Security Directory

C

CO₂ Bank – KLIMA – ZUKUNFT – HOLZ

co2-bank.de

39

The website co2-bank.de is a German-language platform focused on climate, sustainability, and wood-related environmental topics, likely offering CO2 banking or offsetting services. It targets environmentally conscious individuals and organizations within Germany, positioning itself in the niche energy and sustainability sector. The business model appears to revolve around environmental services and products related to CO2 and sustainable forestry. Technically, the site is built on WordPress using the Astra theme and WooCommerce for e-commerce capabilities. Hosting is provided by aditsystems.hosting, as indicated by the nameservers. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. There is no evidence of advanced analytics or marketing tools in use. From a security perspective, the site lacks visible security headers and publicly available security policies or incident response information. SSL/TLS status is unknown from the provided data but should be verified. The site includes a cookie consent mechanism via the Complianz GDPR plugin, indicating some level of privacy compliance, though no privacy policy or terms of service were found. No vulnerability disclosure or security.txt files are present. Overall, the site is functional and moderately professional but would benefit from enhanced security practices, clearer privacy and contact information, and improved transparency. The risk level is moderate with no critical vulnerabilities detected but some compliance and security gaps that should be addressed.

Primarstufe Münchenstein operates as a primary education institution serving the Münchenstein community in Switzerland. The website provides comprehensive information about the school's organizational structure, locations, and services, targeting parents, students, and local stakeholders. The business model is that of a public educational institution focused on delivering primary and kindergarten education with additional online services for ease of access. Technically, the website is built using a modern JavaScript and CSS stack, leveraging Webpack for module bundling and an i-web CMS platform. The site demonstrates good mobile optimization and basic accessibility features, with moderate performance. SEO is basic but functional, and the site includes proper meta tags and a consent mechanism for anonymized web statistics. From a security perspective, the site uses HTTPS with good SSL configuration but lacks explicit security headers and publicly available security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is adequate with a visible privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the website is trustworthy, professionally designed, and well-maintained, with a strong alignment between WHOIS registration data and the website content. There are no critical security or compliance issues, making it a reliable digital presence for the educational institution.

S

StellarTerm

stellarterm.com

55

StellarTerm operates as an open source trading client for the Stellar network, enabling users to trade, send, and receive assets on the Stellar Decentralized Exchange. The platform targets cryptocurrency traders and users within the Stellar ecosystem, positioning itself as a niche service provider in blockchain finance. The business model revolves around providing a decentralized exchange client with additional services such as crypto swaps and asset purchases. Technically, the website employs standard web technologies including JavaScript, CSS, and HTML5, hosted via Cloudflare, ensuring moderate performance and basic mobile optimization. Security posture is solid with HTTPS enforced and clientTransferProhibited domain status, though improvements such as DNSSEC enablement and enhanced security headers are recommended. Privacy compliance is partial, with privacy and terms policies present but lacking cookie consent mechanisms. Overall, the site is professional and trustworthy with moderate risk, suitable for its business scope.

B

Basler Stadtbuch

baslerstadtbuch.ch

61

Basler Stadtbuch is a reputable digital cultural archive dedicated to preserving and presenting the historical memory of Basel since 1879. The website offers rich historical content including articles, dossiers, and daily historical events, targeting the general public interested in Basel's heritage. Technically, the site is built on Magnolia CMS and uses modern JavaScript libraries and analytics tools, providing a good user experience with mobile optimization and accessibility features. Security posture is strong with HTTPS and security headers, though explicit privacy and security policies are missing. Overall, the site is trustworthy and professionally maintained, with room for improvement in privacy compliance and incident response transparency.

D

Dachstiftung der Christoph Merian Stiftung

dachstiftung-cms.ch

57

The Dachstiftung der Christoph Merian Stiftung (DS-CMS) is a well-established non-profit foundation based in Basel, Switzerland, managing 35 sub-foundations to fund social, cultural, and natural projects in the region. It serves as an efficient vehicle for donors to implement their philanthropic goals. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to its target audience of donors and project applicants. Technically, the site leverages modern frameworks such as Vue.js and Nuxt.js, hosted likely by cyon AG, and uses Craft CMS for content management. Analytics are implemented via Google Tag Manager, indicating moderate user tracking. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies could be improved. Privacy compliance is adequate with a clear privacy policy but lacks a cookie consent mechanism. Overall, the site is trustworthy and credible, aligned with its parent organization Christoph Merian Stiftung.

L

Liverpool University Press

modernlanguagesopen.org

69

Modern Languages Open is a reputable open access academic journal platform specializing in modern languages research, published by Liverpool University Press in partnership with the University of Liverpool Library. The platform offers rigorous peer review, interdisciplinary content, and international dissemination under Creative Commons licenses. The website is professionally designed, mobile-optimized, and provides clear navigation and rich content relevant to its academic audience. Technically, it leverages modern web technologies including React and Next.js, hosted on a reliable infrastructure with good performance and accessibility standards. Security posture is strong with HTTPS, security headers, and reCAPTCHA integration, though DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is generally good with a comprehensive privacy policy, but lacks a cookie consent mechanism. Overall, the website demonstrates high business credibility and trustworthiness with strong university press affiliation and recognized certifications.

The website pico.coop is currently inaccessible due to a security challenge page implementing a JavaScript proof-of-work CAPTCHA. This indicates the presence of a Web Application Firewall or similar security mechanism designed to block automated or suspicious traffic. As a result, no meaningful business, contact, or policy information is available for analysis. The page content is minimal and focused solely on verifying the visitor's legitimacy before granting access. The technical infrastructure includes advanced client-side cryptographic computations to solve the challenge, served via Amazon CloudFront CDN. Security posture is partially demonstrated by the challenge mechanism, but lacks visible security headers or compliance documentation. Overall, the site cannot be fully assessed for business credibility, privacy compliance, or content quality due to this blocking mechanism.

H

HAWtech

hawtech.com

51

HAWtech is a consortium of six leading German universities of applied sciences specializing in engineering sciences. Founded in 2009, it serves approximately 60,000 students across economically strong regions in Germany. The alliance focuses on applied teaching, learning, research, and academic cooperation, offering study programs, summer schools, and scholarships. The website reflects a professional academic presence with clear navigation and relevant content targeted at students and academic partners. Technically, the site is built on TYPO3 CMS with JavaScript enhancements and uses Piwik for analytics, indicating moderate digital maturity. Security posture is adequate with cookie consent implemented but lacks visible advanced security headers and explicit incident response or security policies. The absence of WHOIS registration data for the domain is a notable anomaly that reduces trustworthiness, though the website content and partner domains strongly suggest legitimacy. Overall, the site is well-maintained, content-rich, and serves its educational mission effectively.

D

Donau-Iller-Nahverkehrsverbund-GmbH (DING)

ding.eu

61

Donau-Iller-Nahverkehrsverbund-GmbH (DING) operates as a regional public transportation association in Germany, providing comprehensive transport schedules, ticketing options, and service information for the Donau-Iller region. The website serves as a portal for commuters, students, and travelers, offering quick connection searches, ticket purchase information, and service updates. The company holds a solid regional market position as a transportation authority and service provider.

A-Frame is an established open source web framework founded in 2015 that enables developers to build 3D, AR, and VR experiences using HTML and entity-component architecture. The website serves as a hub for documentation, examples, and community resources targeting developers and VR content creators. It holds a niche position in the WebVR technology space with a small but focused user base. Technically, the site uses modern web technologies including A-Frame 1.7.0, Hexo static site generator, Google Analytics, and Algolia DocSearch, hosted behind Cloudflare DNS. The site is moderately optimized for performance and mobile, with good SEO metadata and clear navigation. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers, and does not publish privacy or cookie policies, which impacts compliance. No contact emails or phone numbers are provided, limiting direct business credibility signals. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the project. The site content is safe for general audiences with no adult or questionable material.

G

Gumlet Pte. Ltd.

gumlet.com

60

Gumlet Pte. Ltd. is a technology company specializing in AI-powered video hosting, streaming, and image optimization services. Positioned as a modern alternative to established platforms like Mux and Vimeo, Gumlet targets developers, creators, and enterprises seeking high-performance media delivery solutions. The company offers a comprehensive suite of services including DRM-protected video hosting, adaptive streaming, and detailed analytics, supported by a global CDN infrastructure. Gumlet's market presence is reinforced by notable customer case studies and certifications such as SOC2 and ISO, indicating a commitment to security and compliance. Technically, Gumlet employs a modern web stack leveraging React and Next.js frameworks, with media assets hosted on AWS S3 and delivered via CDN for optimal performance. The website demonstrates excellent mobile optimization, accessibility, and SEO practices, contributing to a fast and user-friendly experience. Security measures include HTTPS enforcement, robust security headers, and DRM capabilities for video content, reflecting a mature security posture. While the website provides comprehensive business and contact information, privacy compliance could be enhanced by implementing explicit cookie consent mechanisms and publishing dedicated security and incident response policies. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the active and professional web presence suggests a legitimate operation. Overall, Gumlet presents a strong digital maturity and business credibility with room for improvement in privacy transparency and domain registration clarity.

I

INFINITI Abu Dhabi

infiniti-abudhabi.com

63

INFINITI Abu Dhabi operates as an official luxury automotive dealership specializing in new and pre-owned SUVs and crossovers under the INFINITI brand. The website targets luxury vehicle buyers in Abu Dhabi and the UAE, offering premium design, performance, and innovation in their vehicle lineup. The business appears to be a medium-sized entity aligned with Nissan Motor Company, leveraging strong brand recognition in the automotive sector. Technically, the website employs modern tracking and analytics tools such as Google Tag Manager and Adobe Experience Platform, with a professional design optimized for mobile devices and good SEO practices. However, the absence of WHOIS data and lack of visible privacy and cookie policies indicate gaps in transparency and compliance. Security posture is moderate but could be improved by implementing standard security headers and explicit security policies. Overall, the website is functional and professional but requires enhancements in privacy, security, and domain registration transparency to strengthen trust and compliance.

F

Faber Company Inc.

mieru-ca.com

11

Mieru-ca.com is a Japanese SEO and content marketing SaaS platform operated by Faber Company Inc., offering AI-powered SEO tools and consulting services. The platform integrates advanced AI features such as AI article generation, custom AI chat for content rewriting, and comprehensive SEO analytics, targeting corporate marketers and SEO professionals. The website demonstrates a mature digital infrastructure with extensive use of modern analytics and marketing technologies, hosted on AWS infrastructure with a reputable registrar. Security posture is solid with HTTPS and reCAPTCHA protections, though DNSSEC and security headers could be improved. Privacy policies and terms of service are clearly presented, supporting GDPR compliance. Overall, the site is professional, trustworthy, and well-positioned in the Japanese SEO tool market with a strong client base including major corporations.

H

HotelMap

hotelmap.com

76

HotelMap is a UK-based technology company specializing in hotel booking solutions tailored for events such as conferences, exhibitions, and trade shows. The company offers a suite of products including fully managed services for large event organizers and venues, free solutions for smaller events, and advanced room block blending technology. Their platform integrates with event registration systems and provides automated marketing and reporting tools, positioning them as a global leader in event hotel booking technology. The website demonstrates a mature digital presence with professional design, clear navigation, and extensive content supporting their business model. Technically, the site leverages HubSpot CMS and marketing tools, AWS hosting, and integrates analytics and behavioral tracking services like Google Analytics and Hotjar. Security posture is strong with HTTPS, domain transfer protections, and secure form handling, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR indicators. Overall, the site is trustworthy, professional, and well-optimized for its target audience.

D

Shop Ufficiale del Duomo di Milano

duomoshop.com

58

The website www.duomoshop.com appears to be an e-commerce retail site built on the Wix platform. However, the absence of WHOIS registration data raises significant concerns about the legitimacy and ownership of the domain. The site lacks essential business information such as privacy policies, contact details, and terms of service, which are critical for trust and compliance. Technically, the site uses standard Wix scripts and includes LinkedIn tracking pixels for marketing purposes, but SEO and accessibility are minimal. Security posture is weak due to missing security headers and lack of incident response information. Overall, the site presents a basic online presence with limited content and low trustworthiness.

instant.page is a technology-focused website offering a lightweight, open source JavaScript library that enables just-in-time preloading of web pages to improve page load speed and user engagement. The service targets website owners and developers aiming to reduce latency and increase conversion rates by approximately 1%. The website is well designed, mobile optimized, and provides clear technical explanations and usage instructions. It is trusted by notable brands and has a strong GitHub presence, indicating a reputable and active community. Technically, the site uses modern web standards including CSS Grid and asynchronous JavaScript loading. It integrates Google Analytics and Google Tag Manager for user tracking and performance measurement. The site is fast and accessible, with good SEO and mobile optimization. However, it lacks visible security headers and formal privacy or cookie policies, which are important for compliance and user trust. From a security perspective, the site demonstrates good practices such as script integrity checks and respectful resource loading, but it does not publish a security policy or incident response contacts. No vulnerabilities or suspicious content were detected. The absence of privacy and cookie policies and contact information reduces the overall privacy compliance score. Overall, instant.page presents a professional, trustworthy, and technically sound offering with room for improvement in privacy compliance and security transparency. Strategic recommendations include publishing privacy and cookie policies, adding security headers, and providing clear contact channels for security incidents.

The website rhmerchandise.com is currently inaccessible due to a security challenge page implementing a proof-of-work captcha mechanism. This prevents access to any business-related content, contact information, or policies. The domain is registered since 2017 with GoDaddy and uses Amazon Cloudfront CDN for content delivery. The security challenge page indicates an intent to protect the site from automated access or abuse but severely limits external analysis. No privacy, cookie, or terms of service policies are visible, and no contact details or business information can be extracted. The technical infrastructure includes modern JavaScript with Web Workers and cryptographic functions for the captcha. However, no security headers or DNSSEC are enabled, representing minor security gaps. Overall, the site’s security posture is difficult to assess fully due to the blocking mechanism, but the domain registration appears legitimate.

A

AAA Studio

aaastudio.ch

62

AAA Studio was a Swiss-based small design agency operating from 2019 to 2023, specializing in visual communication, graphic design, and digital spaces. The agency served clients primarily in the cultural and industrial sectors, collaborating with interdisciplinary partners to deliver complex and sustainable projects. Their business model focused on agile, project-based work with a strong emphasis on creative experimentation and client collaboration. Technically, the website is built on Drupal CMS with a moderate performance profile and good mobile optimization. However, the site lacks advanced security headers and privacy compliance documentation, which are areas for improvement. The security posture is moderate with no critical vulnerabilities detected but missing best practices. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include implementing privacy and cookie policies, enhancing security headers, and improving accessibility and compliance measures.

A

AAA Studio

alexkern.com

59

AAA Studio was a Swiss-based visual communication agency operating from 2019 to 2023, specializing in graphic design, digital spaces, and communication projects for cultural and industrial clients. The studio emphasized a collaborative and experimental approach to design, working closely with interdisciplinary partners. Their portfolio includes projects for notable clients such as Fondation Beyeler, Museum Tinguely, and Performance Art Awards Switzerland. The website is bilingual (German and English), professionally designed, and showcases a rich portfolio of projects with multimedia content including images and videos. Technically, the site is built on Drupal CMS with modern HTML5 and CSS3 standards, optimized for mobile devices with good SEO practices. However, there are gaps in privacy and security compliance, with no visible privacy or cookie policies, no security headers, and no incident response information. Contact information is clearly provided, enhancing business credibility. Overall, the site reflects a small but professional agency with a strong creative portfolio but could improve in security and privacy compliance.

Z

Zephir Software Design AG

zephir.ch

59

Zephir Software Design AG is a Swiss-based web agency specializing in web development services with a focus on innovative ideas and modern web technologies. The company targets businesses and organizations seeking professional web solutions, emphasizing Swiss quality and reliability. Their website showcases client references and projects, positioning them as a reputable regional player in the technology sector. Technically, the website uses modern JavaScript libraries such as fullPage.js and integrates privacy-friendly analytics via Plausible. The site is well-designed, mobile-optimized, and provides clear contact information, enhancing user experience and trust. However, the absence of privacy and cookie policies indicates a compliance gap that should be addressed. Security-wise, the site uses HTTPS but lacks visible security headers and incident response information, suggesting room for improvement in security posture. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

F

FRAKO Kondensatoren- und Anlagenbau GmbH

frako.com

57

FRAKO Kondensatoren- und Anlagenbau GmbH is a specialized company focused on reactive power compensation, energy management, and power quality solutions. The company offers a comprehensive portfolio of products, services, and training aimed at improving energy efficiency and network reliability, primarily targeting industrial and commercial energy professionals. The website is professionally designed, mobile-optimized, and provides clear navigation and rich content, reflecting a mature digital presence. Technically, the site is built on TYPO3 CMS with Bootstrap and uses Matomo analytics for privacy-conscious user tracking. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies are missing. The WHOIS data is notably absent or unregistered, which raises legitimacy concerns; however, the association with the parent company AdCapital Gruppe and consistent branding mitigate some risk. Overall, the site scores well on content quality and technical implementation but should address WHOIS transparency and security policy publication to improve trust and compliance.

W

Wiener Zeitung

wienerzeitung.at

67

Wiener Zeitung is a well-established Austrian digital media outlet providing independent and critical quality journalism. The website offers a variety of content including news articles, podcasts, videos, and newsletters targeting a general audience interested in current affairs and quality journalism. The site is professionally designed with consistent branding and excellent content quality. Technically, it uses modern web technologies including the Astro framework, Tailwind CSS, and Matomo analytics configured with privacy-conscious settings. Security posture is good with HTTPS enforced and some privacy features enabled, but lacks explicit security policies and headers. Privacy compliance is basic due to missing visible privacy and cookie policies. Overall, the site is trustworthy and professional but could improve transparency and compliance documentation.

V

Vereinte Dienstleistungsgewerkschaft (ver.di)

verdi.de

48

ver.di is a major German trade union focused on advocating for workers' rights, fair wages, and work-life balance. The website reflects a large, professional organization with a clear mission to support service sector employees. The technical infrastructure uses modern web technologies and includes consent management and analytics tools, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and cookie consent, but lacks visible security headers and explicit privacy and terms policies. Overall, the site is trustworthy and well-maintained but could improve transparency and security practices.

R

ReferralCandy

referralcandy.com

68

ReferralCandy operates as a leading SaaS provider specializing in referral marketing software tailored for eCommerce businesses. The platform empowers online retailers to leverage customer referrals to drive exponential sales growth, boasting a user base exceeding 30,000 eCommerce stores. Their business model focuses on performance-based payments and seamless integration with popular platforms such as Shopify. The website reflects a mature digital presence with professional branding, comprehensive content, and strong social media engagement.

P

Playmit GmbH

jobeinsteiger.at

52

Playmit GmbH operates jobeinsteiger.at, a leading Austrian online platform dedicated to connecting vocational beginners with apprenticeship and entry-level job opportunities. The platform offers comprehensive job listings, company profiles, career videos, and integrated services such as strength analysis through its partner site Playmit.com. The website targets young professionals and students seeking to start their careers in Austria, positioning itself as a trusted resource in the education and employment sector. Technically, the site employs modern JavaScript frameworks, Vite for asset bundling, and integrates analytics tools like Matomo and Microsoft Clarity with user consent mechanisms, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, uses CSRF tokens, and provides cookie consent, though it could enhance security headers and publish a formal security policy. Overall, the platform demonstrates strong business credibility, excellent content quality, and good privacy compliance, making it a reliable and professional resource for its audience.

I

Imdaad

imdaad.ae

57

Imdaad is a leading integrated facilities management company based in Dubai, UAE, with a strong presence across the Middle East. The company offers a comprehensive range of services including Hard FM, Environmental Services, Material Recovery, Soft FM, Home Maintenance, Fire Detection, and Lift Systems. Imdaad operates through multiple subsidiaries and brands, serving a diverse clientele with a multi-national workforce. The website reflects a mature digital presence built on modern technologies such as Next.js and React, with good performance and mobile optimization. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and explicit privacy and cookie policies. WHOIS data confirms legitimacy with consistent registration details and no privacy protection, supporting trustworthiness. Overall, the site is professional, content-rich, and well-branded, targeting business customers in the facilities management sector.

The website alqaryan.com currently presents a robot challenge screen designed to block automated access, indicating the presence of a Web Application Firewall or similar security mechanism. Due to this blocking, no substantive business content, contact information, or policies are accessible for analysis. The domain is long-registered since 2002 with GoDaddy.com, LLC, suggesting a stable registration history but no further legitimacy indicators are visible on the page. The technical infrastructure includes JavaScript-based CAPTCHA challenges and uses a Cloudfront CDN for some assets. Security posture cannot be fully assessed due to lack of accessible content and missing security headers or SSL details. Overall, the site appears to be protected by security measures that limit direct content access, resulting in a low AI score and incomplete analysis.

P

Plachutta's Mario Hietzing

plachutta-mario.at

55

Plachutta's Mario Hietzing is a hospitality business operating a restaurant in Vienna, Austria, specializing in Mediterranean and Viennese cuisine. The website presents a professional and visually appealing platform showcasing their menu offerings, including breakfast, pasta, grilled dishes, and takeaway options. The business is positioned as a local favorite with a strong brand association to the Plachutta group. Technically, the website employs modern web technologies such as JavaScript libraries for galleries and sliders, and uses Google Tag Manager for tracking, though Google Analytics is not actively configured. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit privacy or terms of service documentation. Overall, the site is accessible, well-structured, and trustworthy, though improvements in privacy compliance and security best practices are recommended.

P

Plachutta

plachutta-gruenspan.at

59

Plachutta's Grünspan is a traditional Austrian tavern located in Vienna’s historic beer district, offering classic Austrian pub fare and specialties in a beer garden setting. The business targets both local diners and tourists seeking authentic culinary experiences. The website reflects a medium-sized hospitality business with a consistent brand presence and professional design. Technically, the site uses modern web technologies including JavaScript, CSS3, and integrates Google services such as Tag Manager and reCAPTCHA, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and cookie consent implemented; however, the absence of explicit privacy policies, terms of service, and security headers suggests room for improvement. No WAF or content blocking was detected, and the site contains no adult or explicit content, making it safe for general audiences. WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the site is functional, professional, and trustworthy but would benefit from enhanced privacy and security disclosures.

P

Plachutta

plachutta-neuermarkt.at

54

Plachutta's Neuer Markt is a well-established restaurant located in Vienna, specializing in traditional Viennese cuisine with a modern presentation. The website reflects a strong market position with clear branding, comprehensive menu offerings, and services including dine-in, takeaway, and reservations. The target audience includes locals and tourists seeking authentic Viennese dining experiences. Technically, the site uses modern web technologies such as Bootstrap, Google Tag Manager, and Photoswipe for image galleries, ensuring a responsive and user-friendly experience. Security measures include HTTPS enforcement, cookie consent management, and use of Google reCAPTCHA, indicating a mature security posture. No critical vulnerabilities or compliance gaps were detected, though explicit security policies and incident response contacts could be improved. Overall, the website is professional, trustworthy, and compliant with GDPR, supporting the business's credibility and customer engagement.

P

Plachutta

plachutta-oper.at

64

Plachutta's Gasthaus zur Oper is a well-established hospitality business located in Vienna, Austria, specializing in traditional Viennese cuisine such as Wiener Schnitzel and Tafelspitz. The website showcases a blend of modern design and tradition, offering dine-in, takeaway, and retail services including cookbooks. The business enjoys a strong market position with recognized culinary awards and active social media presence. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript libraries like Slick Slider and Photoswipe, and integrates Google Tag Manager and reCAPTCHA for analytics and security. The site is mobile-optimized and provides a good user experience with rich multimedia content. Security posture is solid with HTTPS enforced and cookie consent implemented, though it lacks explicit security headers and published privacy or terms of service documents. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

S

standard404

standard404.com

47

The website standard404.com is a minimal portfolio or personal site hosted on the Cargo Collective platform. It contains very limited content, primarily navigation links labeled 'WORK' and 'ABOUT', with no detailed business description, contact information, or legal policies. The technical infrastructure is based on Cargo Collective's CMS and hosting, utilizing standard web technologies such as HTML5, CSS3, JavaScript, and jQuery. The site is served over HTTPS with a clientTransferProhibited domain status, but lacks DNSSEC and security headers, indicating room for improvement in security posture. No privacy or cookie policies are present, and no contact or incident response information is provided, which impacts compliance and trust. Overall, the site is safe for general audiences but lacks comprehensive business and security information, resulting in a moderate risk profile.

P

Phedre Barbas

phedrebarbas.com

49

The website phedrebarbas.com serves as an online portfolio for a French-Greek artist and designer based in Paris, showcasing various artistic installations and design projects. The content is rich with images and descriptions of art pieces spanning from 2021 to 2024, targeting a general audience interested in contemporary art and design. The business model is primarily a portfolio presentation without e-commerce or direct sales functionalities, positioning itself within a niche artistic community. Technically, the site is built on the Cargo Collective platform, utilizing standard web technologies such as HTML5, CSS3, JavaScript, and jQuery. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. Hosting and domain registration are managed via eNom and Cargo Collective, with HTTPS enabled but missing DNSSEC and security headers. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks DNSSEC and critical security headers, which could expose it to certain risks. No privacy, cookie, or terms of service policies are present, indicating compliance gaps. The WHOIS data is suspicious due to a future domain creation date, which undermines trust in the domain registration legitimacy. Overall, the website is a well-designed artist portfolio with good content quality but has notable deficiencies in privacy, security policies, and domain registration transparency. Strategic improvements in security headers, privacy compliance, and domain registration accuracy are recommended to enhance trust and security posture.

P

PANORAMMMA

panorammma.com

49

PANORAMMMA is an artistic and design-focused website showcasing collections, exhibitions, and interiors. The site targets art and design enthusiasts and potential buyers, offering a portfolio-style presentation with image galleries and a shop feature, although e-commerce functionality appears limited. The business is relatively new, with domain registration dating back to 2021, and operates on the Cargo Collective platform. Technically, the site uses modern web technologies including Google Tag Manager and Google Analytics for tracking, but lacks advanced security headers and privacy policies. Security posture is moderate with HTTPS enabled and domain transfer protections in place, but improvements are needed in DNS security and compliance documentation. Overall, the website is professional and functional but would benefit from enhanced privacy, security, and contact transparency to improve trust and compliance.

N

Niki Danai

nikidanai.com

44

Niki Danai's website serves as a professional portfolio showcasing a multidisciplinary artist's work in sculpture, ceramics, product design, and multimedia installations. The site targets art enthusiasts and cultural institutions, emphasizing recent and upcoming exhibitions primarily in Europe. The business model is centered on personal branding and exhibition promotion, with a small-scale operation reflected in the site's content and domain age. Technically, the website employs standard web technologies including HTML5, CSS3, and JavaScript, with Google Fonts integration. Hosting is provided by Contabo, a reputable provider. The site is mobile-optimized with moderate performance and basic SEO and accessibility features. However, there is no CMS detected, and the technical stack is relatively simple. From a security perspective, the site uses HTTPS and has domain transfer protections in place, but lacks DNSSEC and security headers, which are recommended for enhanced security. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. Contact information is limited to a contact form, with no direct emails or phone numbers provided. Overall, the website is functional and professional but would benefit from improved security practices, privacy compliance, and enhanced contact transparency to increase trustworthiness and reduce risk.

N

Natalia Triantafylli

nataliatriantafylli.com

51

The website nataliatriantafylli.com serves as a personal portfolio for artist and photographer Natalia Triantafylli, showcasing her visual artwork and photography. The site is built on the Cargo Collective platform, featuring a clean and consistent design optimized for mobile devices. It targets art enthusiasts and potential collaborators, focusing on artistic exposure rather than commercial transactions. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript, and jQuery, with web fonts for typography. Hosting and domain registration are consistent and reputable, with HTTPS enabled ensuring secure connections. However, the site lacks privacy and cookie policies, contact information, and security incident response details, which are important for compliance and trust. No advanced security headers or analytics tools are detected, indicating a basic security posture. Overall, the site is functional and professional but could improve in privacy compliance and security best practices.

M

WORK | Astronauts

madebyastronauts.com

57

The website www.madebyastronauts.com appears to be a minimal Wix-built site with very limited content and no visible business or contact information. The domain WHOIS data is unavailable, indicating the domain may not be registered or the data is withheld, which raises concerns about legitimacy. Technically, the site uses standard Wix platform technologies and includes some security hardening scripts, but lacks essential security headers and privacy compliance mechanisms. There are no forms or data collection points detected, and no privacy or cookie policies are present. Overall, the site has a low trustworthiness score and minimal business credibility.

L

Lucas Muñoz Muñoz

lucasmunoz.com

47

Lucas Muñoz Muñoz is a designer and artist specializing in sustainable, experimental, and upcycled furniture and installations. The website serves as a comprehensive portfolio showcasing a wide range of projects from 2006 through 2025, including collaborations with galleries and participation in international design festivals. The target audience includes design enthusiasts, galleries, and cultural institutions interested in innovative and sustainable design. Technically, the website uses modern JavaScript libraries such as jQuery, Masonry, and Vimeo API for dynamic content presentation, with a responsive design suitable for mobile devices. However, there is no evidence of HTTPS or security headers, and no privacy or cookie policies are present, indicating compliance and security gaps. The WHOIS data is missing, raising concerns about domain legitimacy, though the website content is professional and active. Overall, the site demonstrates good content quality and technical implementation but requires improvements in security, privacy compliance, and domain legitimacy verification.

J

Jean-Baptiste Durand

jeanbaptistedurand.com

9

Jean-Baptiste Durand's website is a personal portfolio showcasing artistic works, hosted on the Cargo Collective platform. The site is professionally designed with good navigation and mobile optimization, serving a general audience interested in art. The technical infrastructure leverages modern web technologies and integrates Stripe for e-commerce, indicating readiness for online sales of artworks. Security posture is adequate with HTTPS enabled and domain registration transparency, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is minimal, with no visible privacy or cookie policies, which could expose the site to regulatory risks. Overall, the site is legitimate and functional but would benefit from improved security and privacy practices.

E

Emilio Ferro

emilioferro.it

51

The website www.emilioferro.it serves as the official online presence for contemporary artist Emilio Ferro, showcasing his artwork and providing information about the artist. The site targets art enthusiasts and potential collectors within a niche contemporary art market. The business model is primarily promotional, focusing on portfolio display rather than direct e-commerce or service transactions. The website is built on the Wix platform, leveraging Wix's hosting and content management capabilities. It uses standard Wix scripts and Google Analytics for visitor tracking. The technical infrastructure is modern but basic, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and incident response contact information. Privacy and cookie policies are absent, indicating gaps in compliance with data protection regulations. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security measures to improve compliance and user trust.

C

Clara Schweers

claraschweers.com

56

Clara Schweers is a contemporary artist specializing in glass and mixed media artworks, presenting a professional portfolio website that showcases her artistic creations and collaborations. The website serves as a platform for exhibiting her work and facilitating contact for potential sales or exhibitions. The site is hosted on DreamHost and built using the Cargo CMS platform, featuring a modern and visually appealing design optimized for desktop and mobile users. However, the site lacks explicit privacy and cookie policies, which are important for GDPR compliance and user trust. Security-wise, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and security headers, which could be improved to enhance security posture. Overall, the website is credible and professional but would benefit from enhanced privacy compliance and security best practices.

F

FALTER.at

complete-magazin.at

63

FALTER.at is a well-established Austrian media company focusing on news, cultural content, events, and local guides primarily for Vienna. The website offers a broad range of services including news articles, event listings, podcasts, ePaper, and video content, targeting a general audience interested in regional information. The business model is primarily advertising-supported with subscription options, positioning FALTER.at as a key regional media player with a consistent and professional brand presence. Technically, the website employs modern web technologies including JavaScript frameworks like Livewire, and integrates multiple third-party services for advertising, analytics, and consent management. The infrastructure appears robust with good mobile optimization, accessibility, and SEO practices. The use of asynchronous script loading and reputable analytics platforms indicates a mature digital setup. From a security perspective, the site enforces HTTPS and uses a consent management platform compliant with GDPR. While explicit security headers are not fully visible in the provided data, best practices are generally followed, and no vulnerabilities or exposed sensitive data were detected. The absence of a public security policy or incident response contact is noted but does not detract significantly from the overall posture. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. The risk profile is low, with recommendations focusing on enhancing security header implementation and publishing vulnerability disclosure information to further strengthen trust.

B

Balmer Bücherdienst AG

balmer-bd.ch

55

Balmer Bücherdienst AG is a Swiss-based classical publishing distribution company serving the book trade and resellers with products from domestic and international partner publishers. The company operates a B2B webshop and reporting portals to facilitate order placement and business analytics. Their market position is that of an established regional distributor with a focus on the Swiss book market. Technically, the website is built on Shopware CMS, uses modern web technologies, and integrates third-party search services. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and standard security headers present, though explicit security policies and incident response information are not published. Privacy and cookie policies exist and indicate GDPR compliance. Overall, the website and domain registration data align well, indicating a legitimate and trustworthy business presence online.

L

Landis & Gyr Foundation

lg-stiftung.ch

55

The Landis & Gyr Foundation is a Swiss non-profit organization dedicated to supporting artistic and cultural projects, primarily focusing on professional and contemporary creative work by artists and writers within Switzerland. The foundation emphasizes collaboration with recognized organizations and has a regional interest in Zug and central Switzerland, while also supporting projects from non-urban areas across the country. The website reflects a niche cultural foundation with a clear mission and professional presentation, targeting artists and cultural entities. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript libraries such as Swiper.js and Leaflet.js, and uses Matomo for analytics, indicating a moderate level of digital maturity. Hosting and resources are served from computedby.com domains, suggesting a specialized hosting or development provider. The site is mobile-optimized and has good design quality, though accessibility and SEO optimizations are basic. From a security perspective, the site uses HTTPS and defers scripts for performance, but lacks visible security headers and does not provide privacy or cookie policies, which are compliance gaps. No contact information or incident response channels are explicitly provided, limiting transparency. The use of Matomo analytics suggests some privacy awareness, but absence of consent mechanisms reduces privacy compliance. Overall, the website is professional and trustworthy for its purpose but would benefit from enhanced privacy compliance, security headers, and clearer contact information to improve user trust and regulatory adherence.

M

mfsystem

mfsystem.ch

46

mfsystem is a Swiss-based manufacturer specializing in modular furniture systems including shelves, sideboards, wardrobes, and office furniture. The company emphasizes sustainability and customization, offering an online configurator for customers to design their own furniture. Their market position is that of a niche player focusing on quality and flexibility for both residential and commercial clients. Technically, the website is well-structured with modern web standards, mobile optimization, and HTTPS security. However, it lacks some advanced security headers and explicit privacy consent mechanisms. The security posture is solid but could be improved with better transparency on incident response and vulnerability disclosures. Overall, the website presents a professional and trustworthy image with good user experience and clear business focus.

The website anneschwalbe.shop is a small-scale e-commerce platform specializing in the sale of art prints, posters, books, and clothing related to the photography and art of Anne Schwalbe. The business operates primarily in Germany and targets art collectors and enthusiasts. The site is built on the Shopify platform, leveraging its infrastructure and security features. The technical infrastructure is modern and well-optimized for mobile and desktop users, with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and domain locking enabled, though DNSSEC is not enabled and some HTTP security headers could be improved. Privacy compliance is addressed with a cookie consent banner and a privacy policy, but lacks explicit GDPR or incident response details. Overall, the site presents a professional and trustworthy e-commerce experience with room for enhanced security and compliance documentation.

A

Alcova

vocla.xyz

58

Vocla.xyz is a professionally designed website serving as a platform for design experimentation and social gatherings during Milan Design Week. The site showcases curated exhibitions and pop-up dining experiences, collaborating with notable design houses and restaurants. The technical infrastructure is modern, leveraging Nuxt.js and Cloudflare DNS, ensuring good performance and mobile optimization. However, the site lacks critical privacy and cookie policies, which impacts compliance. Security posture is adequate with HTTPS and domain transfer protection, but could be improved by enabling DNSSEC and security headers. Overall, the website is trustworthy and well-positioned within its niche event market, though it should address compliance and security best practices to enhance user trust and regulatory adherence.

S

Stadt Illnau-Effretikon Abteilung Bildung

schule-ilef.ch

64

Schule Illnau-Effretikon is a public educational institution serving the Illnau-Effretikon region in Switzerland. The website provides detailed information about various school levels including kindergarten, primary, secondary, and vocational preparatory year programs. It targets parents, students, and educational stakeholders in the local community, offering services such as school information, supplementary care, online forms, news, and event agendas. The institution is positioned as a regional education provider under the city administration of Illnau-Effretikon. Technically, the website is built on the ICMS platform by i-web.ch, utilizing modern web technologies including JavaScript and Matomo analytics for user tracking with consent. The site is mobile-optimized and accessible, with a clear navigation structure and good SEO practices. Hosting appears to be Swiss-based, supporting performance and data privacy compliance. From a security perspective, the site enforces HTTPS and uses secure login forms. However, it lacks published formal security policies and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is supported by a visible privacy policy and cookie consent mechanism, aligning with GDPR requirements. Overall, the website demonstrates a solid digital presence with good content quality, technical implementation, and business credibility. Strategic improvements could focus on enhancing security transparency and incident response readiness to further strengthen trust and compliance.

B

Bildungszentrum Limmattal

bzlt.ch

47

Bildungszentrum Limmattal is a vocational education center based in Zürich, Switzerland, specializing in logistics, recycling, and technology training. The institution offers foundational and continuing education programs targeting learners, students, and professionals in related sectors. The website reflects a well-structured educational service provider with clear contact information and a consistent brand presence. Technically, the site uses modern web technologies including Craft CMS, jQuery, and integrates Google Analytics and Tag Manager for user insights. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and incident response information suggests room for improvement. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the domain registration aligns with the business identity, supporting legitimacy and trustworthiness.

R

Region Rapperswil-Jona Tourismus

rapperswil-zuerichsee.ch

60

The website rapperswil-zuerichsee.ch serves as the official travel guide for the Rapperswil and Zurichsee region in Switzerland, providing comprehensive tourism information including events, accommodations, and local attractions. It targets tourists and visitors seeking regional insights and services, positioning itself as a key regional tourism portal. The business model focuses on tourism promotion and visitor engagement, supported by clear contact information and official branding. Technically, the site is built using modern web technologies including Nuxt.js and Tailwind CSS, with integrations for Google Tag Manager, Facebook Pixel, and a consent management platform ensuring GDPR compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the website enforces HTTPS, employs standard security headers, and integrates cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks a dedicated security policy or incident response page, and no vulnerability disclosure mechanism is present, which could be areas for improvement. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include publishing a formal security policy, establishing an incident response contact, and considering a vulnerability disclosure page to enhance transparency and trust.