Security Directory

N

Northwestern University Knight Lab

knightlab.com

57

Northwestern University Knight Lab is an academic and research community focused on advancing journalism and media innovation through exploration, experimentation, and open-source storytelling tools. The Lab serves a diverse audience including students, educators, journalists, and media makers, providing tools, classes, and research initiatives that push the boundaries of storytelling and media technology. The Lab is well-positioned as a leader in media innovation with strong ties to Northwestern University and a global user base for its open-source projects. Technically, the website employs modern web standards with HTML5, CSS3, and JavaScript, including Google Analytics for tracking. The site is mobile-optimized with good SEO and accessibility basics, hosted likely on Northwestern's infrastructure or associated CDNs. However, there is room for improvement in security headers and privacy compliance, as no explicit privacy or cookie policies are found, and no cookie consent mechanism is implemented. From a security perspective, the site uses HTTPS with good SSL configuration and no visible vulnerabilities in the provided content. The absence of security headers and privacy policies are notable gaps. The WHOIS data is unavailable, typical for edu subdomains, but the domain's affiliation with Northwestern University and consistent website content support legitimacy. Overall, the site demonstrates a solid security posture but could enhance compliance and transparency. The overall risk is low given the academic nature and reputable affiliation, but strategic improvements in privacy, security headers, and user consent would strengthen trust and compliance.

H

Hostinger

hostinger.in

71

Hostinger is a globally recognized web hosting provider offering a wide range of services including shared hosting, VPS, cloud hosting, domain registration, and AI-powered website building tools. The company targets individuals, small to medium businesses, and agencies seeking reliable and scalable online presence solutions. Their website demonstrates a mature digital infrastructure with modern frameworks such as Vue.js and Nuxt.js, and integrates advanced analytics and marketing tools like Google Tag Manager and Amplitude. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response information are not publicly detailed. The absence of WHOIS data is noted but likely due to registry restrictions or privacy measures common among large hosting providers. Overall, Hostinger's website reflects a professional, trustworthy, and technically sound platform suitable for its market segment.

S

Setup Type

setuptype.com

57

Setup Type is a Slovak-based design studio and type foundry specializing in font creation, branding, and lettering services. Founded in 2009 by Ondrej Jób, the company targets creative professionals and agencies seeking high-quality typographic and branding solutions. The website reflects a niche market position with a strong focus on design aesthetics and font retail. Technically, the website employs modern web technologies including HTTPS, Google Analytics, and cookie consent mechanisms, providing a good user experience with responsive design and clear navigation. Security posture is adequate with HTTPS and cookie consent but lacks advanced security headers and incident response disclosures. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and social media presence support business credibility. Overall, the site is professional and trustworthy but would benefit from improved transparency in domain registration and enhanced security practices.

B

Bundesanstalt für Materialforschung und -prüfung (BAM)

bam.de

61

The Bundesanstalt für Materialforschung und -prüfung (BAM) is a German federal scientific research institute specializing in material research and testing. It operates under the Federal Ministry for Economic Affairs and Energy and serves a broad audience including researchers, industry professionals, and government entities. The website provides comprehensive scientific content, official portals, and public services related to material safety and technology transfer. Technically, the site uses modern web technologies with good mobile optimization and accessibility. Security posture is strong with HTTPS and privacy-respecting analytics (Matomo) that anonymize user data and require consent. No critical vulnerabilities or blocking mechanisms were detected. Overall, the site reflects a professional, trustworthy government entity with excellent content quality and privacy compliance.

D

DRI and Syloé

produhost.net

51

The website serves as a login portal for ÉVA Pilote, an extranet management platform developed collaboratively by DRI and Syloé. It targets business users who require tailored tools to manage hosted applications and services, including eco-indicators for digital sobriety. The platform positions itself as a niche B2B SaaS solution with a focus on visibility and control over application environments. Technically, the site employs standard web technologies such as HTML5, CSS3, JavaScript, jQuery, and Bootstrap, delivering a responsive and professional user interface. However, the absence of visible security headers and unclear SSL status suggests moderate security maturity. The lack of privacy and cookie policies indicates gaps in compliance with data protection regulations. WHOIS data is missing, raising concerns about domain registration legitimacy despite the professional appearance and partner affiliations. Overall, the site is functional and business-focused but requires improvements in security posture and compliance documentation.

M

Musikvertrieb AG

musikvertrieb.ch

52

Musikvertrieb AG is a Swiss independent music distributor and record label with a long history dating back to 1935. The company focuses on marketing and distributing national and international artists and labels, including partnerships with notable entities such as PIAS and muve recordings. The website reflects a professional presence in the media industry, targeting music industry professionals and independent artists. Technically, the site is built on WordPress using the Brooklyn theme, leveraging modern web technologies and asynchronous loading of analytics and tracking scripts. The site is mobile optimized and SEO friendly, though some accessibility features are basic. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but lacks visible security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

N

Net Oxygen Sàrl

ticketack.com

48

Ticketack is a Swiss-based company offering a comprehensive ticketing and point of sale solution tailored for festivals, cinemas, concert halls, leisure centers, restaurants, bars, and retail businesses. Established in 2014, the company positions itself as a reliable and flexible provider with a strong client base and notable partnerships, including Eventival. The website is professionally designed, multilingual (French and English), and provides clear contact information and business details. The technical infrastructure is built on WordPress with modern plugins and technologies, ensuring good performance and SEO optimization. Security posture is solid with HTTPS and reCAPTCHA integration, though some security headers and policies are missing. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the website reflects a trustworthy and professional business with room for improvement in privacy and security transparency.

W

waldbach medien

waldbachmedien.ch

50

waldbach medien is a small Swiss technology company specializing in web development, digital media, and consulting services with over 20 years of experience. The company targets businesses and organizations seeking tailored internet solutions including responsive websites, webshops, multimedia presentations, and IoT device development. Their market position is that of a niche local specialist in Winterthur, Switzerland, offering a broad range of digital services supported by a proprietary CMS platform (WebZen). The website reflects a professional and consistent brand image with clear navigation and relevant content.

E

Etat de Genève

ge.ch

70

The website www.ge.ch is the official online portal for the République et canton de Genève, serving as the authoritative source for government information, public services, and administrative procedures for residents and businesses in the Canton of Geneva, Switzerland. It offers comprehensive access to official news, e-demarches (online administrative procedures), publications, and institutional information, positioning itself as a critical government communication and service platform. Technically, the site is built on the Drupal CMS platform, leveraging modern web technologies including responsive design, JavaScript, and Matomo analytics for user tracking with consent. The site demonstrates good digital maturity with mobile optimization, accessibility features, and SEO best practices. Hosting details are not explicitly stated but are likely managed by government infrastructure. From a security perspective, the site enforces HTTPS and uses a consent-based cookie banner compliant with GDPR. While explicit security headers are not visible in the HTML, no vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or vulnerability disclosure page is noted as an area for improvement. The WHOIS data confirms the domain is registered to the official government entity, reinforcing legitimacy. Overall, the site is highly trustworthy, professionally designed, and well-maintained, with strong privacy compliance and a clear focus on public service. No adult or questionable content is present, and the site is fully accessible without WAF or blocking mechanisms.

C

Commerzbank

commerzbank.com

64

Commerzbank's group website serves as the corporate portal for one of Germany's major banking institutions. The site provides information about the bank's corporate identity and services, targeting corporate clients, investors, and the general public interested in the bank's operations. The website demonstrates a professional design with consistent branding and a moderate level of technical maturity, including the use of modern web technologies and a cookie consent mechanism to comply with privacy regulations. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks visible security headers and explicit security policies. The absence of explicit privacy policy and terms of service in the provided content suggests areas for improvement in privacy compliance and transparency. Overall, the domain registration data aligns well with the business claims, indicating a legitimate and trustworthy online presence.

D

Doris Ossberger

wortklaviatur.at

45

The website wortklaviatur.at represents a small personal business operated by Doris Ossberger, offering writing and educational services with a focus on clear communication and accessibility. The site is built on WordPress using the Neve theme and incorporates modern web technologies such as Google Fonts and emoji support. The content is well-structured, professionally presented, and targets German-speaking users, primarily in Austria. The business model is service-oriented, catering to individuals and organizations seeking writing and teaching assistance. Technically, the site performs moderately well with good mobile optimization and SEO practices, though some improvements in accessibility could be made. Security posture is adequate with HTTPS enabled but lacks important security headers and a cookie consent mechanism, which are recommended for GDPR compliance. No contact emails or phone numbers are directly visible, relying on a contact form for communication. Overall, the domain registration is consistent with the business profile, indicating legitimacy and trustworthiness.

SmileReef is a small e-commerce business specializing in eco-friendly surf hats with integrated helmets, targeting environmentally conscious surfers. The company emphasizes sustainability by using recycled ocean plastics and supports reef conservation with a portion of sales. The website is professionally designed on the Shopify platform, featuring customer reviews and multi-language support, indicating a moderate level of digital maturity. Technically, the site uses modern web technologies and is hosted on Google Cloud via Shopify, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and no explicit security or incident response policies are published. WHOIS data shows anomalies such as a future domain creation date and country mismatch, which slightly reduce trustworthiness but do not negate the overall legitimacy. Privacy compliance is addressed with policies and cookie consent mechanisms. Overall, the site presents a trustworthy and professional e-commerce presence with room for improvement in security transparency and domain registration consistency.

F

Fondazione Valore

fondazionevalore.org

60

Fondazione Valore is a non-profit foundation established in 2022 in Italy, focused on promoting circular economy principles by facilitating donations of goods, services, and skills to reduce waste and recover social and economic value. The organization collaborates with third sector entities, businesses, and public institutions to foster sustainable development and social impact. Their key services include surplus donations, skills volunteering, urban regeneration, and training programs. The website reflects a clear mission and target audience aligned with sustainability and social responsibility. Technically, the website is built on WordPress with Elementor, hosted via Register SpA, and employs modern web technologies ensuring good mobile optimization and SEO practices. The site uses HTTPS and includes a cookie consent mechanism compliant with GDPR, though it lacks advanced security headers and DNSSEC, which are recommended for enhanced security. No analytics or advertising scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site demonstrates a moderate security posture with secure forms and no exposed sensitive data. However, the absence of DNSSEC and security headers suggests room for improvement. Incident response and vulnerability disclosure information are not present, which could be addressed to improve trust and compliance. Overall, the domain registration data aligns well with the website's claims, supporting legitimacy. The website content is safe for general audiences, with no adult or questionable material. The site provides a professional user experience with clear navigation and relevant content, though contact information is limited to a form and physical address without direct emails or phone numbers. Strategic recommendations include enabling DNSSEC, adding security headers, publishing a security.txt file, and providing incident response contacts to enhance security and compliance posture.

A

AIESEC International Inc.

aiesec.it

42

AIESEC Italia is a well-established non-profit youth organization focused on leadership development through international exchange programs such as volunteering, internships, and teaching abroad. The website reflects a professional and consistent brand presence targeting young people and students interested in global leadership experiences. The organization has a strong market position with global reach and recognized affiliations with UN bodies. Technically, the website uses modern JavaScript libraries and tracking tools, with a moderate performance and good mobile optimization. Security posture is solid with HTTPS and DNSSEC enabled, but lacks some security headers and explicit privacy and terms policies. Cookie consent is implemented via Usercentrics CMP, indicating GDPR awareness. Overall, the website is trustworthy and professional with room for improvement in privacy transparency and security hardening.

I

Istituto Italiano della Donazione (IID)

istitutoitalianodonazione.it

55

Istituto Italiano della Donazione (IID) is a well-established Italian non-profit organization founded in 2004 that promotes transparency, credibility, and honesty in charitable donations. It certifies non-profit organizations with quality marks to foster donor trust and organizes events such as DonoDay to raise awareness. The website targets donors, non-profit associations, and enterprises interested in safe donation practices. Technically, the site uses a custom CMS with JavaScript, AJAX, and integrates social media SDKs and Google Tag Manager for analytics. The site is moderately optimized for mobile and SEO, with good content quality and clear navigation. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. WHOIS data confirms domain legitimacy with consistent registration since 2004. Overall, the site is trustworthy and professional but could improve security and privacy compliance.

A

Amazon.com, Inc.

aboutamazon.com

63

The website www.aboutamazon.com serves as Amazon.com's official corporate news and information portal, providing breaking news, company updates, and insights into Amazon's innovations, workplace culture, sustainability efforts, and community impact. It targets a broad audience including consumers, investors, employees, and media professionals. The site reflects Amazon's position as a global leader in e-commerce, cloud computing, and technology services, showcasing key services such as AWS, retail operations, devices, and entertainment. Technically, the site is built on modern web technologies including React and Next.js, with a strong focus on performance, mobile optimization, and accessibility. It employs advanced tracking and analytics tools like Adobe Alloy and Adobe DTM, and integrates comprehensive SEO and metadata strategies to enhance discoverability. The content is rich, professionally curated, and regularly updated, supporting a high-quality user experience. From a security perspective, the site enforces HTTPS with excellent SSL configuration and implements multiple security headers to protect users. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not prominently available, representing an area for improvement. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. Overall, the site demonstrates a mature digital presence with strong business credibility and security posture. The absence of WHOIS data is noted but does not detract from the site's legitimacy given its official branding and content. Strategic recommendations include publishing detailed security policies, establishing a vulnerability disclosure program, and enhancing security contact transparency to further strengthen trust and compliance.

S

Sitejet (part of WebPros International GmbH)

sitejet.io

66

Sitejet Studio is a professional SaaS platform focused on providing website building, project management, and client collaboration tools primarily for agencies and freelancers. The company operates under WebPros International GmbH and has been established since 2013, positioning itself as a competitive player in the web design technology sector. The platform offers a comprehensive suite of services including a no-code website builder, integrated project management, customer portals, SEO tools, and e-commerce capabilities, aiming to streamline workflows and reduce design time significantly. Technically, the website employs modern JavaScript libraries and tracking tools such as Google Tag Manager, Microsoft Clarity, and Visual Website Optimizer, alongside a consent management platform (Usercentrics) to comply with privacy regulations. The site is well-optimized for mobile devices, SEO-friendly, and demonstrates good accessibility practices. Hosting details are not explicitly disclosed, but the platform includes secure hosting features as part of its offering. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security headers and published security policies or incident response information. The WHOIS data is unavailable due to privacy protection or query failure, which slightly reduces trust but is justified for this business type. No critical vulnerabilities or suspicious content were detected. Overall, Sitejet Studio presents a trustworthy and professional web presence with strong business credibility and technical maturity. Strategic improvements include publishing explicit privacy and security policies, enhancing security headers, and providing vulnerability disclosure information to further strengthen trust and compliance.

M

Monte Cavallo

montecavallo.com

51

Monte Cavallo is a regional tourism website focused on promoting the Monte Cavallo ski and hiking area near Vipiteno in South Tyrol, Italy. The site offers information about skiing, sledding, hiking, and family-friendly outdoor activities, targeting tourists and families interested in alpine experiences. The business model revolves around tourism services including ticket sales and accommodation bookings. The website is professionally designed with consistent branding and multilingual support, reflecting a good level of digital maturity. Technically, it uses modern web technologies and a proprietary CMS (Consisto.CMS), with integrated analytics and consent management tools. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks some security headers and explicit privacy and terms of service pages. WHOIS data is not publicly available, which slightly reduces trustworthiness but does not strongly indicate malicious intent. Overall, the site is safe, well-structured, and suitable for general audiences interested in tourism in the region.

V

Vacanze a Vipiteno - Racines - Colle Isarco Il top in Alto Adige

vipiteno-racines.it

44

The website www.vipiteno-racines.it is a regional tourism portal focused on promoting the Vipiteno-Racines-Colle Isarco area in northern Italy's Alto Adige region. It provides visitors with information about skiing, hiking, cultural highlights, accommodation booking, and local events. The site targets tourists interested in alpine vacations and outdoor activities. Technically, it uses a proprietary CMS (Consisto.CMS), integrates Google Tag Manager and Google Analytics for tracking, and employs responsive design techniques for mobile optimization. However, it lacks visible privacy and cookie policies, and no explicit contact information or security policies are found in the provided content. Security headers are not detected, and the domain uses privacy protection in WHOIS, which is common but reduces transparency. Overall, the site is functional and professionally designed but could improve in privacy compliance and security posture.

Testudo Srl is an Italian boutique software company specializing in custom software development, innovative SaaS products, and strategic consulting. The company targets businesses seeking tailored digital solutions to improve operational efficiency and market competitiveness. Their website showcases a strong client portfolio including major brands across various sectors such as logistics, insurance, manufacturing, and professional services, positioning them as a reputable player in the technology industry. Technically, the website is built using modern frameworks like Next.js and React, delivering fast performance, excellent mobile optimization, and good SEO practices. Security-wise, the site enforces HTTPS and includes essential security headers, reflecting a mature security posture. However, the absence of WHOIS registration data and lack of direct contact emails or phone numbers slightly reduce trust. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though it would benefit from publishing explicit security policies and incident response contacts.

The website ww38.siements.com is a parked domain with no active business content. It primarily serves as a landing page indicating the domain is for sale, with affiliate links to domain marketplaces. The domain name is a misspelling of a well-known brand, which raises suspicion of typo-squatting or phishing intent. The technical infrastructure is minimal, relying on basic HTML, JavaScript, and iframes loading external content from potentially suspicious domains. No privacy, cookie, or terms of service policies are present, and no contact or business information is provided. Security posture is weak, with no HTTPS enforcement or security headers detected. WHOIS data is unavailable, indicating the domain is either unregistered or privacy-protected, further reducing trustworthiness.

EXPERT Elektrofachhandel operates as a large regional electrical retail chain in Austria, with a strong physical presence across 180 stores and an online platform. The business focuses on selling electrical appliances, providing electrical installation services, and offering repair and maintenance. The website reflects a professional retail business model targeting general consumers in Austria. Technically, the site uses modern JavaScript frameworks such as Vue.js and Nuxt.js, with integration of third-party services like Klarna for payments and Google Tag Manager for analytics. The site is mobile optimized and has good SEO practices, though accessibility is basic. Security posture is adequate with HTTPS enabled but lacks important security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanisms. WHOIS data confirms the legitimacy of the domain with consistent registrant information matching the business claims. Overall, the website is functional and professional but would benefit from enhanced privacy and security measures to improve trust and compliance.

U

UNIQA Österreich Versicherungen AG

uniqa.at

61

UNIQA Österreich Versicherungen AG is a leading Austrian insurance company offering a broad range of insurance, pension, and investment products. With over 3.6 million customers, it holds a strong market position in Austria's finance sector. The website reflects a professional and trustworthy brand image, targeting the general Austrian public seeking insurance and financial services. The business model focuses on providing innovative insurance solutions and financial planning products. Technically, the website employs modern frameworks such as Angular and Bootstrap, integrates Adobe Experience Platform for marketing and analytics, and demonstrates good mobile optimization and accessibility. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit security policy and incident response contacts are not prominently published. WHOIS data confirms the domain's legitimacy and consistency with the company's business claims. Overall, the site is well-designed, secure, and compliant with GDPR requirements, making it a reliable digital presence for UNIQA.

A

Avvenire

avvenire.it

67

Avvenire.it is a well-established Italian media website providing news and multimedia content primarily in Italian. The site targets a general audience interested in current events and media content. Technically, the website employs modern web technologies including Nuxt.js framework, Tailwind CSS for styling, and is hosted on Microsoft Azure CDN infrastructure, ensuring good performance and scalability. The site integrates Cookiebot for cookie consent management and uses Google Tag Manager and Matomo for analytics, indicating a moderate level of user tracking and privacy compliance. Security-wise, the site enforces HTTPS and uses consent mechanisms but lacks explicit security headers and published security policies, which could be improved to enhance security posture. Overall, the site is professional and trustworthy with no signs of blocking or WAF interference, but it would benefit from publishing comprehensive privacy and security policies to improve compliance and user trust.

O

Olsberg SPI

o-spi.com

61

Olsberg SPI is a specialized international consultancy focused on the creative industries, particularly the global screen sector. The company offers strategic advisory and consultancy services to public and private sector clients, aiming to foster sustainable growth and demonstrate impact in a competitive environment. The website is professionally designed using Squarespace, featuring clear navigation and relevant content about their services, projects, and news. However, the absence of WHOIS registration data raises concerns about domain legitimacy and registration status. Security posture is moderate with HTTPS enabled but lacking advanced security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site presents a credible business front but would benefit from enhanced transparency and security practices.

I

In Good Spirits

ingoodspirits.at

56

In Good Spirits Vertriebsgesellschaft is a small Austrian company specializing in the distribution of spirits, sparkling wines, and non-alcoholic beverages primarily targeting the gastronomy and retail sectors in Austria. Their website reflects a professional and consistent brand presence, showcasing a diverse product portfolio with detailed descriptions. The company leverages WordPress CMS with SEO optimizations but lacks some advanced security and compliance features. Technically, the site is moderately performant and mobile-optimized, though it could benefit from enhanced accessibility and security headers. Security posture is adequate with HTTPS enforced but missing several best practice headers and explicit incident response policies. Privacy compliance is basic with privacy and cookie policies present but no active consent mechanism. Overall, the website is trustworthy and suitable for mature audiences given its alcohol-related content.

L

Liferay, Inc.

liferay.com

72

Liferay, Inc. is a well-established enterprise technology company specializing in digital experience platforms (DXP) that enable businesses to build portals, intranets, and websites with integrated content management and collaboration features. The company targets enterprise customers and developers, offering a comprehensive platform with strong market positioning. The website reflects a mature digital infrastructure with modern technologies such as React, Alloy UI, and OAuth2 for authentication. Analytics and marketing tools are implemented with privacy compliance in mind. Security posture is strong with HTTPS, CSP, and no visible vulnerabilities, though some security headers could be explicitly published. The absence of WHOIS data reduces domain transparency but is likely due to privacy or registry policies rather than malicious intent. Overall, the website is professional, secure, and trustworthy, supporting Liferay's reputation as a leader in the DXP market.

F

Plesk Obsidian 18.0.72

fondonegri.it

61

The website is a login portal for Plesk Obsidian 18.0.72, a commercial web hosting control panel software widely used by hosting providers and administrators. The page is designed primarily for authenticated users to access hosting management features. The business behind the software is positioned as a technology provider in the web hosting industry, targeting hosting service providers and web administrators. The site content is minimal, focusing on login functionality with cookie consent mechanisms in place, but lacks visible privacy policies or contact information on this page. Technically, the site uses the Plesk UI library, JavaScript frameworks like Prototype.js and RequireJS, and standard web technologies. The page is moderately optimized for mobile and accessibility but lacks advanced SEO features. Security-wise, the site uses HTTPS (implied by URL), includes CSRF protection tokens, and password input controls, but no explicit security headers were detected in the HTML content. DNSSEC is not enabled for the domain, which is a recommended improvement. The domain is well-established, created in 2000, indicating legitimacy. Overall, the security posture is moderate with room for improvement in security headers and explicit privacy/security policies. The site is safe with no adult or questionable content. No WAF or blocking mechanisms were detected, allowing full content access. The lack of visible business contact details and privacy policy on this page limits privacy compliance scoring. Strategic recommendations include enabling DNSSEC, adding security headers, and providing clear privacy and security policies linked from the login page.

T

Thomas Werner

spassmitdaten.de

44

Spass mit Daten is a German-language curated link directory and blog focused on data science, data visualization, and open data. The site provides categorized links to data sources, tools, background information, and guides, targeting data professionals, researchers, and hobbyists interested in open data. The business operates as a small, content-driven resource without direct commercial offerings. Technically, the site is built using the Hexo static site generator with the Icarus theme, leveraging modern web technologies such as HTML5, CSS3, JavaScript, and libraries like jQuery and Moment.js. Hosting is provided by Schlund Technologies, and the site uses HTTPS with good SSL configuration. Security posture is moderate with room for improvement, particularly in implementing security headers and cookie consent mechanisms. Privacy compliance is basic with a privacy policy present but no cookie banner. No contact information or formal security policies are published, limiting direct user engagement and incident response readiness. Overall, the website is professional, trustworthy, and safe, with minimal tracking and no advertising. The domain registration is consistent with the website's history and hosting provider, supporting legitimacy. Strategic improvements in security and privacy compliance would enhance trust and resilience.

C

Code for Germany

codefor.de

50

Code for Germany is a non-profit civic tech network focused on promoting open data, open government, and digital sustainability in Germany. It operates through a community of approximately 300 volunteers organized in local labs and an online platform. The organization is coordinated by the Open Knowledge Foundation Deutschland e.V. and is part of the global Code for All network. Their key services include developing open source software and hardware projects, supporting municipalities in digital transformation, and advocating for transparent and sustainable digital policies. Technically, the website is built using the Hugo static site generator, employs Matomo for privacy-conscious analytics, and is well-optimized for performance and mobile devices. Security posture is solid with HTTPS and minimal tracking, though improvements are recommended in security headers and explicit cookie consent. Overall, the website is professional, trustworthy, and serves a clear community and civic purpose.

M

Deutschlands grösstes Online Trainings- und Informationsportal für Immobilienmakler

makler-wissen.de

55

Makler-Wissen.de is Germany's largest online training and information portal dedicated to real estate agents. It offers hundreds of professional training and educational videos with certification to support the success of real estate professionals. The platform targets aspiring and active real estate agents seeking continuous education and certification. Technically, the website is built on the Contao Open Source CMS, hosted likely by netcup, and employs modern web technologies including JavaScript, CSS, and integrates marketing and analytics tools such as Facebook Pixel, Google Analytics, and Cookiebot for consent management. The site is mobile optimized and SEO friendly, providing a good user experience. Security-wise, the site uses HTTPS and implements CSRF protection cookies, but lacks explicit security headers and published incident response or vulnerability disclosure information. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a detailed privacy policy in German, aligned with GDPR requirements. Overall, the website is professional, trustworthy, and well-positioned in its niche, though it could improve security posture by adding security headers and incident response contacts.

B

Beikircher Grünland Srl

agritura.com

67

Agritura by Beikircher Grünland is an established Italian e-commerce platform specializing in agricultural products, animal husbandry supplies, and gardening accessories. Founded in 2008, the company targets farmers, hobby breeders, and gardening enthusiasts primarily in Italy, offering a wide range of Beikircher branded feeds and equipment. The website leverages Shopify as its platform, integrating customer review systems such as Google Reviews and Judge.me to build trust and credibility. The site is multilingual, supporting Italian, German, and English languages, enhancing its accessibility to a broader audience. Technically, the website employs modern web technologies and maintains good performance and mobile optimization, although some accessibility features could be improved.

K

KANULART Art & Design Studio

kanulart.design

60

KANULART Art & Design Studio is a small, specialized design studio based in Vevey, Switzerland, founded in 2012. The company focuses on branding, graphic design, and abstract minimalist art, targeting businesses and individuals seeking cohesive and relevant visual identities. The website reflects a professional and consistent brand image with bilingual content in French and English, showcasing a portfolio of design projects. Technically, the site is built on the Squarespace platform, leveraging modern web technologies such as Typekit and Google Fonts, and is optimized for mobile devices with good SEO practices. Security posture is solid with HTTPS enforced and a cookie consent banner present, though the absence of security headers and privacy policy pages indicates room for improvement. The lack of WHOIS data suggests privacy protection for the domain registration, which is typical for small businesses. Overall, the website presents a trustworthy and professional front with clear contact information and social media presence.

P

Promo Turismo FVG

turismofvg.it

62

The website www.turismofvg.it serves as the official tourism portal for the Friuli Venezia Giulia region in Italy, providing comprehensive information on accommodations, events, offers, and services to tourists. It positions itself as a trusted regional tourism authority, leveraging partnerships with major analytics and marketing providers such as Adobe, Google, and Cookiebot to enhance user experience and compliance. The site employs a modern consent management platform ensuring GDPR compliance and transparent cookie usage. Technically, the site is built on the Ikon Author CMS and integrates advanced tag management and analytics tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and cookie consent blocking mechanisms, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

H

Hell Company KG

hellcompany.eu

67

Hell Company KG is a newly founded (2024) small enterprise specializing in strategic marketing and digital transformation services tailored for growth-oriented SMEs in the construction sector. The company leverages AI-driven marketing automation to enhance market presence, customer acquisition, and talent recruitment. Their website reflects a professional and consistent brand image, targeting primarily German-speaking construction businesses in Italy. The business positions itself as a market leader in AI marketing solutions for the construction industry, emphasizing efficiency and digital innovation. Technically, the website is built on the WebPlatform CMS, utilizing modern web technologies including JavaScript, CSS3, and Google services such as reCAPTCHA and Consent Mode. The site is mobile-optimized and demonstrates moderate performance. However, some security best practices like DNSSEC and security headers are not fully implemented, representing areas for improvement. From a security perspective, the site enforces HTTPS and integrates Google reCAPTCHA to mitigate automated abuse. Privacy compliance is basic, with cookie consent mechanisms in place but lacking comprehensive GDPR indicators or explicit security policies. No incident response or vulnerability disclosure information is provided, which could be enhanced to build trust. Overall, the website is trustworthy and professional, with clear contact information and certifications such as EU AI ACT compliance. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include enhancing security headers, enabling DNSSEC, publishing security policies, and improving privacy compliance to elevate trust and security posture.

R

Registro Imprese

registroimprese.it

65

Registro Imprese is the official Italian Chamber of Commerce portal providing authoritative business registry data and official documents to businesses, public administrations, and operators. The website serves as a critical infrastructure for accessing company information, financial statements, and legal documents, positioning itself as a trusted government resource in Italy. Technically, the site is built on the Liferay platform, leveraging modern JavaScript frameworks such as React and Clay UI, and integrates consent management via Didomi to comply with GDPR. The security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities, although explicit security and incident response policies are not publicly found. Overall, the site demonstrates a mature digital infrastructure suitable for its official role, with good user experience and compliance mechanisms.

Raiffeisenverband Südtirol operates as a regional cooperative association focused on supporting and informing Raiffeisen cooperatives and their members in South Tyrol, Italy. The website serves as a news portal and information hub covering finance, agriculture, energy, social, and non-profit sectors. It provides auditing, legal, tax, and personal services to its members, reinforcing cooperative values and community engagement. The organization holds ESF accreditation, indicating recognized quality standards. Technically, the website is built on TYPO3 CMS, employs modern analytics tools with privacy-conscious configurations, and implements a cookie consent mechanism. Security posture is solid with HTTPS and anonymized analytics, though additional security headers and explicit security policies could enhance protection. Overall, the site is professional, trustworthy, and well-aligned with its business objectives.

R

Raiffeisenverband Südtirol

rvsportal.it

71

The website is a Microsoft Azure Active Directory login portal customized for Raiffeisenverband Südtirol, a regional cooperative banking association. It serves as an authentication gateway for users accessing SharePoint and other Microsoft services. The site leverages Microsoft's secure OAuth2 authorization code flow and integrates branding elements specific to Raiffeisenverband Südtirol, indicating a trusted business relationship. The technical infrastructure is robust, utilizing modern web technologies, Microsoft cloud hosting, and strong security controls including HTTPS, CSRF tokens, and nonce-based script loading. Privacy and terms of service are linked to official Microsoft pages, reflecting compliance with GDPR and other regulations. However, the site lacks explicit cookie consent mechanisms and direct contact information for security incidents, which could be improved. Overall, the site demonstrates a mature security posture appropriate for its function as an enterprise authentication portal.

S

Kickstart your TYPO3 template development - get.typo3.org

sitepackagebuilder.com

56

The website get.typo3.org/sitepackage serves as a resource hub for TYPO3 CMS template development, providing starter sitepackage templates and related resources primarily targeting TYPO3 developers and integrators. It operates within the open source software ecosystem, focusing on facilitating template creation for TYPO3 CMS users. The site demonstrates a moderate level of digital maturity, utilizing modern web technologies such as Web Components and integrating Usercentrics for consent management, indicating awareness of privacy requirements though lacking explicit policy pages. From a security perspective, the site is accessible without WAF or blocking mechanisms, but lacks visible security headers and explicit privacy or cookie policies, which are critical for GDPR compliance and user trust. The absence of contact information and WHOIS registrant data reduces the overall business credibility and trustworthiness. No vulnerabilities or exposed sensitive data were detected in the provided content, but improvements in security best practices and transparency are recommended. Overall, the site is functional and well-targeted for its niche audience but would benefit from enhanced privacy compliance, clearer business information, and improved security configurations to strengthen trust and compliance posture.

I

inService Coop.

inservice.it

62

inService Coop. is a regional consulting cooperative based in South Tyrol, Italy, specializing in tax consulting, payroll, legal advice, business consulting, occupational safety, and training services. The company targets small and medium enterprises as well as private individuals in the region, positioning itself as a trusted local advisor with comprehensive service offerings. The website reflects a professional and consistent brand image with clear navigation and relevant content in German and Italian. Technically, the site uses modern frameworks such as Astro, integrates Google Tag Manager and reCAPTCHA for security and analytics, and complies with GDPR through a comprehensive privacy and cookie policy. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Overall, the site demonstrates a mature digital presence suitable for its business domain.

C

Confcommercio - Confederazione Generale Italiana delle Imprese, delle Attività Professionali e del Lavoro Autonomo

confcommercio.it

68

Confcommercio is the largest business representation organization in Italy, serving enterprises, professionals, and autonomous workers. The website provides news, economic studies, and information about various sectors including economy, transport, tourism, and security. The organization targets Italian businesses and professionals, offering services such as advocacy, research, and event organization. The website is built on the Liferay CMS platform, utilizing modern JavaScript libraries and analytics tools such as Matomo, Google Tag Manager, and Facebook Pixel. The site is mobile optimized and presents a professional design with clear navigation. Security posture is good with HTTPS enforced and secure login forms, but lacks explicit security headers and published security policies. Privacy compliance is weak due to absence of visible privacy and cookie policies. Overall, the site is trustworthy and legitimate, with strong business credibility but room for improvement in privacy and security transparency.

H

Handels- und Dienstleistungsverband Südtirol

unione-bz.it

62

The Handels- und Dienstleistungsverband Südtirol (hds) is a regional trade and service association serving businesses in South Tyrol, Italy. It provides professional consulting, member services, training, and advocacy, positioning itself as a key regional player affiliated with the national Dachverband Confcommercio. The website reflects a mature digital presence with good content quality, clear navigation, and mobile optimization. Technically, it employs modern JavaScript libraries, consent management tools, and analytics platforms, hosted by a professional provider. Security posture is solid with HTTPS and consent mechanisms, though explicit security policies and headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and WHOIS data aligns well with the business identity, supporting legitimacy. Overall, the site is trustworthy and professionally maintained, serving its target audience effectively.

A

Apple

apple.com

77

Apple Inc. is a globally recognized leader in consumer electronics, software, and digital services. The company operates a comprehensive online presence offering a wide range of products including iPhone, iPad, Mac, Apple Watch, and Apple TV, alongside accessories and entertainment services. Apple maintains a strong market position with a focus on innovation, quality, and user experience. The website reflects this with professional design, clear navigation, and extensive product information targeting both consumers and businesses worldwide. Technically, the website employs modern web technologies including HTML5, CSS, JavaScript, and SVG graphics, optimized for both desktop and mobile platforms. The site demonstrates excellent performance, accessibility, and SEO practices, ensuring a fast and user-friendly experience. The presence of multiple language and regional versions indicates a mature digital infrastructure supporting global operations. From a security perspective, Apple enforces HTTPS with strong SSL configurations and comprehensive security headers such as Content-Security-Policy and Strict-Transport-Security. The site avoids exposing sensitive data and follows best practices in secure form handling. Privacy compliance is robust, with detailed privacy and cookie policies, GDPR adherence, and a clear vulnerability disclosure program. The WHOIS data is not publicly available, likely due to privacy protection, which is justified for a large enterprise. Overall, the website presents a low-risk profile with high trustworthiness, professional content, and strong security posture. Strategic recommendations include maintaining regular security audits, enhancing incident response transparency, and continuing to evolve privacy and consent mechanisms to align with emerging regulations.

S

Sparkasse.de

s.de

72

Sparkasse.de serves as the central information portal for the Sparkassen-Finanzgruppe, a major financial institution in Germany. The website provides comprehensive information about banking products, services, and branch locations, targeting a broad general audience primarily within Germany. The business model focuses on delivering accessible financial information and facilitating customer engagement with local Sparkasse branches. The site demonstrates a strong market position as part of a well-established financial group. From a technical perspective, the website employs modern web technologies including React and Next.js, indicating a mature digital infrastructure. The site is well-structured, mobile-optimized, and exhibits good SEO practices. However, there is limited evidence of advanced security headers or explicit privacy and cookie policies, which are critical for compliance and user trust in the financial sector. Security posture analysis reveals gaps such as the absence of visible security headers and lack of published security policies or incident response contacts. While HTTPS is presumed given the domain and modern setup, explicit confirmation is not available in the provided data. The lack of privacy and cookie policies also indicates potential compliance risks with GDPR requirements. Overall, Sparkasse.de is a professionally designed and credible financial information portal with strong business credibility and technical implementation. To enhance security and compliance, it is recommended to implement comprehensive privacy and cookie policies, security headers, and vulnerability disclosure mechanisms. These improvements will strengthen user trust and regulatory adherence.

The Centre Communal d'Action Sociale (CCAS) of Nice is a municipal public social service organization established since 2001, providing a broad range of social support services to the residents of Nice, France. Its offerings include senior care programs, social insertion initiatives, and community development actions. The website serves as an informational portal with links to official reports, social programs, and contact resources, targeting local citizens in need of social assistance. Technically, the website employs a basic but functional technology stack centered around jQuery and a CMS likely to be CMS Made Simple. The site is hosted by DIGITAL RURAL INFORMATIQUE and uses HTTPS to secure communications. While the site is accessible and contains relevant content, it lacks advanced mobile optimization, accessibility features, and modern security headers, which limits its technical maturity. From a security perspective, the website benefits from HTTPS but does not implement key security headers or provide explicit privacy, cookie, or security policies. There is no visible incident response or vulnerability disclosure information. The absence of these elements suggests room for improvement in compliance and security posture. However, no critical vulnerabilities or suspicious indicators were detected. Overall, the website is a trustworthy and legitimate municipal service portal with good business credibility but requires enhancements in privacy compliance, security best practices, and technical modernization to improve user experience and regulatory adherence.

I

Internationale Kurzfilmtage Winterthur

kurzfilmtage.ch

11

Internationale Kurzfilmtage Winterthur is a prominent Swiss short film festival that annually transforms Winterthur into a vibrant hub for short films, showcasing international and thematic film programs, competitions, and cultural events. The website reflects a mature digital presence with multilingual support, comprehensive event information, and integrated ticketing solutions. Technically, the site is built on the WebZen CMS platform, employs modern web standards, and includes Google Analytics and Google Ads for marketing and tracking. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be enhanced. Overall, the site demonstrates strong business credibility and compliance with privacy regulations, making it a trustworthy platform for visitors and industry stakeholders.

Cookies.fo is a specialized service provider offering cookie consent management solutions tailored to comply with Faroese data protection laws, GDPR, ePR, and CCPA. Founded in 2020 and operated by Spf QODIO, the company targets website owners needing to ensure legal compliance with cookie usage regulations. The website presents a clear business model based on subscription services with a free trial and standard paid plans. The market position is niche and local, focusing on the Faroe Islands and GDPR-regulated regions. Key services include a customizable cookie consent banner, centralized legal updates, and integration with Google Tag Manager.

T

Transparency International

transparency.org

75

Transparency International is a globally recognized non-profit organization dedicated to combating corruption and promoting integrity and accountability worldwide. The website serves as a comprehensive platform for advocacy, research, and public engagement on anti-corruption issues. It targets a broad audience including policymakers, civil society, and the general public. The organization maintains a strong market position as a leading authority in corruption research and policy influence. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Plausible Analytics, and Cookiebot for consent management. The site is well-optimized for mobile devices, has good SEO practices, and uses HTTPS with strong security headers, indicating a mature digital infrastructure. Performance is moderate with room for optimization. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, cookie consent, and security headers. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for transparency and trust. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations such as GDPR. The lack of WHOIS data is due to privacy protection, which is justified for this type of organization. Strategic recommendations include publishing a security policy, incident response information, and a vulnerability disclosure policy to enhance transparency and security posture.

U

United Nations Global Compact

unglobalcompact.org

71

The United Nations Global Compact website represents a well-established, globally recognized non-profit initiative focused on promoting corporate sustainability and responsible business practices aligned with the UN Sustainable Development Goals. The organization operates under the United Nations umbrella and targets businesses, governments, civil society, and young professionals worldwide. The website effectively communicates its mission, key services, and impact through professional design and comprehensive content. Technically, the site employs a modern technology stack including JavaScript frameworks, Google Tag Manager, Hotjar, and Stripe for payments, hosted on Amazon Cloudfront CDN. The site is performant, mobile-optimized, and accessible, with clear navigation and SEO best practices. Cookie consent and privacy policies are implemented with high compliance standards, reflecting GDPR adherence. From a security perspective, the site uses HTTPS with good SSL configuration and domain transfer protections. However, DNSSEC is not enabled, and no explicit security or incident response policies are published. The use of multiple third-party analytics and marketing tools introduces moderate tracking but is managed transparently with user consent. Overall, the website is trustworthy, professional, and secure with minor areas for improvement in security policy transparency and DNS security. The domain registration data aligns well with the organization's history, reinforcing legitimacy. Strategic recommendations include enabling DNSSEC, publishing security policies, and enhancing security headers to further strengthen the security posture.

C

Commerzbank

commerzbank.de

70

Commerzbank is a major German bank serving private and business customers with a comprehensive online banking portal. The website provides access to banking services and information tailored to its target audience of private individuals and entrepreneurs. The bank holds a strong market position in the German financial sector, offering a wide range of financial products and services. The website's technical infrastructure includes modern JavaScript-based analytics and monitoring tools such as Dynatrace and Google Analytics, indicating a mature digital presence. Security measures include HTTPS enforcement and CSRF token usage, although visible security headers and explicit security policies are not present in the provided content. Privacy compliance is partially addressed through a cookie consent mechanism, but no explicit privacy or terms of service pages were detected in the analyzed HTML snippet. Overall, the website is professional, secure, and trustworthy, with room for improvement in privacy transparency and security header implementation.