Security Directory

C

Consip

consip.it

68

Consip is the Italian national central purchasing body affiliated with the Ministry of Economy and Finance. It provides innovative tools and solutions for public procurement, serving over 14,000 public administrations and 350,000 enterprises. The website demonstrates a mature digital presence with a professional design, clear navigation, and comprehensive content focused on public procurement and digital transformation in Italy. Technically, the site is built on Drupal CMS with Bootstrap and Swiper.js, optimized for mobile and accessibility. Security posture is good with HTTPS and secure forms, though some security headers and explicit policies could be improved. Privacy compliance is strong with clear privacy and cookie policies. Overall, the site reflects a trustworthy and authoritative government entity with a strong market position in public procurement.

U

Universitätsmedizin Bayern (UMB) e.V.

unimedizin-bayern.de

45

Universitätsmedizin Bayern (UMB) e.V. is a non-profit association representing the collaboration of Bavarian university medical faculties and university hospitals. Founded in 2017, it aims to promote cooperation in teaching, research, and patient care across six locations in Bavaria. The website serves as an informational and representative platform targeting academic, clinical, and political stakeholders within the Bavarian healthcare ecosystem. Technically, the site is built on WordPress with modern JavaScript libraries, offering a professional and responsive user experience. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers and incident response information are lacking. Privacy compliance is supported by a comprehensive privacy policy, but cookie consent mechanisms are absent. Overall, the site reflects a trustworthy and credible organization with a clear mission and professional presentation.

T

Technische Hochschule Mannheim

th-mannheim.de

65

Technische Hochschule Mannheim is a well-established public technical university in Germany offering a wide range of Bachelor and Master degree programs with innovative study concepts. The institution targets students, prospective students, employees, and companies, providing education, research, transfer services, and international exchange opportunities. The website reflects a strong market position as a regional technical university with comprehensive academic and research offerings. Technically, the website is built on TYPO3 CMS with modern frontend technologies like Bootstrap and jQuery, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS, cookie consent mechanisms, and no visible vulnerabilities, although some security headers could be improved. Privacy compliance is robust with clear GDPR-aligned policies and cookie management. Overall, the website is professional, trustworthy, and user-friendly, supporting the institution's credibility and outreach.

R

Reservix GmbH

reservix.com

68

Reservix GmbH operates a professional online ticketing portal primarily serving the German market. The platform offers a wide range of tickets for concerts, sports, musicals, and other events, targeting general consumers seeking convenient online ticket purchases. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks such as React and integration of third-party services like Google Tag Manager and Usercentrics for GDPR compliance. Hosting is supported by Amazon AWS, ensuring reliable performance and scalability. Security posture is solid with HTTPS enforcement and consent-based tracking, although explicit security policies and headers could be improved. Overall, Reservix presents a trustworthy and user-friendly e-commerce platform with strong compliance and good market positioning.

K

Kaya 959 95.9 | Home of the Afropolitan

kaya959.co.za

68

Kaya 959 is a South African radio station serving the Gauteng region with a strong digital presence including live streaming, podcasts, and event promotions. The website is professionally designed using WordPress and Elementor, integrating multimedia content and advertising networks to support its business model. The station targets a diverse audience interested in soul, R&B, kwaito, jazz, and other music genres. Technically, the site employs modern web technologies and SEO best practices, though some security headers could be improved. The security posture is solid with HTTPS and no visible vulnerabilities, but explicit security policies and incident response contacts are absent. Overall, the site demonstrates a mature digital infrastructure with moderate tracking and advertising integration.

H

HDG Group

hdg-group.it

49

HDG Group is a small Italian company founded in 2022 specializing in integrated branding and communication strategies. Their website presents a professional image with a focus on helping brands find their voice across communication touchpoints. The company targets businesses seeking branding and marketing services. Technically, the website is built on WordPress using modern libraries such as jQuery and Swiper.js, with SEO optimization via Yoast and cookie compliance through Iubenda. Security posture is solid with HTTPS and DNSSEC enabled, though some security headers and explicit policies are missing. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a visible privacy policy or terms of service. Overall, the website is well-designed, mobile-optimized, and trustworthy, supported by consistent WHOIS data and partner domain references.

F

Forbes

forbes.at

58

Forbes.at is the German-language edition of the globally recognized Forbes business magazine, focusing on leadership, entrepreneurship, technology, investment, and lifestyle content. The website offers rich editorial content, event hosting, and newsletter subscriptions targeting German-speaking business professionals primarily in Austria. Technically, the site is built on the Contao Open Source CMS platform, leveraging modern JavaScript libraries such as jQuery and Swiper.js for interactive content presentation. The site is mobile-optimized and demonstrates good SEO practices with appropriate meta tags and Open Graph data. Security-wise, the site uses HTTPS with good SSL configuration and asynchronous script loading, but lacks visible security headers and explicit privacy or cookie policies, which are critical for GDPR compliance. Contact information is limited to a newsletter subscription form, with no direct emails or phone numbers found. Overall, the site is professional and trustworthy but could improve privacy compliance and security transparency.

K

Kagiso Media

kmradio.co.za

45

Kagiso Media Radio is a prominent South African media company specializing in radio broadcasting, audio content, and digital publishing. Established in 2024, it operates multiple well-known radio stations and offers services including research and analytics, publishing, digital development, and podcast production. The company targets South African audiences and advertisers, positioning itself as a leading media entity in the region. Technically, the website is built on WordPress with modern front-end technologies like Swiper.js and is optimized for mobile devices with good SEO practices. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though improvements can be made by enabling DNSSEC and adding security headers. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or terms of service. Overall, the website is professional, trustworthy, and content-rich, reflecting a medium-sized enterprise with a clear market presence.

S

Stiftung Preußische Schlösser und Gärten Berlin-Brandenburg (SPSG)

spsg.de

59

The Stiftung Preußische Schlösser und Gärten Berlin-Brandenburg (SPSG) operates as a government-affiliated non-profit foundation managing over 30 museum palaces and park sites in the Berlin-Brandenburg region, including notable landmarks such as Schloss Sanssouci and Schloss Charlottenburg. The website serves as an official portal providing comprehensive information about cultural heritage sites, exhibitions, events, educational programs, and visitor services. It targets a broad audience including tourists, families, schools, and cultural enthusiasts. The business model focuses on cultural preservation, public engagement, and educational outreach, supported by government funding and partnerships. Technically, the website is built on the TYPO3 CMS platform, utilizing modern JavaScript libraries such as Leaflet for mapping and Swiper for interactive carousels. It employs Matomo analytics configured for privacy-conscious, cookie-less tracking. The site demonstrates good mobile optimization, accessibility features, and SEO practices, reflecting a mature digital infrastructure. Performance is moderate with a professional and consistent design. From a security perspective, the site enforces HTTPS and provides a cookie consent mechanism aligned with GDPR requirements. However, it lacks explicit security policy documentation, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is minimal but consistent with the official nature of the site, with no privacy protection or suspicious patterns. Overall, the website presents a high level of professionalism, trustworthiness, and compliance with privacy standards. Strategic improvements could include publishing detailed security policies and incident response information to enhance transparency and trust further.

H

HDG

hangar.it

48

Hangar Design Group (HDG) is an established integrated creative agency and design consultancy based in Italy, with a strong market presence and a portfolio of notable clients and projects. The company focuses on branding, storytelling, and digital presence to help businesses evolve and succeed. The website reflects a professional and consistent brand image, supported by ISO 9001:2015 certification and a multilingual WordPress platform. The technical infrastructure includes modern web technologies such as jQuery, Swiper.js, and privacy-focused analytics tools like Matomo alongside Google Analytics. Privacy compliance is robust, featuring Iubenda cookie management and GDPR adherence. Security posture is strong with HTTPS, DNSSEC, and cookie consent mechanisms, though additional security headers could enhance protection. Overall, the site is well-designed, user-friendly, and trustworthy, with no critical vulnerabilities detected.

A

AFLAMUNA

aflamuna.org

41

AFLAMUNA is a Beirut-based cultural nonprofit organization dedicated to supporting independent Arab cinema and elevating social, political, and cultural movements through film. With roots dating back to 1999 as Beirut DC and formal nonprofit status since 2006, AFLAMUNA offers a variety of programs including impact labs, fellowships, and community cinema networks. The organization targets independent filmmakers, cultural organizers, and audiences interested in Arab cinema. Technically, the website is built on WordPress with Elementor, leveraging modern web technologies and Google Tag Manager for analytics. The site is well-designed, mobile-optimized, and content-rich, reflecting a mature digital presence. Security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers, representing areas for improvement. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration is consistent and legitimate, supporting the organization's credibility.

T

Tenhil GmbH & Co. KG

tenhil.de

61

Tenhil GmbH & Co. KG is a well-established German HR technology company specializing in recruiting solutions. The company operates multiple well-known online job portals and career fairs, leveraging advanced AI technology recognized by the German Federal Ministry of Research. Their business model focuses on connecting candidates with suitable employers through a broad network of online platforms and SaaS solutions. The company holds a strong market position with over 30 years of expertise and multiple subsidiary brands. Technically, the website is built on WordPress with Elementor, uses Cloudflare for DNS and CDN, and integrates modern SEO and analytics tools. Security posture is good with HTTPS and consent management in place, though explicit security headers and incident response policies are absent. Overall, the website is professional, GDPR compliant, and trustworthy, with no signs of blocking or suspicious activity.

S

Stadt St. Ingbert

st-ingbert.de

68

The website www.st-ingbert.de serves as the official digital presence of the city of St. Ingbert, Germany. It provides residents, visitors, and businesses with access to municipal services, news, event information, and contact details. The site is well-structured, featuring a comprehensive navigation menu covering city administration, culture, tourism, economy, and social services. The digital maturity is evident through the use of WordPress CMS, modern JavaScript libraries like Swiper.js, and cookie consent management via Borlabs Cookie plugin. SEO and accessibility are well addressed with proper metadata and responsive design. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although security headers could be improved. Privacy compliance is moderate, with cookie consent implemented but no explicit privacy or terms of service pages detected in the analyzed content. Overall, the site reflects a professional municipal government portal with high trustworthiness and good user experience.

R

Rheinland-Pfälzische Technische Universität Kaiserslautern-Landau

rptu.de

61

Rheinland-Pfälzische Technische Universität Kaiserslautern-Landau (RPTU) is a leading technical university in Germany's Rheinland-Pfalz region, offering over 160 study programs across engineering, natural sciences, social sciences, and teacher education. The university emphasizes research excellence, innovation transfer, and international collaboration. The website reflects a mature digital presence with a modern TYPO3 CMS infrastructure, responsive design, and comprehensive content tailored to diverse audiences including prospective students, researchers, and partners. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Security posture is strong with HTTPS and no visible vulnerabilities, though some HTTP security headers could be improved. Overall, the domain and website present a trustworthy and professional academic institution.

I

innoWerft Walldorf GmbH

innowerft.com

55

innoWerft Walldorf GmbH operates as an early-stage investor and startup accelerator based in Walldorf, Germany, focusing on supporting B2B high-tech startups in their early phases. The company provides key services including fundraising support, sales assistance, and co-investment opportunities, positioning itself as a strategic partner for startups aiming to scale rapidly. Their market presence is reinforced by a portfolio of startups that have successfully closed Seed rounds and attracted significant investment since 2019. The website content is professionally crafted, targeting startups seeking acceleration and investment, with a clear call to action for pitch deck submissions.

D

Digital Hub Rhein-Neckar GmbH

5-ht.com

61

5-HT Chemistry & Health operates as a digital innovation hub connecting established companies in the chemistry and health sectors with tech startups globally. The organization fosters collaboration, innovation, and digital transformation through workshops, scouting, matchmaking, and events. Their market position is that of a specialized ecosystem facilitator in the Rhein-Neckar region with global outreach. Technically, the website employs modern frontend technologies such as Alpine.js, Swiper.js, and Laravel Livewire, with a responsive and well-structured design. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks explicit security headers and published security policies. The absence of WHOIS registration data reduces trustworthiness, though the professional content and social media presence support legitimacy. Overall, the site is well-built and business-focused but would benefit from enhanced transparency and security disclosures.

T

The European Consortium for Accreditation in higher education (ECA)

ecahe.eu

57

The European Consortium for Accreditation in higher education (ECA) is a recognized association of accreditation and quality assurance agencies across Europe. The organization focuses on driving innovation in accreditation practices and supporting the implementation of the European Higher Education Area (EHEA). Their services include internationalisation certification, training academies, working groups, webinars, EU projects, and publications, targeting higher education institutions and quality assurance bodies. The website reflects a professional and consistent brand image, with clear navigation and relevant content for its audience. Technically, the website is built on WordPress using Elementor, hosted by OVH SAS, and incorporates modern web technologies such as jQuery and Swiper.js. The site demonstrates good mobile optimization, accessibility, and SEO practices. Performance is moderate, with room for improvement in loading speed and technical optimizations. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms compliant with GDPR. However, it lacks explicit security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data shows consistent domain registration with a reputable hosting provider, supporting the legitimacy of the site. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic improvements in security policy transparency and technical optimizations could further enhance trust and resilience.

A

Alstin Capital

alstincapital.de

63

Alstin Capital is an early-stage venture capital fund specializing in investments in B2B software companies, particularly in sectors such as FinTech, InsurTech, RegTech, Cyber Security, and ClimateTech across Europe. The firm emphasizes a close partnership with founders, providing capital, expertise, and network support. The website reflects a professional and modern digital presence built on contemporary web technologies including Next.js and Material-UI, offering a good user experience and mobile optimization. However, the absence of visible privacy and cookie policies, as well as contact information, indicates areas for improvement in compliance and transparency. Security posture is solid with HTTPS enforced, but additional security headers and incident response information would enhance trust. Overall, the domain WHOIS data is privacy protected, which is typical for financial entities, and the website content aligns with a legitimate venture capital business.

Z

Zeren Group Investment Holding A.Ş.

zerenholding.com

63

Zeren Group Investment Holding A.Ş. is a multinational investment holding company operating across 4 continents and 8 major sectors including energy, manufacturing, shipping, professional services, trading, media, hospitality, and banking. The company positions itself as a reputable group with a strong financial history and entrepreneurial spirit, aiming to create sustainable value globally. The website reflects a mature corporate presence with detailed information about its subsidiaries, sectors, and career opportunities, targeting investors, partners, and potential employees. Technically, the website employs modern JavaScript libraries such as jQuery, Swiper.js, and Google Tag Manager for analytics and user experience enhancements. It features a responsive design with multimedia content and interactive navigation. Cookie consent and privacy compliance mechanisms are well implemented, indicating awareness of GDPR and related regulations. From a security perspective, the site uses HTTPS with good SSL configuration and includes cookie consent banners. However, it lacks explicit security headers and a published security policy or incident response contact. Minor JavaScript warnings exist but do not impact usability. The absence of WHOIS data for the domain is a notable concern for domain legitimacy and transparency. Overall, the website is professional, content-rich, and compliant with privacy norms, but improvements in security posture and domain transparency are recommended to enhance trust and resilience.

G

German Road Races (GRR) e.V.

germanroadraces.de

42

German Road Races (GRR) e.V. is a German non-profit association representing running event organizers. It serves as a community hub and voice for running sports, providing event promotion, knowledge exchange, and awards. The website is professionally designed using WordPress with BuddyBoss and Elementor, offering good user experience and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Privacy policies are present and GDPR compliant. Contact is available via email and forms, and social media presence supports community engagement. Overall, the site reflects a legitimate, well-maintained organization with a clear focus on running sports in Germany.

A

APX

apx.ac

52

APX is a Berlin-based earliest-stage venture capital firm focused on supporting ambitious startup founders in Europe with pre-seed funding and long-term partnerships. The company positions itself as a leading early-stage investor with a clear market focus on technology startups. The website reflects a professional and consistent brand image, targeting startup founders and investors seeking early funding opportunities. Technically, the website is built on WordPress with modern front-end technologies such as Swiper.js and jQuery, providing a responsive and user-friendly experience. However, there are gaps in privacy compliance and security best practices, including the absence of privacy and cookie policies and missing security headers. The security posture is adequate with HTTPS enabled but could be improved by implementing additional headers and publishing incident response information. Overall, the website is trustworthy and legitimate, with domain registration details consistent with the business claims. Strategic improvements in privacy compliance and security policies would enhance the site's credibility and compliance.

T

thws-store

thws-store.de

63

thws-store.de is an official e-commerce platform offering THWS university branded merchandise such as apparel and accessories. The website is built on the Shopify platform, leveraging its infrastructure and security features. The store targets students and the university community in Germany, providing sustainable and stylish products for campus life. Technically, the site uses modern web technologies including Shopify Liquid templates, JavaScript libraries like Swiper.js, and hCaptcha for form security. Security posture is good with HTTPS enforced and standard security headers present, though privacy and cookie policies are missing, which impacts compliance. Contact is available via a contact form but lacks direct email or phone contacts. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and more transparent business information.

W

WeLocal World AG

welocal.world

65

WeLocal World AG is a specialized technology company providing a comprehensive Content Management System (CMS) tailored for media companies including TV and radio stations, as well as enterprises. Their flagship product, CMMS, is a video CMS designed to manage and publish multimedia content across multiple platforms such as websites, mobile apps, smart TVs, and streaming services. The company emphasizes full-service solutions including hardware, software, and ongoing support, positioning itself as a niche provider in the media technology sector. Their market approach includes white-label solutions for rapid deployment and customization, targeting media houses and broadcasters primarily in Germany. Technically, the website leverages modern web technologies including Vue.js, Video.js, and integrates Matomo for analytics alongside Usercentrics for consent management, reflecting a mature digital infrastructure. The site is well-optimized for performance, mobile responsiveness, and SEO, with structured data enhancing search visibility. Hosting is GDPR-compliant with servers located in Germany, underscoring their commitment to data privacy. From a security perspective, the site enforces HTTPS and uses consent management for cookies, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data limits domain trust assessment, but the professional presentation and contact transparency mitigate concerns. Overall, WeLocal World AG demonstrates a strong business and technical foundation with good privacy compliance and a solid security posture. Strategic recommendations include enhancing HTTP security headers, publishing a security policy, and adding vulnerability disclosure mechanisms to further strengthen trust and compliance.

W

Worldline Italia

worldlineitalia.it

72

Worldline Italia is a prominent payment solutions provider in Italy, offering a range of services including POS terminals, mobile payment solutions, and e-commerce payment gateways. The company targets businesses across various sectors in Italy, leveraging partnerships with major banks such as BNL and Banco Desio to strengthen its market position. The website reflects a professional and consistent brand image, with a focus on innovative payment technologies and customer-centric solutions. Technically, the website is built on WordPress with modern technologies such as jQuery, Swiper.js, and integrates Google Tag Manager and OneTrust for analytics and cookie consent management. The site demonstrates good mobile optimization and SEO practices, although accessibility features could be enhanced. Performance is moderate, with room for improvement in loading speed and technical modernization. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers are not fully implemented, and there is no visible security policy or incident response information. No vulnerabilities or exposed sensitive data were detected, indicating a solid baseline security posture. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, Worldline Italia's website is a reliable and professional platform supporting its business objectives. Strategic improvements in security headers, privacy documentation, and accessibility would further enhance trust and compliance.

W

Worldline Italia

bnlpositivity.it

72

Worldline Italia is a prominent payment solutions provider in Italy, offering a range of services including POS terminals, mobile payments, and e-commerce payment gateways. The company targets businesses seeking innovative and secure payment technologies, leveraging partnerships with major banks such as BNL and Banco Desio. The website reflects a mature digital presence with professional design and consistent branding, supporting its market position as a trusted payment technology provider. Technically, the site is built on WordPress with modern frameworks and includes SEO and mobile optimization features. Security posture is strong with HTTPS enforcement, security headers, and GDPR-compliant cookie consent mechanisms, although explicit privacy and terms of service pages were not found in the provided content. Overall, the site demonstrates a solid business and technical foundation with room for improvement in privacy transparency and contact accessibility.

R

Reservix GmbH

reservix.de

68

Reservix GmbH operates a well-established online ticketing platform primarily serving the German market. The website offers a broad range of event tickets including concerts, sports, musicals, and family events. The platform targets general consumers seeking convenient online ticket purchases and event information. The business model is e-commerce focused, with additional services such as voucher sales and event promotion. The company demonstrates consistent branding and maintains a professional online presence with good content quality and user experience. Technically, the website leverages modern JavaScript frameworks including React and Swiper.js for UI components, and integrates Google Tag Manager and Usercentrics for marketing and consent management. Hosting is provided via Amazon AWS, indicated by the DNS infrastructure. The site is mobile optimized and accessible, with good SEO practices and structured data for enhanced search engine visibility. From a security perspective, the site enforces HTTPS and uses a consent management platform to comply with GDPR. However, explicit security headers are not evident in the HTML content, and no published security or incident response policies were found. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with a legitimate business, showing no privacy protection and consistent domain registration. Overall, Reservix.de presents a secure, professional, and user-friendly ticketing portal with strong compliance and marketing practices. Strategic improvements could include publishing explicit security policies and enhancing HTTP security headers to further strengthen the security posture.

G

Gesellschaft für wissenschaftliche Datenverarbeitung mbH Göttingen

gwdg.de

61

GWDG is a specialized IT service provider and research support center serving the Georg-August-Universität Göttingen and the Max-Planck-Gesellschaft. It offers a broad range of information and communication services tailored to scientific research and education, supported by its own research in practical and applied computer science. The organization is positioned as a key regional IT competence center with strong institutional affiliations and ISO certifications, reflecting a high level of professionalism and trust. Technically, the website is built using the Hugo static site generator, enhanced with modern JavaScript libraries such as Swiper.js and FontAwesome for UI elements. The site demonstrates excellent performance, mobile optimization, and accessibility, with proper use of HTTPS and resource integrity checks. However, some security headers are missing, and no cookie consent mechanism is present, which are areas for improvement. From a security perspective, the site maintains a strong posture with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The presence of ISO 27001 certification indicates adherence to recognized security standards. Nonetheless, the absence of explicit incident response contacts and vulnerability disclosure mechanisms suggests room to enhance transparency and readiness. Overall, GWDG presents a low-risk profile with a well-maintained digital presence aligned with its institutional mission. Strategic recommendations include implementing cookie consent for GDPR compliance, adding security headers, publishing incident response information, and introducing a security.txt file to facilitate vulnerability reporting.

K

Kröpelin Projekt GmbH

kroepelin-projekte.de

64

Kröpelin Projekt GmbH is a small German company specializing in digital education solutions, primarily focused on providing customized ILIAS learning management platforms. Their services include platform operation, technical support, software development, training, content conception, and consulting. The company targets education providers, organizations, project portals, and corporate clients, positioning itself as a niche service provider in the education technology sector. The website is professionally designed using WordPress and Elementor, featuring good mobile optimization and clear navigation. Security posture is strong with HTTPS and cookie consent mechanisms, though lacking explicit security policies or incident response contacts. Overall, the site reflects a trustworthy and GDPR-compliant business with a focus on quality service delivery.

D

data-quest Suchi & Berg GmbH

data-quest.de

45

data-quest Suchi & Berg GmbH is a specialized German company providing consulting, development, installation, and support services primarily for educational institutions, especially universities. They focus on open-source learning and campus management software, notably the Stud.IP system, which they co-develop and support. Their market position is that of a niche full-service provider with over 20 years of experience, serving a targeted audience of educational and administrative organizations. The website content is professional, well-structured, and clearly communicates their services and expertise. Technically, the site is built on WordPress with modern plugins and themes, offering good mobile optimization and SEO practices. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements are possible in security headers and incident response transparency. Privacy compliance is good with a comprehensive privacy policy, but lacks a cookie consent mechanism. Overall, the site is trustworthy and credible, reflecting a mature business with strong industry ties.

Hochschulforum Digitalisierung is a German nationwide think-and-do tank initiative focused on shaping the future of higher education through digital transformation. It operates as a non-profit entity affiliated with prominent organizations such as the Stifterverband, CHE, and HRK. The website serves as a comprehensive platform offering networking, consulting, innovation, qualification, and information services targeted at higher education institutions, staff, and students. The initiative maintains a strong market position within the German education sector, emphasizing collaboration and strategic digital development. Technically, the website is built on WordPress with modern plugins including Yoast SEO, WPBakery Page Builder, and Everest Forms, ensuring a robust and user-friendly digital presence. The site is well-optimized for mobile devices, fast loading, and incorporates SEO best practices. Cookie consent is managed via Borlabs Cookie, reflecting attention to privacy compliance, although explicit privacy and terms of service pages are not detected in the provided content. From a security perspective, the site enforces HTTPS and employs standard security practices, but lacks published security policies, incident response contacts, or vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site demonstrates a mature security posture appropriate for its non-profit educational focus. The overall risk assessment is low, with recommendations to enhance transparency by publishing privacy policies, terms of service, and incident response information. Strengthening security headers and adding a vulnerability disclosure policy would further improve trust and compliance. The website is professional, trustworthy, and well-aligned with its mission to support digital transformation in higher education.

C

Pronóstico del tiempo en América | Clima

clima.com

68

The website www.clima.com is a Spanish-language weather forecast platform focused on providing meteorological information for America. It offers updated weather forecasts and related climate data, targeting a general audience interested in weather conditions. The site integrates modern analytics and consent management tools, indicating a moderate level of digital maturity. However, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. Security posture is generally good with HTTPS enforced and consent mechanisms in place, but the lack of security headers and explicit privacy policies suggests room for improvement. Overall, the site appears functional and professional but would benefit from enhanced compliance and transparency measures.

D

domicil gGmbH

domicil-dortmund.de

47

domicil gGmbH operates a well-established live music and cultural venue in Dortmund, Germany, specializing in jazz and creative music since 1969. The organization hosts a variety of events including the notable Jazztage Dortmund festival, offers event space rentals, gastronomy services, and a fan merchandise shop. The website reflects a medium-sized non-profit cultural institution with a strong community focus and recognized awards, positioning it as a trusted local cultural hub. Technically, the website is built on the Contao Open Source CMS platform and utilizes common JavaScript libraries such as jQuery, Swiper.js, and Colorbox. The site is moderately performant, mobile-optimized, and has basic accessibility and SEO features. Hosting is provided by a regional hosting provider indicated by the nameservers. While HTTPS is enabled, the site lacks advanced security headers and cookie consent mechanisms, which are recommended for improved security and compliance. From a security perspective, the site shows no signs of vulnerabilities or exposed sensitive data. However, it lacks published security policies, incident response contacts, and a cookie consent banner, which are important for GDPR compliance and user trust. The domain WHOIS data is consistent with the business claims, showing no privacy protection and a legitimate registration history. Overall, domicil-dortmund.de is a credible and professionally maintained cultural website with good content quality and business credibility. Strategic improvements in privacy compliance and security posture would enhance trust and regulatory adherence.

A

ABC Cinemas

aflamuna.online

60

AFLAMUNA.online is a specialized media streaming platform dedicated to Arab cinema and cultural films, targeting Arabic-speaking audiences interested in regional film content. The platform offers a curated selection of films including fiction, documentary, experimental, and essay genres, delivered via a modern streaming infrastructure powered by Shift72. The business model combines free and transactional video on demand services, supported by Stripe payment integration. The website demonstrates a good level of digital maturity with responsive design, multilingual support, and integrated analytics for user tracking and marketing. From a security perspective, the site enforces HTTPS and uses secure payment processing but lacks explicit security headers and published incident response policies. Privacy compliance is basic with a privacy policy and cookie consent mechanism present, though GDPR compliance is not clearly indicated. Contact information is minimal, with no direct emails or phone numbers found, which may impact user trust and support accessibility. Overall, the platform is well-positioned as a niche cultural streaming service with good technical implementation and content quality. However, improvements in security transparency, contact availability, and privacy compliance would enhance trust and regulatory adherence.

M

Mute

mute.com

64

Mute is an established independent record label founded in 1978, operating primarily in the media and music industry. The website serves as a comprehensive platform for artist promotion, music releases, news, and live event information, targeting music fans and industry professionals. The business model revolves around music distribution, artist management, and content marketing, with a strong digital presence supported by social media and mailing list engagement. The domain age and WHOIS data confirm the legitimacy and long-standing nature of the business.

NABU Landesverband Bremen e.V. is a well-established non-profit environmental organization active since 1995, focusing on nature conservation, environmental education, and community engagement in Bremen, Germany. The website serves as a comprehensive platform for information dissemination, volunteer coordination, event promotion, and fundraising. It targets nature enthusiasts, families, children, and volunteers, positioning itself as a leading regional environmental advocate with nearly 10,000 members. Technically, the site is built on the IMPERIA CMS platform, utilizing modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager, with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and cookie consent management implemented, though some security headers could be enhanced. Privacy compliance is strong, with clear policies and GDPR adherence. Overall, the website reflects a professional, trustworthy, and user-friendly digital presence supporting the organization's mission.

NABU - Naturschutzbund Deutschland e.V. is a well-established German non-profit organization dedicated to nature conservation and environmental protection. With a history spanning over 125 years, NABU engages a broad audience through campaigns, education, membership, and fundraising. Their website reflects a professional and comprehensive digital presence, emphasizing transparency, community involvement, and environmental advocacy. The organization leverages modern web technologies and analytics while maintaining strong privacy and cookie consent compliance. Contact information and multiple engagement channels are clearly provided, enhancing user trust and accessibility. Technically, the website is built on the IMPERIA CMS platform and integrates advanced analytics tools such as Matomo and Google Tag Manager, alongside marketing pixels from Facebook and TikTok. The site is mobile-optimized, accessible, and SEO-friendly, though some security headers could be explicitly declared to enhance security posture. HTTPS is enforced, and no critical vulnerabilities or exposed sensitive data were detected. From a security perspective, NABU demonstrates good practices including bot detection on forms and cookie consent management. However, the absence of a public security policy or incident response contact is noted. The WHOIS data aligns well with the organization's identity, showing a consistent and trustworthy domain registration. Overall, the website scores highly on content quality, technical implementation, privacy compliance, and business credibility, making it a reliable and professional platform for environmental advocacy. Recommendations include enhancing security headers, publishing a security policy, and continuous monitoring of third-party scripts to maintain privacy and security standards. These steps will further solidify NABU's digital trustworthiness and compliance in an evolving regulatory landscape.

B

Bodfeld Apotheke

bodfeld-apotheke.de

63

Bodfeld Apotheke operates as a professional online pharmacy based in Germany, offering a wide range of pharmaceutical products, cosmetics, and healthcare items. The website targets general consumers seeking convenient and secure online access to medicines and related products. The business model focuses on e-commerce retail with additional services such as electronic prescription fulfillment and customer account management. The company maintains a medium-sized market presence supported by trusted certifications and partnerships with recognized price comparison and review platforms.

Sovendus operates a leading European e-commerce marketing network specializing in voucher and checkout marketing solutions. Their platform connects over 3,000 online shops and reaches 30 million online buyers monthly, offering services such as voucher networks, checkout benefits, email marketing, and conversion optimization. The website is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital presence. Technically, it leverages WordPress with Elementor, modern JavaScript libraries, and performance optimization plugins. Security posture is strong with HTTPS and certifications like ISO 27001, though some security headers could be enhanced. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. WHOIS data is unavailable for the subdomain, typical for privacy protection, but the website's trust signals and partner references support legitimacy.

Z

Zeren Metal – Gelecek Alüminyum'da

zerenmetal.com

60

Zeren Metal is a Turkish manufacturing company specializing in aluminum products and solutions, targeting various industrial sectors such as automotive, energy, and white goods. The company emphasizes innovation, quality, and sustainability in its production processes. The website reflects a medium-sized enterprise with a professional digital presence built on WordPress and Elementor, showcasing their services and industry expertise. Technical infrastructure is modern with standard CMS and plugins, supported by Cloudflare DNS and HTTPS security. However, the site lacks explicit privacy and cookie policies, which impacts compliance and user trust. Security posture is adequate but could be improved by enabling DNSSEC and adding security headers. Overall, the website is functional, well-branded, and serves its business purpose effectively.

U

UNI - Ente Italiano di Normazione

uni.com

72

UNI - Ente Italiano di Normazione is a well-established Italian non-profit organization dedicated to developing, publishing, and disseminating voluntary technical standards. With over 100 years of history, UNI serves a broad audience including professionals, companies, institutions, and consumers, providing key services such as standardization, training through UNITRAIN, and an online store for normative documents. The website reflects a strong market position as a leader in Italian and European standardization efforts. Technically, the site is built on WordPress with modern technologies like jQuery, Swiper.js, and integrates cookie consent and analytics tools such as Iubenda and Google Tag Manager. The site is well-optimized for SEO, mobile-friendly, and accessible. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data for the domain is a concern but is mitigated by the professional content and structured data presence. Overall, UNI's website is a trustworthy and authoritative source for standardization information in Italy.

O

Osano

datasubject.com

79

Osano is a technology company specializing in data privacy management software designed to help organizations comply with global privacy regulations such as GDPR and CPRA. The company offers a comprehensive SaaS platform that includes cookie consent management, subject rights management, privacy assessments, data mapping, and vendor risk management. Positioned as a leader in privacy compliance, Osano differentiates itself with a unique $500,000 'No Fines, No Penalties' guarantee and serves a broad range of organizations seeking to simplify privacy compliance. The website is professionally designed, well-structured, and optimized for mobile devices, reflecting a mature digital presence.

Ö

Österreichisches Spendengütesiegel

osgs.at

47

The Österreichisches Spendengütesiegel is an Austrian non-profit organization dedicated to certifying charitable organizations to ensure transparency and trust in the donation sector. The website serves as an informational and trust-building platform targeting donors and charitable entities within Austria. It offers certification services and promotes the quality seal as a mark of reliability. Technically, the website is built on WordPress using the Elementor framework, with modern fonts and responsive design elements, providing a good user experience and moderate performance. Security-wise, the site employs HTTPS and several security headers, indicating a solid baseline security posture, though it lacks visible incident response or security policy disclosures. Privacy compliance is limited, with no explicit privacy or cookie policies detected, which could be improved to meet GDPR standards. Overall, the domain registration data aligns well with the website's claims, supporting its legitimacy and trustworthiness.

M

Mary Anning – Film d’animation pour enfants | Bande-annonce & avant-premières

maryanning.ch

51

The website www.maryanning.ch is a promotional platform for the children's animation film 'Mary Anning', targeting families and children primarily in Switzerland. It offers rich interactive content including a fossil hunting contest across multiple Swiss cities, educational resources for schools, and a mini-game to engage users. The site uses modern web technologies such as HTML5, CSS3, JavaScript, Swiper.js for UI components, and Kaboom.js for the game engine, alongside Google Tag Manager and Google Analytics for tracking. The design is professional and mobile-optimized, providing a good user experience with clear navigation and relevant content. However, the site lacks explicit privacy and cookie policies, which is a compliance gap given the use of tracking technologies.

Monoloco is a Geneva-based digital agency specializing in custom web development, CMS solutions, intranet systems, and mobile applications for iOS and Android platforms. With over 15 years of experience, the company serves a diverse clientele, delivering tailored digital solutions that address complex business needs. Their portfolio and client testimonials demonstrate a strong market position as a trusted local technology service provider. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, jQuery, and Swiper.js for interactive content. Google Fonts and Google Tag Manager are integrated for typography and analytics respectively. The site is mobile-optimized and presents a professional design with clear navigation, although accessibility features are basic. The CMS appears proprietary, indicating custom development capabilities. From a security perspective, the site uses HTTPS with excellent SSL configuration but lacks important security headers such as Content-Security-Policy and X-Frame-Options. No exposed sensitive data or vulnerable libraries were detected. However, the absence of privacy and cookie policies indicates compliance gaps with GDPR and related regulations. No incident response or security policy information is provided. Overall, the website is professional and trustworthy with a solid business credibility score. The main risks relate to privacy compliance and security header implementation. Strategic improvements in these areas would enhance the security posture and regulatory adherence of the company’s online presence.

G

Genève Débat

genevedebat.ch

51

Genève Débat is a Geneva-based non-profit educational project founded in 2018 that promotes the art of debate among secondary school students. The organization operates by deploying young ambassadors aged 20-25 to conduct debate training modules in schools, enhancing students' argumentation and public speaking skills. The website reflects a well-established local initiative with a clear focus on youth education and engagement. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. It integrates Google Tag Manager for analytics and axept.io for cookie consent, demonstrating awareness of privacy and tracking considerations. The site is mobile-optimized and features rich content including testimonials, event information, and multimedia. From a security perspective, the site enforces HTTPS and uses some security best practices but lacks explicit security headers like Content-Security-Policy and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial due to the absence of a privacy policy and terms of service pages. Overall, Genève Débat presents a trustworthy and professional online presence with strong educational content and community engagement. Strategic improvements in privacy documentation and security headers would enhance compliance and security posture.

S

Sourceability

sourceability.com

67

Sourceability is a well-established global distributor of electronic components, founded in 2014, with a strong market position as a Top 20 Global Distributor and recognized by Inc. 5000 for rapid growth. The company offers a comprehensive suite of services including distribution, quality management, and digital tools such as Sourcengine and Datalynq, targeting electronics manufacturers, engineers, and procurement professionals worldwide. Their business model integrates traditional distribution with advanced digital platforms to streamline supply chain sourcing and risk management. Technically, the website is built on a modern stack leveraging Webflow CMS, HubSpot marketing and analytics tools, Apollo.io tracking, and other contemporary JavaScript libraries. The site is hosted behind Cloudflare DNS and CDN services, ensuring fast performance and global availability. Mobile optimization and accessibility are well addressed, providing a seamless user experience across devices. From a security perspective, the site enforces HTTPS with strong domain locking mechanisms and integrates secure form handling via HubSpot. However, DNSSEC is not enabled, and no explicit security or incident response policies are published, which could be areas for improvement. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms aligned with GDPR requirements. Overall, the website presents a professional, trustworthy, and secure digital presence with no signs of blocking or malicious content. Strategic recommendations include enabling DNSSEC, publishing a security policy, and adding a vulnerability disclosure program to further enhance trust and security posture.

I

Intramovies

intramovies.com

53

Intramovies is an independent film distribution company with a professional online presence showcasing a curated catalogue of feature films, documentaries, classics, and restorations. The company targets film industry professionals and cinephiles, offering distribution and production services. The website is built on WordPress with modern technologies such as Bootstrap and jQuery, and includes SEO optimization and mobile responsiveness. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies are missing. The absence of WHOIS data for the domain is a concern, reducing trustworthiness despite the professional site and social media presence. Overall, the site is functional, secure, and compliant with basic privacy standards.

T

Triumph Italy S.r.l – Società Benefit

icd2025rome.org

10

The website www.icd2025rome.org serves as the official platform for the XIV International Congress of Dermatology 2025, an important global event in the healthcare sector focused on dermatology. It is organized under the auspices of several Italian dermatology societies and hosted by Triumph Italy S.r.l. The site provides comprehensive information about the congress, including scientific sessions, registration, sponsorship, and practical details for attendees. The target audience includes dermatologists, researchers, sponsors, and media professionals. The business model revolves around event organization, sponsorship facilitation, and knowledge dissemination within the dermatology community. Technically, the website is built on WordPress 6.8.3, utilizing modern libraries such as jQuery, Bootstrap, and Swiper.js for responsive design and user experience. It integrates Iubenda for privacy and cookie compliance, ensuring GDPR adherence. The site is mobile-optimized and SEO-friendly, with structured data enhancing search engine visibility. From a security perspective, the site enforces HTTPS and employs a cookie consent mechanism with granular controls. No critical vulnerabilities or exposed sensitive data were detected. However, security headers could be improved, and the addition of a security.txt file and incident response contact would enhance the security posture. Overall, the website presents a professional, trustworthy, and well-maintained digital presence for the ICD 2025 event. The lack of WHOIS data limits domain trust analysis, but the content and compliance measures support legitimacy. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure information, and continuous monitoring of third-party scripts.

P

PIXELIGHT

pixelight.it

11

PIXELIGHT is a specialized creative studio based in Italy, focusing on motion graphics, animation, and digital visual effects for film, television, and web projects. The company has established a strong market presence with a portfolio of notable clients and partners in the media industry. Their website reflects a professional and modern digital presence, leveraging WordPress and popular frontend technologies to deliver a visually appealing and user-friendly experience. The site includes comprehensive privacy and cookie policies managed through Iubenda, indicating a commitment to GDPR compliance and user privacy. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in HTTP security headers and incident response documentation. Overall, PIXELIGHT demonstrates a mature digital infrastructure suitable for its business model and industry demands.