Security Directory

D

DataSkills4SMEs

dataskills4smes.eu

56

DataSkills4SMEs is an EU-financed project website aimed at supporting small and medium-sized enterprises (SMEs) across Europe by enhancing their data skills and promoting the use of modern technologies for efficient business operations. The site focuses on developing innovative learning tools for SME employees to facilitate paperless offices and maintain high-quality standards. The website is built on WordPress using the Avada theme and integrates Google Analytics for visitor tracking. While the site is accessible and presents relevant content for its target audience, it lacks visible privacy and cookie policies, as well as explicit contact information, which are important for compliance and user trust. The domain's WHOIS information is not publicly available due to EURid's privacy policies for .eu domains, which is typical and does not raise immediate concerns about legitimacy.

C

Confapi Confederazione italiana della piccola e media industria privata

confapi.org

48

Confapi is a well-established Italian confederation representing small and medium private industries, primarily in manufacturing, transport, and services sectors. Founded in 1999, it provides collective labor contracts, advocacy, and various business support services to SMEs across Italy. The website reflects a professional and consistent brand presence targeting Italian SMEs with a comprehensive menu of services and European project partnerships. Technically, the site is built on Joomla CMS with Gantry 5 framework and uses modern JavaScript libraries and Google Analytics for tracking. The site is mobile optimized and offers a good user experience with clear navigation. Security posture is adequate with HTTPS enabled and IP anonymization in analytics, but lacks DNSSEC and security headers, and does not publish explicit privacy or security policies. Overall, the domain registration data supports the legitimacy and long-term operation of the business. Strategic improvements in privacy disclosures and security hardening would enhance trust and compliance.

C

Casartigiani Confederazione Autonoma Sindacati Artigiani

casartigiani.org

50

Casartigiani is an established Italian artisan confederation representing traditional, family-run, and micro-enterprise artisans. The organization is led by President Giacomo Basso and operates with principles of autonomy and independence. The website serves as a communication platform for news, events, and organizational information related to the artisan sector in Italy. Technically, the site is built on WordPress with modern libraries and plugins, including Bootstrap and FontAwesome, and employs analytics tools such as Google Analytics and Matomo. The presence of a cookie consent mechanism via Iubenda indicates attention to privacy compliance, although no explicit privacy policy or terms of service were detected in the provided content. Security posture is moderate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and explicit security headers. Overall, the website is professional, content-rich, and trustworthy, serving a medium-sized organization in the artisan sector.

OBST&GEMÜSE jam GmbH is a Swiss-based small business specializing in the retail and repair of cargobikes, racing bikes, and related accessories. The company operates both a physical showroom in Basel and an online shop serving customers across Switzerland. Their business model focuses on urban mobility solutions, targeting customers interested in lightweight, high-performance freight and cycling products. The website is professionally designed with clear navigation and good mobile optimization, reflecting a solid digital presence. Technically, the website is built on the Odoo CMS platform, utilizing modern web technologies such as FontAwesome for icons and Pannellum for 360-degree panorama views. The site integrates Google Analytics and various marketing tools, including Facebook Pixel and Hotjar, to monitor user engagement and optimize marketing efforts. Performance is moderate with good SEO practices and basic accessibility features. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, indicating attention to secure data handling. However, no explicit security headers were detected, and there is no published security policy or incident response contact information. Privacy compliance is strong, with a comprehensive privacy policy, cookie consent mechanism, and GDPR-aligned data processing disclosures. Overall, the website presents a trustworthy and professional front for the business with minor areas for security enhancement. The domain registration data aligns well with the business identity, supporting legitimacy. Strategic improvements in security headers and incident response transparency would further strengthen the security posture.

F

Flavia Sistiaga

flaviasistiaga.com

40

The website flaviasistiaga.com serves as a professional portfolio for the artist Flavia Sistiaga, showcasing her exhibitions, publications, projects, and commissioned works. The site is hosted on the Cargo Collective platform and presents a clean, well-structured design suitable for art enthusiasts and potential collaborators. The business model focuses on portfolio presentation and artistic promotion, targeting a niche audience interested in contemporary art. The domain is registered since 2018 with a reputable registrar and shows consistency with the website content. From a technical perspective, the site uses standard web technologies including JavaScript, Google Analytics, and WebFont Loader, with hosting likely provided by Cargo Collective. The performance is moderate with basic mobile optimization and accessibility features. SEO optimization is minimal but present through meta tags and Open Graph data. Security posture is adequate with HTTPS enabled and domain transfer protection active. However, the absence of DNSSEC and security headers such as Content-Security-Policy and Strict-Transport-Security represents areas for improvement. Privacy compliance is weak due to the lack of privacy and cookie policies and no visible consent mechanisms. No contact information or incident response details are provided, limiting transparency. Overall, the website is functional and professional but would benefit from enhanced security practices and privacy compliance measures to improve trust and regulatory adherence.

The website represents the Institute Experimental Design and Media Cultures (IXDM), part of the Basel Academy of Art and Design FHNW in Switzerland. It focuses on experimental design, media cultures, and related publishing activities. The site targets students, academics, and professionals interested in media and design culture. The business model is educational and research-oriented, with a niche market position within the academic sector. Technically, the site is built on WordPress 6.8.3 using modern JavaScript and Google Analytics for tracking. The site is moderately performant and mobile-optimized but lacks advanced SEO and accessibility features. Security posture is adequate with HTTPS enabled but lacks security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but could improve in privacy and security transparency.

C

Cartoonmuseum Basel

cartoonmuseum.ch

62

The Cartoonmuseum Basel is a specialized cultural institution in Switzerland dedicated exclusively to the art of narrative drawing, including cartoons, comics, and graphic novels. It holds a unique market position as the only Swiss museum focused on this art form, offering exhibitions, educational programs, events, and a shop. The website reflects a professional and well-structured digital presence, targeting art enthusiasts, educational institutions, and the general public interested in narrative art. The museum operates as a non-profit entity with a clear focus on cultural education and community engagement. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, with Craft CMS likely used as the content management system. It demonstrates good performance, mobile optimization, and accessibility. The site uses Google Analytics for visitor tracking and Campaign Monitor for newsletter management. Security best practices are observed, including HTTPS enforcement and secure form handling, although there is room for improvement in cookie consent mechanisms and explicit security policy disclosures. From a security standpoint, the site has a solid posture with appropriate security headers and no visible vulnerabilities or exposed sensitive data. The WHOIS data confirms the legitimacy of the domain registration, matching the museum's identity and location in Switzerland. No WAF or blocking mechanisms interfere with content accessibility, allowing full analysis. Privacy compliance is adequate with a comprehensive privacy policy, though cookie consent could be enhanced. Overall, the Cartoonmuseum Basel website is a trustworthy, professional, and well-maintained digital asset supporting the museum's mission. Strategic recommendations include implementing explicit cookie consent, publishing a security and incident response policy, and considering a vulnerability disclosure statement to further enhance trust and compliance.

M

Moritz Schermbach

moritzschermbach.ch

42

Moritz Schermbach is a Swiss-based professional photographer specializing in photography and cinematography services including still lifes, portraits, fashion, and landscapes. The website serves as a portfolio showcasing artistic works primarily targeting a general audience interested in visual arts. The business operates on a small scale with a niche local market focus in Basel, Switzerland. Technically, the website employs older versions of jQuery and Bootstrap frameworks, alongside Google Analytics and Tag Manager for visitor tracking. The site is mobile responsive and has a moderate performance profile but lacks modern CMS or advanced frameworks. Security posture is basic with no visible security headers or HTTPS enforcement details in the provided content. Privacy compliance is minimal with no privacy or cookie policies present, and no GDPR compliance indicators. Contact information is limited but present in meta tags. Overall, the site is functional and professional but requires improvements in security, privacy, and technology modernization to enhance trust and compliance.

HUMBUG is a cultural venue based in Basel, Switzerland, focusing on queer, feminist, and alternative cultural events. The website provides a comprehensive program of past and current events, showcasing a vibrant community engagement. Technically, the site uses standard web technologies including Google Analytics and Tag Manager for tracking, but lacks advanced security headers and privacy policies. The absence of WHOIS data limits domain trust assessment, though the content and event listings indicate a legitimate operation. Security posture is moderate with room for improvement in privacy compliance and security best practices.

S

Stiftung Liste Basel

liste.ch

57

Liste Art Fair Basel is a Swiss-based non-profit foundation organizing a well-established contemporary art fair event in Basel. The website serves as an information portal for visitors, artists, partners, and press, providing event details, application information, and contact channels. The business is positioned as a key cultural event with long-term partnerships, notably with E. Gutzwiller & Cie, Banquiers. Technically, the site is built on Magnolia CMS, uses modern web standards, and integrates Google Analytics and Tag Manager for visitor tracking. The site is mobile-optimized and provides a cookie consent mechanism, indicating a basic level of privacy compliance. Security posture is good with HTTPS enforced, but lacks advanced security headers and dedicated security policy disclosures. Overall, the website is professional, trustworthy, and serves its audience effectively.

F

Feel Good Festival

feelgood-festival.at

49

Feel Good Festival is a well-established wellness and fitness event based in Vienna, Austria, focusing on yoga, fitness, workshops, and community engagement. Since its inception in 2017, it has attracted over 10,000 participants, positioning itself as a notable regional event in the wellness sector. The website reflects a professional and consistent brand image, targeting fitness and wellness enthusiasts with a clear business model centered on event organization and ticket sales. Technically, the site is built on WordPress with Elementor and integrates modern marketing and analytics tools such as Google Analytics, Facebook Pixel, and LinkedIn Insight Tag. The presence of a cookie consent mechanism demonstrates attention to privacy compliance, although explicit privacy and terms of service pages were not detected in the main content. Security posture is good with HTTPS enforced and no obvious vulnerabilities, but could be improved by adding standard security headers. WHOIS data is unavailable, likely due to privacy protection, which is common for event businesses but reduces transparency. Overall, the site is trustworthy and professionally maintained with moderate technical sophistication.

C

Cosmo Kitchen | fine dining wien | Bauernmarkt 1, Vienna, Austria

cosmokitchen.at

61

Cosmo Kitchen is a small business website hosted on the Wix platform, targeting a German-speaking Austrian audience. The site appears professionally designed with consistent branding and a focus on presenting their business online. The technical infrastructure leverages Wix's hosting and content management system, integrating Google Analytics and Google Tag Manager for visitor tracking and marketing purposes. The website is mobile-optimized and uses HTTPS to secure communications. However, the absence of explicit privacy policies, terms of service, and contact information limits transparency and user trust. Security measures include standard HTTPS and cookie consent mechanisms, but lack advanced security headers and vulnerability disclosure information. Overall, the site is functional and moderately secure but would benefit from enhanced privacy and security disclosures to improve compliance and trustworthiness.

O

OLEA

oleaitaly.com

60

OLEA is a small hospitality business operating a yoga and fitness retreat venue in the Sabina countryside near Rome, Italy. The website presents a professional and visually appealing platform to attract yoga teachers and retreat participants. The business model focuses on venue rental for wellness retreats, leveraging a unique 150-square-meter yoga platform and restored farmhouses for accommodation. The target audience is wellness travelers and yoga professionals seeking a serene retreat location. Technically, the website is built on Squarespace CMS, utilizing modern web technologies including Google Analytics and reCAPTCHA for security and tracking. The site is mobile optimized with good SEO practices and uses HTTPS with HSTS for secure communications. However, some security headers are missing, and privacy compliance could be improved by adding explicit privacy and terms of service pages. Security posture is generally good with no visible vulnerabilities or exposed sensitive data. The use of Google reCAPTCHA and HTTPS enhances security. The absence of WHOIS data for the domain is a concern, as it raises questions about domain registration legitimacy. This should be investigated further to ensure trustworthiness. Overall, the website is functional, professional, and secure for its business purpose but would benefit from enhanced privacy compliance and clearer domain registration information to improve trust and credibility.

Osiander operates a professional e-commerce platform specializing in books, eBooks, audiobooks, and related retail products targeting general consumers in Germany. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, consent management via Usercentrics, and integration of Google Analytics and Tag Manager for marketing and analytics. Security posture is strong with HTTPS enforcement, Cloudflare DNS and security services, and secure login forms featuring CSRF tokens and CAPTCHA. However, the absence of explicit privacy policy and terms of service pages, as well as lack of visible contact information, limits full compliance and user trust. The domain WHOIS data is minimal and uses Cloudflare name servers, which is common but reduces transparency. Overall, the site is well-designed, accessible, and safe for general audiences.

S

Sofalesungen

sofalesungen.ch

46

Sofalesungen.ch is a small Swiss website focused on cultural readings and events, targeting German-speaking audiences. The site provides event information and media content, embedding third-party services such as YouTube, Vimeo, and Google Maps. The business model appears service-oriented with a niche local market position. Technically, the site uses standard web technologies and Google Analytics with IP anonymization, reflecting moderate digital maturity. Security posture is adequate with HTTPS and cookie consent mechanisms, though additional security headers could enhance protection. Privacy compliance is good, with a comprehensive privacy policy and cookie consent banner in place. Overall, the website is professional and trustworthy but could improve in contact transparency and technical optimizations.

Nuove Ri-Generazioni is an Italian non-profit association focused on social regeneration, sustainable development, and community advocacy. The website serves as an information hub for their projects, events, publications, and news, targeting socially engaged individuals and organizations in Italy. The organization operates primarily through community projects, policy advocacy, and educational initiatives. Technically, the website is built on Joomla CMS with modern frameworks like Gantry5 and Bootstrap, and includes Google Analytics for visitor tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and implements a GDPR-compliant cookie consent mechanism with opt-in and revocation features. However, it lacks explicit security headers such as CSP and HSTS, which are recommended to enhance security posture. WHOIS data is privacy protected as per .eu domain policies, which is typical and justified for this type of organization. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though there is room for security improvements.

P

ProductReview.com.au Pty. Ltd.

productreview.com.au

65

ProductReview.com.au Pty. Ltd. operates a leading Australian consumer review platform that provides user-generated opinions on a wide range of products, services, and businesses. The website targets Australian consumers seeking trustworthy reviews to inform purchasing decisions. It maintains a strong market position as a comprehensive and popular review site with a large volume of user content and active community engagement. The business model relies on advertising and sponsored content, supported by partnerships with various brands and service providers. Technically, the website is built on a modern React framework with extensive use of third-party services including Google Analytics, DoubleClick, and various ad networks. The site demonstrates high digital maturity with excellent mobile optimization, fast performance, and good SEO practices. Privacy compliance is robust, featuring a comprehensive consent management platform aligned with GDPR requirements. From a security perspective, the site enforces HTTPS, implements multiple security headers, and avoids exposing sensitive data. While no explicit security policies or incident response contacts are published, the overall security posture is strong. The integration of numerous advertising and tracking services is transparent and managed via user consent. Overall, ProductReview.com.au presents a low-risk profile with a professional and trustworthy online presence. Strategic recommendations include publishing explicit security and incident response policies, enhancing transparency around vulnerability disclosures, and maintaining ongoing audits of third-party integrations to mitigate emerging risks.

V

VentraIP Australia

ventraip.com.au

72

VentraIP Australia is a leading Australian digital service provider specializing in domain registration, web hosting, email hosting, SSL certificates, and website building solutions. Positioned as Australia's largest independent accredited registrar, VentraIP serves a broad audience ranging from individuals and small businesses to professional web developers and enterprises. The company emphasizes local Australian ownership and support, which is a key differentiator in the market. Their website reflects a professional and trustworthy brand with strong customer satisfaction evidenced by high ratings on multiple review platforms. Technically, the website leverages modern web technologies including Next.js and React, supported by a suite of analytics and marketing tools such as Google Analytics, TikTok Pixel, Facebook Pixel, and ContentSquare. The site is well-optimized for performance, mobile responsiveness, and SEO, providing a seamless user experience. Hosting details are not explicitly disclosed but are likely managed by their parent company Nexigen Digital. From a security perspective, VentraIP employs HTTPS with valid SSL certificates and demonstrates good security practices such as domain status protections in WHOIS data. However, there is room for improvement in explicitly publishing security policies, enabling DNSSEC, and implementing cookie consent mechanisms to enhance privacy compliance. No critical vulnerabilities or exposed sensitive data were detected. Overall, VentraIP presents a low-risk profile with a strong market position, credible business operations, and a secure, well-maintained digital presence. Strategic recommendations include enhancing privacy compliance with cookie consent, publishing security and incident response policies, and enabling DNSSEC to further strengthen domain security.

Casa della Letteratura per la Svizzera italiana is a small non-profit cultural organization dedicated to promoting literature and literary events in the Italian-speaking region of Switzerland. The website serves as a portal for event programs, special projects, publications, and community engagement through newsletters and social media. The organization leverages donation platforms such as PayPal and Twint to support its activities. The website is built on the Weebly/EditMySite platform, indicating a moderate level of digital maturity with standard CMS features and integrations.

The website www.msc-bim.at represents BAUAkademie BWZ OÖ, an educational institution offering the first MSc BIM (Building Information Modeling) master’s program in Austria in cooperation with Universität für Weiterbildung Krems. The program focuses on digital construction processes and aims to equip professionals in the construction sector with modern digital skills. The site targets construction professionals including architects, builders, and IT specialists. Technically, the website is built on the Weebly platform, using legacy jQuery and Google Analytics for tracking. It is mobile optimized and presents content clearly with good navigation. Security posture is moderate with HTTPS enabled but lacks modern security headers and uses an outdated jQuery version, which poses some risk. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism detected. Contact information is clearly provided, enhancing business credibility. WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the site is professional and trustworthy but could improve security and privacy compliance.

D

DocLX Holding GmbH

lighthousefestival.tv

64

Lighthouse Festival is a well-established boutique electronic music festival organizer with over 12 years of experience, operating events primarily in Croatia, Austria, and Tanzania. The company focuses on creating intimate, exclusive festival experiences branded as 'electronic music on vacation'. The website reflects a professional digital presence with clear event information, social media integration, and a consistent brand image. Technically, the site uses modern web technologies including Bootstrap, jQuery, and various JavaScript libraries to deliver a responsive and engaging user experience. However, some areas such as cookie consent and security headers could be improved to enhance privacy compliance and security posture. The domain registration data is consistent with the business claims, supporting the legitimacy of the site.

L

Loxone Lighthouse

loxone-lighthouse.com

52

Loxone Lighthouse is a specialized participation company focused on corporate succession, offering responsible and sustainable business handover services primarily targeting entrepreneurs and business owners in Germany. The website presents a professional and consistent brand image, emphasizing trust and long-term development of acquired companies. Technically, the site is built on WordPress with modern plugins and tracking tools, providing a good user experience with mobile optimization and GDPR-compliant cookie management. Security posture is adequate with HTTPS and consent mechanisms, though lacking some advanced security headers and explicit incident response information. The absence of WHOIS registration data for the domain raises concerns about domain legitimacy, warranting further verification. Overall, the site is functional, trustworthy, and business-oriented but could improve transparency and security practices.

Ost|Est Osteuropanetzwerk is a small non-profit association based in Switzerland focused on fostering cultural, historical, political, and economic understanding of East-Central, Eastern, and Southeastern Europe. The organization operates primarily in the Bern-Fribourg region and targets academic and public audiences interested in Eastern European studies. Their activities include organizing cultural events, lectures, film screenings, and facilitating engagement between universities and the public. The website reflects this mission with multilingual content and event listings. Technically, the site is built on the Weebly/EditMySite platform, using older JavaScript libraries and standard web technologies. While HTTPS is properly implemented, the site lacks modern security headers and privacy compliance documents, which are areas for improvement. Overall, the security posture is moderate with no critical vulnerabilities detected. The site is accessible without WAF or blocking mechanisms, and WHOIS data aligns well with the organization's profile, indicating legitimacy.

D

German TV in Thailand - streaming, download, Apps

deutsches-fernsehen-weltweit.de

49

The website deutsches-fernsehen-weltweit.de offers a subscription-based streaming and cloud DVR service providing access to 44 German TV channels worldwide, targeting German expatriates and German-speaking audiences, especially in Thailand. The business model centers on providing easy access to German TV content without hardware requirements, leveraging cloud recording technology. The site is well-branded and consistent, with clear service descriptions and pricing, positioning itself as a niche media provider in the German expatriate market. Technically, the site uses modern web technologies including Google Analytics, Google Tag Manager, and Google Fonts, hosted on AWS infrastructure. The site is mobile-optimized and SEO-friendly, with moderate performance and basic accessibility features. However, no CMS or advanced frameworks are detected. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks important security headers and does not publish privacy, cookie, or security policies, which reduces its privacy compliance posture. No incident response or vulnerability disclosure information is provided, limiting transparency. The WHOIS data aligns with the website content and hosting, indicating a legitimate domain. Overall, the website is functional and professional but would benefit from enhanced privacy and security disclosures to improve trust and compliance. There are no indications of malicious or adult content, making it safe for general audiences.

S

Sophie und Karl Binding Stiftung

binding-stiftung.ch

51

The Sophie und Karl Binding Stiftung is a Swiss foundation dedicated to promoting social cohesion and preserving natural, cultural, and intellectual values in Switzerland. It operates primarily in the environmental, social, and cultural sectors, providing funding and engaging in projects and partnerships such as the Binding Biodiversity Prize. The website reflects a professional and consistent brand presence with clear navigation and relevant content targeting Swiss society and nonprofit organizations. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates Google Analytics and reCAPTCHA for security and analytics. Security posture is solid with HTTPS and no exposed sensitive data, though it lacks some advanced security headers and explicit security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and well-maintained, suitable for its nonprofit mission.

M

Marketing Mavens

marketingmavens.com

52

Marketing Mavens is a small, established digital marketing agency founded in 2009, specializing in delivering comprehensive sales and marketing strategies including branding, audience targeting, offer crafting, traffic generation, conversion optimization, and automation. The company positions itself as an experienced boutique agency with over 12 years of experience and more than 1,000 client projects, targeting businesses seeking predictable and profitable marketing results. Technically, the website is built on WordPress using the GeneratePress theme, integrating modern marketing and analytics tools such as Google Analytics, Facebook Pixel, LinkedIn Insight Tag, and Inspectlet. The site is mobile optimized and demonstrates good SEO and accessibility basics. Security posture is adequate with HTTPS enforced and use of reCAPTCHA on forms, but lacks advanced security headers and published security policies. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism despite tracking scripts. Overall, the domain registration data is consistent and transparent, supporting the legitimacy of the business.

Z

Zisterzienserabtei Wettingen-Mehrerau

mehrerau.at

66

Kloster Mehrerau is a religious institution operating as the Zisterzienserabtei Wettingen-Mehrerau located in Bregenz, Austria. The website serves as a comprehensive portal for visitors and community members, offering information about monastic life, guest accommodations, events, and spiritual services. The institution positions itself as a vibrant community hub with a focus on faith, hospitality, and cultural engagement. The site features detailed event calendars, news updates, and opportunities for donations, reflecting an active and engaged organization. Technically, the website employs modern web technologies including Google Analytics, Facebook Pixel, Google Tag Manager, and CookieHub for privacy compliance. The site is served over HTTPS with good security practices such as IP anonymization in analytics and a cookie consent mechanism. The design is professional, mobile-optimized, and accessible, providing a positive user experience. However, some security headers are not explicitly detected, and no dedicated security policy or incident response information is published. From a security perspective, the site demonstrates a solid baseline with HTTPS and privacy compliance but could improve by publishing explicit security policies and vulnerability disclosure information. No vulnerabilities or suspicious content were detected. The WHOIS data is unavailable due to quota limits, but the website content and contact details strongly support legitimacy and trustworthiness. Overall, Kloster Mehrerau presents a trustworthy, well-maintained online presence suitable for its non-profit religious mission. Strategic recommendations include enhancing security header implementation, publishing security and incident response policies, and continuing to maintain privacy compliance and transparency.

B

BGO

findalternative.co.uk

43

Findalternative.co.uk is a website promoting a real estate development project named '105 Victoria Street' in London, managed by the developer BGO. The site focuses on showcasing the workspace and commercial property offerings with a target completion date in Q3 2026. The business model centers on real estate development and leasing, targeting commercial tenants and businesses seeking workspace in a prime London location. The website is professionally designed with modern web technologies, including SVG graphics and Google Analytics integration, indicating a moderate level of digital maturity. However, the site lacks critical compliance elements such as privacy and cookie policies, and no forms or extensive contact details are provided, limiting user engagement and transparency. Security posture is moderate with HTTPS usage but no visible security headers or explicit security policies. The domain registration is consistent with the business timeline and registered through a reputable registrar, supporting legitimacy. Overall, the site presents a professional front for a niche real estate project but requires improvements in privacy compliance, security best practices, and richer contact information to enhance trust and regulatory adherence.

M

Meine Kirchenzeitung

meinekirchenzeitung.at

65

MeineKirchenzeitung.at is a German-language online media portal aggregating regional and local news from various Austrian church newspapers. It serves as a centralized hub linking to multiple diocesan publications, offering news, reports, opinions, event listings, and ePaper access primarily targeting German-speaking audiences interested in church and regional topics in Austria. The website demonstrates a consistent and professional brand presence with good content quality and clear navigation. Technically, it employs modern web technologies including Google Analytics, Google Tag Manager, Swiper.js, and Foundation CSS framework, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and cookie banner aligned with GDPR requirements. However, WHOIS data is unavailable due to quota limits, limiting domain registration trust verification. Overall, the site is trustworthy, safe, and professionally managed, with room for technical and security enhancements.

G

Graphly

graphly.io

11

Graphly is a specialized SaaS platform providing advanced reporting and analytics tools tailored for Keap and Infusionsoft users. Established in 2014 and operating under the parent company LEAP, Graphly positions itself as a market leader with a strong focus on business growth through data visualization and actionable insights. The platform targets small to medium businesses seeking to optimize marketing, sales, and customer service performance through comprehensive reporting. The website reflects a professional and consistent brand image, supported by customer testimonials and a clear call to action for trial usage. Technically, the website is built on WordPress using the GeneratePress theme, leveraging modern JavaScript libraries and third-party analytics and marketing tools such as Google Analytics, Facebook Pixel, Inspectlet, and Crisp Chat. The site demonstrates good performance, mobile optimization, and SEO practices. Hosting appears to be managed via GoDaddy, consistent with the domain registrar information. From a security perspective, the site enforces HTTPS and employs domain status protections but lacks DNSSEC and some recommended security headers like Content-Security-Policy. No explicit security policy or incident response information is publicly available, which could be improved. Privacy compliance is partially addressed with a GDPR compliance badge and a privacy policy, but no cookie consent mechanism is detected. Overall, Graphly presents a trustworthy and professional online presence with a solid business model and technical foundation. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance its security posture and compliance standing.

L

LEAP

leapmade.com

10

LEAP is a small technology company specializing in SaaS product development and marketing automation solutions. Their website promotes multiple SaaS products such as Parsey, Graphly, Evidence, and Maven RSS To Email, targeting businesses seeking to grow rapidly through automation and marketing tools. The company positions itself as award-winning and customer-oriented with a strong focus on core values and customer care. The website is built on WordPress with a moderate technical infrastructure including Google Analytics and Tag Manager for tracking. The site is mobile optimized and presents a professional design with consistent branding. Security posture is adequate with HTTPS enabled and IP anonymization in analytics, but lacks security headers and explicit privacy or cookie policies. No contact information or security incident response details are provided, which limits transparency. The domain registration is consistent and legitimate, with no privacy protection and appropriate domain age. Overall, the website is functional and professional but could improve in privacy compliance and security best practices.

M

Magistra, a.s.

magistra.cz

62

Magistra.cz is a Czech Republic based online pharmacy and retail pharmacy chain operating over 200 physical locations nationwide. The company offers a broad range of pharmaceutical and healthcare products through its e-commerce platform, supported by a loyalty program and a mobile application facilitating e-prescription reservations. The website is professionally designed with clear navigation and relevant content targeted at general consumers seeking pharmaceutical products and health-related services. Technically, the site uses modern web technologies including HTTPS, Google Tag Manager, and multiple analytics platforms, hosted partially on Microsoft Azure Blob Storage. Security posture is adequate with HTTPS enforced but lacks visible security headers and explicit privacy and cookie policies, which are important for compliance and user trust. The WHOIS data is unavailable, likely due to privacy protection, which is common and justified for this business type. Overall, the site demonstrates a strong business presence and trustworthy e-commerce platform in the healthcare sector.

R

Radio X

radiox.ch

58

Radio X is a well-established community radio station based in Basel, Switzerland, focusing on youth and cultural programming. It serves a diverse audience locally and internationally via multiple broadcast channels including DAB+, FM, cable, and internet streaming. The station relies heavily on volunteer broadcasters and offers a wide range of specialty shows, podcasts, and live events, positioning itself as a key cultural media player in the region. Technically, the website is built using modern web technologies such as Vue.js and Adobe Experience Manager, with integration of Google Analytics and Tag Manager for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and rich content. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS, includes important security headers, and does not expose sensitive data. However, it lacks explicit security or incident response policies publicly available. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, Radio X demonstrates a mature digital presence with strong community engagement and trustworthy operations. Strategic improvements could focus on enhancing accessibility, publishing security policies, and providing clearer contact information to further strengthen trust and compliance.

S

Select Insure Group

ecolife.zone

53

Eco Life Zone is a content-driven website dedicated to promoting sustainable living and eco-friendly practices. The site offers a variety of resources and articles on topics such as renewable energy, green homes, sustainable transportation, zero waste lifestyle, natural health, organic gardening, and sustainable travel. The business targets environmentally conscious individuals seeking practical advice and inspiration for greener living. The website is positioned as a niche informational platform with a focus on community engagement and education. Technically, the website is built on WordPress using popular plugins and frameworks such as Elementor, Mai Engine, and Genesis Framework. It employs modern web technologies including JavaScript, jQuery, and Google Analytics for tracking. The site is mobile optimized and demonstrates good SEO practices with comprehensive meta tags and structured data. Performance is moderate, with room for improvement in loading speed and security headers. From a security perspective, the site uses HTTPS with a good SSL configuration and employs a WordPress security plugin (Malcare). However, it lacks explicit security headers and privacy compliance mechanisms such as a privacy policy and cookie consent banner, which are important for GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is common for this type of website, and does not raise immediate concerns. Overall, Eco Life Zone presents a professional and trustworthy platform for eco-sustainability content. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, and maintaining regular updates to plugins and themes to enhance security and compliance.

E

eSolutions Softhouse Limited

imghaste.com

64

IMGHaste is a technology company specializing in white-labeled image optimization services designed to improve website speed and reduce server costs. Their service leverages a worldwide CDN with over 550 edge servers and advanced image transformation technologies such as AVIF, WebP, client hints, and service workers. The company targets website owners and developers seeking seamless image optimization without integration complexity. The website demonstrates a good level of technical maturity with modern frameworks and tracking tools, though it lacks some privacy and security policy disclosures. Security posture is generally good with HTTPS and service worker usage, but could be improved by adding security headers and formal policies. The absence of WHOIS registration data is a notable concern that requires further investigation to confirm domain legitimacy.

A

Arbeiter-Samariter-Bund Österreichs

samariterbund.net

68

The Arbeiter-Samariter-Bund Österreichs is a well-established non-profit organization founded in 1927, providing a wide range of healthcare, emergency, social, and humanitarian services primarily in Austria with international outreach. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and includes standard analytics and marketing tools. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and a dedicated security policy page are absent. The WHOIS data is unavailable, which limits domain registration trust verification, but the overall site and external references indicate legitimacy. Privacy compliance is well addressed with a detailed privacy policy and cookie management. Overall, the site is professional, trustworthy, and safe for general audiences.

Halle-Crowd is a localized crowdfunding platform focused on supporting projects in culture, art, social initiatives, education, environment, and sports within the Halle (Saale) region in Germany. The platform leverages Colligent Crowdfunding Technology and integrates accessibility tools to enhance user experience. The website is primarily in German and targets local residents and project initiators seeking funding. Technical infrastructure includes modern JavaScript libraries, Google Analytics with IP anonymization, and cookie consent management, reflecting a moderate level of digital maturity. Security posture is adequate with privacy compliance measures in place, though there is room for improvement in security headers and published policies. Overall, the platform presents a trustworthy and functional service for its niche audience.

C

Catholic Bishops' Conference of England and Wales

dayforlife.org

49

The Catholic Bishops' Conference of England and Wales operates a professional and authoritative website dedicated to religious advocacy and raising awareness on life issues. The site provides comprehensive resources including messages, prayer booklets, and grant information, targeting Catholics and interested individuals in England and Wales. The organization holds a strong market position as a recognized religious authority with consistent branding and a clear mission. Technically, the website is built on WordPress with modern technologies such as Bootstrap, Yoast SEO, and Google Analytics, hosted with CDN support for performance. The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital infrastructure. From a security perspective, the site uses HTTPS and employs security best practices, although explicit security headers are not detected in the provided data. No vulnerabilities or exposed sensitive data were found. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website presents a low risk profile with strong business credibility and technical maturity. The main limitation is the lack of WHOIS data due to querying the 'www' subdomain, but this does not detract from the site's legitimacy. Strategic recommendations include enhancing security headers and publishing explicit security and incident response policies.

C

Catholic Bishops' Conference of England and Wales

taking-stock.org.uk

45

Taking Stock is a non-profit project managed by the Catholic Bishops' Conference of England and Wales, focusing on the architectural and historical review of Catholic churches and chapels across England and Wales. The website serves as an informational resource and partnership platform involving dioceses and Historic England. The target audience includes researchers, heritage professionals, and the Catholic community. The business model is collaborative and heritage-focused, with a niche market position in religious architectural documentation. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and advanced SEO plugins like Yoast. Hosting utilizes a CDN for performance, and Google Analytics is implemented for visitor tracking. The site demonstrates good mobile optimization and basic accessibility features, though there is room for improvement in security headers and cookie consent mechanisms. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data or vulnerable libraries. However, it lacks explicit security policies, incident response information, and cookie consent banners, which are important for GDPR compliance and user trust. No critical vulnerabilities or suspicious activities were detected. Overall, the website is professionally maintained with a strong business credibility and good content quality. Strategic recommendations include enhancing privacy compliance with cookie consent, implementing security headers, and publishing security and incident response policies to improve trust and compliance posture.

S

Sprachenatelier Berlin [isk] gGmbH

sprachenatelier-berlin.de

53

Sprachenatelier Berlin [isk] gGmbH is a small, established language school located in Berlin, Germany, specializing in German language courses from beginner to advanced levels (A1 to C2), including telc German exams and over 50 foreign language offerings. The school provides both onsite and online learning options, catering to international students, professionals, and language enthusiasts. Recognized by the Berlin Senate and holding multiple certifications, the institution maintains a strong market position within the education sector. The website reflects a professional and comprehensive presentation of their services, pricing, and cultural programs, targeting a broad audience seeking language education in Berlin. Technically, the website is built on the KONTEXT-CMS platform, utilizing modern web technologies such as jQuery, Google Analytics, Google Tag Manager, and Matomo for analytics. The site is mobile-optimized with good SEO practices and moderate performance. Hosting is provided by warenform.de, consistent with the domain's nameservers and analytics endpoints. From a security perspective, the site enforces HTTPS with an excellent SSL configuration and avoids exposing sensitive data. However, it lacks visible security headers and does not provide explicit security policies or incident response contacts. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism, which is a GDPR compliance gap. The business credibility is high, supported by clear contact information, certifications, and professional content. Overall, the website is trustworthy, well-maintained, and suitable for its educational purpose. Strategic improvements in privacy compliance and security transparency would enhance its security posture and regulatory adherence.

E

Epipoli S.p.A

mygiftcardbusiness.it

60

MyGiftCard Business, operated by Epipoli S.p.A, is a well-established Italian e-commerce platform specializing in prepaid cards, gift cards from major brands, multibrand gift cards, and corporate welfare card solutions. The company holds a strong market position as a pioneer in Italy for gift cards and prepaid Mastercard cards, serving a large client base including businesses seeking to incentivize employees and reward clients. The website reflects a professional and consistent brand image with clear business offerings and a focus on corporate clients. Technically, the website is built on the Magento platform, utilizing modern JavaScript libraries such as jQuery, Prototype.js, and integrations with Google Tag Manager and Analytics for marketing and tracking. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some accessibility features could be enhanced. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS, integrates Google reCAPTCHA v3 to prevent abuse, and employs a comprehensive cookie consent mechanism via Iubenda, indicating strong privacy compliance. However, DNSSEC is not enabled, and HTTP security headers are not explicitly detected, suggesting areas for improvement. No critical vulnerabilities or exposed sensitive data were found. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. Strategic improvements in DNS security and HTTP headers would further enhance its security stance.

W

WaveDigital s.r.o.

wavedigital.cz

44

WaveDigital s.r.o. is a Czech-based digital agency specializing in custom web development, web applications, e-commerce solutions, PPC advertising, and SEO optimization. Established in 2018, the company positions itself as a reliable partner for businesses seeking modern digital solutions. The website reflects a professional and consistent brand image, targeting business clients primarily in the Czech Republic. The company leverages popular CMS and page builder technologies such as WordPress and Elementor, combined with modern marketing and analytics tools including Google Analytics, Microsoft Clarity, Hotjar, and Facebook Pixel. Cookie consent is managed via Cookiebot, indicating attention to privacy compliance, although explicit privacy and terms of service pages are not found.

M

Mirus

mirus.it

73

Mirus is an established Italian communication company with over 30 years of experience, specializing in integrated communication, consulting, events, digital branding, and strategic creativity. The company targets businesses seeking to strengthen their brand presence through multi-channel experiences. Their market position is supported by a portfolio of notable clients including government and regional entities, and a clear emphasis on certifications and ethical practices. Technically, the website is built on WordPress with Elementor and incorporates modern SEO and analytics tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though there is room for improvement in explicit security policies and incident response disclosures. Overall, the website presents a professional, trustworthy, and compliant digital presence suitable for its business domain.

L

LiteSpeed Technologies Inc

http3check.net

47

HTTP3Check.net is a specialized online tool provided by LiteSpeed Technologies Inc that allows users to verify HTTP/3 and QUIC protocol support on any given URL. The service targets web developers, IT professionals, and website administrators seeking to assess modern web protocol adoption. The website is professionally designed using the UIkit framework and integrates Google Analytics and Google Tag Manager for user tracking and analytics. The domain is registered with NameCheap and uses Cloudflare DNS, reflecting a stable and legitimate technical infrastructure. However, the site lacks visible security headers and cookie consent mechanisms, which are important for enhancing security and privacy compliance. The privacy policy is present but limited in scope, and no direct contact or incident response information is provided.

Q

QUIC.cloud

quic.cloud

74

QUIC.cloud is a specialized technology company providing a comprehensive WordPress optimization platform that includes CDN-level caching, image and page optimization, security features, and DNS services. Established in 2018, it has positioned itself as a niche leader in WordPress performance enhancement with a growing global network of CDN points of presence. The website reflects a mature digital presence with professional design, clear navigation, and extensive service descriptions targeting WordPress site owners and developers. Technically, the site is built on WordPress with Elementor and leverages modern technologies such as LiteSpeed Cache, Google Analytics, and Google Tag Manager. Hosting is supported by Amazon AWS infrastructure, ensuring fast performance and global reach. The site is mobile-optimized and accessible, with good SEO practices and comprehensive metadata including Open Graph and JSON-LD structured data. From a security perspective, the site enforces HTTPS and integrates CDN-level security features including brute-force protection, reCAPTCHA, Layer-7 DDoS mitigation, and WAF rules tailored for WordPress. However, explicit security policies and incident response information are not published, representing an area for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, QUIC.cloud demonstrates a strong security posture, good privacy compliance with GDPR-aligned policies and cookie consent mechanisms, and high business credibility. The domain registration data is consistent and trustworthy. Strategic recommendations include publishing dedicated security and incident response policies, adding security headers, and enhancing transparency around vulnerability disclosures.

S

Space Squirrel Ltd.

covet.pics

57

Covet.pics is a specialized Shopify app developed by Space Squirrel Ltd. that offers merchants customizable, shoppable galleries integrating Instagram feeds, user-generated content, and product galleries to enhance e-commerce conversion rates. The website positions itself as a niche solution within the Shopify ecosystem, targeting store owners seeking to improve visual merchandising and customer engagement through galleries. The business model is subscription-based with tiered pricing plans, reflecting a SaaS approach tailored for small to medium-sized e-commerce businesses. Technically, the website is built on Webflow CMS and leverages modern web technologies including Google Analytics, Google Tag Manager, and Google reCAPTCHA for analytics and security. Hosting and DNS services are provided via Cloudflare and Webflow, ensuring good performance and availability. The site is mobile optimized and demonstrates good SEO practices, although accessibility features are basic. No major technical debt or vulnerabilities were detected in the frontend code. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, but lacks explicit security headers and published security or incident response policies. The domain registration is consistent and trustworthy, with no privacy protection masking ownership, and domain age aligns with the business founding date. However, the absence of privacy and cookie policies and lack of GDPR compliance indicators represent compliance gaps. Overall, the security posture is moderate but could be improved with additional policies and technical controls. The overall risk assessment is low to moderate, with no signs of malicious activity or suspicious content. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, enabling DNSSEC, adding security headers, and publishing incident response contacts to enhance trust and compliance. These improvements will strengthen the security posture and regulatory compliance, supporting business credibility and customer confidence.

C

Catholic Bishops' Conference of England and Wales

cbcew.org.uk

49

The Catholic Bishops' Conference of England and Wales operates an official website providing authoritative information about the Catholic Church's activities, leadership, safeguarding, and community engagement within England and Wales. The site serves a broad audience including clergy, laity, and the general public interested in religious affairs. It offers news, events, podcasts, and educational resources, positioning itself as a trusted source for Catholic-related content in the region. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates SEO and analytics tools such as Yoast SEO and Google Analytics, reflecting a mature digital infrastructure. The site is hosted on reliable CDN services ensuring moderate to good performance and mobile responsiveness. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations including GDPR. The lack of WHOIS data for the exact subdomain queried is explained by it being a subdomain, with the main domain being legitimate and well-established. Strategic recommendations include enhancing security headers and maintaining regular updates to sustain security and compliance.

H

Hallesche Wohnungsgenossenschaft FREIHEIT eG

wgfreiheit.de

50

Hallesche Wohnungsgenossenschaft FREIHEIT eG is a well-established housing cooperative based in Halle (Saale), Germany, with a history spanning over 70 years. The organization provides affordable, modern housing solutions with a strong emphasis on community engagement, social responsibility, and cultural sponsorship. Their target audience includes families, seniors, students, and local residents. The website reflects a mature digital presence with comprehensive content, clear navigation, and active social media integration. Technically, the site is built on TYPO3 CMS, uses modern JavaScript libraries, and integrates Google Analytics with privacy-conscious settings. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved. WHOIS data confirms domain legitimacy and consistency with the business profile.

R

R.R. Bowker LLC

myidentifiers.com

72

MyIdentifiers.com is the official website of the U.S. ISBN Agency operated by R.R. Bowker LLC, providing essential services such as ISBN sales, barcode generation, copyright registration, ebook conversion, and marketing tools for publishers and self-publishers. The website is well-branded, professionally designed, and targets authors and publishers seeking to publish and market their books effectively. The site leverages modern web technologies including AngularJS, Drupal CMS, Bootstrap, and integrates Google Analytics and Tag Manager for tracking and marketing purposes. Hosting assets are served via Amazon AWS S3, indicating a reliable infrastructure. Security posture is good with HTTPS enforced and secure form handling, though some security headers are missing and AngularJS version is outdated, suggesting areas for improvement. Privacy and cookie policies are present and GDPR compliant, supporting user data protection. The WHOIS data is missing or unavailable, which slightly reduces trust but the website content and branding strongly align with the legitimate Bowker business. Overall, the site is a credible and professional platform for book identification and publishing services.

T

Till Schaap Edition GmbH

tillschaapedition.ch

49

Till Schaap Edition GmbH is a Swiss-based publishing company specializing in art, photography, and cultural history books. The company operates an e-commerce website built on Magento, targeting art enthusiasts and collectors primarily in Switzerland and German-speaking regions. The website presents a professional design with clear navigation and multilingual support (German, English, French). Technically, the site uses modern web technologies including Google Analytics and Google Tag Manager for tracking, and it enforces HTTPS for secure communications. However, it lacks advanced security headers and cookie consent mechanisms, which impacts its privacy compliance posture. No explicit security or incident response policies are published, which could be improved to enhance trust and compliance. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and consistency. The website content is safe and appropriate for a general audience.