Security Directory

A

Astuces Business

astucesbusiness.fr

55

Astuces Business is a French-language website focused on providing business advice, legal information, marketing strategies, and services to entrepreneurs and professionals. The site is built on WordPress and uses modern web technologies including jQuery, Google Tag Manager, and WP Rocket for performance optimization. The website demonstrates good SEO practices with structured data and meta tags, and it is mobile-optimized with a clear navigation structure. Security posture is adequate with HTTPS and a Content Security Policy header, though additional security headers could enhance protection. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. The absence of WHOIS data limits domain trust assessment, but the site content and technical setup appear legitimate and professional. Overall, the website serves as a niche content platform for French business audiences with moderate technical and security maturity.

W

Web Portail

web-portail.fr

52

Web Portail is a French-language online media portal providing news and informational content across a broad range of categories including business, finance, health, technology, and lifestyle. The website leverages WordPress CMS with Elementor and WP Rocket plugins, indicating a modern and maintainable technical infrastructure. The site is optimized for SEO with Yoast SEO plugin and uses Google Analytics and Google Tag Manager for visitor tracking. Security posture is moderate with HTTPS enforced and a Content-Security-Policy header present, though additional security headers could enhance protection. Privacy and cookie policies are absent, which is a compliance gap. The domain WHOIS data is unavailable, raising concerns about domain registration legitimacy and trustworthiness. Overall, the site presents professional content and design but would benefit from improved privacy compliance and domain registration transparency.

W

Web Internet

web-internet.fr

9

Web Internet is a French media website providing news and lifestyle content focused on internet-related topics and general interest categories such as Auto, Business, Family, Finance, Real Estate, Leisure, Home, Fashion, Health, and Technology. The site targets a general French-speaking audience interested in internet news and lifestyle updates. The business model appears to be content publishing with monetization likely through advertising and affiliate links. The website is small in size and operates within the media industry in France. Technically, the website is built on WordPress CMS using popular plugins such as Yoast SEO and Elementor for content management and design. It employs modern web technologies including jQuery, Google Fonts, and WP Rocket for performance optimization. The site is well optimized for SEO and mobile devices, with fast loading times and structured data implemented via JSON-LD. The hosting provider is not explicitly identified. From a security perspective, the website enforces HTTPS and includes a Content-Security-Policy header to upgrade insecure requests. It uses deferred and lazy loading scripts to improve performance and reduce attack surface. However, additional security headers like HSTS, X-Content-Type-Options, and X-Frame-Options are missing. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is limited as no explicit privacy or cookie policies were found, and no contact information for incident response or data protection officers is provided. Overall, the website presents a professional and trustworthy front with good content quality and technical implementation. The main risk factor is the absence of WHOIS data, which limits domain legitimacy verification. Strategic recommendations include adding comprehensive privacy and cookie policies, enhancing security headers, publishing a security.txt file for vulnerability disclosure, and providing clear contact information to improve trust and compliance.

T

Thinwhite - Tim Hack & Phil Daniels

thinwhite.co.uk

52

Thinwhite, operated by Tim Hack and Phil Daniels, is a small, established graphic design and web development agency based in Gloucestershire, UK. With over 20 years of experience, the company offers creative solutions in print, branding, web design, and SEO, targeting artisan and niche businesses. The website reflects a professional and client-focused approach, emphasizing transparency and quality service without retainers. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and WPBakery Page Builder, ensuring good SEO and user experience. The site is mobile-optimized and uses standard web technologies including jQuery and FontAwesome. Hosting is provided by 123-Reg Limited, consistent with the UK location. Security posture is solid with HTTPS enforced, CAPTCHA on contact forms, and a GDPR-compliant cookie consent mechanism. However, explicit security headers are not detected and could be improved. No vulnerabilities or exposed sensitive data were found. Privacy policies are present and comprehensive enough for GDPR compliance. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic recommendations include enhancing security headers, conducting regular security audits, and publishing a formal security policy to further strengthen trust and compliance.

J

Jubla Heitenried

jublaheitenried.com

56

Jubla Heitenried is a small, local youth organization based in Switzerland, focused on community engagement and youth events such as camps and seasonal celebrations. The website is hosted on WordPress.com and uses common plugins like Yoast SEO and Jetpack to manage content and analytics. The technical infrastructure is modern and adequate for a small non-profit organization, with good mobile optimization and SEO practices. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are absent, indicating a gap in compliance. Contact is primarily through a web form and social media channels. Overall, the website is functional and professional but could improve in privacy and security policy transparency.

J

Jungwacht Blauring Allschwil

jubla-allschwil.ch

55

Jungwacht Blauring Allschwil is a Swiss non-profit youth organization focused on providing engaging leisure activities and diverse holiday camps for children and adolescents. The organization aims to offer a pressure-free environment to foster the versatile skills of children through playful programs. The website reflects a local community-oriented entity with a clear target audience of youth and families in Allschwil, Switzerland. Their business model centers on community engagement and youth development rather than commercial profit. Technically, the website is built on the Neos CMS platform with a custom framework (Ongoing.Base), utilizing modern web technologies such as lazy loading, slick sliders, and Google Fonts. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Performance is moderate, with room for improvement in accessibility and SEO. From a security perspective, the site enforces HTTPS and uses deferred script loading and lazy loading for performance and security benefits. However, it lacks visible security headers and explicit privacy or cookie consent mechanisms, which are important for GDPR compliance. No incident response or vulnerability disclosure policies are published, indicating room for maturity in security governance. Overall, the website is trustworthy and professional, with a strong community focus and good digital presence. The main risks relate to privacy compliance and security best practices, which can be improved to enhance user trust and regulatory adherence.

J

Jubla Muttenz

jubla-muttenz.ch

56

Jubla Muttenz is a local non-profit youth organization based in Muttenz, Switzerland, focused on providing engaging leisure activities and holiday camps for children and adolescents. The website serves as a community portal offering event agendas, contact information, and multimedia content to support its mission. The organization maintains a consistent brand presence and leverages social media channels such as Instagram and Facebook to engage its audience. Technically, the website is built on a custom CMS framework (Ongoing.Base) and employs modern web technologies including HTML5, CSS3, and JavaScript libraries like Slick Carousel. The site is mobile-optimized and demonstrates good SEO practices with structured data markup and meta tags. Security-wise, the site enforces HTTPS with excellent SSL configuration but lacks several security headers and explicit privacy compliance mechanisms such as cookie consent banners. No vulnerability disclosure or incident response policies are published, which could be improved to enhance trust and compliance. Overall, the website is professional, trustworthy, and well-suited for its community-focused mission, but could benefit from enhanced privacy and security policies to align with GDPR and modern best practices.

J

Jubla Birsfelden

jubla-birsfelden.ch

52

Jubla Birsfelden is a local non-profit youth organization based in Birsfelden, Switzerland, offering engaging leisure activities and diverse holiday camps primarily targeted at children and adolescents. The website serves as an information hub for their groups, events, and camp registrations, reflecting a community-focused business model with a strong local presence. Their market position is that of a trusted youth organization within their community, supported by active social media channels and clear contact information. Technically, the website is built on the Ongoing CMS platform, utilizing modern web technologies such as HTML5, CSS3, JavaScript, and responsive design elements to ensure good mobile optimization and user experience. The site loads moderately fast and includes SEO-friendly metadata and structured data for enhanced search visibility. Security-wise, the website enforces HTTPS and avoids exposing sensitive data, but lacks some security headers and explicit incident response contacts. Privacy compliance is partially addressed with a privacy policy present, though cookie consent mechanisms are absent. Overall, the site demonstrates a good security posture with room for improvement in privacy and security best practices. The domain registration data aligns well with the website's claims, indicating legitimacy and trustworthiness. Strategic recommendations include implementing security headers, adding cookie consent, and establishing a vulnerability disclosure channel to enhance compliance and security posture.

FUBIC is a German innovation center focused on transforming a former hospital site into a technology quarter emphasizing life sciences, health economy, and ICT. The project is notable for pioneering an all-electric, 100% renewable energy supply system for the campus, supported by a consortium of universities, startups, and energy companies, funded by the German Federal Ministry for Economic Affairs and Climate Action. The website is well-designed, content-rich, and uses modern web technologies, providing comprehensive information about the project, news updates, and multimedia resources. Security posture is adequate with HTTPS usage but lacks visible security headers and cookie consent mechanisms. WHOIS data is unavailable, likely due to privacy protection, but the website's legitimacy is supported by its institutional affiliations and funding. Overall, the site presents a professional and trustworthy digital presence for a medium-sized research and innovation entity in the energy sector.

J

Jungwacht Blauring Schweiz

jubla.ch

56

Jungwacht Blauring Schweiz is a well-established non-profit youth organization focused on providing meaningful leisure activities and camps for children and adolescents in the German-speaking part of Switzerland. The organization operates through a large network of approximately 400 local groups, offering structured programs and volunteer opportunities. The website reflects a professional and consistent brand image, targeting families and youth participants. Technically, the site leverages modern web technologies including Google Tag Manager, Hotjar, and Google Maps API, built on the TYPO3 Neos CMS framework. The site is mobile-optimized with good SEO and accessibility basics. Security posture is solid with HTTPS and some security best practices, though explicit security headers and policies are not fully implemented. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the domain registration aligns well with the organization's claims, supporting legitimacy and trustworthiness.

P

Privacy service provided by Withheld for Privacy ehf

tvguide.asia

60

TVGuide.asia is a specialized online media platform offering detailed TV guide and scheduling information primarily for the Australia ACT, Canberra region, with multi-genre and multi-language support. The website targets TV viewers seeking comprehensive and up-to-date channel listings and program schedules. The business model appears to be advertising-supported, leveraging Google Adsense and other ad networks to monetize traffic. The platform also maintains partnerships with related TV guide services such as tvepg.eu and americatvguide.com. Technically, the website employs modern web technologies including Google Fonts, FontAwesome, Google Tag Manager, and Facebook SDK, hosted behind Cloudflare DNS services. The site is mobile-optimized with good navigation and content relevance, though accessibility features are basic. Security posture is adequate with HTTPS enforced and domain transfer protection enabled, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy or terms of service pages detected. Overall, the website is functional and professional but could improve in security and compliance documentation.

A

AmericaTVGuide.com

americatvguide.com

51

AmericaTVGuide.com is a niche media website providing comprehensive TV guide and schedule listings primarily for the United States, with multi-language and multi-country support. The site aggregates channel and program data from various partners and sources, offering users detailed listings across genres such as movies, sports, music, and documentary. The business model appears to be content aggregation monetized through advertising. Technically, the site uses modern web technologies including FontAwesome, Google Fonts, Google Adsense, and Facebook SDK, hosted behind Cloudflare DNS and CDN services. The website is mobile-optimized and offers a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and domain locks in place, but lacks DNSSEC and security headers, and does not provide privacy or cookie policies, which are compliance gaps. Overall, the domain registration is consistent and legitimate, supporting the business claims. The site is safe for general audiences with no adult or questionable content detected.

W

WAT - Wiener Arbeiter Turn- und Sportverband

wienlaeuft.at

42

Wienläuft is a community-focused running and sports initiative operated by the Wiener Arbeiter Turn- und Sportverband (WAT) in Vienna, Austria. The organization provides running events, training sessions, and community sports activities targeting local sports enthusiasts and runners. The website serves as an information hub for upcoming events, news, and partner collaborations, positioning Wienläuft as a key local non-profit sports organizer in Vienna. Technically, the website is built on the Internetkonzepte.at CMS platform and utilizes common web technologies such as jQuery, Font Awesome, and Google Fonts. It features responsive design elements and moderate performance, with basic SEO and accessibility implementations. The site integrates social media plugins and cookie consent mechanisms, reflecting a moderate level of digital maturity. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data. However, it lacks advanced security headers and a formal security policy or vulnerability disclosure mechanism. Privacy compliance is addressed through a GDPR-compliant privacy policy and cookie consent banner. Contact information is clearly provided, enhancing business credibility. Overall, Wienläuft presents a trustworthy and professional online presence suitable for its community sports mission. Strategic improvements in security headers, accessibility, and formal security policies would further strengthen its posture and compliance.

Indiegogo is a well-established crowdfunding platform that enables creators to launch and manage fundraising campaigns globally. The platform offers comprehensive services including campaign hosting, pledge management, and performance marketing. It targets creators and backers interested in innovative projects and has a strong market position as one of the leading crowdfunding platforms worldwide. The website is professionally designed with excellent content quality and clear navigation, optimized for mobile and desktop users alike. Technically, Indiegogo employs a modern technology stack including secure payment gateways (Adyen, Stripe, Apple Pay, Google Pay), advanced analytics (Google Analytics 4, Facebook Pixel, Microsoft Clarity), and robust error tracking (Rollbar). Security best practices are observed with HTTPS enforcement, security headers, and bot protection via reCaptcha. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant. Contact information is clearly provided, enhancing business credibility. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, Indiegogo demonstrates a mature digital infrastructure and a strong security posture, suitable for its large enterprise scale and global audience.

Indiegogo is a prominent global crowdfunding platform that enables creators to launch projects and manage pledges effectively. The platform targets both creators seeking funding and backers interested in supporting innovative projects. Indiegogo offers key services including crowdfunding campaign hosting, pledge management, and marketing services to help creators reach their audience. The website is professionally designed with consistent branding and clear navigation, reflecting its large enterprise status in the technology sector. From a technical perspective, Indiegogo employs a modern technology stack including JavaScript frameworks, payment integrations with Adyen, Stripe, Google Pay, and Apple Pay, and uses analytics tools such as Google Analytics 4, Facebook Pixel, and Microsoft Clarity. The site is optimized for performance and mobile responsiveness, ensuring a smooth user experience across devices. Security-wise, the platform enforces HTTPS, implements multiple security headers, and uses bot prevention mechanisms like reCAPTCHA. Payment processing is secured through trusted providers, and error tracking is managed via Rollbar. While explicit security policies and vulnerability disclosure pages are not found, the overall security posture is strong with no evident vulnerabilities. Overall, Indiegogo presents a trustworthy and professional online presence with comprehensive privacy and cookie policies, multiple contact channels, and a high level of technical and security maturity. The lack of WHOIS data is attributed to privacy protection, which is justified for this type of business. Strategic recommendations include publishing detailed security policies and vulnerability disclosure information to enhance transparency and trust.

미

미디어펜

mediapen.com

56

미디어펜 is a Korean news media company providing comprehensive news coverage across multiple sectors including economy, industry, politics, global affairs, entertainment, sports, and real estate. The website is well-structured with a professional design and consistent branding, targeting a general Korean-speaking audience interested in current affairs. The business model is primarily advertising-driven, supported by partnerships and sponsored content. The company appears to be medium-sized with a founding date around 2008, operating from a physical office in Seoul, South Korea. Technically, the website employs modern web technologies such as Google Tag Manager, Swiper.js for UI components, and Google Publisher Tags for advertising. The site uses HTTPS and includes a consent management platform for cookie and privacy compliance, although mobile optimization and accessibility are basic. The site loads multiple external resources from trusted domains, indicating a mature digital infrastructure. From a security perspective, the site uses HTTPS but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is basic with visible cookie consent mechanisms and a privacy policy page, but GDPR compliance is uncertain. The absence of WHOIS registration data is a notable concern, reducing the domain's trustworthiness despite the professional appearance of the website. Overall, the site is a credible and professional news media platform with moderate technical maturity and basic privacy compliance. The main risk lies in the missing WHOIS data, which should be investigated further to confirm domain legitimacy and ownership. Strategic improvements in security headers, mobile optimization, and transparency around security policies would enhance trust and compliance.

S

Scottish Funding Council

sfc.ac.uk

66

The Scottish Funding Council (SFC) is Scotland’s national authority responsible for funding and overseeing tertiary education and research. The organization supports colleges and universities across Scotland to sustain a world-leading education and research system that benefits students and society. The website reflects a mature, government-backed entity with a clear mission and comprehensive service offerings including funding, assurance, skills development, and research innovation. The target audience includes educational institutions, students, researchers, and policy makers within Scotland. Technically, the website is built on WordPress with modern plugins and SEO optimizations, delivering a responsive and accessible user experience. Security posture is strong with HTTPS, cookie consent mechanisms, and no visible vulnerabilities, although explicit security headers could be enhanced. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR and UK regulations.

B

baoo Technologies GmbH

yourhomie.ai

63

homie AI, operated by baoo Technologies GmbH, is a modern SaaS platform providing AI-powered chat assistants designed to enhance customer communication and sales conversion for online retailers and enterprises. The platform emphasizes quick integration, GDPR compliance, and enterprise readiness, positioning itself as a trusted solution for European retail businesses. The website content is professional and well-structured, targeting online shops seeking AI-driven customer support and upselling capabilities. Technically, the website is built on Webflow CMS with integrations including Google Fonts and Google Tag Manager for analytics. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. From a security and compliance perspective, the site claims GDPR compliance and hosts data within the EU. However, it lacks a visible cookie consent mechanism and explicit security or incident response policies. No vulnerabilities or suspicious content were detected. WHOIS data shows privacy protection usage, consistent with a new tech startup founded in 2024, and domain registration aligns with the business timeline. Overall, homie AI presents a credible, professional online presence with room for improvement in security headers, cookie consent, and incident response transparency. The risk level is low, but addressing these gaps will strengthen trust and compliance.

A

ARTe Kunstmessen GmbH

arte-kunstmesse.de

59

ARTe Kunstmessen GmbH is a small German company specializing in organizing contemporary and classical modern art fairs across multiple cities in Germany. Their website presents a professional and well-structured platform showcasing upcoming events, galleries, and artists, targeting art collectors and enthusiasts. The business model revolves around event organization and ticket sales, positioning them as a regional leader in art fair hosting. Technically, the website is built on WordPress using the Bricks builder theme, hosted by Raidboxes, and employs modern web technologies with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced but lacks advanced security headers and cookie consent mechanisms, indicating room for improvement in GDPR compliance and security best practices. Overall, the domain registration and hosting details align well with the business claims, supporting legitimacy and trustworthiness.

B

BECOMTECH

becomtech.fr

58

BECOMTECH is a French organization dedicated to promoting gender diversity and equality in the IT and digital sectors, where women are underrepresented. The website serves as an advocacy and educational platform targeting a general audience interested in technology and social inclusion. The organization appears to be a small-sized entity founded in 2018, with a clear mission to foster inclusivity in technology fields. Technically, the website is built on WordPress using the Divi theme, incorporating modern web technologies such as Google Analytics for user tracking and Google Fonts for typography. The site is mobile optimized and presents a professional design with good navigation and content relevance. Security-wise, the site enforces HTTPS and implements a cookie consent banner, but lacks advanced security headers and explicit security or incident response policies. WHOIS data confirms the domain's legitimacy and consistency with the organization's profile. Overall, the website is trustworthy and functional but could improve in privacy compliance and security best practices.

T

TVEpg.eu

tvepg.eu

64

TVEpg.eu is a specialized online media service providing comprehensive TV program guides primarily for Finland, with additional coverage of European and other countries' channels. The website offers multi-language support and detailed channel listings, targeting TV viewers seeking up-to-date program schedules. The business model appears to be advertising-supported, leveraging Google Adsense and social media presence to engage users. The site is hosted via GoDaddy.com, LLC and uses modern web technologies including Bootstrap, Google Fonts, and JavaScript libraries for enhanced user experience. The technical infrastructure supports mobile optimization and reasonable performance, although accessibility features are basic. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks explicit security policies or incident response information. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures.

O

Ombud-PostCom

ombud-postcom.ch

64

Ombud-PostCom is a neutral arbitration service operating under the Swiss Federal Post Commission (PostCom) to resolve civil disputes related to postal services in Switzerland. The website serves as an official platform providing information, dispute submission forms, and annual reports in multiple languages (German, French, Italian, English), targeting both private and business customers within Switzerland. The business model is non-profit and government-affiliated, focusing on avoiding costly and lengthy court proceedings through mediation.

W

webEdition e.V.

webedition.org

47

webEdition e.V. operates the website www.webedition.org, offering an open source web application framework and content management system established since 2001. The platform targets developers, agencies, and content editors seeking scalable and flexible CMS solutions with full control over code. The business model is community-driven, supported by a partner network and licensing variants. The website is professionally designed, content-rich, and well-structured, primarily in German, reflecting a mature and active technology project. Technically, the site uses the webEdition CMS platform with PHP, MySQL, JavaScript, Bootstrap, and jQuery, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS and Content-Security-Policy headers, though some CSP directives allow 'unsafe-inline' scripts, which could be improved. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent modal, and GDPR adherence. However, WHOIS data is unavailable or malformed, limiting domain trust verification. Overall, the site demonstrates high professionalism and trustworthiness with minor areas for security enhancement.

Contenthub is a specialized platform serving the Jubla scout community by providing content elements, blogs, and detailed instructions to assist in website management and migration. The platform targets scout group administrators and offers a niche service focused on content reuse and website support. Technically, the website is built on Neos CMS with modern web technologies, hosted likely behind Cloudflare, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and cookie consent mechanisms are missing. Overall, the site is professional, trustworthy, and safe for general audiences.

I

Impulse

plumpopup.com

64

Impulse is a SaaS company offering an all-in-one no-code solution to boost sales for e-commerce stores by providing banners, timers, forms, and popups. The platform targets e-commerce marketers and store owners seeking easy-to-use tools to increase conversions and engagement. The website is professionally designed, mobile-optimized, and integrates modern technologies such as Webflow CMS, Google Tag Manager, and Crisp Chat for customer support. Security posture is strong with HTTPS enforced and CAPTCHA protection on forms, though some security headers are missing and cookie consent mechanisms are absent. The domain is newly registered with privacy protection, consistent with a startup business. Overall, the website demonstrates a mature digital presence with good trust signals and user experience.

The website www.oneclickreporting.com/1clickreporting/ serves as a login portal for one-click reporting services, likely provided by Bankhaus Metzler, a reputable German financial institution. The portal targets clients requiring secure access to financial reporting tools. The site is primarily in German with an English option, reflecting a professional and client-focused service. The business model centers on providing secure online access to financial data and reporting services, positioning itself as a specialized service platform within the finance sector. Technically, the site is built using JavaServer Faces (JSF) with PrimeFaces UI components, jQuery, and Font Awesome for styling and interactivity. The presence of Google Fonts indicates some attention to design aesthetics. The site shows moderate performance and basic mobile optimization, with room for improvement in accessibility and SEO. The cookie consent mechanism is implemented, indicating awareness of privacy compliance requirements. From a security perspective, the site uses HTTPS and implements a cookie consent banner, but lacks visible security headers such as Content-Security-Policy or HSTS in the provided HTML content. No contact information or incident response details are present on the login page, and WHOIS data for the domain is unavailable, which raises concerns about domain legitimacy. However, the strong association with Bankhaus Metzler and links to their official domain for legal and privacy information mitigate some of these concerns. Overall, the site presents a professional and secure interface for its intended users but would benefit from enhanced security headers, improved transparency in contact and incident response information, and resolution of WHOIS data inconsistencies to strengthen trust and compliance.

P

PubliReno GmbH

publireno.ch

48

PubliReno GmbH is a small Swiss company specializing in the retail of regional books and publications primarily from the canton of Graubünden. Their online presence is a WordPress-based e-commerce platform using WooCommerce and Elementor, offering a catalog of over 500 titles from various local publishers. The website is professionally designed with good navigation and mobile optimization, targeting readers interested in regional literature. Technically, the site uses modern web technologies but lacks some advanced security headers and GDPR cookie consent mechanisms. Security posture is adequate with HTTPS and reCAPTCHA integration but could be improved by publishing security policies and enhancing privacy compliance. Overall, the business appears legitimate with consistent WHOIS data and clear contact information, though privacy and security policies should be enhanced to meet higher compliance standards.

T

TCR Store

tcrstore.com

60

TCR Store is a newly launched e-commerce website specializing in official racing merchandise, apparel, and collectibles related to TCR racing. The site targets racing enthusiasts and fans looking to purchase premium branded merchandise. The business operates on the Squarespace platform, leveraging its hosting and content management capabilities. The website demonstrates good design quality, mobile optimization, and clear navigation, providing a professional shopping experience. However, it lacks critical compliance documents such as privacy and cookie policies, and does not provide explicit contact information, which may impact user trust and regulatory compliance. Security posture is adequate with HTTPS and HSTS enabled, but DNSSEC is not configured, and additional security headers are missing. Overall, the site is functional and trustworthy for e-commerce but requires improvements in privacy compliance and security best practices.

D

Direktoratet for forvaltning og økonomistyring (DFØ)

doffin.no

67

Doffin.no is an official Norwegian government website operated by the Direktoratet for forvaltning og økonomistyring (DFØ). It serves as a comprehensive database for public procurement announcements, enabling public sector entities and suppliers to access procurement data to improve transparency and decision-making. The platform holds a strong market position as the national official source for public procurement information in Norway, targeting government agencies and suppliers. The website is well-branded, consistent, and professionally designed with a focus on usability and accessibility. Technically, the site leverages modern web technologies including React and Matomo analytics, ensuring a responsive and accessible user experience. The site is served over HTTPS with appropriate security headers, reflecting a good security posture. However, it lacks visible cookie consent mechanisms and published security or incident response policies, which are areas for improvement to enhance privacy compliance and transparency. Security-wise, the platform demonstrates good practices such as HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. The absence of a vulnerability disclosure policy and incident response contact reduces transparency but does not indicate immediate risk. Overall, the site is trustworthy and secure for its intended audience. The overall risk assessment is low, with recommendations focusing on improving privacy compliance by implementing cookie consent, publishing security policies, and adding terms of service. These steps will strengthen user trust and regulatory adherence while maintaining the platform's role as a critical government service.

Q

Qwellcode GmbH

qwellcode.de

10

Qwellcode GmbH is a German software development company specializing in custom software solutions for industry and small to medium-sized enterprises (KMUs). Established since 2013, the company offers a broad range of services including web development, e-commerce, mobile applications, virtual reality, and blockchain technologies. Their market position is that of an experienced, innovative agency with international reach and a focus on modern technologies. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their target audience. Technically, the site is built on OctoberCMS with modern frontend technologies and is hosted behind Cloudflare DNS, ensuring good performance and security. The site is mobile optimized and SEO friendly, although accessibility features are basic. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and publicly available security policies. No critical vulnerabilities or exposed sensitive data were detected. Overall, the domain registration and WHOIS data align well with the business claims, supporting legitimacy and trustworthiness.

W

WSC GROUP

tcr-series.com

68

WSC GROUP is a Swiss-based company founded in 2014 specializing in motorsport rule-making and service provision, particularly in touring car racing categories such as TCR and ETCR. The company has established itself as a leader in global touring car racing and electric vehicle racing, also expanding into SIM racing competitions. The website is professionally designed using Squarespace, featuring good content quality and clear navigation targeted at motorsport professionals and enthusiasts. Technically, the site uses modern web technologies and is hosted on Squarespace's platform with HTTPS and HSTS enabled, ensuring a secure connection. However, the site lacks comprehensive privacy and cookie policies, contact information, and additional security headers, which are areas for improvement. The WHOIS data is privacy protected, which is common for corporate domains, and no suspicious patterns were detected. Overall, the site presents a moderate to high level of business credibility and security posture but would benefit from enhanced privacy compliance and security best practices.

I

ISTAF INDOOR

istaf-indoor.de

51

ISTAF INDOOR is a professional athletics event organization operating primarily in Berlin and Düsseldorf, Germany. The website serves as a digital platform to promote world-class indoor track and field events, targeting sports enthusiasts and attendees. The business model revolves around event promotion, ticket sales, and providing information about athletics competitions. The site positions itself as a reputable event organizer with a consistent brand presence and active social media engagement. Technically, the website is built on WordPress using the Divi theme and several well-known plugins such as LayerSlider, Contact Form 7, and Real Cookie Banner for GDPR compliance. The infrastructure is hosted on rzone.de, with modern web technologies including Google Fonts, Font Awesome, and Google reCAPTCHA integrated for enhanced user experience and security. Performance is moderate with good mobile optimization and SEO practices. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR requirements. While explicit security headers are not fully confirmed, the use of reCAPTCHA and absence of exposed sensitive data indicate a reasonable security posture. However, the site lacks a public security policy or incident response contact, which could be improved to enhance trust and readiness. Overall, ISTAF INDOOR presents a professional and trustworthy online presence with good compliance to privacy regulations and a solid technical foundation. Strategic improvements in security transparency and incident response readiness are recommended to further strengthen its security posture and business credibility.

L

Landessportbund Berlin

berlin-hat-talent.de

44

Berlin hat Talent is a well-established non-profit initiative supported by the Landessportbund Berlin and the Berlin Senate Department for Education, Youth and Science. The initiative focuses on promoting sports and physical activity among children in Berlin through programs such as Bewegungsfördergruppen and Talentiaden. The website reflects a professional and consistent brand presence with strong government and sports federation partnerships. Technically, the site is built on WordPress with a modern plugin ecosystem, providing good SEO and mobile optimization. Security posture is adequate with HTTPS enforced, but lacks some security headers and a cookie consent mechanism, which are areas for improvement. Overall, the site is trustworthy, safe, and serves its target audience effectively.

E

Evangelisch-reformierte Kirche des Kantons Basel-Stadt

erk-bs.ch

69

The Evangelisch-reformierte Kirche des Kantons Basel-Stadt website serves as the official online presence for the regional Protestant church in Basel-Stadt, Switzerland. It provides comprehensive information about church services, events, community programs, and pension fund management. The site targets church members and the local community, offering timely updates and resources in German. The business model is non-profit and community-oriented, focusing on religious and social services within the canton. Technically, the website is built on the kirchenweb.ch CMS platform, utilizing common web technologies such as jQuery and Owl Carousel. The site is mobile-optimized and presents a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and includes some security headers, but lacks explicit security policies and vulnerability disclosure mechanisms. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is trustworthy and legitimate, with domain registration details consistent with the organization's identity.

K

K2 Consultancy Ltd

k2cm.co.uk

61

K2 Consultancy Ltd operates the website www.k2cm.co.uk, providing specialized construction management services in the UK. Their business model focuses on delivering end-to-end construction management solutions that enhance financial control, risk mitigation, and collaboration among clients, design teams, and construction teams. The company positions itself as a flexible and innovative partner in complex building projects, supported by ISO certifications and a portfolio of high-profile projects. Technically, the website is built on WordPress with modern frameworks like Bootstrap and includes SEO optimizations and multimedia content, reflecting a mature digital presence. Security posture is good with HTTPS enforced and secure forms, though some security headers and consent mechanisms could be improved. Overall, the website is professional, trustworthy, and well-structured, supporting the company's credibility in the construction sector.

W

Walker Sime

walkersime.co.uk

61

Walker Sime is a UK-based multi-disciplinary construction consultancy established in 2000, offering professional services such as quantity surveying and project management. The company positions itself as a trusted and well-liked consultancy within its niche, targeting clients who require expert construction consultancy services. The website reflects a professional business model with consistent branding and good content quality, supporting its market position. Technically, the website is built on WordPress using modern technologies including WPBakery Page Builder, Google Analytics, and LinkedIn Insight tags, indicating a moderate level of digital maturity. The site is mobile-optimized and SEO-friendly, though accessibility features could be improved. Security posture is generally good with HTTPS enforced and use of reCAPTCHA, but lacks some security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

SoCal NOMA is a regional chapter of the National Organization of Minority Architects focused on advancing education and careers for historically underrepresented groups in architecture and allied design professions. The organization offers educational programs, professional development, advocacy, and community engagement primarily in Southern California. Their website reflects a small non-profit with a clear mission and active community involvement. Technically, the site is built on WordPress, using modern libraries such as jQuery, Bootstrap, and Smart Slider 3, hosted on Bluehost. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is moderate with HTTPS enabled and domain transfer protections, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration is consistent with the organization's history and supports legitimacy.

Jobbnorge.no is a Norwegian online recruitment platform focused on connecting job seekers with employers across Norway. The website offers job search functionality and recruitment tools, positioning itself as an important player in the Norwegian recruitment market. The platform targets both job seekers and employers, providing a streamlined experience for finding and posting jobs. The business model revolves around providing digital recruitment services and tools to facilitate hiring processes. Technically, the website employs modern technologies including ASP.NET, Matomo analytics, and Cloudflare for hosting and security. It features a comprehensive cookie consent mechanism compliant with GDPR, enhancing user privacy and transparency. Security posture is strong with HTTPS enforced and device fingerprinting used for security purposes, although some security headers could be improved. Overall, the website is professional, well-branded, and trustworthy, with good mobile optimization and accessibility. However, the lack of publicly available WHOIS data slightly reduces trust but is likely due to privacy protection. Strategic recommendations include publishing a privacy policy page, terms of service, and a vulnerability disclosure policy to further enhance compliance and trust.

AB Hyllteknik is a well-established Swedish manufacturer specializing in strong and flexible shelving and sken systems since 1957. The company serves B2B customers primarily in the Nordic region, including offices, schools, libraries, and furniture resellers. Their product portfolio includes office furniture, library shelving, school cloakroom furniture, and related interior systems. The website reflects a mature business with a consistent brand presence and a clear market position as a leader in their niche. Technically, the site uses a modern tech stack with popular JavaScript libraries, CDN hosting, and standard analytics tools, providing a good user experience with mobile optimization and SEO best practices. Security posture is solid with HTTPS and CSRF protections, though improvements are recommended in DNSSEC deployment and security headers. Privacy compliance is basic with cookie usage disclosed but lacking a formal privacy policy and consent mechanism. Overall, the domain registration data supports the legitimacy and trustworthiness of the business, with a domain age consistent with the company's long history.

S

Sozialhelden e.V.

sozialhelden.de

68

Sozialhelden e.V. is a German non-profit organization dedicated to promoting inclusion and accessibility for people with disabilities. Founded in 2004 by Raúl Krauthausen and others, the organization engages in political campaigns, app development, consulting, and empowerment initiatives. Their website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content focused on their mission. The target audience includes people with disabilities, companies, media professionals, and the general public interested in disability mainstreaming. Technically, the site is built on Webflow CMS, hosted via Cloudflare, and uses modern web technologies including Matomo for analytics and Klaro for cookie consent, ensuring GDPR compliance. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the website is trustworthy, well-maintained, and aligned with the organization's mission.

C

Cheltenham Civic Society

cheltcivicsoc.org

38

Cheltenham Civic Society is a small non-profit organization dedicated to promoting civic pride, heritage conservation, and high standards in urban design within Cheltenham, UK. The society operates as a registered charity and engages the community through campaigns, events, and acting as a formal consultee to the local planning authority. Their website reflects a well-structured and content-rich platform that supports their mission and community engagement efforts. Technically, the website is built on WordPress using modern plugins and libraries, with good SEO and mobile optimization. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be enhanced. Privacy compliance is strong with clear policies and GDPR adherence. Overall, the website is professional, trustworthy, and serves its target audience effectively.

S

Studio Partington

studiopartington.co.uk

10

Studio Partington is an award-winning architectural practice based in London, specializing in architecture, placemaking, sustainability, and guidance writing. The firm targets clients seeking professional architectural and masterplanning services, positioning itself as a reputable medium-sized business in the real estate sector. The website reflects a professional image with consistent branding and clear contact information, supported by active social media profiles on LinkedIn and Instagram. Technically, the website is built on the Squarespace platform, leveraging modern web technologies including Typekit fonts and Google Fonts. It is mobile-optimized with good SEO practices and moderate performance. Security is robust with HTTPS enforced and HSTS enabled, though additional security headers could enhance protection. Privacy compliance is basic, with a cookie consent banner present but no explicit privacy or terms of service pages found. The WHOIS lookup failed due to querying the subdomain rather than the root domain, resulting in no registrar or registration data. Despite this, the website appears legitimate and professionally maintained, with no signs of malicious activity. Overall, the site scores well on content quality, technical implementation, security posture, and business credibility, with room for improvement in privacy policy transparency and security header implementation.

A

Arquine

arquine.com

49

Arquine is an established international architecture and design magazine primarily serving Spanish-speaking audiences, founded in 1999. The website operates on a WordPress CMS platform with WooCommerce integration, hosted on DigitalOcean infrastructure. It employs modern web technologies including Google Fonts, Google Analytics, TikTok and Facebook tracking pixels, and Google Tag Manager, indicating a mature digital marketing and analytics setup. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of visible privacy and cookie policies, which could expose the organization to regulatory risks. No direct contact or incident response information is provided, limiting transparency and user trust. Overall, the site is professional and content-rich but would benefit from improved privacy and security practices.

융

융코리아 일렉트릭(주)

jung-korea.com

64

융코리아 일렉트릭(주) is a Korean-based manufacturer and distributor specializing in premium electrical wiring devices and smart building automation solutions, representing the German brand JUNG. The company operates a professional e-commerce website hosted on the Cafe24 platform, targeting both B2B and B2C customers interested in high-quality electrical products and smart home/building solutions. Their market position is that of a premium brand distributor with a solid presence in Korea, supported by a comprehensive product catalog and active social media engagement. Technically, the website employs modern JavaScript libraries and frameworks such as jQuery, Fullpage.js, and AOS for animations, with Google Analytics integrated for user tracking. The site is hosted on Cafe24, a popular Korean e-commerce platform, ensuring stable infrastructure but with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enforced and domain transfer protections, but lacks advanced DNS security (DNSSEC) and security headers, which are recommended for enhanced protection. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional and trustworthy but could improve in security and privacy compliance to meet higher standards.

U

UIFA Japon - 国際女性建築家会議 日本支部

uifa-japon.com

57

UIFA Japon is the Japanese branch of the International Union of Women Architects, a non-profit organization dedicated to supporting women architects through international exchange, professional development, and information sharing. The website serves as an information portal for members and interested parties, offering newsletters, event information, and organizational details. The organization has a niche but established presence with a history dating back to 1992 in Japan and internationally since 1963. Technically, the website is built on WordPress using a modern theme and plugins, with responsive design and moderate performance. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced security headers and DNSSEC. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact is primarily via a web form, with social media presence on Facebook and YouTube. Overall, the site is professional and trustworthy but could improve in security and privacy transparency.

H

Holidu Hosts GmbH

bookiply.com

76

Bookiply is a vacation rental management platform focused on helping hosts maximize bookings and reduce administrative workload. It operates primarily in Europe and is part of the Holidu Group, a recognized entity in the hospitality sector. The website offers a comprehensive suite of services including property listing, channel management, and personal support for hosts. The company targets vacation rental owners and agencies, providing an all-in-one solution to increase visibility and revenue. Technically, the website is built using modern web technologies such as React and Next.js, hosted on AWS in Ireland, and integrates multiple analytics and marketing tools including Google Analytics, Hotjar, and Facebook Pixel. The site is well-optimized for performance, mobile responsiveness, and SEO, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs standard security headers, and uses cookie consent mechanisms aligned with GDPR requirements. However, explicit security policies and incident response contacts are not publicly disclosed, which could be improved. The WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is mitigated by the professional presentation and detailed imprint. Overall, Bookiply presents a trustworthy and professional online presence with strong compliance and technical maturity. Strategic improvements in transparency around security policies and incident response would enhance its security posture and trustworthiness further.

G

Groupement FLO

groupement-flo.com

56

Groupement FLO operates as a French transport and logistics network comprising 110 member companies distributed across France. Established since 1993, it offers diversified services in seven transport and logistics sectors, emphasizing productivity and innovation. The website presents a professional and consistent brand image with comprehensive content including member listings, news updates, and service descriptions. Technically, the site is built on CMS Made Simple with modern JavaScript libraries and Google services integration, providing good mobile optimization and user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking some advanced security headers and explicit incident response policies. The absence of WHOIS registration data for the domain is a notable concern, impacting domain legitimacy verification. Overall, the site is credible and business-focused but would benefit from enhanced transparency on domain registration and security policies.

A

Alliance Française de Bâle

af-bale.ch

55

The Alliance Française de Bâle is a small non-profit cultural association dedicated to promoting the French language and culture in the Basel region and surrounding border areas. The website serves as a platform to announce and organize francophone events such as conferences, guided visits, courses, theatre, cinema, concerts, and clubs. It targets French speakers and cultural enthusiasts locally, positioning itself as a niche cultural promoter within the community. Technically, the website is built on WordPress with common plugins such as Events Manager and uses jQuery for interactivity. The site is served over HTTPS with a valid SSL certificate, but lacks advanced security headers and cookie consent mechanisms. The site is moderately optimized for performance and accessibility, with basic mobile responsiveness and SEO features. From a security perspective, the site enforces HTTPS but does not implement key HTTP security headers like CSP or HSTS. There is no visible privacy or cookie policy compliance mechanism, and no incident response or vulnerability disclosure information is provided. Analytics tracking is present via a plugin but not configured, indicating minimal user tracking. Overall, the website is trustworthy and professionally maintained for its purpose but would benefit from enhanced security practices and privacy compliance improvements to better protect users and meet regulatory requirements.

ISUZU France operates as a commercial vehicle manufacturer and distributor, focusing on trucks and pickups such as the D-MAX and Truck series. The website serves French-speaking customers with detailed product information, dealer locators, and customer service resources. The company is positioned as a significant player in the transportation sector in France, supported by a large-scale business infrastructure. Technically, the website employs modern frameworks including Laravel and Vue.js, with integration of Google Tag Manager and Iubenda for privacy compliance. The site is mobile-optimized and demonstrates good SEO practices. Security posture is solid with HTTPS enforced and CSRF protections, though some security headers and explicit incident response information are absent. Privacy policies are comprehensive and GDPR compliant, including a named Data Protection Officer. Overall, the site is professional, trustworthy, and safe for general audiences.

T

Tred Union

tredunion.fr

45

Tred Union is a French transport group established in 2009, focusing on regional transport and logistics services across diverse sectors including industrial, construction, agro-food, and e-commerce. The group aims to foster synergies among transport companies to offer competitive and specialized transport solutions such as refrigerated transport and large volume shipments. The website demonstrates a moderate level of digital maturity, leveraging modern web technologies like React, Google Maps API, and Google Analytics. However, it lacks explicit privacy and cookie policies, and no visible contact information was found in the analyzed content. Security measures include HTTPS and reCAPTCHA, but there is room for improvement in publishing security policies and headers. Overall, the site is professional and trustworthy with a strong market position in France's transport sector.