Security Directory

T

Tinexta Infocert S.p.A.

legalmail.it

75

Tinexta Infocert S.p.A. operates the website www.legalmail.infocert.it, providing certified electronic mail (PEC) services primarily targeting business and individual users in Italy. The company is positioned as a leading provider in the Italian market for certified email solutions, offering customizable and comprehensive PEC mailboxes. The website content is professional, well-structured, and consistent with the corporate branding of Tinexta Infocert. The business model focuses on digital communication services with a strong emphasis on legal and certified email solutions.

itrium is a small German software development company specializing in custom software solutions to support organizational processes across various industries. The company emphasizes combining IT and business expertise to improve workflow efficiency and has been active for approximately 15 years with a stable team based in Wuppertal. The website is built on the Contao CMS platform and uses modern JavaScript libraries like Isotope for UI enhancements. While the site is accessible and professionally designed with clear navigation, it lacks visible contact information and advanced privacy or security features. No forms or data collection mechanisms are evident on the main page, and no social media presence is linked. Security posture is moderate but could be improved by implementing HTTPS verification, security headers, and cookie consent mechanisms. The WHOIS data aligns well with the website's claims, showing consistent domain ownership and appropriate domain age.

O

URL Shortener, Branded Short Links & Analytics | TinyURL

otolink.pl

50

The website otolink.pl serves as a branded URL shortening domain under the TinyURL platform, offering users the ability to create branded short links with analytics. The site content is minimal, primarily acting as a landing page directing users to TinyURL's main services and registration pages. Technically, the site uses standard web technologies including Bootstrap 4.6.2, jQuery, and SVG graphics, providing a basic but mobile-optimized user experience. Security posture is weak due to lack of visible security headers, privacy policies, and cookie consent mechanisms. The domain is relatively new (created in 2021) and registered by a domain reseller, which aligns with its purpose as a branded domain for TinyURL. Overall, the site is functional but lacks comprehensive compliance and security features.

I

Internet Stiftung (Internet Privatstiftung Austria)

netidee.at

63

netidee is a prominent Austrian internet funding initiative managed by the Internet Privatstiftung Austria, providing approximately 1 million euros annually to support internet-related projects, scholarships, and scientific research. The website targets the Austrian internet community, researchers, and developers, positioning itself as a leading grant provider in the technology sector. The business model focuses on fostering innovation and community engagement through funding and events. Technically, the site is built on Drupal 10, employs Matomo analytics with privacy-conscious configurations, and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and consent management implemented, though explicit security headers and vulnerability disclosure mechanisms are absent. Overall, the site is professional, trustworthy, and compliant with GDPR, reflecting a mature digital presence for a non-profit foundation.

Ö

Österreichisches Institut für angewandte Telekommunikation (ÖIAT)

oiat.at

55

The Österreichisches Institut für angewandte Telekommunikation (ÖIAT) is a well-established Austrian non-profit organization focused on promoting competent, safe, and responsible use of digital media. Founded in 1997, it operates multiple projects and initiatives funded by the EU and Austrian government bodies, targeting diverse audiences including children, youth, educators, seniors, and organizations. Their key services include awareness initiatives, content development, workshops, applied research, consumer advice, dispute resolution, and certification of online shops. The organization enjoys a strong market position with trusted partnerships and certifications.

F

FILMCLUB Bozen

filmclub.it

55

FILMCLUB Bozen operates as a regional cinema and cultural venue in South Tyrol, Italy, offering independent films, blockbusters, and classics in multiple languages. The website serves as a platform for browsing film programs, booking tickets, and accessing information about the cinema and its events. The company maintains a strong regional presence with a focus on cultural engagement and community outreach. Technically, the website employs modern web technologies including JavaScript, CSS, and integrates analytics and user tracking tools such as Google Tag Manager and Hotjar, managed with a comprehensive cookie consent mechanism. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is well addressed with clear policies and consent management. Overall, the site is professional, user-friendly, and trustworthy, supporting the business's cultural mission effectively.

A

asisto des Pürgstaller Stefan

mizu.co

48

Asisto des Pürgstaller Stefan is a small technology service provider based in Italy, specializing in programming and web project implementation with over 10 years of experience and a portfolio exceeding 300 projects. The company primarily targets advertising agencies and clients seeking competent partners for web projects. The website is professionally designed, mobile-optimized, and provides clear navigation, reflecting a good level of digital maturity. The technical infrastructure includes modern analytics tools such as Google Analytics and Matomo, with HTTPS and DNSSEC enabled, ensuring secure communications and domain integrity. However, the absence of explicit security policies and incident response information indicates room for improvement in security governance. Overall, the website is safe, compliant with GDPR through cookie consent mechanisms, and presents a trustworthy business front with transparent WHOIS data and consistent domain registration history.

H

HostAdvice

hostadvice.com

69

HostAdvice is an established online platform founded in 2009 that specializes in providing comprehensive web hosting reviews, comparisons, coupons, and resources to help website owners and online business managers grow and manage their online presence effectively. The platform holds a strong market position as a trusted source for hosting advice and features partnerships with key hosting providers such as Hostinger. Technically, the website is built on WordPress, leveraging modern frameworks like Bootstrap and integrates analytics and tracking tools such as Google Tag Manager and Microsoft Clarity. The site is served over HTTPS with Cloudflare DNS, ensuring a secure browsing experience. However, there is room for improvement in privacy compliance, as no explicit privacy or cookie policies were detected in the provided content. Security posture is generally good but could benefit from enhanced security headers and a published security policy. Overall, the website is professional, trustworthy, and well-structured, catering to a general audience interested in web hosting services.

The website represents the 39th International A+A Congress 2025 organized by the Bundesarbeitsgemeinschaft für Sicherheit und Gesundheit bei der Arbeit e. V. (Basi), a German non-profit focused on occupational safety and health. The site serves as a portal for conference participants to manage their accounts and access event information. The technical infrastructure is based on the Converia conference management system hosted on Schlundtech servers, with a modern but basic tech stack including JavaScript and CSS. Accessibility and mobile optimization are good, though SEO is basic. Security posture is moderate with CSRF protection on login forms but lacks visible security headers and cookie consent mechanisms. The site is fully accessible with no WAF or blocking detected. Contact information is clearly provided, enhancing business credibility.

Z

Zlatá Firma

zlatafirma.cz

55

Zlatá Firma is a Czech Republic-based business platform that awards and promotes the highest-rated companies based on verified online customer reviews from trusted portals such as Google Maps and Facebook. The platform supports companies by providing recognition and marketing opportunities, including the use of the Zlatá Firma logo and marketing packages. The website is professionally designed with good content quality and clear navigation, targeting both businesses seeking recognition and customers looking for reliable service providers. Technically, the site uses modern web technologies and Google Tag Manager for analytics, with HTTPS enforced, but lacks some security headers and cookie consent mechanisms. The absence of WHOIS data reduces transparency and trust slightly, though the site appears legitimate and business-focused. No direct contact emails or phone numbers are provided, only a contact form. Overall, the site maintains a moderate security posture with room for improvement in privacy compliance and security best practices.

H

home.pl S.A.

home.pl

54

home.pl S.A. is a leading Polish internet services provider with over 25 years of experience, offering a comprehensive portfolio including domain registration, web hosting, VPS and dedicated servers, WordPress hosting, e-commerce platforms, SSL certificates, and email solutions. The company targets Polish businesses and individuals seeking reliable internet infrastructure and digital services. The website reflects a mature digital presence built on modern technologies such as Gatsby and React, with good performance and mobile optimization. Security posture is solid with HTTPS and consent management implemented, though improvements are recommended in DNS security and explicit security policies. Overall, home.pl demonstrates strong business credibility and market leadership in Poland's internet services sector.

W

Wygodne Zwroty

wygodnezwroty.pl

61

Wygodne Zwroty is a Polish e-commerce service platform specializing in facilitating convenient returns of online purchases. The platform provides a comprehensive search engine for stores, easy parcel return management, and integration with major courier services such as InPost, DPD, DHL, and GLS. With over one million customers served, it holds a strong market position in Poland's e-commerce returns sector. The website is built on modern technologies including Next.js and React, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS enforced and CAPTCHA protections, although explicit privacy and terms of service pages are not found in the analyzed content. Overall, the platform demonstrates a mature digital infrastructure and trustworthy business model, though improvements in privacy transparency and contact information availability are recommended.

The website www.kaiserwagenticket.de is operated by Wuppertal Marketing GmbH and serves as a ticketing and information platform for cultural and historical tours in Wuppertal, Germany. It offers services such as historic Kaiserwagen rides, city tours, and guided walks, targeting tourists and local visitors interested in cultural experiences. The site is well-branded, with consistent design and good content quality focused on its niche market. Technically, the site uses a CMS called itrium .datentechnik, with client-side technologies including jQuery 1.11.0 and a comprehensive accessibility tool from digiAccess, enhancing usability for users with disabilities. Hosting is provided via rzone.de nameservers, indicating a stable infrastructure. Security posture is moderate with HTTPS enabled and secure login forms, but the use of an outdated jQuery version and lack of security headers present potential vulnerabilities. Privacy compliance is basic, with a privacy policy and terms of service present but no visible cookie consent mechanism. Overall, the site is functional, accessible, and trustworthy but could improve security and privacy features.

R

RedCart

redcart.pl

10

RedCart is a well-established Polish e-commerce platform founded in 2008, offering comprehensive tools for online store creation, sales management, multi-channel selling, and automation. The platform targets online retailers seeking integrated solutions to streamline their sales and marketing efforts. With over 100,000 stores created, RedCart holds a strong market position in the Polish e-commerce sector. Technically, the website leverages modern frameworks such as Next.js and React, ensuring fast performance and excellent mobile optimization. The platform is hosted by OVH SAS, a reputable provider, and employs HTTPS with DNSSEC for enhanced security. However, the site lacks explicit privacy and cookie policy pages, which are critical for GDPR compliance. Security posture is good with HTTPS and DNSSEC enabled, but could be improved by adding more security headers and formal security policies. Overall, the website is professional, trustworthy, and content-rich, but should enhance privacy compliance and contact transparency to improve user trust and regulatory adherence.

S

Sparkasse

sparkassen-kundenportal.de

63

The website www.sparkassen-kundenportal.de serves as a customer portal for the Sparkasse banking group in Germany, providing users access to regional banking services, offers, and advantages. The portal is designed primarily for Sparkasse customers and supports login functionality to access personalized services. The site is built using modern web technologies including Angular 18 and ASP.NET WebForms, with a CMS identified as onpublix 7. The design is professional, mobile-optimized, and accessible, supporting a good user experience for its target audience. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, explicit security headers such as CSP or HSTS are not evident in the provided data, and no published security policy or incident response contacts are found. The site uses Google Tag Manager and TradeDoubler for analytics and affiliate marketing, with moderate user tracking levels. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the domain and website appear legitimate and consistent with a regional banking service portal. The WHOIS data shows the domain uses third-party DNS providers but no privacy protection or suspicious patterns. The site maintains good privacy compliance and business credibility but could improve security posture by publishing security policies and implementing additional HTTP security headers. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure information, and continuing to maintain GDPR compliance and user trust through transparent privacy practices.

L

L'Assurance retraite

lassuranceretraite.fr

70

L'Assurance retraite is the official French government portal dedicated to providing comprehensive information and online services related to retirement and social security. It serves both active workers and retirees in France, offering detailed guidance on career, retirement age, payments, and social benefits. The website is well-branded with official logos and maintains a strong presence through social media channels such as YouTube, Twitter, and LinkedIn. The portal emphasizes accessibility and user-friendly navigation, ensuring a positive user experience across devices. Technically, the site employs a modern technology stack including jQuery, Bootstrap, and the Jahia CMS platform. It integrates analytics and performance monitoring tools like ATInternet and AppDynamics, and uses TarteAuCitron for cookie consent management, reflecting a mature digital infrastructure. The website is mobile-optimized and adheres to good SEO and accessibility standards. From a security perspective, the site uses HTTPS and cookie consent mechanisms, but lacks explicit HTTP security headers visible in the HTML content. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data is typical for .fr domains managed by AFNIC and does not detract from the site's legitimacy. Privacy policies and terms of service are comprehensive and GDPR compliant. Overall, L'Assurance retraite demonstrates a high level of professionalism, security, and compliance suitable for a government service portal. It provides trustworthy and valuable services to its audience with minimal risk exposure.

IREN.IT is a website offering personalized email address services under the iren.it domain and a collection of related personal domains. The site targets individuals seeking memorable and personalized email addresses, providing webmail access and configuration tutorials. The business appears to be related to the energy sector in Italy, with a domain age dating back to 2010, indicating a mature presence. However, the domain is currently expired, which poses risks to service continuity and trust. Technically, the website uses basic HTML, CSS, and JavaScript without modern frameworks or CMS detected. The site lacks HTTPS enforcement and security headers, which weakens its security posture. No privacy or cookie policies are present, and no analytics or tracking scripts are detected, indicating minimal user tracking but also a lack of compliance transparency. Security evaluation reveals critical issues such as the expired domain status and absence of DNSSEC, which could expose the domain to hijacking or DNS attacks. The site does not provide direct contact emails or phone numbers, relying solely on a contact form. Overall, the security posture is weak, and privacy compliance is poor. The overall risk assessment is moderate to high due to the expired domain and missing security best practices. Strategic recommendations include immediate domain renewal, enabling HTTPS with valid certificates, implementing DNSSEC, publishing privacy and cookie policies, and adding security headers to improve trust and compliance.

D

Deutscher Wildgehege-Verband e.V.

wildgehege-verband.de

10

The Deutscher Wildgehege-Verband e.V. is a German non-profit specialist association representing 175 members managing private, municipal, and state wildlife enclosures across Germany. It focuses on animal welfare, species conservation, and environmental education, serving approximately 18 million visitors annually. The organization is supported by a scientific advisory board and recognized by environmental foundations, positioning it as a reputable entity within its sector. Technically, the website is built on the DZIRCMS platform, uses standard web technologies, and is hosted on German servers. It features a cookie consent mechanism and maintains a good level of mobile optimization and SEO. Security-wise, the site enforces HTTPS but lacks advanced security headers and explicit security policies. No critical vulnerabilities or blocking mechanisms are detected, indicating a stable and trustworthy online presence. Overall, the website demonstrates good content quality, business credibility, and privacy compliance, suitable for its non-profit educational mission.

D

DonDominio

dondominio.com

65

DonDominio is a well-established domain registration and web hosting provider founded in 2006 and operated by Soluciones Corporativas IP, SL. The company offers a comprehensive suite of services including domain registration, web hosting, email accounts, and SSL certificates, targeting individuals and businesses seeking to establish an online presence. The website is professionally designed, mobile-optimized, and provides clear navigation and rich content that supports its business model effectively. The company holds reputable certifications such as ICANN accreditation and Sectigo Platinum Partnership, enhancing its market credibility. Technically, the website employs modern web technologies including JavaScript, SVG, and CSS, delivering fast performance and good accessibility. The presence of Matomo analytics indicates a moderate level of user tracking with privacy considerations. Security posture is strong with HTTPS enforced and secure form practices, although visible security headers are lacking. Privacy compliance is supported by a comprehensive privacy policy and terms of service, but the absence of a cookie consent mechanism is a minor gap. From a security perspective, no major vulnerabilities or exposed sensitive data were detected. Incident response contact is available via an abuse policy page, but explicit security policy documentation and data protection officer contacts are missing. The WHOIS data for the domain is unavailable, which is inconsistent with the active and professional website presence, slightly reducing trustworthiness. Overall, the site is safe, professional, and trustworthy with minor areas for improvement in security transparency and privacy mechanisms. Strategic recommendations include implementing security headers, adding cookie consent, publishing a security policy, and clarifying incident response contacts to enhance trust and compliance. The domain WHOIS inconsistency should be investigated to ensure registration transparency and legitimacy.

K

Kia Canarias

kiacanarias.es

47

Kia Canarias is a regional automotive website dedicated to providing information and services related to Kia vehicles in the Canary Islands. The site offers detailed vehicle specifications, financing options, and dealership locations, targeting consumers interested in Kia automobiles within this region. The website demonstrates consistent branding aligned with the Kia corporate identity and uses modern web technologies including Nuxt.js and third-party marketing tools such as SmartSupp Chat and Evergage. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is moderate with HTTPS usage and cookie consent mechanisms in place, but lacks visible security headers and explicit privacy policies in the provided content. WHOIS data could not be retrieved due to query restrictions, but the website appears legitimate and professionally maintained. Overall, Kia Canarias presents a trustworthy and functional online presence for Kia's regional operations in Spain.

O

OP//TECH USA

optechusa.com

69

OP//TECH USA operates a professionally designed e-commerce website specializing in premium camera straps and accessories, proudly manufactured in the USA. The company targets photographers and optics users seeking quality and comfort in camera carrying solutions. The website is built on the Shopify platform, leveraging modern web technologies and optimized for performance and mobile devices. While the site demonstrates strong branding and product focus, it lacks visible privacy and cookie policies, and no explicit contact information is provided. The WHOIS data is unavailable, which may reduce trust but is common with privacy-protected domains. Security posture is strong with HTTPS and standard security headers, but compliance disclosures could be improved.

L

L'Agglo Hérault Méditerranée

agglo-heraultmediterranee.net

64

L'Agglo Hérault Méditerranée is a regional French government entity providing a broad range of public services including waste management, water and sanitation, public transportation, housing, cultural activities, and environmental protection. The website serves as an information portal for residents and businesses within the Hérault Méditerranée territory, offering access to services, news, and project updates. The organization positions itself as a key regional authority supporting sustainable development and quality of life. Technically, the website is built on WordPress using a custom WonderWP child theme and Bootstrap framework. It employs modern web technologies and is mobile-optimized with good SEO practices. The site uses Google Analytics for audience measurement with a clear cookie consent mechanism, reflecting a moderate level of digital maturity. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and implements cookie consent aligned with GDPR. However, it lacks explicit security headers and a published vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is incomplete, which raises some concerns, but the website content and external links strongly indicate legitimacy as a public government entity. Overall, the website is professional, trustworthy, and serves its public service mission effectively. Strategic recommendations include enhancing security headers, publishing a security policy, improving accessibility, and maintaining regular security audits to strengthen the security posture and compliance.

M

Marlene®

marlene.it

50

Marlene® is a well-established brand specializing in the promotion and marketing of South Tyrolean apples, emphasizing quality, sustainability, and culinary inspiration. The website presents a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern web technologies and a CMS platform (Consisto.CMS), with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks some security headers and explicit privacy and cookie policies. Analytics usage is moderate with Google Analytics and Tag Manager implemented, but privacy compliance could be improved. Overall, the website is trustworthy and serves its business purpose effectively.

D

DNZ MEDIA

danzaedanza.com

65

Danza&Danza is a specialized Italian media company focused on dance culture, providing a bimonthly magazine and a dynamic website with news, reviews, and multimedia content. The company, DNZ MEDIA, has a long-standing presence since 1985 and targets professionals and enthusiasts in the dance sector. The website supports subscription sales, advertising, and content publishing, positioning itself as a niche leader in Italian dance journalism. Technically, the website uses standard web technologies (HTML, CSS, JavaScript) with a custom or unknown CMS. It is moderately optimized for performance and mobile devices, with good SEO practices and basic accessibility features. The domain is registered with a reputable registrar and protected against unauthorized transfers, though DNSSEC is not enabled. Security-wise, the site uses HTTPS and implements a cookie consent mechanism and secure login forms with CSRF tokens. However, it lacks advanced security headers and DNSSEC, which are recommended for enhanced protection. No critical vulnerabilities or suspicious content were detected, and privacy policies are present and GDPR compliant. Overall, the website is professional, trustworthy, and well-aligned with its business goals. Strategic improvements in security headers and DNS security would further strengthen its posture. The site is safe for general audiences and maintains a clear, consistent brand identity.

D

DNForum.com

dnforum.com

67

DNForum.com operates as an online community forum and marketplace dedicated to domain name trading, discussions, appraisals, and related services. The platform targets domain investors, buyers, sellers, and industry professionals, offering a structured environment with active user engagement and verified members. The website leverages XenForo forum software and modern web technologies, providing a good user experience with mobile optimization and clear navigation. Security practices include HTTPS enforcement, CSRF protection, and secure cookies, though explicit security headers and policies are not evident. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, though the active content and community suggest operational legitimacy. Privacy and cookie policies are not found, indicating compliance gaps.

V

Connexion Visimodif

visimodif.fr

37

The website visimodif.fr serves primarily as an administration login portal for Visimodif, likely related to Visicod.com. The site is minimalistic, focusing on user authentication for internal or administrative users, with no public-facing business descriptions or contact information. The domain is well-established, registered since 2010 with OVH, a reputable French registrar, indicating a stable presence. Technically, the site uses standard web technologies including HTML5, CSS, and JavaScript with jQuery and validation plugins, hosted on OVH infrastructure. Mobile optimization is adequate, but accessibility and SEO features are basic. Security posture is moderate; while client-side validation is implemented, there is no visible HTTPS enforcement or security headers in the provided HTML content, and no advanced security policies or incident response information is available. Privacy and cookie policies are absent, which is a compliance gap. Overall, the site is functional but lacks comprehensive security and privacy measures, and public business information is minimal.

I

International Union for Conservation of Nature and Natural Resources

iucnredlist.org

63

The IUCN Red List website represents a globally recognized non-profit organization dedicated to assessing and communicating the conservation status of species worldwide. It serves a diverse audience including researchers, conservationists, policymakers, and the general public. The site offers comprehensive data and resources to support biodiversity conservation efforts and policy development. The organization has a strong market position as the authoritative source for species threat assessments, supported by a broad partnership network and a long history dating back to 1964. Technically, the website employs modern web technologies including HTTPS, JavaScript, and Google Analytics, ensuring good performance, mobile optimization, and accessibility. The infrastructure appears robust with no signs of blocking or WAF interference, and the site uses secure forms with CSRF protection. However, explicit security headers and a cookie consent mechanism could be improved. From a security perspective, the site demonstrates a strong posture with HTTPS enforcement and secure data handling practices. No vulnerabilities or exposed sensitive data were detected. Privacy policies are comprehensive and GDPR compliant, though a visible cookie consent banner is absent. WHOIS data is unavailable due to privacy protection, which is justified for this type of organization. Overall, the website is professional, trustworthy, and well-maintained, with high content quality and clear business credibility. Strategic recommendations include enhancing security header implementation, adding a cookie consent mechanism, publishing a vulnerability disclosure policy, and providing incident response contact details to further strengthen trust and compliance.

S

Sparkasse Gelsenkirchen

sparkasse-gelsenkirchen.de

70

Sparkasse Gelsenkirchen operates as a regional financial institution providing a broad range of banking and financial services to private and corporate customers. The website reflects a mature digital presence with comprehensive product offerings including accounts, loans, investments, insurance, and real estate services. The bank holds a strong market position locally, supported by multiple industry awards and a consistent brand image. Technically, the site is built on a modern CMS platform (likely Adobe Experience Manager), with good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

G

GELSEN-NET Kommunikationsgesellschaft mbH

gelsen-net.de

64

GELSEN-NET Kommunikationsgesellschaft mbH is a regional telecommunications provider based in Gelsenkirchen, Germany, with over 40 years of experience. The company specializes in delivering fiber optic internet, telephony, TV, and tailored IT solutions to private customers, businesses, and the housing industry within the Emscher-Lippe region. Their market position is strong regionally, supported by personalized service and a comprehensive product portfolio. Technically, the website is built on TYPO3 CMS, integrates modern tracking and marketing tools like Google Tag Manager and Ads, and implements GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and secure form handling, though explicit security policies and incident response contacts are not published. Overall, the website is professional, accessible, and trustworthy, reflecting a mature digital presence aligned with business goals.

S

Sparkasse Krefeld

sparkasse-krefeld.de

69

Sparkasse Krefeld is a regional financial institution in Germany offering a comprehensive range of banking and financial services including online banking, accounts, loans, investments, insurance, and private banking. The website targets both private and corporate customers with a strong emphasis on secure online services and customer support. The site is well-branded, professionally designed, and provides extensive information and navigation options for its users. Technically, the website is built on a modern CMS platform (likely Adobe Experience Manager), uses HTTPS, and includes accessibility and SEO best practices. Security posture is strong with session management, cookie consent, and no visible vulnerabilities, although explicit security policy and incident response information are not publicly disclosed. The domain WHOIS data is consistent and trustworthy, supporting the legitimacy of the business. Overall, the website demonstrates a mature digital presence with good privacy compliance and user experience.

Zoofreunde Krefeld e.V. is a well-established non-profit association dedicated to supporting the Krefeld Zoo through memberships, donations, and sponsorship programs. With over 50 years of history, the organization plays a vital role in enhancing animal welfare and zoo infrastructure. The website reflects a professional and consistent brand image, targeting zoo visitors, animal lovers, and local community members interested in supporting the zoo. Technically, the site is built on TYPO3 CMS, hosted via Rheinmedia, and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking explicit security policy and incident response information. The presence of Meta Pixel tracking is disclosed and controlled via consent. Overall, the domain registration data aligns well with the website content, indicating legitimacy and trustworthiness.

P

Pilsner Urquell

pilsner-urquell.cz

46

Pilsner Urquell is a historic and well-established beer brand originating from the Czech Republic, with a founding year of 1842. The website serves as a marketing and informational platform targeting adult consumers, enforcing strict age verification to comply with legal requirements for alcohol promotion. The brand maintains a consistent and professional online presence with clear branding and user engagement features such as cookie consent and analytics tracking. Technically, the site employs modern web technologies including Google Tag Manager, Google Analytics, and Facebook Pixel, ensuring effective marketing and user behavior analysis. The website is secured with HTTPS and includes mechanisms to protect underage users from accessing restricted content. However, the absence of WHOIS data and lack of explicit security and incident response policies represent gaps in transparency and security posture. Overall, the site is professionally designed and functional, but could improve in areas of security documentation and contact availability.

The website carsat-sudest.fr is a regional portal for CNAV, the French national social security organization responsible for retirement insurance for salaried workers. The domain is legitimately registered to CNAV since 2010, reflecting a well-established government entity. However, the website content is currently inaccessible, presenting only a 400 Bad Request error page citing an 'Unknown locale' issue. This prevents any meaningful user interaction or access to services. The site lacks privacy, cookie, or terms of service policies, and no contact information or external links are present in the provided HTML content. Technically, the site uses basic HTML, CSS, and JavaScript but shows no evidence of modern frameworks, CMS, or security headers. The meta robots tag forbids indexing, further limiting visibility.

W

WEBHOUSE, s.r.o.

brandyszamek.cz

47

Zámek Brandýs nad Labem is a cultural heritage site and tourist attraction located in the Czech Republic, showcasing Renaissance architecture and historical significance related to the Habsburg dynasty. The website serves as an informational and promotional platform offering details on tours, events, weddings, and ticketing. The business operates primarily in the hospitality and government sectors, targeting tourists and visitors interested in history and culture. The domain is well-established since 2008, supporting the site's credibility. Technically, the website uses a CMS platform called Vismo, with standard web technologies including HTML5, CSS, and JavaScript. It incorporates Google Translate for multilingual support but lacks advanced performance optimizations and accessibility features. The site is moderately optimized for mobile devices and SEO, with a clear navigation structure and good content quality. From a security perspective, the site uses HTTPS (implied by canonical URLs), but no explicit security headers were detected. There are no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies exist but are basic and lack active consent mechanisms. Contact information is comprehensive, enhancing trustworthiness. No incident response or security policy pages were found. Overall, the website is safe, professional, and trustworthy, with a moderate security posture and good business credibility. Recommendations include enhancing security headers, implementing cookie consent, and improving privacy disclosures to align with best practices and GDPR compliance.

NOVA Performance Paragliders is a well-established manufacturer specializing in innovative performance paragliders since 1989. The company holds a strong market position in the transportation and outdoor sports manufacturing sector, offering a wide range of certified paragliding equipment including gliders, harnesses, parachutes, and accessories. Their website reflects a professional and consistent brand image with comprehensive product information and certifications, targeting paragliding enthusiasts and pilots globally. Technically, the website is built on TYPO3 CMS with modern frontend technologies such as JavaScript and SVG graphics. It demonstrates good mobile optimization, SEO practices, and a cookie consent mechanism, indicating a mature digital presence. However, some security best practices like HTTP security headers and explicit incident response contacts are not evident. From a security perspective, the site uses HTTPS and has implemented cookie consent, but lacks visible security headers and detailed security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is privacy protected, which is common and justified for this business type, though it limits transparency. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR. The risk level is low, but improvements in security headers and incident response transparency are recommended to enhance security posture and trust further.

W

wowyup

wowyup.agency

45

The website wowyup.agency represents a small digital agency offering services such as digital marketing, product photography, and web presentations. The site is minimalistic with limited content and lacks detailed business or contact information, which constrains its market positioning and trust signals. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, jQuery, Bootstrap, and some animation libraries like Velocity.js and PhotoSwipe for galleries. However, the site lacks advanced SEO, accessibility, and performance optimizations. Security posture is weak due to absence of visible security headers and no evidence of HTTPS enforcement from the provided data. Privacy and cookie policies are missing, and no contact or incident response information is available, which impacts compliance and user trust. WHOIS data is privacy protected by Identity Digital, which is common for small agencies but limits transparency. Overall, the site is functional but basic, with room for significant improvements in security, compliance, and business credibility.

L

L'aéronef

aeronef.fr

59

L'aéronef is a non-profit cultural association based in Lille, France, specializing in organizing concerts and music-related cultural projects. Established in 2016, it holds a reputable position in the regional cultural scene, supported by partnerships with governmental and cultural institutions. The website serves as a platform for event promotion and ticketing, targeting a general audience interested in music and culture. Technically, the site is built on Drupal 11, employs Matomo for analytics, and uses modern web technologies ensuring good performance and mobile optimization. Security posture is solid with HTTPS and token-based ticketing, though explicit security policies and cookie consent mechanisms are absent. Overall, the site is professional, trustworthy, and compliant with GDPR, though improvements in security transparency and privacy mechanisms are recommended.

V

Velvetyne

velvetyne.fr

58

Velvetyne is a small, France-based open source font collective specializing in the design and distribution of libre fonts. The website serves as a platform to showcase their font projects, offer custom font services, and promote workshops. The target audience includes typography enthusiasts, designers, and the open source community. The business model revolves around open source font creation and community engagement. Technically, the website is built on the ProcessWire CMS and hosted by Alwaysdata. It uses standard web technologies such as HTML5, CSS, and SVG for font previews. The site demonstrates good design quality, mobile optimization, and clear navigation, although accessibility features are basic. Performance is moderate, with no evident use of advanced analytics or tracking. From a security perspective, the site lacks visible security headers and published security policies. There is no privacy or cookie policy, nor any incident response or vulnerability disclosure information. The domain is well-registered with a reputable registrar and has been active since 2010, supporting the legitimacy of the business. No WAF or blocking mechanisms are detected, and the site content is safe for general audiences. Overall, Velvetyne presents a trustworthy and professional presence in its niche, but it would benefit from enhanced security practices and privacy compliance to improve user trust and regulatory adherence.

K

KOMETA

kometa.xyz

64

KOMETA is an independent type design studio specializing in progressive retail and custom typefaces. Founded in 2022, the company operates a professionally designed website showcasing their retail font collections and bespoke typography services. The target audience includes designers, studios, and brands seeking unique and expressive fonts. The business model focuses on retail font sales and custom typography projects, positioning KOMETA as a niche player in the type foundry market. Technically, the website is built using modern frameworks such as Nuxt.js and is hosted via Cloudflare, ensuring good performance and mobile optimization. Security posture is adequate with HTTPS enabled and domain registrar protections, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is trustworthy and professional but could improve in privacy and security transparency.

L

Lee Cooper

leecooper.com

64

Lee Cooper is a historic British denim brand with a legacy dating back to 1908. The website presents the brand's heritage and identity but is hosted on the Wix platform with minimal content and lacks critical business and security information. The technical infrastructure relies on Wix's CMS and standard web technologies but includes suspicious external scripts from unknown domains, raising potential security concerns. The absence of WHOIS registration data for the domain www.leecooper.com is a significant red flag, suggesting possible domain registration issues or privacy obfuscation. Security posture is basic with no advanced headers or policies detected, and privacy compliance is lacking due to missing privacy and cookie policies. Overall, the site appears functional for brand marketing but requires improvements in security, compliance, and legitimacy transparency.

C

CAPRICE

capriceshoes.com

63

CAPRICE is an established international footwear retail brand operating an e-commerce platform targeting primarily women and men interested in fashionable shoes and accessories. The website is built on a modern e-commerce platform (Salesforce Commerce Cloud) and supports multiple country and language versions, indicating a mature digital presence. The site offers a wide range of products including seasonal collections and innovative footwear technologies. Technically, the site uses modern JavaScript libraries, tag management, and A/B testing tools, providing a good user experience with mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and domain registration protections, though DNSSEC is not enabled and explicit security policies are not published. Privacy compliance is basic with a cookie consent banner but lacks visible privacy and terms of service pages. Overall, the site is professional and trustworthy with moderate tracking and analytics in place.

T

Tamaris

tamaris.com

61

Tamaris.com is the official online shop for the Tamaris brand, specializing in women's shoes, handbags, and jewellery. The website targets fashion-conscious women primarily in Finland and other European markets. It operates on a mature e-commerce platform (Salesforce Commerce Cloud) with a comprehensive product catalog and user-friendly navigation. The site integrates multiple marketing and analytics tools to enhance customer engagement and conversion. Security measures such as HTTPS, clientTransferProhibited domain status, and cookie consent mechanisms are in place, though DNSSEC is not enabled, representing a minor security gap. The domain's WHOIS data confirms a long-standing and legitimate presence since 1999, reinforcing trust in the brand.

I

Imago Numeris

imago-numeris.fr

56

Imago Numeris is a small French technology company specializing in website conception, realization, and SEO referencing services primarily targeted at municipalities and local communes. Established since 2005, the company emphasizes accessibility and multi-device compatibility in its offerings, aiming to provide tailored web solutions that meet the evolving needs of internet users across various devices. The website content reflects a professional and consistent branding approach with clear business information such as the SIRET registration number, enhancing credibility. Technically, the website employs standard web technologies including HTML5, CSS, JavaScript, and Bootstrap framework for responsive design. The site is moderately optimized for mobile devices and offers a good user experience with clear navigation. However, there is no evidence of advanced CMS usage or modern hosting details. Performance is moderate with basic SEO and accessibility features implemented. From a security perspective, the site lacks visible HTTPS/SSL confirmation and security headers, which lowers its security posture. No privacy or cookie policies are present, and no incident response or security contact information is provided. The absence of WHOIS data limits domain trust verification, although the displayed business registration details support legitimacy. No tracking or analytics scripts were detected, indicating minimal user data collection. Overall, the website is functional and professional but requires improvements in security best practices, privacy compliance, and transparency to enhance trustworthiness and regulatory adherence.

C

Citopia

citopia.fr

52

Citopia is a French company specializing in digital solutions tailored for local governments and municipalities, focusing on citizen relationship management and digital transformation. The company offers a suite of products including citizen request management, communication tools, portals, mobile applications, and appointment management, positioning itself as a niche provider within the government technology sector. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its target audience. Technically, the website is built on Drupal CMS, uses Matomo for analytics, and integrates a cookie consent management platform (tarteaucitron.io). The site demonstrates good technical implementation with modern web standards, responsive design, and SEO optimization. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and uses consent mechanisms for cookies, but lacks explicit security headers and dedicated security or incident response policies. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is privacy-protected, which is common and justified for this business type. Overall, the security posture is good but could be improved with additional headers and documented policies. The overall risk assessment is low, with a trustworthy and professional online presence. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

P

Phishen Impossible Initiative

phishen-impossible.at

52

Phishen Impossible is a well-established Austrian initiative focused on educating the public about phishing and cybercrime prevention. Supported by government entities such as the Austrian Federal Ministry of the Interior and major corporations like Österreichische Post and A1 Telekom Austria, it provides comprehensive educational content including videos, phishing rules, news updates, quizzes, and contact resources. The website is professionally designed, mobile-optimized, and offers clear navigation in German, targeting a broad audience of internet users in Austria. Technically, the site uses modern web technologies including jQuery and Matomo analytics, hosted on PSA Services infrastructure. Security posture is strong with HTTPS enforced and a cookie consent mechanism in place, although explicit security headers and incident response contacts are not present. Privacy compliance is well addressed with a detailed privacy policy and cookie management. Overall, the site is trustworthy, safe, and serves as a valuable resource for phishing awareness.

Fanatics.com is a leading enterprise-level e-commerce platform specializing in officially licensed sports apparel, fan gear, and collectibles. The website targets sports fans across major leagues such as NFL, MLB, NBA, NHL, Soccer, and College sports, offering a wide range of merchandise including jerseys, hats, and collectibles. The site demonstrates strong branding consistency and excellent content quality, positioning itself as a trusted retailer in the sports merchandise market. Technically, the website employs modern web technologies including JavaScript, CSS, and third-party analytics and tracking tools such as Pinterest and Verint SDKs. The site is mobile optimized and performs moderately well, though accessibility features are basic. Security posture is good with HTTPS enforced and error logging implemented, but lacks visible security headers and published security policies. Privacy compliance is weak due to absence of explicit privacy and cookie policies in the analyzed content. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for large e-commerce enterprises. Overall, Fanatics.com is a professional and trustworthy sports merchandise retailer with room for improvement in privacy transparency and security best practices.

A

Allwetterzoo Münster

allwetterzoo.de

59

The Allwetterzoo Münster website serves as the digital presence for a regional zoo located in North Rhine-Westphalia, Germany. It targets families and general visitors interested in animal exhibitions and leisure activities. The site features a modern design with SVG logos and responsive elements, supported by a Consent Management Platform to comply with cookie regulations. However, explicit privacy policies and terms of service are not clearly present in the analyzed content, which may impact compliance and user trust. Technically, the site uses a CMS likely AmphiCMS, with standard web technologies and moderate performance. Security posture is adequate with HTTPS enabled and cookie consent mechanisms, but lacks advanced security headers and incident response disclosures. Overall, the website is professional and trustworthy but could improve transparency and compliance documentation.

T

Tierpark Hamm gGmbH

tierpark-hamm.de

44

Tierpark Hamm gGmbH operates a zoological park in Germany offering a family-friendly experience with approximately 500 animals across 70 species. The website is built on TYPO3 CMS and hosted via kasserver.com, featuring a modern, accessible, and well-structured design. The business model focuses on ticket sales, memberships, educational programs, and community engagement through donations and sponsorships. The site integrates social media and external partner links, enhancing its outreach and trustworthiness. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements are recommended in cookie consent and security headers. Overall, the website presents a professional and trustworthy digital presence consistent with its non-profit zoological mission.

P

.BZH - L'extension internet de la Bretagne

pik.bzh

52

The website www.pik.bzh serves as a regional internet domain extension portal for Brittany, France, promoting the .bzh domain. It is built on WordPress using the Divi theme and optimized with WP Rocket. The site targets a general audience interested in Brittany and regional internet identity. Technically, the site employs modern web fonts and lazy loading scripts but lacks advanced security headers and visible privacy or cookie policies. No contact or business registration information is explicitly provided, which limits trust and compliance assessment. Security posture is basic with no evident vulnerabilities but also no advanced protections or disclosures. Overall, the site is functional and moderately optimized but requires improvements in privacy, security, and business transparency to enhance credibility and compliance.

F

iSport Fantasy

fantasyliga.cz

49

iSport Fantasy operates as a Czech fantasy sports platform allowing users to create teams and compete for prizes. The website targets sports fans interested in fantasy leagues, offering a straightforward user experience with a focus on engagement through contests. The platform is built on modern web technologies including Next.js and React, hosted on AWS infrastructure, and integrates Google Analytics for user behavior tracking. While the site is accessible and functional, it lacks published privacy and terms of service policies, which are critical for compliance and user trust. Security posture is moderate with HTTPS enforced and external consent management, but could be improved by adding security headers and incident response information. Overall, the platform presents a legitimate and consistent business presence with room for enhanced compliance and security maturity.