analytics and advertising tools managed with a robust cookie consent mechanism, ensuring GDPR compliance. Security posture is strong with HTTPS, security headers, and no detected vulnerabilities, although DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Overall, the website reflects a mature digital presence with a focus on privacy and user experience.

W

Sign in - Matomo

wfstat.com

45

The website wfstat.com serves as a login portal for the Matomo analytics platform, an open-source web analytics solution focused on privacy and data control. The platform targets website administrators and analytics professionals seeking an alternative to commercial analytics services. The site is technically hosted on AWS infrastructure with domain registration via Amazon Registrar, Inc., indicating a modern cloud-based deployment. The content is minimal, primarily providing access to the analytics dashboard with no public-facing business or contact information. The technical infrastructure leverages Matomo's own JavaScript and PHP-based analytics framework, with HTTPS enabled and token-based authentication for user sessions. However, the site lacks visible security headers and public privacy or cookie policies, which are critical for compliance and user trust. Overall, the security posture is moderate but could be improved with enhanced headers and explicit policies. The domain is newly registered in 2023, consistent with a new or recently deployed service. No suspicious or malicious indicators were found, and the content is safe for general audiences.

I

ICE Hockey League

ice.hockey

64

The ICE Hockey League website serves as the official digital platform for the win2day ICE Hockey League, providing comprehensive information including schedules, standings, player and team statistics, news, and multimedia content. The site targets ice hockey fans, players, teams, and media stakeholders, positioning itself as a central hub for league-related information and engagement. The business model revolves around sports media and fan engagement, supported by partnerships and sponsorships prominently displayed on the site. Technically, the website is built on Joomla CMS and utilizes modern web technologies such as Smart Slider 3 and jQuery, with Matomo analytics for user tracking. The site is mobile-optimized and presents a professional design with clear navigation, though accessibility features are basic. Performance is moderate, with no major technical issues detected. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, explicit security headers are not evident, and there is no published security policy or vulnerability disclosure mechanism. Privacy compliance is limited, with no visible privacy or cookie policies or consent mechanisms, which could be improved to meet GDPR standards. Overall, the website is trustworthy and professional, with a strong brand presence and social media integration. The domain WHOIS data is privacy protected, which is common but limits transparency. Strategic recommendations include enhancing privacy compliance, implementing security headers, and publishing incident response information to strengthen security posture and user trust.

R

Raiffeisenkasse Bozen / Ethical Banking

ethicalbanking.it

62

Ethical Banking, a division of Raiffeisenkasse Bozen and its partner Raiffeisen banks in South Tyrol, offers ethical and sustainable banking products focused on social and environmental impact. The website demonstrates a strong market position in ethical finance with multiple sustainability awards and community engagement projects. Technically, the site uses modern frameworks like Bootstrap and jQuery, integrates privacy-respecting analytics (Matomo), and implements a comprehensive cookie consent mechanism. Security posture is good with HTTPS and no visible vulnerabilities, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR, serving a medium-sized regional financial institution with a clear ethical mission.

R

Réseau de Villes et Villages Numériques

rvvn.org

69

Réseau de Villes et Villages Numériques (RVVN) is a French non-profit association that supports local government entities such as EPCI, communes, and intercommunal syndicates in mutualizing their digital communication and dematerialization needs. The organization offers a suite of services including TYPO3-based website development, accessibility audits, collaborative platforms using Zimbra, participative democracy tools via Decidim, and resource management solutions. RVVN positions itself as a regional to national digital services provider for public administrations, expanding its reach since 2023. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content in French.

V

Verband der Seniorenwohnheime Südtirols

vds-suedtirol.it

64

Verband der Seniorenwohnheime Südtirols is a well-established non-profit association founded in 2010, focused on senior care and residential homes in South Tyrol, Italy. The organization provides information, advocacy, publications, events, and job listings related to senior care. The website serves as a regional hub for seniors, families, and healthcare professionals seeking resources and updates about senior living facilities. Technically, the website is built on Drupal 7 with a moderate performance profile and good mobile optimization. It uses Matomo for analytics and implements a GDPR-compliant cookie consent mechanism. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and DNSSEC. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional, trustworthy, and serves its target audience effectively.

S

Sud Avesnois Invest

sud-avesnois-invest.com

49

Sud Avesnois Invest is a regional government entity focused on economic development and business support within the Sud Avesnois community in France. The website serves as a portal for businesses and entrepreneurs seeking to establish, develop, or network in the region, highlighting strategic location advantages and available services such as aid, networking, and meeting facilities. The site is well-branded and professionally maintained, reflecting its government affiliation and regional focus. Technically, the website is built on WordPress with Elementor and integrates modern analytics tools like Matomo and HubSpot, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though improvements are recommended in DNSSEC and security headers to enhance protection. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact information, supporting its credibility as a government service platform.

G

Geb Software

gebsoftware.com

45

Geb Software is a specialized Italian software house offering services in website and application development, IT consulting, web design, and marketing campaigns. The company targets businesses and organizations seeking to enhance their digital presence and IT capabilities. The website demonstrates a professional market position with a portfolio of clients and certifications, including presence on the Italian public administration electronic marketplace (MEPA). Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates analytics tools such as Matomo and Google Analytics. Security posture is solid with HTTPS, cookie consent, and CAPTCHA protections, though some security headers are missing and no explicit security policy is published. The absence of WHOIS data for the domain raises some concerns about domain legitimacy, but the website content and business indicators suggest a legitimate operation. Overall, the site is well-designed, mobile-optimized, and compliant with GDPR requirements.

V

Vortix S.r.l.s.

vortix.it

60

Vortix S.r.l.s. is an Italian IT services company established in 2013, specializing in system and application management, IT infrastructure consultancy, security, networking, and virtualization solutions. The company targets businesses seeking to optimize and secure their IT environments, leveraging a combination of automated tools and expert consultancy. Their market position is that of a qualified, small-sized IT consultancy with a consistent brand presence and clear business information. Technically, the website is built on a modern WordPress platform using Elementor and various Jet plugins, with Matomo analytics for privacy-conscious tracking. The site is well-structured, mobile-optimized, and professionally designed, reflecting good digital maturity. Security posture is solid with HTTPS and cookie consent mechanisms, though formal security policies and incident response contacts are absent. Overall, the website presents a trustworthy and professional image with room for enhanced security transparency.

Ä

Ärzte ohne Grenzen

aerzte-ohne-grenzen.at

69

Ärzte ohne Grenzen Österreich is a well-established humanitarian medical aid organization operating globally with a strong presence in Austria. The website reflects a professional, transparent, and donor-focused approach, emphasizing 100% private donation funding and extensive medical emergency services in over 70 countries. The technical infrastructure is modern, based on Drupal 10, with good mobile optimization and accessibility. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response details could be improved. Overall, the site is trustworthy, well-branded, and compliant with GDPR and privacy standards.

I

ipcom GmbH

rcodezero.com

71

RcodeZero is a specialized DNS service provider leveraging Anycast technology to deliver fast, reliable, and resilient DNS solutions for enterprises, ISPs, and registries. The company is positioned as a leading DNS provider in Europe, supported by ISO 27001 certification and GDPR compliance, reflecting a strong commitment to security and data protection. Their product offerings cater to a diverse B2B audience, emphasizing high availability and security of DNS infrastructure. Technically, the website employs modern frameworks such as Tailwind CSS and Alpine.js, integrates Matomo for privacy-conscious analytics, and demonstrates good performance and accessibility standards. Security posture is robust with HTTPS enforcement, security headers, and a comprehensive cookie consent mechanism. However, the absence of a Terms of Service page and explicit incident response contacts are minor gaps. Overall, the website and business present a trustworthy and professional image with strong compliance and security practices.

C

Communauté de Communes

cc-sudavesnois.fr

52

The website represents the official online presence of the Communauté de Communes Sud Avesnois, a French local government community organization established in 2014. It provides information about regional governance, public services, economic development, and community initiatives targeted at residents and stakeholders of the Sud Avesnois region. The site is positioned as a trusted local authority with a medium-sized organizational footprint. Technically, the site is built on WordPress with a modern tech stack including Yoast SEO, Google Maps API, Matomo analytics, and GDPR-compliant cookie management. The site is hosted by OVH, a reputable provider, and uses HTTPS with reCAPTCHA protection on contact forms, indicating a reasonable security posture. However, the absence of explicit security headers suggests room for improvement. Privacy compliance is well addressed with clear cookie consent mechanisms and a privacy policy in French. Overall, the site is professional, trustworthy, and well-structured for its audience.

C

Communauté de Communes du Coeur de l'Avesnois

coeur-avesnois.fr

60

The website www.coeur-avesnois.fr serves as the official digital presence of the Communauté de Communes du Coeur de l'Avesnois, a French local government entity. It provides comprehensive information and services related to community life, local governance, public services, cultural activities, and citizen engagement. The site targets residents and stakeholders within the Avesnois region, offering resources such as news updates, event agendas, and administrative contacts. The business model is that of a public sector service provider, focusing on community support and information dissemination. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies including Bootstrap, jQuery, FontAwesome, and Leaflet for mapping. It employs Matomo analytics for privacy-conscious visitor tracking and implements cookie consent mechanisms compliant with GDPR. The site is mobile-optimized with good navigation and accessibility features, though some accessibility aspects could be enhanced. From a security perspective, the site enforces HTTPS and uses cookie consent tools but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data is consistent with AFNIC's privacy policies and does not detract from the site's legitimacy. Overall, the website demonstrates a solid digital infrastructure suitable for a government entity, with good content quality and privacy compliance. Strategic improvements in security headers, accessibility, and incident response transparency would further strengthen its posture.

A

Agglo Maubeuge Val de Sambre

agglo-maubeugevaldesambre.fr

54

Agglo Maubeuge Val de Sambre is a regional government entity serving 43 communes in France, providing local administrative services and community project information. The website acts as an official portal for residents and stakeholders, offering news, services, and event management. The digital infrastructure is built on WordPress with SEO and event management plugins, hosted by OVH, and uses Matomo for analytics. The site is well-branded and professionally designed with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled, but lacks visible security headers and formal privacy or incident response policies. Overall, the site is trustworthy and safe for general audiences but would benefit from enhanced privacy compliance and security best practices.

V

Ville de Nice

nice.fr

64

The website www.nice.fr is the official digital portal for the city of Nice, France, providing comprehensive municipal information, administrative procedures, event agendas, and public alerts. It serves a broad audience including residents, visitors, professionals, and various demographic groups such as seniors, children, and parents. The site is well-branded with consistent official city imagery and messaging, positioning it as a trusted government resource. Technically, the site is built on WordPress with Bootstrap framework, uses Matomo for analytics with cookies disabled, and demonstrates good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and minimal tracking, though explicit security headers and privacy policies are not clearly found in the provided content. WHOIS data is unavailable due to AFNIC restrictions, which is common for .fr domains, but this does not detract significantly from the site's legitimacy given its official nature. Overall, the site is professional, trustworthy, and serves its public service mission effectively.

I

Initiative Musik gGmbH

initiative-musik.de

61

Initiative Musik gGmbH operates as a central funding and platform organization dedicated to supporting music and pop culture in Germany. The website clearly communicates its mission to promote societal impact through music, offering various funding programs, awards, and events. The organization maintains a strong market position as a key non-profit entity in the German music industry, targeting musicians, cultural institutions, and industry professionals. The site is well-branded, professionally designed, and consistent with its mission and audience. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, Complianz GDPR, and Matomo analytics, indicating a mature digital infrastructure. Accessibility and mobile optimization are well addressed, and the site employs standard web technologies including jQuery and slick carousel for interactive elements. Hosting details are not explicit but DNS points to domaincontrol.com, a common DNS provider. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms compliant with GDPR. While explicit security headers are not fully confirmed, no vulnerabilities or exposed sensitive data were detected. The absence of a security.txt or incident response contacts suggests room for improvement in security transparency. Overall, the website presents a low-risk profile with strong privacy compliance and business credibility. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure information, and adding explicit incident response contacts to further strengthen trust and security posture.

T

TECH.LAND

techland.org

56

TECH.LAND is a well-established Dutch-German innovation collaboration platform focused on boosting technology and innovation in the East Netherlands and North Westphalia regions. The website presents a professional and comprehensive digital presence with clear cluster focus areas including Advanced Manufacturing & Robotics, Energy, Health & MedTech, and Circular Economy. The business model centers on ecosystem collaboration, project coordination, and knowledge sharing to enhance regional competitiveness. TECH.LAND maintains a strong market position as a regional innovation hub with a medium-sized footprint and a founding date consistent with the domain age.

M

muensterLAND.digital e.V.

muensterhack.de

45

MÜNSTERHACK is a well-established civic technology hackathon based in Münster, Germany, focused on bringing together professionals, students, and civic activists to collaboratively develop ideas and prototypes that enhance the livability of the city and region. Supported by local government, businesses, and community organizations, it has a strong market position as a key event in the regional tech and civic engagement ecosystem. The website reflects a professional and community-driven business model emphasizing open data and sustainable urban development solutions. Technically, the website employs modern web technologies including Bootstrap, jQuery, Font Awesome, and Matomo analytics, hosted on Alfahosting infrastructure. The site is mobile-optimized with good SEO and accessibility basics, though some improvements in security headers and cookie consent mechanisms are recommended. The use of Matomo indicates a privacy-conscious approach to user tracking. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. However, the absence of explicit security headers and cookie consent mechanisms suggests room for improvement in compliance and security posture. No incident response or vulnerability disclosure information is provided, which could be enhanced to build trust. Overall, the website is trustworthy, professionally maintained, and serves its community well. Strategic recommendations include implementing cookie consent, enhancing security headers, publishing security policies, and adding incident response contacts to improve compliance and security maturity.

W

WMS WebMediaSolutions GmbH

it-wms.com

53

WMS WebMediaSolutions GmbH operates a professional website offering specialized panoramic and livestream camera solutions for sectors including tourism, construction, industry, and meteorology. The company emphasizes robust outdoor systems with in-house software development, enabling customized and flexible solutions. Their market position is that of a niche technology provider with a focus on B2B clients requiring advanced camera and livestreaming technologies. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools including Google Analytics, Matomo, and Google Tag Manager. The site is mobile-optimized, SEO-friendly, and includes a comprehensive cookie consent mechanism, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses bot management and reCAPTCHA services. However, it lacks explicit security headers and documented incident response policies. No critical vulnerabilities were detected in the visible content or scripts. Privacy compliance is strong with clear policies and consent management. A notable risk is the absence of WHOIS registration data for the domain, which is inconsistent with the active and professional nature of the website. This discrepancy lowers the overall trust score and suggests further verification is needed. Overall, the website is well-constructed, secure, and compliant, but domain registration transparency should be addressed.

V

Verkehrsverbund Steiermark GmbH

verbundlinie.at

59

Verbundlinie.at is the official website of Verkehrsverbund Steiermark GmbH, a regional public transportation authority in Austria's Steiermark region. The site provides comprehensive information on public transport services, including schedules, ticketing, tariffs, and customer service. It targets residents and visitors who use buses, trains, and trams in the region, offering tools like an online route planner and real-time updates. The business operates as a medium-sized essential entity within the transportation sector, maintaining a strong regional presence and digital engagement through social media channels.

Holding Graz is the largest municipal service provider in southern Austria, delivering essential services daily to the citizens and businesses of Graz and its surroundings. The organization operates multiple subsidiaries across sectors such as energy, transportation, and public utilities, positioning itself as a key player in the regional public service market. The website reflects a mature digital presence with comprehensive information, clear navigation, and multilingual support, targeting local residents and stakeholders. Technically, the site is built on WordPress with modern JavaScript frameworks and analytics tools, ensuring good performance and user experience across devices. Security measures include HTTPS enforcement and a robust Content Security Policy, though explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. Overall, Holding Graz presents a professional, trustworthy, and well-maintained online presence consistent with its public service mandate.

И

Информационно обслужване АД

evroto.bg

63

The website evroto.bg serves as the official Bulgarian government portal dedicated to informing citizens and businesses about the adoption of the euro currency in Bulgaria. It provides comprehensive news, events, educational materials, and multimedia content to support the transition process. The site targets a broad audience including citizens, businesses, and stakeholders interested in the eurozone integration. Technically, the website employs modern web technologies such as Bootstrap for responsive design, Video.js for video playback, and Matomo for analytics, hosted behind Cloudflare DNS services. Accessibility features are well implemented, enhancing usability for diverse users. Security-wise, while HTTPS is presumably enabled, the site lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. The WHOIS data is privacy protected in compliance with GDPR, which is appropriate for this type of government-related domain. Overall, the site is professional, trustworthy, and serves its informational purpose effectively, though it would benefit from enhanced security and privacy disclosures.

С

Столична община

sofia.bg

71

The website www.sofia.bg is the official portal of the Sofia Municipality, serving as a comprehensive platform for disseminating municipal information, news, events, and public services to residents and visitors. It holds a strong market position as the primary government website for Sofia, Bulgaria, and offers a wide range of services including public consultations, access to public registers, and updates on city activities. The site targets a broad audience including citizens, businesses, and tourists. Technically, the site is built on the Liferay CMS platform with React and AlloyUI frameworks, ensuring a modern and responsive user experience. The integration of Matomo analytics indicates a moderate level of user tracking with privacy compliance. Security posture is good with HTTPS enforcement and content security policies, although explicit security and incident response policies are not publicly disclosed. Overall, the site demonstrates high professionalism, trustworthiness, and consistent branding, making it a reliable source of municipal information.

S

Stadtwerke Kufstein GmbH | Kufgem GmbH

lehrling.tirol

63

Lehrling.tirol is the official apprenticeship academy website for Stadtwerke Kufstein GmbH and Kufgem GmbH, two regional companies in Tirol, Austria, operating primarily in the energy and municipal services sectors. The website promotes vocational training opportunities, offering six apprenticeship professions with additional qualifications and career development support. It targets young people seeking apprenticeships and emphasizes a secure, modern, and certified training environment. Technically, the site is built on TYPO3 CMS with modern frontend libraries and uses Matomo for analytics, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and spam-protected contacts, though some security headers could be improved. Privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms. Overall, the site presents a professional, trustworthy, and well-maintained digital presence supporting the business's regional training mission.

K

k5|Next Entwicklungspartner

k5next.at

62

k5|Next is a specialized Austrian software solution provider focused on modernizing municipal administration through digital services and efficient management tools. Their platform offers modules for contact management, election processing, citizen services, and resident registration, targeting local government entities. The website is professionally designed, leveraging TYPO3 CMS and modern frontend technologies, with a focus on usability and mobile responsiveness. Security posture is solid with HTTPS and two-factor authentication mentioned, though some security headers are missing and no explicit security policy is published. Privacy compliance is strong with a GDPR-compliant privacy policy and cookie consent mechanism. Overall, the site reflects a trustworthy and mature business with strong local partnerships and a clear market position in government technology.

S

Stadtwerke Kufstein GmbH

stwk.at

61

Stadtwerke Kufstein GmbH is a well-established regional utility provider in Austria, serving the Kufstein area with a broad range of services including electricity, water, waste management, district heating, telecommunications, and e-mobility solutions. With a history dating back to 1894, the company positions itself as a sustainable and innovative local supplier with strong community ties. The website reflects a mature digital presence built on TYPO3 CMS, featuring modern UI components and privacy-conscious analytics via Matomo. Security posture is solid with HTTPS and security headers, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

Entsorgungsgesellschaft Niederrhein mbH operates a professional career portal focused on recruitment and apprenticeship opportunities within the waste disposal sector in the Niederrhein region of Germany. The website provides job listings, company information, and an online application system targeting job seekers interested in this industry. The company maintains a consistent brand presence with social media integration and a clear privacy and cookie policy, demonstrating compliance with GDPR requirements. Technically, the website employs a modern JavaScript stack including jQuery and jQuery UI, uses Matomo for analytics, and implements a cookie consent mechanism with opt-in functionality. The site is built on a CMS platform provided by rexx systems GmbH, indicating a professional infrastructure. Performance and mobile optimization are good, though accessibility features are basic. From a security perspective, the site uses session cookies with appropriate lifetimes and a cookie consent banner, but lacks visible HTTP security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected in the provided content. WHOIS data shows generic DNS hosting with routing.net name servers, which slightly reduces trust but does not conflict with the business legitimacy. Overall, the website is professional, secure, and compliant with privacy regulations, suitable for its business purpose. Recommendations include enhancing security headers, publishing incident response or vulnerability disclosure policies, and improving accessibility to further strengthen the security posture and user trust.

A

Amt der Steiermärkischen Landesregierung

steiermark.at

67

The website www.verwaltung.steiermark.at serves as the official administrative portal for the Steiermark regional government in Austria. It provides comprehensive information and e-government services to citizens and businesses within the region. The portal features detailed navigation to government departments, service offerings, news updates, and contact information, positioning itself as a central hub for public administration in Steiermark. The site targets a broad audience including residents, government employees, and stakeholders seeking official information or services. Technically, the website is built on a custom CMS (ico-cms) and employs modern web technologies such as HTML5, CSS3, JavaScript, jQuery, and FontAwesome. It integrates privacy-respecting analytics via Matomo alongside Google Analytics and Facebook tracking pixels, balancing data collection with user privacy. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. From a security perspective, the site enforces HTTPS and implements a detailed cookie consent mechanism compliant with GDPR. However, it lacks publicly visible dedicated security policies or incident response contacts. Security headers are not explicitly detected in the HTML content, suggesting room for improvement. No vulnerabilities or suspicious content were identified, and the domain registration aligns with official government credentials, indicating high legitimacy. Overall, the website demonstrates a strong professional and trustworthy presence suitable for a government entity. Strategic recommendations include publishing explicit security and incident response policies, enhancing security headers, and maintaining transparency in vulnerability disclosures to further strengthen trust and compliance.

R

Region Graz - Steiermark Tourismus

regiongraz.at

67

The website www.steiermark.com serves as the official tourism portal for the Graz region and the broader Styrian area in Austria. It provides comprehensive information about local attractions, events, and travel opportunities, targeting tourists and visitors interested in exploring the region. The site is professionally designed with a clear focus on user experience, multilingual support (German and English), and regional branding consistent with the official tourism authority. The business model centers on destination marketing and promoting regional tourism services, positioning itself as a key player in Austria's hospitality sector. Technically, the website employs a modern technology stack including Matomo for analytics, Google Tag Manager, and Cookiebot for consent management, indicating a mature digital infrastructure. The use of Pimcore CMS suggests a robust content management system tailored for complex content needs. The site is mobile-optimized, accessible, and SEO-friendly, ensuring broad reach and usability. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and integrates cookie consent mechanisms aligned with GDPR requirements. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of a published security policy or incident response contacts is noted as an area for improvement. WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is common for tourism entities. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. Strategic recommendations include enhancing security header implementation, publishing security and incident response policies, and maintaining transparency in domain registration details to further boost trust and security assurance.

D

designverign GmbH

designverign.de

61

designverign GmbH is a well-established marketing and design agency based in Düsseldorf, Germany, operating since 1996. The company specializes in strategy, corporate design, e-commerce solutions including Onlineshop development, and performance marketing services targeting B2B clients and manufacturers. Their market position is solid within the German E-commerce and marketing sectors, offering comprehensive digital and offline branding solutions. The website reflects a professional and consistent brand image with clear service offerings and client references.

F

FORTYEIGHT

fortyeight.agency

70

FORTYEIGHT is a professional marketing agency based in Münster, Germany, specializing in brand identity, web design, and performance marketing tailored for medium-sized businesses in the Münsterland region. The company positions itself as a trusted partner with over 150 clients served in the past decade, emphasizing authentic communication and transparent collaboration. Their service offerings include brand development, website creation, and targeted online campaigns, focusing on delivering measurable results for their clients. Technically, the website is built on the Webflow platform, leveraging modern technologies such as Matomo for analytics and CookieFirst for consent management, ensuring a privacy-conscious and performant user experience. The site is well-optimized for mobile devices and demonstrates excellent design and navigation clarity. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms but lacks some recommended security headers and does not publicly disclose incident response or security policies. The WHOIS data is malformed and unavailable, which slightly reduces domain trustworthiness, but the professional presentation and certifications mitigate this concern. Overall, the website reflects a mature digital presence with room for improvement in security transparency and domain registration clarity.

D

Digital Hub münsterLAND e.V.

muensterland.digital

53

Digital Hub münsterLAND e.V. is a regional digital innovation community based in Münster, Germany, focused on fostering collaboration between SMEs, startups, and tech professionals. The organization offers a variety of services including startup matching, accelerator programs, coworking spaces, and events to support digital business model development and innovation in the Münsterland region. The website reflects a well-established community hub with active engagement through events, stories, and newsletters. Technically, the website employs modern web technologies such as Bootstrap, Font Awesome, and Matomo analytics, ensuring a responsive and user-friendly experience. Security posture is moderate with cookie consent and CSRF tokens implemented, but lacks explicit security headers and public incident response policies. WHOIS data is unavailable, which slightly impacts domain trustworthiness, but the professional presentation and active social presence support legitimacy. Overall, the site is well-designed, content-rich, and serves its target audience effectively.

F

Finow Automotive Eberswalde GmbH

finowautomotive.de

47

Finow Automotive Eberswalde GmbH is a medium-sized German manufacturing company specializing in the production of chassis and structural components for the automotive and supplier industry. Founded in 1999 and based in Eberswalde near Berlin, the company operates as a Tier I and Tier II supplier, offering advanced manufacturing technologies such as laser cutting, hydroforming, and various welding techniques. The website reflects a professional and consistent brand image targeting automotive industry clients. Technically, the site uses modern frameworks like Foundation and integrates privacy-conscious analytics via Matomo alongside a Usercentrics consent manager, indicating a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent but lacks advanced security headers and explicit incident response information. Overall, the site is trustworthy, well-structured, and compliant with GDPR, though it could improve transparency around security policies and vulnerability disclosures.

B

Bernd Münstermann GmbH & Co. KG

muenstermann.com

50

Bernd Münstermann GmbH & Co. KG is a well-established German manufacturer specializing in custom machinery and solutions for thermoprocess technology, material handling, air purification, automation, and robotics. The company serves industrial clients across various sectors including insulation materials, catalysts, steel processing, and cable manufacturing. With a domain age dating back to 1997 and a subsidiary in the USA, Münstermann holds a strong market position as a leading German special machinery provider. The website reflects a professional and consistent brand image with comprehensive business information and reference projects. Technically, the site is built on Joomla CMS, uses modern JavaScript libraries like GLightbox, and integrates Matomo analytics for privacy-conscious user tracking. However, it lacks some security headers and a cookie consent mechanism, which are areas for improvement. The security posture is solid with HTTPS and domain transfer protection, but DNSSEC is not enabled. Overall, the site is accessible, well-structured, and trustworthy, supporting the company's credibility and business operations.

A

Ambros Schmelzer & Sohn GmbH

a-schmelzer.com

51

Ambros Schmelzer & Sohn GmbH is a medium-sized German manufacturing company specializing in metal processing and the production of modular pipe systems, agricultural technology, plant construction, assembly, and related services. The company targets industrial clients and operates a professional e-commerce platform to support its business-to-business model. The website reflects a well-established business with consistent branding and comprehensive service offerings. Technically, the website is built on WordPress with WooCommerce, enhanced by modern performance and privacy tools such as WP Rocket and Usercentrics CMP. Analytics are implemented via Google Analytics and Matomo, indicating a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although there is room for improvement in public security policy disclosures and incident response information. The WHOIS data is missing or inaccessible, which slightly reduces trust but does not negate the professional presentation and business legitimacy. Overall, the website is secure, compliant with GDPR, and professionally maintained.

T

TOP-IX Consortium

top-ix.org

64

TOP-IX Consortium is a well-established Italian technology consortium operating since 2002, specializing in managing an Internet Exchange for traffic exchange in the Northwest Italy region. The organization supports technological innovation projects, streaming platforms, and services related to Cloud, Open Data, Big Data, and Social Innovation. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive service offerings targeting network providers, enterprises, public administrations, and academic institutions. Technically, the site is built on WordPress with modern libraries and includes privacy compliance tools such as iubenda and Matomo analytics, indicating a commitment to user privacy and data protection. Security posture is strong, evidenced by ISO 27001 certification and HTTPS enforcement, though DNSSEC is not enabled, representing a minor security gap. Overall, the site is trustworthy, professional, and compliant with GDPR, with room for improvement in incident response transparency and DNS security.

E

Ellisphere

ellisphere.com

67

Ellisphere is a leading French company specializing in business information services, focusing on data marketing, risk management, and compliance solutions. The company targets business professionals and enterprises seeking to optimize their data-driven marketing strategies and manage financial and regulatory risks effectively. Their market position is strong within the French finance sector, supported by a professional and content-rich website that reflects their expertise and leadership. Technically, the website is built on WordPress with a modern technology stack including jQuery, Google Tag Manager, Matomo, Hotjar, and Cookiebot for analytics and privacy compliance. The site is well-optimized for SEO and mobile devices, with good performance and accessibility standards, although some accessibility features could be enhanced. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms, but lacks explicit published security policies or incident response information. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS data for the domain raises concerns about domain registration transparency, which slightly impacts overall trust. Overall, Ellisphere presents a professional and trustworthy online presence with strong business credibility and technical maturity. The main risk lies in the opaque domain registration details, which should be addressed to improve trust and compliance posture.

C

Communicraft Ltd.

communicraft.com

57

Communicraft Ltd. is a well-established digital agency based in Dublin, Ireland, founded in 2001. The company specializes in web design, development, management, and strategic consultancy, with a strong focus on human-centered digital experiences. Their ISO 27001 certification underscores a commitment to information security, positioning them as a trusted partner for clients requiring secure and reliable digital solutions. The website reflects a professional and modern digital presence, showcasing client testimonials and case studies that reinforce their market position. Technically, the website employs modern frameworks such as Bootstrap and integrates multiple analytics platforms including Matomo, Hotjar, Google Tag Manager, and Simple Analytics, all managed with a cookie consent mechanism to ensure privacy compliance. The site is mobile-optimized, fast-loading, and accessible, with good SEO practices evident in metadata and structured data. However, explicit security headers are not detected, suggesting room for improvement in HTTP security configurations. From a security perspective, the company demonstrates strong practices through ISO 27001 certification and secure web application maintenance. The presence of cookie consent and privacy policies indicates GDPR awareness and compliance. The absence of a published vulnerability disclosure policy or incident response contact is a minor gap. The WHOIS data is missing or unavailable, which raises questions about domain registration transparency but does not directly impact the website's operational security. Overall, Communicraft presents a low-risk profile with a mature digital infrastructure and strong business credibility. Strategic recommendations include enhancing HTTP security headers, publishing a vulnerability disclosure policy, and clarifying domain registration details to improve trustworthiness further.

M

Musée Matisse de Nice

musee-matisse-nice.org

53

The Musée Matisse de Nice is a government-affiliated cultural institution dedicated to the life and works of Henri Matisse. The website serves as the official digital presence, providing comprehensive information about exhibitions, collections, visitor information, and educational activities. It targets art enthusiasts, tourists, families, and researchers, positioning itself as a key cultural museum within the Ville de Nice museum network. The business model is primarily non-profit and government-supported, focusing on cultural preservation and public engagement. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and jQuery, integrating Matomo for analytics and Complianz for GDPR-compliant cookie management. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. The use of trusted third-party services for ticketing and online shop enhances user experience. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and a public security policy or vulnerability disclosure page. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain trust assessment, but the presence of official certifications and government logos supports legitimacy. Overall, the website is professional, secure, and compliant with privacy regulations, offering a trustworthy platform for visitors and stakeholders. Strategic improvements in security headers and incident response transparency could further enhance its security posture.

O

Office de Tourisme de l'Avesnois

tourisme-avesnois.com

52

The Office de Tourisme de l'Avesnois operates a professional and comprehensive tourism website focused on promoting the Avesnois region in France. The site offers rich content including event agendas, accommodation, dining, cultural and natural attractions, targeting tourists and visitors interested in regional experiences. The website is well-branded, mobile-optimized, and uses modern technologies such as WordPress, Yoast SEO, and Matomo analytics, reflecting a mature digital infrastructure. Security posture is generally good with HTTPS enforced and secure forms, though improvements could be made by adding security headers and a cookie consent mechanism to enhance GDPR compliance. The absence of public WHOIS data reduces domain transparency but does not detract from the professional appearance and trustworthiness of the site content. Overall, the website is a reliable and effective platform for regional tourism promotion.

The Office de tourisme du Cambrésis operates a comprehensive regional tourism website aimed at promoting the Cambrésis area in France. The site targets tourists, local visitors, and professionals interested in the region, offering services such as event promotion, accommodation and restaurant listings, group catalogues, brochures, and ticketing. The business model is focused on tourism promotion and visitor information, positioning itself as a key regional authority in hospitality and cultural tourism. Technically, the website employs modern web technologies including Bootstrap 5, jQuery, Owl Carousel, Matomo analytics, and Google Tag Manager, combined with a cookie consent manager (tarteaucitron) to ensure privacy compliance. The site is mobile-optimized with good SEO and accessibility basics, though some improvements in security headers could be made. From a security perspective, the site enforces HTTPS and uses privacy-conscious analytics configurations. However, no explicit security headers were detected, and no incident response or security policy information is publicly available. The WHOIS data is missing, which limits domain trust analysis, but the professional content and official contact information support legitimacy. Overall, the website presents a solid digital presence with good content quality and privacy compliance, though it would benefit from enhanced security headers and transparency around security policies. The lack of WHOIS data is a concern but does not outweigh the positive trust signals from the site content and contact details.

M

Ministère de l'agriculture et de l'alimentation

laventureduvivant.fr

64

L'aventure du Vivant is an official French government educational website managed by the Ministry of Agriculture and Food. It provides comprehensive information about agricultural careers, training programs, and environmental awareness targeted primarily at students and young people interested in agriculture and nature-related professions in France. The site is well-branded with government logos and maintains a consistent professional image. Technically, the website is built on Drupal CMS with Bootstrap and jQuery, and uses modern analytics tools including Matomo, Google Tag Manager, and TikTok Pixel. It is mobile-optimized and accessible with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. No critical vulnerabilities or suspicious content were detected. The domain registration is consistent with the official nature of the site, registered through a reputable registrar without privacy protection, appropriate for a government entity.

B

BARFUSS

barfuss.it

43

BARFUSS is a regional online magazine based in South Tyrol, Italy, delivering fresh and youthful content primarily in German. The website targets a general audience interested in regional news, culture, and lifestyle. Technically, the site uses modern JavaScript frameworks such as Frontity and React, with Matomo analytics for user tracking. The site is moderately optimized for mobile and SEO, with a good user experience and professional design. However, it lacks critical privacy and cookie policies, security headers, and explicit contact information, which impacts its overall security and privacy posture. The domain registration data is consistent with the website's regional focus, supporting its legitimacy. Overall, the site is safe for general audiences but requires improvements in privacy compliance and security best practices.