Security Directory

K

KIA AUTO AS

kia.ee

61

KIA AUTO AS operates as the official importer and distributor of Kia vehicles in the Baltic region, primarily serving Estonia. The company offers a broad range of Kia models including SUVs, electric vehicles, and passenger cars, supported by a network of 12 official dealerships across Estonia. The website reflects a professional automotive business with a focus on customer engagement through vehicle configuration and comparison tools. Technically, the site employs modern web technologies including Cookiebot for GDPR-compliant cookie management and Google Tag Manager for analytics and marketing. The site is mobile-optimized and presents a good user experience with clear navigation and branding consistency. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks visible advanced security headers and published security policies or incident response contacts. The extensive use of third-party tracking and advertising services indicates a high level of user data collection, balanced by transparent cookie consent dialogs. Overall, the website is legitimate, professionally maintained, and compliant with regional privacy regulations, though it could improve in explicit security policy disclosures and contact information availability.

K

Kia

kia.fi

69

Kia's Finnish website presents a professional and comprehensive digital presence for the automotive brand, focusing on electric and hybrid vehicles with a strong emphasis on a 7-year warranty. The site is built on Adobe Experience Manager and integrates multiple marketing and analytics tools such as Google Tag Manager, Adobe DTM, and Leadoo chat services, indicating a mature digital infrastructure. The website is well-optimized for mobile and accessibility, providing a good user experience with clear navigation and relevant content for the Finnish market. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit privacy policies are not directly visible in the provided content. The absence of WHOIS data is notable but likely due to registry or privacy protections; the domain is consistent with a major global brand. Overall, the site reflects a trustworthy and professional business with moderate user tracking and good compliance practices.

R

Raffut

raffut-rugby.fr

54

Raffut is a French media company specializing in rugby-related content, including magazines and news articles that explore the cultural and social aspects of rugby. The website is professionally designed using WordPress and Elementor, with a focus on delivering quality content to rugby enthusiasts. The business model centers on magazine sales and subscriptions, supported by partnerships with Sud Ouest's boutique and subscription platforms. Technically, the site employs modern web technologies and analytics tools such as Matomo and Piano Analytics, with a cookie consent mechanism implemented via Didomi. Security posture is adequate with HTTPS enforced, but lacks some advanced security headers and published security policies. Overall, the domain registration is consistent with the business's recent founding in 2022, and no suspicious indicators were found. Recommendations include publishing privacy and security policies and enhancing security headers to improve trust and compliance.

S

Spock Gestion

spock.fr

43

Spock Gestion is a French software company specializing in chantier (construction site) management software, serving primarily companies in green spaces and public works sectors. Established in 2007, it has positioned itself as a reference solution for over 15 years, offering a collaborative and secure web-based platform. The website reflects a mature digital presence built on WordPress with Elementor and TheGem theme, integrating SEO and analytics tools such as Rank Math and Google Tag Manager. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response information are not publicly disclosed. Overall, the site is professional, GDPR compliant, and trustworthy, with clear contact information and business details consistent with WHOIS data.

S

SIS Marchés

sis-marches.com

64

SIS Marchés is a French specialist software provider focused on public procurement management, operating as a subsidiary of the Ach@t Solutions group. The company offers a modular, collaborative software suite designed to streamline and secure public purchasing processes for buyers and suppliers. Their market position is strong within the French public sector, supported by over 450 clients and a broad user base. The website reflects a professional and consistent brand image, targeting public sector buyers and private suppliers with a comprehensive digital solution portfolio. Technically, the site is built on Drupal 8 with modern frontend libraries and integrates multiple marketing and analytics tools, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers and policies are lacking. The absence of WHOIS data for the domain is a notable concern, reducing trust in domain legitimacy despite the professional business presence. Overall, the website and business appear credible and well-established, but domain registration transparency should be improved.

P

Pharmatic

pharmatic.fr

60

Pharmatic is a specialized software publisher focused on public hospital procurement management, offering SaaS solutions to hospital buyers and pharmaceutical industrial clients. The company holds a strong market position in France with a significant client base and is part of the Ach@t Solutions group. The website is professionally designed using Drupal 8 and integrates modern web technologies and analytics tools with appropriate privacy and cookie consent mechanisms. Security posture is generally good with HTTPS enforced, but lacks explicit security policies and incident response information. WHOIS data is missing, which impacts domain legitimacy verification and trust. Overall, the website and business appear credible and professional, but domain registration details should be verified for full trust assurance.

S

Studio gazoline

studiogazoline.com

57

Studio Gazoline is a well-established communication agency based in Montpellier, France, with over 20 years of experience in digital marketing, website creation, SEO, and graphic design. The company targets businesses seeking comprehensive communication and digital marketing services, primarily in the Montpellier region and nearby cities. Their service portfolio includes communication strategy, SEO, web development using popular CMS and frameworks, webmarketing, and visual communication. The website reflects a professional and consistent brand image with strong trust indicators such as client logos and certifications. Technically, the website is built on Drupal 7 and leverages modern JavaScript libraries and frameworks including jQuery, Bootstrap, and Accordion-js. It integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, Hotjar, and Google Tag Manager, indicating a mature digital marketing infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. From a security perspective, the site uses HTTPS and includes reCAPTCHA for form protection and a GDPR-compliant cookie consent mechanism. However, it lacks explicit security headers and published security policies or incident response contacts. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency, although the website content and business information appear legitimate. Overall, Studio Gazoline presents a strong digital presence with good technical and marketing capabilities. The main risk area is the lack of WHOIS transparency and some missing security best practices. Addressing these gaps would enhance trust and security posture significantly.

C

Certified Financial Planner Board of Standards, Inc.

cfp.net

61

The Certified Financial Planner Board of Standards, Inc. operates the website www.cfp.net as the authoritative source for CFP® certification information and resources. The organization is a leading certification body in the finance sector, providing rigorous education, ethical standards, and professional development for financial planners. The website targets prospective candidates, current CFP® professionals, and the general public seeking trustworthy financial planning advice. The business model centers on certification, education, and public awareness, positioning CFP Board as a trusted industry standard bearer. Technically, the website is built on the Sitecore CMS platform, leveraging modern JavaScript libraries such as jQuery and integrating Cloudflare Turnstile CAPTCHA for bot mitigation. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Analytics and marketing tools include Google Tag Manager and Simpli.fi tracking pixels, indicating a moderate level of user tracking balanced with privacy compliance. From a security perspective, the site enforces HTTPS and uses CAPTCHA to protect forms, but lacks visible security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data is a notable anomaly, reducing trust slightly, but the overall professional presentation and consistent branding strongly support legitimacy. Overall, www.cfp.net is a high-quality, professional website serving an essential role in the financial planning certification ecosystem. Strategic improvements in security header implementation and transparency around security policies would enhance trust and compliance further.

G

Gesellschaft für Stadtreinigung und Abfallwirtschaft Krefeld mbH

gsak.de

63

Gesellschaft für Stadtreinigung und Abfallwirtschaft Krefeld mbH (GSAK) is a municipal service provider specializing in waste collection, street cleaning, and winter services in Krefeld, Germany. It operates as a subsidiary of SWK AG and EGN Entsorgungsgesellschaft Niederrhein mbH, positioning itself as a regional leader in environmental and waste management services. The website offers comprehensive information about their services, including container rental, bulky waste collection, and a mobile app for customer convenience. The target audience primarily includes private customers and businesses within Krefeld.

S

SWK AG

schluff-krefeld.de

59

Schluff Krefeld is a heritage railway service operated under the SWK AG umbrella, offering historical steam locomotive rides in Krefeld, Germany. The website targets tourists, families, and local residents interested in cultural and historical experiences. It provides ticket sales, event information, and community engagement opportunities. The business holds a solid local market position supported by community and partner organizations. Technically, the site is built on modern frameworks like React and Next.js, hosted likely via Vodafone IP infrastructure, and integrates privacy compliance tools such as Usercentrics CMP. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response information are absent. Overall, the site is professional, user-friendly, and trustworthy, with moderate user tracking balanced by consent mechanisms.

D

DREIKON GmbH & Co. KG

dreikon.de

67

DREIKON GmbH & Co. KG is a modern full-service advertising and digital marketing agency based in Münster, Germany. The company offers a broad range of services including SEO, SEA, web design, e-commerce solutions, graphic design, and marketing consulting. They position themselves as a strategic partner combining traditional advertising expertise with innovative digital marketing approaches, serving primarily small and medium-sized enterprises. Their market position is reinforced by multiple industry certifications such as Google Premier Partner and Top 100 SEO awards. Technically, the website is built on the ProcessWire CMS platform, utilizes Cloudflare for DNS and CDN services, and integrates modern marketing and tracking tools like Cookiebot, Google Tag Manager, and Leadinfo. The site is well-optimized for mobile devices, accessible, and SEO-friendly, with a professional design and clear navigation structure. From a security perspective, the website enforces HTTPS, implements cookie consent mechanisms, and does not expose sensitive data. However, there is room for improvement in publishing explicit security policies, incident response contacts, and vulnerability disclosure information. The use of security headers could also be enhanced. Overall, the website presents a low risk profile with strong business credibility and compliance with privacy regulations. Strategic recommendations include enhancing security transparency and further hardening HTTP headers to improve security posture.

M

Münsterland e.V.

muensterland.com

60

Münsterland e.V. operates as a regional development and promotional organization focused on enhancing the quality of life, economic opportunities, cultural engagement, and tourism in the Münsterland region of Germany. The website serves as a comprehensive portal for residents, businesses, tourists, and cultural participants, offering detailed information about living, working, and visiting the region. The organization positions itself as a key regional player fostering community, innovation, and sustainable growth. Technically, the website is built on a ProcessWire CMS platform, utilizing modern JavaScript libraries such as jQuery, Google Tag Manager, and Bing UET for analytics and marketing. Accessibility features are well implemented, including WCAG options and cookie consent mechanisms, reflecting a mature digital infrastructure. The site is mobile-optimized and SEO-friendly, with structured data enhancing search engine visibility. From a security perspective, the site enforces HTTPS and employs cookie consent for privacy compliance. However, it lacks explicit security headers and a published security.txt file, which are recommended for improved security posture. The absence of WHOIS registration data raises concerns about domain legitimacy, though the website content and branding appear professional and trustworthy. Overall, the site presents a low-risk profile with strong content quality and technical implementation but would benefit from enhanced transparency in domain registration and security incident response information.

B

Baytree Interactive Ltd

royalvegas.com

50

Royal Vegas Casino is an established online gambling platform operated by Baytree Interactive Ltd, licensed by the Kahnawake Gaming Commission. The website offers a wide range of casino games including slots, table games, live dealer experiences, and progressive jackpots, targeting adult users globally. The platform emphasizes secure deposits, responsible gaming, and player rewards, supported by trusted payment methods and certifications such as eCogra. Technically, the site uses modern JavaScript libraries, analytics tools, and is optimized for mobile devices, providing a professional and user-friendly experience. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS registration data introduces some uncertainty about domain registration transparency, but overall the site presents as a legitimate and professional online casino. Strategic recommendations include enhancing security header implementation, publishing security policies, and improving transparency around data retention and incident response.

C

CTS Eventim AG

eventim.de

57

CTS Eventim AG operates www.eventim.de, a leading German and European online ticketing platform offering tickets for over 200,000 events including concerts, musicals, comedy shows, and sports. The website targets event attendees primarily in Germany and Europe, providing a comprehensive event listing and ticket purchasing service. The business model is e-commerce focused, with additional offerings such as VIP extras and gift vouchers. The company is large and well-established, with consistent branding and high content quality.

H

Huwise

opendatasoft.fr

70

Huwise is a French technology company specializing in data product marketplace solutions designed to simplify and secure data consumption and sharing. The company targets data leaders, IT, business leaders, and public sector organizations, offering a SaaS platform that integrates data cataloging, governance, AI-enhanced search, and collaboration features. Recognized by Gartner and trusted by over 350 clients including major financial and public institutions, Huwise positions itself as a leading solution in the data sharing market. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and uses various JavaScript libraries for enhanced user experience and analytics, including Matomo and Google Tag Manager. The site is well-optimized for SEO, mobile-friendly, and includes a cookie consent mechanism compliant with GDPR. From a security perspective, the site enforces HTTPS and uses consent management tools but lacks explicit security headers and incident response contact information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data for the domain is unusual but the website's professional presentation and client references support its legitimacy. Overall, Huwise presents a mature and professional digital presence with strong business credibility. Strategic improvements in security transparency and WHOIS registration clarity are recommended to enhance trust and compliance.

C

CFP Board

letsmakeaplan.org

69

Let's Make a Plan (letsmakeaplan.org) is a professionally designed and content-rich website operated by CFP Board, a leading non-profit organization in the financial planning sector. The site serves as a consumer education platform and a directory to find CERTIFIED FINANCIAL PLANNER® professionals across the United States. It offers comprehensive educational resources, a robust search tool for locating CFP® professionals by location or name, and emphasizes fiduciary duty and ethical financial planning. The website is well-branded, consistent, and trusted within its niche, supported by references to CFP Board's official site and social media presence. Technically, the site leverages modern web technologies including Sitecore CMS, Google Tag Manager, Google Maps API, jQuery, and Cloudflare Turnstile CAPTCHA for form security. It demonstrates good mobile optimization, accessibility, and SEO practices. Privacy compliance is evident through a clear privacy policy, cookie consent mechanisms, and GDPR awareness. However, the site lacks explicit security policies and incident response information. From a security perspective, the site uses HTTPS and CAPTCHA protections effectively, with no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data due to a malformed response limits domain registration trust analysis, but the strong brand presence and external references mitigate concerns. Overall, the site presents a secure, professional, and trustworthy platform for financial planning consumers. Strategically, the site should improve transparency by publishing security policies and incident response contacts, and address WHOIS data visibility to enhance domain trustworthiness. These steps will strengthen user confidence and compliance posture.

Ranger Buddies, operated by Mandai X, is an educational platform focused on empowering children to be heroes for a sustainable future through engaging missions and activities. The platform leverages both physical and digital experiences, supported by wildlife experts and pedagogists, to foster character strengths and environmental awareness among children. The website is well-positioned in the niche education sector, targeting families and schools primarily in Singapore. Technically, the site is built on HubSpot CMS with modern libraries such as UIkit and Font Awesome, and integrates Google Analytics 4 and Facebook Pixel for marketing and analytics. The site is mobile-optimized and demonstrates good SEO practices. Security posture is solid with HTTPS enforced and privacy compliance mechanisms in place, although DNSSEC is not enabled and security headers are not explicitly detected. No critical vulnerabilities or suspicious content were found. Overall, the domain registration is consistent with the business profile, enhancing trustworthiness.

V

Vouch Concierge

vouchconcierge.com

70

Vouch Concierge operates a professional website offering a comprehensive front-to-back-end operations ecosystem for hotels, targeting small to enterprise-sized hospitality businesses. Their solutions include self check-in systems, virtual assistants, guest experience platforms, and operational automation, positioning them as an innovative technology provider in the hospitality sector. The website is built on WordPress with modern page builders and includes multilingual support, indicating a mature digital presence. Security posture is generally good with HTTPS and no exposed sensitive data, but lacks explicit privacy and cookie policies, which are critical for compliance. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, though the professional site and client logos mitigate some risk. Overall, the site demonstrates good business credibility and technical implementation but requires improvements in privacy compliance and domain registration transparency.

E

E-goi

e-goi.com

68

E-goi is a marketing automation platform specializing in AI-driven marketing solutions for e-commerce, retail, and service industries. The company offers key services such as email marketing, SMS marketing, and multichannel campaign management, positioning itself as a competitive player in the marketing technology sector. The website demonstrates a professional and consistent brand presence with good content quality and user experience. Technically, the site is built on WordPress with modern SEO and analytics tools integrated, including Google Tag Manager and Microsoft Clarity. The security posture is solid with HTTPS enforced and security headers implemented, though some minor CSP issues were detected. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, the absence of WHOIS domain registration data raises concerns about domain legitimacy and ownership transparency. Overall, the website is trustworthy and functional but would benefit from clarifying domain registration details and enhancing security policy disclosures.

L

La Nouvelle République

lanouvellerepublique.fr

65

La Nouvelle République is a prominent regional news media outlet serving the Centre-Val de Loire and Poitou regions in France, providing live updates on politics, justice, economy, and other societal topics. The website is well-positioned as a trusted source for regional and national news, targeting a broad general audience interested in current events. Technically, the site employs modern web frameworks such as Next.js and React, integrates advanced advertising technologies including Prebid.js and Amazon APS, and uses multiple analytics and tracking services to optimize content delivery and monetization. Security-wise, the site enforces HTTPS, uses standard security headers, and implements consent management for GDPR compliance, although explicit security policies and incident response contacts are not publicly available. Overall, the site demonstrates a mature digital presence with good content quality and technical implementation, though improvements in transparency and contact availability could enhance trust further.

S

Sud Ouest

sudouest.fr

57

Sud Ouest is a prominent French regional news media company providing continuous local and international news coverage, including politics, economy, sports, and cultural content. The website offers both free and subscription-based access, supported by advertising revenue. It targets a general audience primarily in the South West of France. The digital infrastructure is modern, leveraging JavaScript frameworks, Google Tag Manager, and a consent management platform to ensure compliance with privacy regulations. The site is well-structured with good SEO and mobile optimization. Security posture is solid with HTTPS and consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. Overall, Sud Ouest demonstrates a mature and professional online presence with strong privacy compliance and trustworthy branding.

M

Midi Libre

midilibre.fr

58

Midi Libre is a prominent regional news media outlet serving Montpellier and its surrounding regions in France. The website offers a comprehensive range of local news, sports, culture, and economic information, enriched with multimedia content such as videos and podcasts. It operates on a subscription and advertising business model, targeting residents and interested readers in the region. The site is well-branded and professionally maintained, reflecting a strong market position as a leading regional news source. Technically, the website employs modern web technologies including Google Tag Manager, Google Identity Services, and Materialize CSS framework. It integrates advanced tracking and consent management tools, ensuring GDPR compliance and user privacy. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience across devices. From a security perspective, the site enforces HTTPS and uses consent management platforms for cookies. While explicit security headers are not fully confirmed, the overall security posture is strong with no evident vulnerabilities. However, the absence of published security policies or incident response contacts is a gap. The WHOIS data is unavailable from the AFNIC server, which slightly reduces trust but does not undermine the site's legitimacy given its professional content and branding. Overall, Midi Libre presents a low-risk profile with a mature digital presence and strong business credibility. Strategic improvements in publishing security policies and enhancing WHOIS transparency would further strengthen trust and compliance.

L

La Gazette des Communes

lagazettedescommunes.com

62

La Gazette des Communes is a French media outlet specializing in news and information related to the territorial public service and local government. It provides comprehensive coverage of public sector careers, recruitment, legal matters, and thematic professional clubs. The website targets public sector professionals and local government officials in France, offering news, analysis, and events. Technically, the site is built on WordPress with modern JavaScript libraries and monitoring tools such as New Relic and Google Tag Manager. It employs a consent management platform (Didomi) to comply with privacy regulations. Security posture is good with HTTPS enforced and standard security headers present, though no explicit security policy or incident response information is publicly available. The absence of WHOIS data suggests privacy protection or registry restrictions, which is common for media websites. Overall, the site is professional, trustworthy, and compliant with GDPR, but could improve transparency around security and contact information.

L

La Dépêche du Midi

ladepeche.fr

63

La Dépêche du Midi operates as a prominent regional news media outlet serving the Occitanie region in France. The website provides real-time news updates, local and regional information, and multimedia content including photos and videos. Its business model is primarily based on advertising revenue and subscription services, offering both free access with personalized advertising and premium content for subscribers without personalized cookies. The site maintains a strong brand presence with consistent and professional design, targeting a general audience interested in regional news, sports, politics, and culture. Technically, the website employs modern web technologies including Google Tag Manager for analytics, Didomi for consent management, and Materialize CSS for responsive design. The site is well-optimized for mobile devices and demonstrates good SEO and accessibility practices. Performance is moderate, with multiple third-party scripts integrated for advertising and user tracking. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements key security headers. Consent management is robust, aligning with GDPR requirements. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms indicates room for improvement in transparency and security maturity. Overall, the website is trustworthy and professional, though the lack of WHOIS registration data reduces domain trust verification. Strategic recommendations include publishing detailed security policies, establishing incident response contacts, and adding vulnerability disclosure information to enhance security posture and user trust.

M

MADE IN CIMA s.r.l.

madeincima.it

57

MADE IN CIMA s.r.l. is a small Italian digital agency specializing in responsive web design, digital communication strategies, ecommerce, SEO, social media, and consultancy services. The company targets businesses seeking tailored digital solutions, primarily in Italy, with a strong regional presence in Trento and Torino. Their portfolio includes luxury hospitality and cultural clients, indicating a reputable market position. Technically, the website is built on WordPress with modern plugins and analytics tools such as Matomo and Google Analytics, demonstrating a mature digital infrastructure. The site is mobile-optimized and SEO-friendly, with clear navigation and professional design. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some HTTP security headers could be improved. Privacy compliance is well addressed with comprehensive privacy and cookie policies. Overall, the website reflects a trustworthy and professional business with good digital maturity.

S

Südtiroler Kulturinstitut

tanzbozen.it

48

Tanz Bozen / BolzanoDanza is a well-established cultural and educational institution based in Italy, specializing in contemporary dance workshops and festivals. The organization operates under the Südtiroler Kulturinstitut and has been active since 2004, offering a variety of dance courses, events, and community engagement activities. Their website reflects a professional and consistent brand image targeting dance students, professionals, and cultural event attendees. The business model focuses on event organization and cultural education with a strong international presence in the dance community. Technically, the website is built on TYPO3 CMS and incorporates modern frontend technologies such as jQuery, Slick Carousel, Google reCAPTCHA, and Google Tag Manager. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, performance is moderate and accessibility features are basic. SEO practices are adequately implemented. From a security perspective, the site uses HTTPS and includes a cookie consent mechanism compliant with GDPR. However, the domain registration has recently expired, posing a risk to continuity and trust. No advanced security headers were detected, and DNSSEC is not enabled. There is no visible security policy or incident response contact information, which could be improved to enhance trust and compliance. Overall, the website is trustworthy and professional, with good privacy compliance and business credibility. Strategic recommendations include renewing the domain registration promptly, enabling DNSSEC, implementing security headers, and publishing security and incident response policies to strengthen the security posture and user trust.

P

Parkhotel Laurin

laurin.it

63

Parkhotel Laurin is a historic luxury hotel located in Bolzano, Italy, established in 1910. The website presents a comprehensive hospitality business offering hotel accommodations, gourmet dining, bar services, meeting and event spaces, and direct booking benefits. The site targets tourists and business travelers seeking premium services in the South Tyrol region. Technically, the website employs modern tracking and consent management tools such as Google Tag Manager, Matomo Analytics, and Usercentrics CMP, hosted likely on Zeppelin Group infrastructure. The design is professional, mobile-optimized, and SEO-friendly, with clear navigation and multilingual support. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though additional security headers could enhance protection. Privacy compliance is supported by a consent mechanism, but explicit privacy and terms of service pages were not detected. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the website is trustworthy, professional, and well-maintained.

M

Marlene®

marlene.it

50

Marlene® is a well-established brand specializing in the promotion and marketing of South Tyrolean apples, emphasizing quality, sustainability, and culinary inspiration. The website presents a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern web technologies and a CMS platform (Consisto.CMS), with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks some security headers and explicit privacy and cookie policies. Analytics usage is moderate with Google Analytics and Tag Manager implemented, but privacy compliance could be improved. Overall, the website is trustworthy and serves its business purpose effectively.

L

Loacker

loacker.it

71

Loacker is a well-established confectionery brand operating a professional e-commerce platform targeting consumers in Italy and beyond. The website offers a wide range of products including classic wafers and gift packages, leveraging BigCommerce as its platform. The technical infrastructure is modern, utilizing trusted third-party services such as Google Analytics, Trustpilot, and Cookiebot for analytics, reviews, and compliance. The site demonstrates good digital maturity with responsive design and SEO optimization. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is trustworthy, compliant with GDPR, and provides a positive user experience.

K

Kia

kia.com

69

Kia's Finnish website serves as a localized portal for the global automotive brand, offering detailed information about their vehicle lineup, including electric and hybrid models, with a strong emphasis on a 7-year warranty. The site targets Finnish consumers interested in purchasing or learning about Kia vehicles, providing tools such as a car configurator, service booking, and dealer locator. The business model focuses on automotive manufacturing and retail, supported by a consistent and professional online presence.

M

mouvement

mouvement.net

54

Mouvement.net is a French cultural magazine established since 1993, focusing on interdisciplinary arts including dance, theater, visual arts, cinema, music, and literature. The website serves a French-speaking audience interested in cultural content and offers subscription services alongside editorial articles and event coverage. Technically, the site employs modern JavaScript libraries such as jQuery and ScrollReveal, uses Google Tag Manager for analytics, and appears mobile-optimized with a good user experience. However, the absence of WHOIS data raises questions about domain registration legitimacy, although the active and professional nature of the site suggests a legitimate operation. Security posture is moderate with HTTPS usage but lacks visible security headers and cookie consent mechanisms, indicating room for improvement in compliance and security best practices.

A

Artribune srl

artribune.com

68

Artribune srl operates a well-established Italian digital media platform focused on contemporary art and culture since 2011. The website offers a rich array of editorial content, including news, interviews, event calendars, podcasts, and a freepress magazine distributed nationally. Its target audience includes art enthusiasts, professionals, and cultural consumers interested in diverse creative fields such as architecture, design, music, and literature. The business model combines digital publishing, newsletter subscriptions, and event promotion, positioning Artribune as a key player in Italy's cultural media landscape. Technically, the website is built on WordPress with WooCommerce and Gravity Forms, integrating modern advertising and analytics technologies such as Google Tag Manager, Google Analytics, and multiple ad networks. The site demonstrates good mobile optimization and SEO practices, though performance is moderate. Security posture is adequate with HTTPS and consent management in place, but lacks advanced security headers and explicit vulnerability disclosure mechanisms. The absence of WHOIS data for the domain www.artribune.com is a notable anomaly, reducing domain trustworthiness despite the professional and consistent web presence. No blocking or WAF challenges were detected, allowing full content access. Privacy and cookie policies are not explicitly found in the provided content, indicating room for compliance improvement. Overall, Artribune presents a credible and professional digital media presence with strong content quality and business credibility. Strategic enhancements in security headers, privacy disclosures, and domain registration transparency would further strengthen its trust and compliance posture.

R

Rai Cultura

raicultura.it

58

Rai Cultura is a cultural portal operated by RAI, Italy's national public broadcasting company, providing rich content across various cultural domains such as art, literature, history, philosophy, music, cinema, theater, dance, and science. The website targets a broad audience interested in cultural enrichment and serves as a trusted source of cultural information and events in Italy. Technically, the site employs modern web technologies including JavaScript frameworks, Google Tag Manager for analytics, and responsive design principles to ensure accessibility across devices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and GDPR-aligned cookie consent. Overall, the site demonstrates a high level of professionalism, trustworthiness, and technical maturity.

R

Rai

raiplaysound.it

64

RaiPlay Sound is the digital audio platform of Rai, Italy's public broadcaster, offering live radio streaming, podcasts, and audiobooks. The platform targets a broad audience interested in Italian radio content and digital audio entertainment. It provides user account features for personalized experiences and supports mobile applications on iOS and Android. The website demonstrates a mature digital infrastructure with modern web technologies, responsive design, and integration with major analytics and advertising services. Privacy and cookie consent mechanisms are robust and GDPR compliant, reflecting the organization's commitment to user data protection. Security posture is strong with HTTPS enforcement and standard best practices, though explicit security headers and vulnerability disclosure mechanisms could be enhanced. Overall, RaiPlay Sound presents a professional, trustworthy, and user-friendly digital media service.

A

Alperia Fornitura Luce e Gas 100% Green

alperia.eu

73

Alperia is a prominent energy supplier specializing in 100% green electricity and CO₂ compensated gas, targeting residential and business customers primarily in Italy and German-speaking regions. The company emphasizes renewable energy solutions and sustainability, positioning itself as a leader in the regional energy market. Their digital presence is built on a modern WordPress platform with multilingual support, SEO optimization, and integrated marketing and analytics tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement, security headers, and no evident vulnerabilities, although there is room for improvement in incident response transparency and vulnerability disclosure. Overall, the website and domain present a trustworthy and professional image aligned with the company's business objectives.

4

426 Agency Srl

426.agency

72

426 Agency Srl is a small Italian technology company specializing in custom software solutions and e-commerce development, particularly leveraging Shopware 6. The company positions itself as a technical partner for international brands, offering services including e-commerce, B2B e-commerce, interface programming, cloud services, and custom software development. Their website reflects a professional and consistent brand image with clear navigation and relevant content targeted at businesses seeking digital transformation and integration solutions. Technically, the site uses modern frameworks and tools such as Shopware, jQuery, Google reCAPTCHA, HubSpot, and Google Analytics 4, indicating a mature digital infrastructure. Security posture is good with HTTPS and anti-bot measures, though security headers and formal policies are lacking. The absence of WHOIS data reduces domain trustworthiness, but the website content and structured data support legitimacy. Overall, the site is well-built but would benefit from enhanced privacy and security disclosures.

SmileCredit is a Bulgarian online lending platform specializing in fast payday loans and installment credit products up to 10,000 BGN. The company targets individuals seeking quick and accessible credit solutions with minimal documentation, emphasizing ease of use and speed. Their market position is that of an active microfinance lender with clear product offerings and a digital-first approach. Technically, the website employs modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and reCAPTCHA Enterprise, indicating a mature digital infrastructure. The site is mobile-optimized and uses HTTPS, ensuring secure communications. However, it lacks explicit privacy and cookie policies, which is a compliance gap. Security posture is generally good but could be improved by adding security headers and publishing vulnerability disclosure information. Overall, the website is professional and trustworthy, but improvements in privacy compliance and security transparency are recommended.

Campus Nantes Terre Atlantique is a public educational institution specializing in agricultural education and training, serving the Nantes region and surrounding areas including Saint-Herblain, Guérande, and Nozay. The institution offers a variety of educational pathways including general and technological schooling, professional training, apprenticeships, and adult continuing education. The website reflects a well-structured and regionally focused educational campus with a clear mission to support agricultural career development.

I

Isema

isema.fr

57

Isema is a specialized business school located in Avignon, France, focusing on commerce and management education in the agri-agro and naturality sectors. It offers degree programs up to Bac+5 level, including bachelor and MBA courses, with a strong emphasis on immersive pedagogy, entrepreneurship, and real-world projects. The school is recognized by the French state and is a member of the prestigious Conférence des Grandes Écoles, enhancing its market credibility. Partnerships with ISARA and AGRIVIA further strengthen its academic and research capabilities. Technically, the website is built on WordPress using the Genesis Framework and incorporates modern SEO and analytics tools such as Yoast SEO, Google Tag Manager, Facebook Pixel, and Matomo. The site is mobile-optimized, accessible, and provides a good user experience with clear navigation and rich content including multimedia elements. Privacy and cookie policies are implemented with GDPR compliance, and a cookie consent mechanism is active. From a security perspective, the site uses HTTPS with a strong SSL configuration but lacks some recommended security headers. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain trust verification, but the professional presentation and state recognition support legitimacy. Overall, the website demonstrates a mature digital presence with room for security enhancements. Strategically, Isema should focus on implementing additional security headers, publishing a security policy and incident response plan, and adding a security.txt file to improve transparency and trust. These steps will strengthen its security posture and compliance, supporting its reputation as a reputable educational institution.

I

International Union for Conservation of Nature (IUCN)

iucncongress2025.org

54

The IUCN World Conservation Congress website serves as the official digital platform for the quadrennial global event focused on nature conservation. It targets conservation experts, leaders, and decision-makers worldwide, providing comprehensive information about the Congress components, schedules, speakers, and partners. The site is well-branded, consistent, and professionally designed, reflecting the stature of the IUCN organization and its global conservation mission. Technically, the site is built on Drupal 10, leveraging modern web technologies and third-party integrations such as Google Tag Manager and social media pixels. While performance and mobile optimization are good, there is room for improvement in security headers and DNSSEC implementation. The security posture is solid with HTTPS and domain registrar protections, but lacks explicit incident response and security policy disclosures. Privacy compliance is partially addressed with cookie consent mechanisms, though a dedicated privacy policy page is not clearly found. Overall, the site is trustworthy, safe, and professionally maintained, suitable for its non-profit event purpose.

A

Acquia

acquiadam.com

72

Acquia is a recognized enterprise technology company specializing in digital experience management solutions, including digital asset management and content management. The analyzed website is a Salesforce Experience Cloud community portal dedicated to Acquia's Digital Asset Management product, targeting developers, marketers, and enterprise customers. The site integrates multiple payment gateways and analytics services, reflecting a mature technical infrastructure. Security posture is strong with HTTPS and strict Content-Security-Policy headers, though additional security headers could enhance protection. Privacy and cookie policies are not detected in the provided content, indicating room for compliance improvement. Overall, the site presents a professional and trustworthy digital presence aligned with Acquia's business model.

E

Eventim USA

eventim.com

57

Eventim USA operates a professional and comprehensive online ticketing platform specializing in concerts, sports, festivals, theater, and other live events. The company is positioned as a major player in the e-commerce ticketing market, supported by a strong brand and international presence under the parent company CTS EVENTIM AG & Co. KGaA. The website offers a rich user experience with advanced search capabilities, promotional content, and newsletter subscriptions, targeting a broad audience interested in live entertainment. Technically, the site employs modern web technologies including jQuery, Swiper.js, Google Analytics, and Akamai performance monitoring, ensuring fast and responsive user interactions. Security posture is strong with HTTPS enforcement, security headers, and GDPR-compliant consent management. However, WHOIS data for the domain is unavailable, likely due to privacy protection or registry issues, which slightly impacts trust but is mitigated by the professional site and known parent company affiliation. Overall, the site demonstrates a mature digital infrastructure and a solid business model with good compliance and security practices.

DERTICKETSERVICE.DE GmbH & Co. KG operates the website westticket.de, an established e-commerce platform specializing in ticket sales for concerts, sports, musicals, shows, and cultural events primarily in Germany. The platform targets a broad audience interested in event attendance and offers a wide range of event categories and city-specific venues, indicating a well-structured and user-friendly service. The website demonstrates a consistent brand presence and professional design, supporting its market position as a reliable ticket reseller. Technically, the website employs common web technologies such as jQuery, Google Tag Manager, and Eventim's EVI widget, hosted on netcologne.de infrastructure. The site shows moderate performance and good mobile optimization, with basic accessibility and SEO features. The presence of a comprehensive cookie consent mechanism reflects a mature approach to privacy compliance, particularly GDPR adherence. From a security perspective, the site enforces HTTPS and uses cookie consent for user data protection. However, it lacks explicit security headers and published security policies or incident response contacts, which are areas for improvement. No vulnerabilities or suspicious patterns were detected in the provided content or WHOIS data, which is consistent and transparent, reinforcing the domain's legitimacy. Overall, westticket.de presents a trustworthy and professional e-commerce platform with solid privacy compliance and a good security baseline. Strategic enhancements in security policy transparency, security headers, and accessibility could further strengthen its posture and user trust.

D

DERTICKETSERVICE.DE GmbH & Co. KG

koelnticket.de

57

DERTICKETSERVICE.DE GmbH & Co. KG operates the kölnticket.de website, a regional e-commerce platform specializing in ticket sales for concerts, sports, theater, musicals, and cultural events primarily in the Cologne area. The website offers a well-structured event catalog with personalized recommendations and additional services such as gift vouchers and VIP extras. The company positions itself as a trusted local ticket provider with a focus on secure and convenient online ticket purchasing. Technically, the website employs modern web technologies including jQuery, Google Tag Manager, and a consent management platform to ensure GDPR compliance. Hosting is provided by NetCologne, consistent with the regional focus. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site demonstrates good digital maturity and compliance with privacy regulations, supporting a positive user experience and trustworthiness.

I

IUCN

iucn-events.org

54

The IUCN World Conservation Congress website serves as the official digital platform for a major global event focused on nature conservation, scheduled for October 2025 in Abu Dhabi. The site targets conservation experts, leaders, decision-makers, partners, and the interested public, providing comprehensive information about the Congress components including the Forum, Exhibition, and Members' Assembly. It also offers access to virtual platforms, multimedia content, and partner engagement opportunities. The website reflects a strong market position as a leading non-profit event organizer in the environmental sector. Technically, the site is built on Drupal 10, leveraging modern web technologies and CDNs for performance and global reach. It integrates Google Tag Manager, LinkedIn Insight, and Facebook Pixel for analytics and marketing, alongside a robust cookie consent mechanism. The site is mobile-optimized, accessible, and SEO-friendly, with a consistent and professional design. From a security perspective, the website enforces HTTPS, employs domain locking statuses, and uses reCAPTCHA for bot protection. However, DNSSEC is not enabled, and some advanced security headers are not explicitly detected. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is moderate due to the absence of a dedicated privacy policy page, though cookie documentation and consent are well implemented. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements include enabling DNSSEC, publishing a comprehensive privacy policy, and enhancing security headers to further strengthen trust and compliance.

A

Apecita

apecita-media.com

59

Apecita Media is a specialized French media platform providing news, resources, and employment information focused on the agriculture, agro-food, and environment sectors. The website offers a rich variety of content including sector news, career advice, quizzes, and professional resources, targeting professionals and job seekers in these industries. The platform maintains a consistent and professional brand image with active social media engagement and modern web technologies such as WordPress and Yoast SEO plugin. Technically, the site is well-structured, mobile-optimized, and uses performance-enhancing tools like WP Rocket. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks some security headers and explicit privacy and terms of service pages. The WHOIS data is missing or indicates the domain may not be registered, which is a significant risk factor for legitimacy. Overall, the site is trustworthy and professional in content but requires verification of domain registration and improvements in security and compliance documentation.

E

Edition Raetia

raetia.com

48

Edition Raetia operates as an independent book publisher and online retailer based in Bolzano, South Tyrol, specializing in German and Italian language books with a regional cultural focus. The website is built on the PrestaShop platform, featuring a professional design, multilingual support, and e-commerce capabilities including a newsletter subscription protected by Google reCAPTCHA. The technical infrastructure incorporates modern tracking and marketing tools such as Google Analytics and Facebook Pixel, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and some security best practices observed, though explicit security headers and privacy policies are lacking. The absence of public WHOIS data for the domain raises concerns about domain legitimacy and registration transparency, which should be further investigated. Overall, the website presents a functional and professional front for a small regional publisher but would benefit from enhanced privacy compliance and security disclosures.

Music 4 the Next Generation is a culturally focused initiative based in Italy that promotes young musicians under 35 to reinterpret classical Italian music. The initiative is supported by multiple banking foundations and cultural partners, positioning it as a reputable and established event in the Italian music scene. The website provides comprehensive information about the competition, jury, rules, and past winners, targeting young musicians and classical music enthusiasts. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and a consent management platform to ensure GDPR compliance. The site is mobile-optimized and includes a newsletter subscription form integrated with Mailchimp. Security-wise, HTTPS is enforced, and consent mechanisms are in place, but the absence of explicit security headers suggests room for improvement. Overall, the site is professional, trustworthy, and compliant with privacy regulations, with a moderate to good technical implementation and security posture.

F

Fondazione Haydn di Bolzano e Trento

bolzanodanza.it

53

Bolzano Danza is a prominent contemporary dance festival organized by Fondazione Haydn di Bolzano e Trento, held annually in Bolzano, Italy. The festival showcases leading choreographers and performers, offering a diverse program of performances, workshops, and community engagement activities. It targets a broad audience interested in contemporary dance and cultural events, emphasizing inclusion and sustainability. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins such as Yoast SEO, WPML for multilingual support, and Matomo for privacy-conscious analytics. It uses HTTPS with good SSL configuration and includes cookie consent mechanisms compliant with GDPR. The site integrates external partners and sponsors, enhancing its credibility and reach. From a security perspective, the website demonstrates good practices including HTTPS enforcement and cookie consent. However, it lacks explicit security policies, incident response contacts, and advanced security headers, which could be improved. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is solid but could benefit from additional hardening. The domain WHOIS data aligns well with the website's organizational claims, showing transparency and legitimacy. No blocking or WAF challenges were detected, allowing full content access and analysis. The site is safe for general audiences with no adult or questionable content. Strategic recommendations include enhancing security headers, publishing incident response information, and maintaining regular security audits to sustain trust and compliance.

C

Conservation Planning Specialist Group

cpsg.org

66

The Conservation Planning Specialist Group (CPSG) is a well-established non-profit organization dedicated to species conservation planning and capacity building. With over 40 years of experience, CPSG leverages scientific approaches and collaborative workshops to support global biodiversity goals. Their website reflects a professional and consistent brand, targeting conservationists, researchers, donors, and the general public interested in wildlife preservation. The organization offers key services including conservation planning workshops, training, scientific tools, and annual meetings. Technically, the website is built on Drupal 10 and incorporates modern JavaScript libraries and Google Tag Manager for analytics. The site is mobile-optimized, accessible, and performs moderately well. Security posture is strong with HTTPS enabled and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable due to malformed output, but the website's professionalism and trust indicators suggest legitimacy. Privacy protection for domain registration is justified given the non-profit nature. Overall, the site demonstrates a mature digital presence with good compliance and security practices. Recommendations include enhancing security headers, publishing a security policy and incident response contacts, and adding a vulnerability disclosure mechanism to further strengthen trust and security posture.