Security Directory

T

Tallinna Tehnikaülikool

taltech.ee

65

Tallinna Tehnikaülikool (TalTech) is Estonia's leading technical university, established in 1918, offering a broad range of engineering, IT, natural sciences, business, and maritime education. The university positions itself as an innovative and sustainable digital future pioneer, attracting a diverse international student body. The website reflects a mature digital presence with modern technologies such as Next.js, Matomo analytics, and comprehensive cookie consent mechanisms. Security posture is strong with HTTPS, reCAPTCHA, and anti-forgery tokens implemented, though explicit security and incident response policies are not publicly found. The domain registration is consistent with the Estonian Ministry of Education and Research, confirming legitimacy. Overall, the site is professional, well-branded, and trustworthy, serving its educational mission effectively.

C

CK Turancar

turancar.sk

40

CK Turancar is a Slovakian transportation and travel service provider with approximately 30 years of market presence. Their business portfolio includes a travel agency, bus lines, truck freight transport, and vehicle servicing for buses and trucks. The website reflects a medium-sized company with a professional online presence, targeting both general consumers and businesses requiring transport and vehicle maintenance services. The company maintains active social media profiles and uses structured data to enhance search engine visibility. Technically, the website is built on the BUXUS CMS platform, leveraging modern JavaScript libraries and multiple analytics tools including Google Analytics, Matomo, and Snowplow. The site is mobile-optimized and demonstrates good SEO practices. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms, but lacks visible security policies or incident response information. No critical vulnerabilities or WAF blocking were detected, indicating a stable security posture. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

D

Daimler Truck AG

evobus.com

72

Daimler Truck AG operates a comprehensive and professional website for its Daimler Buses segment, showcasing its global leadership in the bus manufacturing and service industry. The company offers a wide range of bus brands including Mercedes-Benz, Setra, OMNIplus, and BusStore, supported by a global service network and financial services. The website reflects a mature digital presence with a modern CMS, strong SEO, and accessibility features, targeting commercial vehicle operators and transportation companies worldwide. The site includes detailed corporate information, legal notices, and multiple social media channels, reinforcing its market position and trustworthiness. Technically, the website is built on TYPO3 CMS and integrates advanced consent management and analytics tools, ensuring compliance with privacy regulations such as GDPR. The site is mobile-optimized, fast-loading, and accessible, providing a positive user experience. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the domain WHOIS data is unavailable, which reduces transparency but does not detract from the website's professional appearance and legitimacy. The site is free from suspicious content or blocking mechanisms, indicating a reliable and secure digital asset for Daimler Truck AG. Strategic recommendations include enhancing security header implementation, publishing security policies, and improving WHOIS transparency to further strengthen trust and compliance.

A

Atomium Automotive Innovations s.r.o.

atomium.cz

47

Atomium Automotive Innovations s.r.o. operates a professional website focused on tribotechnical additives for oils and fuels, targeting vehicle owners and industrial machinery operators primarily in the Czech Republic. The company has an established market presence of over 15 years and offers products through an e-commerce platform and retail partners. The website is well-structured, multilingual, and provides comprehensive product information, educational content, and customer support channels. Technically, the site uses modern web technologies including Processwire CMS, Matomo analytics for privacy-conscious tracking, and Google Tag Manager. Security posture is good with HTTPS enforced and basic security headers, though some enhancements are recommended. Privacy compliance is strong with cookie consent and GDPR-aligned privacy policies. However, the lack of WHOIS data limits domain ownership transparency, slightly impacting business credibility. Overall, the site is professional, trustworthy, and safe for general audiences.

Stradasalt is a Norwegian brand under GC Rieber Minerals specializing in environmentally friendly road salt and dust-binding solutions. The company targets road maintenance and municipal clients with a focus on sustainable and chloride-free products. The website reflects a professional B2B supplier with a clear market niche and consistent branding. Technically, the site uses modern web technologies including Matomo analytics and Cookiebot for consent management, ensuring compliance with GDPR and privacy best practices. Security posture is solid with HTTPS, CSRF protection cookies, and domain transfer restrictions, though DNSSEC is not enabled and some security headers are missing. No direct contact emails or phone numbers are provided, relying on a contact form instead. Overall, the site is well-structured, mobile-optimized, and trustworthy, with room for improvement in explicit business contact details and security policy disclosures.

I

IndustryArena

industryarena.com

61

IndustryArena is a specialized B2B portal serving the manufacturing sector, focusing on CNC, metalworking machines, and related software. It provides a comprehensive platform including discussion forums, a marketplace for used machines, webinars, and product databases, targeting industry professionals primarily in Germany. The website demonstrates a solid market position with an established user base and professional presentation. Technically, the site leverages modern JavaScript frameworks such as Vue.js and integrates multiple analytics and marketing tools including Google Analytics and Matomo. Security-wise, the site enforces HTTPS and employs standard security headers, though lacks visible privacy and cookie policies which are critical for compliance. Overall, the site is functional and professional but could improve transparency and privacy compliance to enhance trust and regulatory adherence.

U

Urp in Cloud | Software gestione Urp

urpincloud.it

67

Urp in Cloud is a specialized software solution designed to streamline the management of requests, complaints, and communications primarily for public administrations, private companies, and the healthcare sector in Italy. The platform offers a centralized communication channel with intelligent routing, real-time notifications, and an AI-powered virtual assistant to enhance operational efficiency and user experience. The company positions itself as a modern SaaS provider with a focus on compliance with Italian public sector regulations and PNRR investment requirements. Technically, the website is built on WordPress with a modern theme and integrates privacy-conscious analytics and security features such as HTTPS and Google reCAPTCHA Enterprise. While the site lacks explicit security and incident response policies, it demonstrates good security hygiene and privacy compliance. Overall, the business shows a credible market presence with consistent domain registration data and a professional online presence.

D

DigitalPA

concorsidiprogettazione.it

41

DigitalPA operates a specialized SaaS platform named Gara Spot, focused on managing online design competitions and telematic procurement procedures primarily for public administrations and companies in Italy. The platform supports the entire competition lifecycle with compliance to relevant regulations, emphasizing security, anonymity, and procedural correctness. The company positions itself as a leader in the Italian e-procurement and design competition market, offering both software and expert consultancy services. Technically, the website employs modern web technologies including Bootstrap, jQuery, and privacy-conscious analytics via Matomo, complemented by a LiveChat support widget. The site is mobile-optimized and well-structured, providing a professional user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies could be improved. Privacy compliance is partially addressed with a privacy policy present but lacking a cookie consent mechanism. Overall, the domain registration and WHOIS data align well with the business claims, supporting legitimacy and trustworthiness.

D

DigitalPA

affidamentiegare.it

68

Affidamenti e Gare is a specialized e-procurement platform developed by DigitalPA, targeting Italian public administrations to streamline procurement processes below EU thresholds. The platform offers comprehensive services including CIG requests, automated ANAC form management, and compliance with transparency obligations. Positioned as a leading solution in Italy, it benefits from DigitalPA's over 20 years of experience and ISO certifications, reinforcing its credibility and reliability. Technically, the website is built on WordPress with a modern theme and integrates advanced tools like Google reCAPTCHA Enterprise and Matomo analytics, reflecting a mature digital infrastructure. Security practices are solid, with HTTPS enforced and certifications in place, though some HTTP security headers could be improved. Privacy compliance is an area for enhancement, as explicit privacy and cookie policies are not evident. Overall, the website presents a professional, trustworthy, and user-friendly interface tailored to its niche audience.

DigitalPA operates the website www.centraliunichedicommittenza.it, offering a comprehensive, AGID-certified e-procurement software suite tailored for Centrali Uniche di Committenza (CUC) and qualified contracting authorities in Italy. The platform supports supplier registers, electronic tenders, and centralized procurement management, targeting public sector entities seeking compliance and efficiency in procurement processes. The website positions DigitalPA as a leading provider in the Italian public procurement software market, emphasizing regulatory adherence and integration with national systems such as ANAC and DURC. Technically, the site is built on WordPress with the Avada theme, leveraging modern web technologies and privacy-respecting analytics (Matomo). Security posture is strong with HTTPS, security headers, and reCAPTCHA Enterprise, though explicit security policies and incident response contacts are not published. Overall, the site is professional, well-structured, and trustworthy, with a clear focus on government clients and compliance.

D

DigitalPA

albofornitori.net

53

DigitalPA operates a professional website offering software solutions for managing supplier registers and electronic tenders primarily targeted at Italian public administrations and companies. The website presents a comprehensive suite of e-procurement tools certified by AgID, emphasizing transparency, efficiency, and compliance with public procurement regulations. The company positions itself as a leading provider in Italy with over 1000 public administration clients and a strong reputation supported by customer testimonials and high user ratings. Technically, the website employs modern web technologies including jQuery, Bootstrap, FontAwesome, and Matomo analytics, with good mobile optimization and accessibility. Security practices include HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not evident in the provided data. The absence of WHOIS registration data for the domain www.albofornitori.net is a notable anomaly, potentially indicating domain aliasing or proxy usage, which slightly diminishes domain trustworthiness despite the professional content and branding. Overall, the website is well-designed, content-rich, and trustworthy for its intended audience, but domain registration inconsistencies should be addressed to improve credibility.

D

DigitalPA

garaspot.it

41

DigitalPA operates the Gara SPOT platform, a certified eProcurement solution designed to manage single telematic procurement procedures and design competitions online. The company targets public administrations and enterprises requiring efficient, compliant digital procurement tools. With a solid market presence in Italy, evidenced by over 10,000 clients and numerous high-profile public sector customers, DigitalPA offers both software platforms and comprehensive consultancy services. The website reflects a professional, well-structured digital presence with clear service offerings and client testimonials. Technically, the website employs modern front-end technologies including Bootstrap, Font Awesome, and jQuery, complemented by Matomo analytics and LiveChat for user engagement. The site is mobile-optimized and SEO-friendly, though some accessibility features could be enhanced. Security posture is adequate with HTTPS enforced and no visible sensitive data exposure; however, the absence of security headers and cookie consent mechanisms indicates room for improvement. Overall, the security and privacy compliance is moderate, with GDPR adherence suggested by the presence of a privacy policy but lacking explicit cookie consent. The WHOIS data aligns well with the business identity, reinforcing legitimacy. No blocking or WAF challenges were detected, allowing full content analysis. Strategically, DigitalPA should focus on enhancing security headers, implementing cookie consent, and publishing incident response and vulnerability disclosure policies to strengthen trust and compliance.

S

SafeRisk

saferiskmanagement.com

67

SafeRisk is an Italian-based company offering a specialized risk and compliance management software platform designed to assist businesses in data collection and risk mitigation. The website presents a professional and well-structured digital presence built on WordPress, utilizing modern plugins and technologies such as Yoast SEO, Google reCAPTCHA Enterprise, and Matomo analytics. The platform targets businesses seeking comprehensive risk management solutions, positioning itself as a niche SaaS provider in the technology sector. However, the absence of WHOIS domain registration data raises concerns about domain legitimacy and trustworthiness. Security measures such as HTTPS and bot protection are in place, but the lack of visible security headers and formal privacy and terms policies indicate areas for improvement. Overall, the website is functional and professional but requires enhanced transparency and security practices to strengthen trust and compliance.

D

DigitalPA S.r.l.

accessocivico.eu

66

DigitalPA S.r.l. operates the website accessocivico.eu, providing a certified software solution for managing Accesso Civico requests under Italian FOIA legislation. The company targets public administrations and government entities, offering digital tools to automate transparency compliance and public information access. The platform is integrated with TrasparenzaPA, enhancing workflow efficiency and regulatory adherence. The website demonstrates a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its audience. Technically, it leverages WordPress with modern plugins and privacy-conscious analytics, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, reCAPTCHA Enterprise, and no visible vulnerabilities, though some security headers could be improved. Overall, the site reflects a trustworthy and compliant business with strong certifications and reputable clients.

D

DigitalPA

portaletrasparenza.net

68

The website portaletrasparenza.net represents DigitalPA, offering TrasparenzaPA, a comprehensive cloud-based software solution designed to assist Italian public administrations in complying with transparency, anti-corruption, and legal publicity obligations under Italian law (D.Lgs. 33/2013, L. 190/2012). The platform is positioned as an innovative product within the ACN Cloud Marketplace, targeting RPCTs and government entities with modules for payment import, monitoring, access management, and compliance with the latest ANAC regulations. Technically, the site is built on WordPress with modern plugins and frameworks, including Google reCAPTCHA Enterprise and Matomo analytics, ensuring a secure and privacy-conscious environment. The security posture is strong with HTTPS and bot protection, though some security headers could be improved. The absence of explicit privacy and cookie policies is a notable gap. WHOIS data is missing, raising questions about domain registration legitimacy, but the professional content and detailed service offerings suggest a legitimate business. Overall, the site is well-designed, user-friendly, and serves a specialized government compliance market.

D

DigitalPA

onlineprocurement.com

70

DigitalPA operates the Online Procurement software platform, a modular eProcurement suite designed to fully digitalize corporate purchasing processes and supplier management. The company targets innovative businesses, providing a next-level platform that manages suppliers, orders, contracts, and spend analysis. The website presents a professional image with clear navigation and multilingual support, primarily in Italian. The business model is SaaS-based, focusing on medium-sized enterprises and larger organizations across various sectors including construction, finance, energy, healthcare, and public administration. Technically, the website is built on WordPress with the Avada theme, integrating modern technologies such as Google reCAPTCHA Enterprise for bot protection and Matomo for privacy-conscious analytics. The site is mobile-optimized and performs moderately well, though accessibility features could be improved. Security posture is solid with HTTPS enforced and anti-bot measures, but lacks some security headers and explicit privacy and cookie policies. The WHOIS data is notably absent or inaccessible, which raises concerns about domain registration legitimacy despite the professional online presence. No contact emails or phone numbers were found in the provided content, limiting direct communication channels. Overall, the site is business-focused, safe, and trustworthy in content but requires improvements in transparency and security best practices. Strategic recommendations include publishing comprehensive privacy and cookie policies with consent mechanisms, enhancing security headers, clarifying domain registration status, and providing clear contact information for security and data protection inquiries.

A

Alsico

alsico.com

69

Alsico is a large European manufacturer specializing in workwear, cleanroom clothing, and protective clothing, with a global production footprint. The company positions itself as a leader in the workwear industry, emphasizing design innovation and sustainability. Their website reflects a professional digital presence with clear branding, comprehensive privacy and cookie policies, and active engagement on social media platforms. Technically, the site uses modern frameworks such as Astro, integrates multiple analytics and marketing tools, and implements strong security practices including HTTPS and security headers. However, the absence of WHOIS data and lack of published security policies or incident response contacts represent areas for improvement in transparency and trust. Overall, Alsico demonstrates a mature digital infrastructure suitable for its market position but should enhance its security communication and domain registration transparency.

C

czech-raildays.cz

czech-raildays.cz

48

czech-raildays.cz is a Czech language online magazine dedicated to providing comprehensive information about railway transport in the Czech Republic, including news, history, technology, and societal topics. The site targets railway enthusiasts and the general public interested in transportation and related fields. It operates primarily as a content publishing platform monetized through advertising, notably Google Adsense. The website demonstrates a moderate level of digital maturity with a clean design, good navigation, and mobile optimization. It uses modern web technologies including Google Fonts and Matomo analytics for user tracking and performance measurement. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although some security headers could be improved. Privacy compliance is well addressed with a clear privacy policy, cookie consent mechanism, and GDPR adherence. However, no explicit security or incident response policies are published. The domain WHOIS data shows a recent or future creation date, which is unusual but likely a data anomaly. Overall, the website is professional, trustworthy, and serves a niche media market effectively.

D

DKSV

dksv.cz

48

DKSV.cz is a professional website dedicated to organizing and promoting transportation-related events, specifically the Dopravní konference (Transportation Conference) and Silniční veletrh (Road Trade Fair) held in Pardubice, Czech Republic. The site targets industry professionals, government officials, and companies involved in transportation infrastructure. It offers event information, registration options, and showcases partners and media collaborators. The business operates primarily as an event organizer with a regional focus and a small organizational size, founded in 2022. Technically, the website is built on WordPress using the Divi theme, enhanced with SEO tools like Yoast and analytics platforms including Matomo and Google Analytics via Google Tag Manager. The site demonstrates good mobile optimization, structured data usage, and moderate performance. Hosting is provided by hosting90, a Czech hosting provider. From a security perspective, the site enforces HTTPS and employs a GDPR-compliant cookie consent mechanism with detailed user controls. However, explicit security headers such as Content-Security-Policy and X-Frame-Options are not evident, and no dedicated security or incident response policies are published. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, DKSV.cz presents a trustworthy and professional online presence for its niche event business. Strategic improvements in security headers, incident response transparency, and visible contact information would enhance its security posture and user trust. The site is safe for general audiences and complies well with privacy regulations.

P

Planet Ocean Hosting GmbH

planet-ocean-hosting.com

49

Planet Ocean Hosting GmbH is a German hosting provider with over 20 years of experience offering a broad range of internet services including web hosting, email hosting, managed servers, and communication platforms such as Matrix chat and Jitsi videoconferencing. The company targets startups and established businesses seeking reliable and privacy-conscious hosting solutions, emphasizing German data protection standards and green energy usage. The website is professionally designed, built on WordPress, and optimized for mobile devices with clear navigation and relevant content. Technically, the site uses modern libraries and privacy-respecting analytics (Matomo), but lacks a cookie consent mechanism and explicit security policies. Security posture is good with HTTPS enabled and no visible vulnerabilities, though security headers and incident response information are absent. WHOIS data is consistent with the business claims, showing no privacy protection and matching nameservers, indicating legitimacy. Overall, the site is trustworthy and professional but could improve privacy compliance and security transparency.

F

FW Africa

foodbusinessafrica.com

47

Food Business Middle East & Africa, operated by FW Africa, is a leading media publication and event organizer focused on the food and beverage industry across Africa and the Middle East. The website serves as a comprehensive platform providing industry news, insights, and advertising opportunities targeting business owners, CEOs, and professionals in the sector. It holds a strong market position as the No.1 food and beverage industry magazine and website in the region, supported by a consistent brand presence and professional content quality. Technically, the website is built on WordPress using the Pressbox theme and Divi Builder framework, integrating modern technologies such as Google Tag Manager, Google Analytics, Matomo Analytics, and advanced advertising plugins. The site demonstrates good performance, mobile optimization, and SEO practices, ensuring a positive user experience and accessibility. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes essential security headers. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are absent, representing areas for improvement. Overall, the website presents a low-risk profile with a mature digital presence, though the lack of WHOIS data and some security policy disclosures slightly reduce trustworthiness. Strategic recommendations include publishing security and incident response policies, adding vulnerability disclosure information, and enhancing transparency around data protection officers to strengthen compliance and trust.

The website 'Monastery Tourism' operated under the domain klasternituristika.cz is a niche platform focused on religious and pilgrimage tourism primarily in the Czech Republic. It offers information on pilgrimage sites, accommodation, places of interest, and pilgrimage routes, targeting pilgrims and tourists interested in Christian historical monuments and faith-based travel. The business model revolves around providing informational content and booking capabilities, supported by user registration and login features. The site has been active since 2015, indicating a mature presence in its niche market. Technically, the website employs a combination of legacy and modern web technologies including jQuery, Bootstrap 3, Leaflet.js for mapping, and the Nette PHP framework. It integrates Matomo analytics for user tracking and uses HTTPS for secure communication. The site is moderately optimized for mobile devices and SEO, with a good user experience and clear navigation. However, some technical improvements are recommended, such as updating libraries and enhancing accessibility. From a security perspective, the site uses HTTPS and secure forms but lacks visible security headers like CSP or HSTS, which are important for modern web security. No privacy or cookie policies are present, which is a compliance gap especially under GDPR. The absence of incident response contacts and security policies reduces transparency. The domain WHOIS data is consistent and trustworthy, with no suspicious patterns detected. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, improved security headers, and clearer policy disclosures to strengthen trust and regulatory adherence.

S

SD Software-Design GmbH

easyverein.com

67

easyVerein is a cloud-based software solution developed by SD Software-Design GmbH, founded in 2016, targeting clubs, associations, and organizations primarily in Germany. The platform offers comprehensive modules including member management, accounting, event scheduling, inventory, and integrated communication tools such as chat and mobile apps. The company positions itself as a market leader with high user satisfaction and recognized awards. Technically, the website employs modern frameworks like Bootstrap and jQuery, is mobile-optimized, and uses Matomo for analytics, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, uses CSRF tokens, and provides cookie consent mechanisms, though it lacks some advanced security headers and explicit incident response contacts. Overall, the domain registration and hosting are consistent and trustworthy, supporting the legitimacy of the business.

S

Schaubühne Lindenfels Leipzig

schaubuehne.com

47

Schaubühne Lindenfels Leipzig is a cultural venue in Germany offering theater, cinema, concerts, and festival hosting services. The website is professionally designed using TYPO3 CMS and modern frontend technologies, providing a good user experience with clear navigation and mobile optimization. The site integrates Matomo analytics and a cookie consent mechanism, indicating some privacy awareness. However, no explicit privacy policy or terms of service pages were found, which is a compliance gap. The domain WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional website content. Overall, the site is safe and trustworthy for general audiences but would benefit from improved transparency and security disclosures.

I

Internetseelsorge

internetseelsorge.de

42

Internetseelsorge.de is a German non-profit organization providing free Christian pastoral care and spiritual guidance through mail and chat services. The website targets individuals facing life crises, spiritual questions, or feelings of loneliness, offering confidential and anonymous support. The organization collaborates with recognized Catholic partners, enhancing its credibility and reach within the German-speaking community. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and uses Matomo analytics to respect user privacy. Hosting is provided by kasserver.com, a known hosting provider. Security posture is solid with HTTPS enforced, though improvements in security headers and cookie consent mechanisms are recommended. The website is well-structured, mobile-optimized, and provides clear navigation and service descriptions, supporting a positive user experience. No adult or explicit content is present, making it safe for general audiences.

U

Unabhängiger Beauftragter der Bundesregierung für Fragen des sexuellen Kindesmissbrauchs

kein-raum-fuer-missbrauch.de

62

The website 'Kein Raum für Missbrauch' is an official German governmental initiative dedicated to preventing sexual abuse of children and youth. It provides educational resources, support for institutions to develop protection concepts, and links to specialized help portals. The initiative targets educators, caregivers, and organizations working with children. The site is well-branded, consistent, and professionally presented, reflecting its authoritative position in the child protection sector. Technically, the website is built on TYPO3 CMS, uses JavaScript, and integrates Matomo analytics hosted locally in Germany with strong privacy controls including IP anonymization and user consent mechanisms. The site is mobile-optimized, accessible, and SEO-friendly, with moderate performance. Hosting appears to be managed by a reputable German provider. From a security perspective, the site enforces HTTPS, uses a cookie consent banner, and respects privacy regulations. However, it lacks explicit security headers and a published security or incident response policy. No vulnerabilities or suspicious content were detected. Privacy compliance is strong, with GDPR-aligned policies and transparent data collection. Overall, the website presents a low-risk profile with a strong focus on privacy and user trust. Strategic improvements could include adding security headers, publishing a security policy, and providing direct contact information for incident response to enhance transparency and resilience.

W

Web Commerce GmbH

digitalpastoral.de

45

Digitalpastoral.de is a German-language digital platform focused on providing resources, networking, and content for Catholic church communities and pastoral workers. The platform serves as a marketplace and knowledge hub for digital church practice, offering articles, event listings, and community engagement tools. It is developed and maintained by Web Commerce GmbH, with affiliations to multiple (Erz-)Bistümer, indicating a trusted position within the church digital ecosystem. The website targets church professionals and digital faith communities, positioning itself as a niche but important resource in the religious digital media space. Technically, the site is built on Edith CMS and leverages modern web technologies including jQuery, Bootstrap, and FontAwesome. It integrates Matomo analytics with privacy-conscious tracking controls and uses HTTPS to secure communications. The site demonstrates good mobile optimization and accessibility features, with a clear navigation structure and professional design. However, some security best practices such as security headers and explicit cookie consent mechanisms are missing, which could be improved to enhance compliance and security posture. From a security perspective, the site shows a moderate maturity level with no visible vulnerabilities or exposed sensitive data. The lack of a published security policy or incident response contacts is a gap in transparency and readiness. Privacy compliance is partial, with a privacy policy present but no cookie consent banner detected. Overall, the domain and hosting infrastructure appear legitimate and consistent with the business claims, with no signs of suspicious WHOIS data or blocking by WAFs. The overall risk assessment is moderate with recommendations to implement explicit cookie consent, add security headers, and publish security and incident response policies to strengthen trust and compliance. The platform is well-positioned as a specialized digital resource for church communities but should address these gaps to maintain and improve its credibility and security posture.

B

Bistum Mainz

bistum-mainz.de

62

Bistum Mainz is a large, established Catholic diocese in Germany providing religious, social, educational, and community services. The website serves as a comprehensive portal for information, news, and engagement with the Catholic community and the general public. It maintains a consistent brand presence and offers rich content tailored to its audience. Technically, the site is built on the Alkacon Mercury CMS platform, uses Matomo for privacy-conscious analytics, and incorporates accessibility features, reflecting a mature digital infrastructure. Security posture is good with HTTPS and cookie consent mechanisms, though it lacks some advanced security headers and explicit incident response policies. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, making it a reliable resource for its users.

S

Satakunnan hyvinvointialue

satadiag.fi

68

Satakunnan hyvinvointialue is a Finnish regional welfare area organization established in 2021, dedicated to promoting the wellbeing, safety, and health of residents in the Satakunta region. The website serves as an official portal providing comprehensive information about social and health services, digital service access, customer support, and current news relevant to the community. The organization operates as a public sector entity with a clear focus on healthcare and social welfare services. Technically, the website is built on WordPress with modern integrations such as React Aria for accessibility, Matomo for analytics, and chat widgets for user engagement. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though some security headers could be improved. WHOIS data is transparent and consistent with the organization's identity, enhancing trustworthiness. Overall, the site is professional, secure, and compliant with GDPR regulations, serving its public sector mission effectively.

D

Deutsche Bahn Stiftung gGmbH

deutschebahnstiftung.de

66

Deutsche Bahn Stiftung is a German non-profit foundation established in 2013 by Deutsche Bahn AG, focusing on education, integration, and volunteering to strengthen social cohesion. The website reflects a professional and consistent brand presence, offering detailed information about its mission, projects, and the DB Museum. Technically, the site uses CoreMedia CMS, integrates privacy-conscious tools like Usercentrics CMP and Matomo analytics, and enforces strong security practices including HTTPS and security headers. However, explicit security policies and incident response information are not publicly available, which could be improved. Overall, the site is trustworthy, well-structured, and compliant with GDPR, serving a broad audience including volunteers, educational institutions, and the general public.

B

Bundesweiter Vorlesetag

vorlesetag.de

57

The Bundesweite Vorlesetag website represents a well-established non-profit initiative focused on promoting literacy and the joy of reading among children and adults in Germany. Founded in 2004 by prominent partners including DIE ZEIT, Stiftung Lesen, and Deutsche Bahn Stiftung, it holds a leading position in the national literacy promotion landscape. The website offers comprehensive resources, event registration, and digital storytelling content, supported by a consistent and professional brand presence. Technically, the site is built on TYPO3 CMS with modern integrations such as Vue.js, Matomo analytics, and social media embeds, reflecting a mature digital infrastructure with good mobile optimization and SEO practices. Security-wise, the site employs HTTPS and a robust cookie consent mechanism, though explicit security headers and incident response policies are not publicly documented. Overall, the site demonstrates a high level of trustworthiness and compliance with GDPR, making it a reliable platform for its audience.

A

Aurora Rupeni

creativibes.at

45

CREATIVIBES, operated by Aurora Rupeni, is a small, specialized graphic and web design service provider based in Villach, Austria. The website showcases a professional portfolio with detailed descriptions of services including graphic design, web design, corporate identity, and social media content creation. The business targets local and regional clients seeking tailored digital and print design solutions. Technically, the site is built on WordPress using the Enfold theme and integrates Yoast SEO and Matomo analytics, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly, with good content quality and user experience. Security posture is adequate with HTTPS enabled, but lacks security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but would benefit from enhanced compliance and security measures.

O

Oderland Webbhotell AB

oderland.com

55

Oderland Webbhotell AB is a well-established Swedish premium web hosting provider founded in 1998, specializing in secure, stable, and environmentally friendly hosting solutions for websites and applications. The company serves a broad audience including businesses, developers, and agencies, offering a comprehensive portfolio of services such as web hosting, managed servers, cloud services, domain registration, and managed WordPress hosting. Oderland positions itself as a trusted partner with a strong emphasis on uptime reliability, performance, and customer support, boasting over 30,000 customers and a 99.99% uptime record. Technically, the website is built on WordPress with modern technologies including LiteSpeed servers, Imunify360 security scanning, Memcached and Redis caching, and integrates analytics tools like Matomo and Google Tag Manager with a robust cookie consent mechanism via Cookiebot. The site is well-optimized for performance, mobile responsiveness, accessibility, and SEO, reflecting a mature digital infrastructure aligned with industry best practices. From a security perspective, Oderland demonstrates strong practices such as enforced HTTPS, automatic SSL certificates, immutable daily backups, and 24/7 server monitoring. While explicit security headers are not fully confirmed, the overall posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, GDPR adherence, and transparent business information. Overall, the website and business exhibit high professionalism and trustworthiness. The only notable gap is the absence of detailed WHOIS data, which may be due to privacy protection or registry limitations. This slightly reduces trust but does not detract significantly from the company's legitimacy. Strategic recommendations include publishing a vulnerability disclosure policy, enhancing security header transparency, and providing incident response contacts to further strengthen security posture and customer confidence.

S

Sekce pro mládež České biskupské konference a Asociace křesťanských sdružení mládeže, z. s.

celostatnisetkanimladeze.cz

58

The website celostatnisetkanimladeze.cz represents a non-profit organization focused on organizing the Celostátní setkání mládeže (National Youth Meeting) in the Czech Republic. The event targets young people aged 14 to 30 and is organized by the Youth Section of the Czech Bishops' Conference and the Association of Christian Youth Associations. The site provides event information, news, and multimedia content related to the event and its history. The organization holds a recognized position within the Czech Catholic community and maintains active social media channels to engage its audience. Technically, the website uses a combination of jQuery, Bootstrap 4, and other JavaScript libraries, hosted with Cloudflare DNS and registered via a Czech registrar. The site is mobile-optimized and uses HTTPS with a good SSL configuration. However, it lacks some modern security headers and formal privacy and cookie policies, which are important for compliance and user trust. Analytics are handled via Matomo, indicating a moderate level of user tracking. From a security perspective, the site is well-configured with HTTPS and no visible vulnerabilities or exposed sensitive data. The absence of security headers and formal privacy documentation are areas for improvement. The WHOIS data is consistent with the website's Czech origin and organizational claims, supporting legitimacy. Overall, the site is professional, trustworthy, and serves its community well but should enhance privacy compliance and security best practices to improve user trust and regulatory adherence.

H

Hochschule Landshut

haw-landshut.de

63

Hochschule Landshut is a German university of applied sciences offering a broad range of degree programs, continuing education, and research services with a strong emphasis on practical relevance. The website reflects a well-established educational institution with a clear market position in the regional higher education sector. The digital infrastructure is built on TYPO3 CMS with integrated Matomo analytics, providing a modern and accessible user experience. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Security posture is good with HTTPS and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is professional, trustworthy, and serves its target audience effectively.

L

Legality Srl

whistleblowing.software

75

Legality Srl operates the website whistleblowing.software, providing specialized whistleblowing software solutions tailored for public authorities and private companies. The company positions itself as a market leader in compliance and secure reporting technology, emphasizing data security and regulatory adherence such as GDPR and ISO 27001 standards. The website reflects a mature digital presence with professional branding and clear target audience focus. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good SEO and mobile responsiveness. Security posture is strong with HTTPS, security headers, and use of Google reCAPTCHA Enterprise, although some security policy disclosures could be improved. Overall, the domain's WHOIS data is unavailable, which limits full trust verification, but the business and website content indicate a legitimate and professional operation.

D

DigitalPA

digitalpa.it

71

DigitalPA is a well-established Italian company specializing in software and services tailored for businesses and public administration, focusing on procurement, compliance, and digital transformation. Their market position is strong within Italy, offering a comprehensive suite of solutions including eProcurement, whistleblowing, risk management, and institutional communication platforms. The website reflects a mature digital presence with professional design, clear navigation, and extensive content targeting their core audience of public entities and enterprises. Technically, the site employs modern web technologies such as Bootstrap, jQuery, and lazy loading, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some improvements in security headers and incident response transparency are recommended. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

B

Bistum Essen

bistum-essen.de

43

Bistum Essen is a well-established Catholic diocese serving over 2.5 million people in the Ruhrgebiet and Sauerland regions of Germany. The website reflects a comprehensive religious and social service organization with a strong community focus, offering pastoral care, social help, education, and cultural events. The institution is positioned as a key religious entity in its region, with a large workforce and multiple parishes. Technically, the website is built on TYPO3 CMS with modern frontend technologies and uses Matomo for privacy-conscious analytics. The site is well-structured, mobile-optimized, and GDPR compliant with a clear cookie consent mechanism. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the domain and website content align with a legitimate and trustworthy religious organization.

G

German Coworking Federation e.V. Bundesverband Coworking Deuschland

coworking-germany.org

48

The German Coworking Federation e.V. is a non-profit national federation representing coworking spaces, users, researchers, and interested parties in Germany since 2015. The organization focuses on community building, education, event organization, and advocacy within the coworking sector. Their website reflects a professional and consistent brand presence with clear navigation and relevant content for their target audience. Technically, the site is built on WordPress using the Divi theme and integrates modern technologies such as Bootstrap 5, Matomo analytics, and Brevo for marketing automation. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though explicit security headers and policies are not published. The absence of WHOIS data due to privacy protection is common for such entities but slightly reduces transparency. Overall, the site is trustworthy and well-maintained but could improve privacy compliance and security disclosures.

4

4toStay GmbH

chronuu.de

53

Chronuu is a German-based digital platform specializing in estate and legacy management, operated by 4toStay GmbH. The company offers a secure, user-friendly service that enables individuals to manage their digital and material estate, document their life story, and provide access to heirs in a compliant and encrypted environment. The platform is positioned as a niche provider in the German market, leveraging modern web technologies and mobile app availability to reach its target audience. Technically, the website is built on WordPress with a robust tech stack including Bootstrap, Slider Revolution, and Matomo analytics, hosted behind Cloudflare DNS services. Security posture is strong with HTTPS enforced, data stored in Germany, and no provider access to user data, complemented by GDPR-compliant privacy and cookie policies. No critical vulnerabilities or suspicious patterns were detected, and the site demonstrates good design, navigation, and content quality. Overall, Chronuu presents a trustworthy and professional digital service with room for improvement in security headers and incident response transparency.

O

ORGANIC POLYMER

organicpolymer.de

56

ORGANIC POLYMER is a German-based manufacturer and developer specializing in sustainable polyurethane and epoxy resin floor coatings. The company positions itself as a niche player focusing on environmentally friendly, bio-based, and low-emission products targeting industrial and commercial clients. The website reflects a professional and consistent brand image with clear navigation and relevant content about their products and certifications. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Complianz for GDPR compliance, and uses Matomo for privacy-conscious analytics. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the site is trustworthy and well-maintained, suitable for its business scope.

S

Sund & Bælt

sundogbaelt.dk

65

Sund & Bælt is a Danish transportation entity operating since 2001, likely managing infrastructure such as bridges or transport links. The website is built on the Umbraco CMS platform and uses modern web technologies including JavaScript and Matomo analytics for user tracking. Cookie consent is managed via Cookiebot, indicating attention to privacy compliance, although no explicit privacy policy or terms of service pages were detected in the provided content. The website is served over HTTPS with a valid SSL certificate, but lacks DNSSEC protection, which is a recommended security enhancement. SEO is limited due to the robots meta tag set to noindex, potentially restricting search engine visibility. No direct contact information or social media links were found in the analyzed content. Overall, the site presents a professional and consistent brand image with moderate technical maturity and security posture.

Aalborg Kommune operates as the official municipal government website for the Aalborg region in Denmark, providing a comprehensive range of services and information for citizens, businesses, tourists, and the press. The site offers self-service solutions, contact information, and updates on local governance and community events, positioning itself as a trusted and authoritative source for local government services. The website is well-branded and professionally maintained, reflecting its role as a public sector entity. Technically, the website leverages modern web technologies including Matomo for analytics, Monsido for heatmaps, Cludo for search functionality, and is hosted on Microsoft Azure. The use of a custom CMS (Moliri) and various JavaScript libraries indicates a mature digital infrastructure. Performance and mobile optimization are good, with accessibility features implemented to support a broad user base. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR requirements. While explicit security headers are not fully visible, the overall posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is robust, supported by a comprehensive privacy policy and cookie management system. Overall, the website demonstrates a high level of professionalism, security, and compliance appropriate for a government entity. The lack of WHOIS data is mitigated by strong trust signals on the site itself. Strategic recommendations include enhancing security header implementation and publishing a vulnerability disclosure policy to further strengthen trust and security posture.

1

1984 ehf.

1984hosting.com

55

1984 ehf. is an Icelandic green and ethical web hosting company founded in 2006, emphasizing freedom of speech and privacy. The company offers traditional web hosting, VPS with preconfigured VPN solutions, FreeDNS services, and domain registration. Their market position is that of a niche provider focusing on environmentally friendly and privacy-conscious customers, with a solid Icelandic identity and a user base exceeding 50,000. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its target audience. Technically, the site uses modern web technologies including Bootstrap, jQuery, FontAwesome, and Matomo analytics, delivering moderate performance and good SEO practices.

1

1984 ehf.

1984.is

66

1984 ehf. is a well-established Icelandic web hosting company founded in 2006, offering a range of hosting services including shared hosting, VPS, and DNS services. The company positions itself as a green and customer-friendly hosting provider with competitive pricing and a strong local market presence. Their offerings include automatic WordPress installation, free SSL certificates, and advanced VPN services using Wireguard and OpenVPN. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content primarily in Icelandic. Technical infrastructure leverages modern web technologies such as Bootstrap, jQuery, and Matomo analytics, hosted likely on their own Icelandic infrastructure.

Ř

Římskokatolická farnost Velešín

farnostvelesin.cz

58

Římskokatolická farnost Velešín operates as a non-profit religious organization serving multiple parishes in the Czech Republic. The website provides comprehensive information about sacraments, religious formation, events, and community activities, targeting local parishioners and visitors. It maintains a consistent brand presence and offers clear contact details, enhancing trust and community engagement. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and Matomo analytics, hosted with Cloudflare DNS and registered via WEDOS. The site is mobile-optimized with moderate performance and basic accessibility features. Security posture is good with HTTPS and standard security headers, though it lacks a Content Security Policy and vulnerability disclosure mechanisms. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced privacy and security disclosures.

S

Sekce pro mládež ČBK a Asociace křesťanských spolků mládeže

svetovednymladeze.cz

58

The website svetovednymladeze.cz serves as an informational and community platform for World Youth Days and related Catholic youth events primarily targeting Czech youth and young adults. It is operated by the Sekce pro mládež ČBK and Asociace křesťanských spolků mládeže, providing event details, spiritual preparation materials, news, and media content. The site is relatively new, established in 2022, and maintains a consistent brand aligned with its religious and youth-focused mission. Technically, the site uses a custom PHP-based CMS with modern frontend technologies including jQuery, Bootstrap, FontAwesome, and Owl Carousel. It is hosted with WEDOS and uses Cloudflare nameservers, ensuring reliable DNS and security infrastructure. The site is mobile optimized and performs moderately well, with good SEO and accessibility basics. From a security perspective, the site enforces HTTPS and uses Matomo analytics, which respects user privacy better than many alternatives. However, it lacks explicit privacy and cookie policies, security.txt files, and advanced security headers such as CSP. These gaps represent compliance and security improvement opportunities. Overall, the site is trustworthy and professional, with clear contact information and social media presence. The domain registration data aligns well with the website's mission and geographic focus. Strategic improvements in privacy compliance and security posture would enhance trust and regulatory adherence.

B

Blum Srl | City Vision

cityvision.zone

63

City Vision, operated by Blum Srl, is a small Italian media company based in Bolzano, Italy. The website serves Italian-speaking users with digital media content and integrates popular services such as YouTube and Google Fonts. The company maintains a professional online presence with a comprehensive privacy policy and cookie consent mechanism, reflecting good compliance with GDPR requirements. Technically, the site is built on WordPress using the Divi theme and employs various plugins for enhanced user experience and analytics. Security posture is solid with HTTPS enforced and privacy protections in place, though additional security headers could improve defenses. Overall, the website is well-structured, user-friendly, and trustworthy, with no signs of malicious activity or adult content.

Křesťanské Vánoce is a Czech non-profit project established in 2012 that aims to promote the spiritual message of Christian Christmas through public access to nativity scenes and thematic programs organized by Christian parishes and congregations during Advent and the Christmas season. The website serves as an information hub for visitors and organizers, offering program listings, maps, and contact points. Technically, the site uses a moderately modern stack including Bootstrap 3, jQuery, Select2, Leaflet for maps, and Matomo for privacy-conscious analytics. The site is mobile responsive and well-structured, though some libraries are dated. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal privacy/cookie policies. No direct contact emails or phone numbers are published, relying mainly on contact forms. Overall, the site is trustworthy and legitimate with a consistent domain registration history and clear mission.