Security Directory

N

netplusFR SA

netplusfr.ch

59

netplusFR SA is a regional telecommunications provider based in Switzerland, specializing in internet, fixed and mobile telephony, and television services. The company targets residential and business customers primarily in the Fribourg canton, offering combined multimedia packages with competitive speeds up to 10 Gbit/s via fiber optic technology. The website reflects a professional and customer-focused approach with clear service offerings, local physical presence, and customer testimonials enhancing trust. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, integrating modern JavaScript libraries such as Swiper.js and Google reCAPTCHA v3 for security. Analytics are implemented via Matomo, Google Analytics, and Metricool, with cookie consent managed through tarteaucitron.js, indicating a mature digital infrastructure. The site is mobile-optimized and SEO-friendly, though accessibility features could be improved. From a security perspective, the site enforces HTTPS, employs standard security headers, and uses CAPTCHA to protect forms. However, it lacks a dedicated security policy or incident response contact details, which could be enhanced to improve transparency and readiness. No vulnerabilities or suspicious activities were detected in the content or scripts. Overall, netplusFR SA presents a trustworthy and well-maintained online presence suitable for its regional telecommunications business. Strategic recommendations include publishing explicit security policies, establishing a vulnerability disclosure program, and enhancing accessibility to further strengthen compliance and user trust.

S

Stockholm Business Region AB

visitstockholm.se

51

Visit Stockholm, operated by Stockholm Business Region AB, serves as the official tourism guide for Stockholm, Sweden. The website provides comprehensive information on events, restaurants, cultural activities, and travel tips aimed at tourists and visitors. It holds a strong market position as the authoritative source for Stockholm tourism, offering curated content and personalized guides. The business model focuses on promoting the city to increase visitor engagement and tourism revenue. Technically, the website is built on modern frameworks such as Next.js and React, ensuring fast performance, mobile optimization, and good SEO practices. The use of Matomo Analytics and CookieTractor indicates a commitment to privacy-aware user tracking. Security posture is adequate with HTTPS and cookie consent mechanisms, though the absence of explicit security headers and incident response policies suggests room for improvement. Overall, the site is professional, trustworthy, and well-maintained, with clear contact information and official branding. Recommendations include enhancing security headers, publishing a security policy, and maintaining regular audits of third-party scripts to strengthen security and compliance.

G

Gastivo

gastivo.de

55

Gastivo operates as a leading digital ordering platform tailored for the gastronomy sector in Germany, facilitating streamlined procurement between restaurants and suppliers. The website is built on a WordPress CMS with Elementor, indicating a modern and flexible technical infrastructure. The platform demonstrates good design quality, mobile optimization, and SEO practices, supporting a positive user experience for its target audience. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and incident response information, which could be improved to enhance trust and compliance. Privacy and cookie policies are absent, representing a compliance gap under GDPR regulations. Overall, the site is functional and professional but would benefit from enhanced privacy and security disclosures to strengthen its risk profile.

F

Federal Chancellery of Switzerland

ch.ch

65

The website www.ch.ch is the official information portal of the Swiss authorities, managed by the Federal Chancellery of Switzerland. It provides comprehensive and authoritative information covering federal, cantonal, and municipal administrative matters across multiple sectors such as health, housing, taxes, and political processes. The portal targets residents and foreign nationals living in Switzerland, offering multilingual support in the country's official languages plus English. The site is positioned as a trusted government resource with a large scope and high content quality. Technically, the website is built using modern frameworks including Nuxt.js and Vue.js, styled with Tailwind CSS, and enhanced with Swiper.js for interactive elements. It demonstrates excellent mobile optimization, accessibility, and SEO practices. The infrastructure appears robust with fast performance and no visible technical issues. From a security perspective, the site enforces HTTPS and includes standard security headers, reflecting a strong security posture. However, it lacks visible cookie consent mechanisms and published security or incident response policies. No vulnerability disclosure or security.txt files are present, which could be improved to enhance transparency and security culture. Overall, the website is highly professional, trustworthy, and well-maintained, serving as a critical government communication channel. Strategic recommendations include implementing cookie consent for privacy compliance, publishing security policies, and establishing a vulnerability disclosure process to further strengthen security and user trust.

F

feinschreiber

feinschreiber.com

62

feinschreiber is a Bremen-based agency specializing in text, content creation, branding, and marketing services. Founded in 2018, the company offers a broad range of services including consulting, copywriting, SEO, social media, and storytelling, targeting businesses and brands seeking professional content solutions. The website demonstrates a strong market position with notable clients and a consistent brand presentation. Technically, the site is built on WordPress with modern libraries like jQuery and Swiper.js, and it implements GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and some security headers are missing. Overall, the site is professional, accessible, and trustworthy, with clear contact information and no signs of malicious activity.

H

Hospiz St. Peter Oldenburg

hospiz-oldenburg.de

63

Hospiz St. Peter Oldenburg is a well-established non-profit healthcare provider specializing in hospice and palliative care services in Oldenburg, Germany. The organization offers stationary and day hospice care, grief counseling, and social services, aiming to support terminally ill patients and their families with dignity and compassion. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional design, targeting patients, caregivers, and the local community. Technically, the site is built on WordPress with modern libraries such as jQuery and Swiper.js, and employs GDPR-compliant cookie management. Security posture is solid with HTTPS and anti-spam measures, though some security headers could be improved. The WHOIS data aligns well with the business claims, showing transparency and legitimacy. Overall, the site demonstrates a strong commitment to privacy, compliance, and user experience.

The cheese-festival.ch website represents a Swiss cultural event organizer focused on celebrating Swiss cheese traditions through festivals and related experiences. The organization, Trägerverein cheese-festival, targets cheese lovers and cultural enthusiasts primarily within Switzerland. The website offers event calendars, cheese fest searches, and storytelling content to engage its audience. Technically, the site employs modern JavaScript libraries such as Matomo for analytics, Mapbox for maps, and GSAP for animations, indicating a moderate level of digital maturity. The site is well-structured, mobile-optimized, and SEO-friendly with multilingual support in German, French, and Italian. Security-wise, the website uses HTTPS with good SSL configuration and no visible vulnerabilities, but lacks some security headers and formal security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite tracking usage. Overall, the site is trustworthy and professionally maintained, with clear contact information and active social media presence.

R

Real Centro Universitario Escorial - María Cristina

rcumariacristina.es

48

The Real Centro Universitario Escorial - María Cristina is a private university institution located in San Lorenzo de El Escorial, Spain, with a rich history dating back to 1892. It offers official undergraduate and postgraduate degrees in business administration, law, and related fields, affiliated with Universidad CEU San Pablo. The website reflects a well-established academic institution with a professional digital presence, including comprehensive academic program information, campus details, and active social media engagement. Technically, the website is built on WordPress with modern JavaScript libraries such as Swiper.js and jQuery, enhanced by SEO plugins and GDPR-compliant cookie consent mechanisms. The site is mobile-optimized and uses HTTPS with good SSL configuration, though some security headers are missing. Analytics and marketing tools are implemented with user privacy in mind, leveraging Google Tag Manager and consent mode. From a security perspective, the site demonstrates a solid baseline with HTTPS and cookie consent but lacks published security policies or incident response contacts. No vulnerabilities or suspicious content were detected. The absence of WHOIS data due to Red.es restrictions limits domain registration verification, but the website content and structured data strongly support legitimacy. Overall, the site is a credible, professional educational platform with good technical and privacy practices. Strategic improvements in security headers, incident response transparency, and accessibility could further enhance trust and compliance.

C

CEU - Universidad Fernando III

uf3ceu.es

65

Universidad CEU Fernando III (UF3) is a regional higher education institution based in Sevilla, Spain, offering undergraduate, double degree, and master's programs. The website is professionally designed using WordPress, with good SEO and analytics integration, including Google Tag Manager, Microsoft Clarity, and Hotjar. The site implements GDPR-compliant cookie consent via Cookiebot, reflecting awareness of privacy regulations. However, no explicit privacy policy or terms of service pages were detected, which is a compliance gap. The WHOIS data for the domain is inaccessible due to Red.es restrictions, limiting domain legitimacy verification. Security posture is moderate with HTTPS enforced but lacking visible security headers and vulnerability disclosures. Overall, the site is safe, professional, and targeted at prospective students in the education sector.

I

INTE BARA POST AB

intebarapost.se

70

Inte Bara Post AB is a Swedish full-service office management and logistics company offering a range of services including courier (Bud), event management, facility maintenance (Allt-i-allo), staffing (Bemanning), and food and beverage services (Skafferi). The company positions itself as an environmentally conscious leader in its sector, emphasizing sustainability with commitments like Net Zero 2040 and ISO certifications. Their target audience includes businesses of various sizes seeking flexible office management solutions. The website reflects a professional and consistent brand image with clear service offerings and a strong focus on customer satisfaction and environmental responsibility. Technically, the website is built on the Webflow platform, utilizing modern web technologies such as Typekit fonts, Swiper.js for sliders, and Google Tag Manager for analytics and marketing tags. The site is well-optimized for mobile devices, loads quickly, and includes accessibility features. Cookie consent management is implemented via CookieTractor, ensuring GDPR compliance. The site integrates multiple tracking and advertising services including Google Analytics, Facebook Pixel, Google Ads, and LinkedIn Insight Tag. From a security perspective, the site enforces HTTPS and uses Cloudflare for CDN and WAF services, although explicit security headers like Content-Security-Policy and X-Frame-Options are not detected. No vulnerabilities or exposed sensitive data were found in the HTML content. However, the absence of a published security policy or incident response contact information is noted. The WHOIS lookup for the domain www.intebarapost.se failed, indicating a possible domain registration anomaly or subdomain usage, which slightly reduces trustworthiness. Overall, the website presents a credible and professional business with good technical implementation and privacy compliance. The main risk lies in the unclear domain registration status, which should be investigated further. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and clarifying domain registration details to improve trust and compliance.

S

Skultuna

skultuna.com

75

Skultuna is a well-established Swedish heritage brand founded in 1607, operating an international e-commerce store specializing in home decor, jewelry, and figurines. The website is built on the Shopify platform, leveraging modern web technologies and integrations such as Klaviyo for marketing and Lucky Orange for user behavior analytics. The site demonstrates good digital maturity with responsive design, clear navigation, and GDPR compliance through a comprehensive cookie consent mechanism and privacy policy. Security posture is solid with HTTPS enforced and secure payment methods, though some security headers could be improved and explicit security policies published. Overall, the website presents a professional and trustworthy online retail experience with moderate user tracking and good privacy practices.

Q

QMetry Inc.

qmetry.com

58

QMetry Inc. is a technology company specializing in AI-enabled test management and automated testing tools designed for agile enterprises. Their product suite includes scalable test management solutions integrated with popular DevOps tools and AI capabilities to accelerate test case authoring and improve testing efficiency. The company is positioned as a leader in the software testing domain with a strong focus on innovation and customer collaboration. The website demonstrates a mature digital infrastructure leveraging modern frameworks such as Angular and integrates advanced marketing and analytics tools, reflecting a high level of digital maturity. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security headers and incident response policies could be enhanced. Overall, the site is professional, well-branded, and trustworthy, supported by customer testimonials and third-party reviews. However, the absence of WHOIS data raises some concerns about domain registration transparency, warranting further verification.

C

CUPRA

cupra.de

67

CUPRAofficial.de is the official German website for CUPRA, a premium automotive brand specializing in sporty and electric vehicles. The website offers comprehensive information about CUPRA's vehicle lineup, electric mobility solutions, financing, leasing, and after-sales services. It is clearly positioned as a premium brand under the Volkswagen Group umbrella, targeting automotive customers in Germany interested in modern, sporty, and electric vehicles. The site features a professional design, clear navigation, and is optimized for mobile devices. Technically, it is built on Adobe Experience Manager and hosted on Volkswagen Group's cloud infrastructure, integrating advanced marketing and analytics tools such as Google Tag Manager and Adobe Analytics. Security posture is strong with HTTPS enforced, security headers present, and cookie consent managed via OneTrust. However, explicit security policies and incident response contacts are not publicly available. Overall, the website demonstrates a mature digital presence with good privacy compliance and business credibility.

T

techniConcept Sàrl

gruyerepaysdenhaut.ch

53

Le Parc naturel régional Gruyère Pays-d'Enhaut is a Swiss regional park dedicated to sustainable tourism, environmental conservation, and regional development across three cantons. The website serves as an informative portal for tourists, local residents, and partners, offering event information, educational resources, and membership opportunities. The park is supported by federal and cantonal authorities, emphasizing its official and non-profit nature. Technically, the website is built on the Neos CMS platform, utilizing modern web technologies such as Swiper.js for interactive elements, FontAwesome for icons, and Matomo for analytics, ensuring a fast, mobile-optimized, and accessible user experience. Security is well implemented with HTTPS, security headers, and no visible vulnerabilities. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Contact information is comprehensive and clearly presented, enhancing business credibility.

O

Omnisend

omnisend.com

76

Omnisend is a specialized ecommerce-focused email and SMS marketing automation platform designed to help ecommerce brands increase revenue efficiently through automation, segmentation, and multi-channel campaigns. The company positions itself as a nimble and user-friendly SaaS solution with strong integrations to major ecommerce platforms such as Shopify, WooCommerce, and BigCommerce. The website demonstrates a mature digital presence with professional design, comprehensive content, and strong branding consistency. Technically, the site leverages WordPress CMS with modern JavaScript libraries, analytics, and consent management tools, indicating a well-maintained infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers and a public security policy are absent. WHOIS data is not publicly available, likely due to privacy protection, which slightly reduces trust but is common for SaaS businesses. Overall, the site is professional, secure, and compliant with privacy regulations, targeting ecommerce marketers and businesses seeking marketing automation solutions.

H

HES-SO Fribourg

hefr.ch

68

HES-SO Fribourg is a prominent higher education institution in Switzerland, offering a range of academic programs including bachelor, master, and postgraduate education across four specialized schools. The institution emphasizes innovation, research, and international collaboration, positioning itself as a key regional player in education and applied sciences. The website reflects a professional and consistent brand image aligned with its parent organization HES-SO. Technically, the site employs modern web technologies such as Bootstrap, Google Tag Manager, and Axeptio for cookie consent, ensuring a responsive and accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and explicit security policies. Overall, the website is trustworthy, well-maintained, and compliant with GDPR requirements, serving its audience effectively.

O

Omnisend

omnisnippet1.com

76

Omnisend operates as a specialized ecommerce-focused email and SMS marketing automation platform designed to empower ecommerce brands to increase revenue efficiently. The company offers a comprehensive suite of marketing tools including email campaigns, SMS, web push notifications, AI-driven personalization, and seamless integrations with major ecommerce platforms such as Shopify, WooCommerce, and BigCommerce. The website reflects a mature digital presence with professional branding, clear messaging, and extensive content tailored to ecommerce marketers. Technically, the website is built on WordPress with modern front-end technologies including Swiper.js for sliders, Wistia for video hosting, and Cookiebot for GDPR-compliant cookie consent management. The site is well-optimized for SEO and mobile responsiveness, leveraging Google Tag Manager and Visual Website Optimizer for analytics and A/B testing. Security best practices such as HTTPS and cookie consent are implemented, though some security headers could be improved. From a security perspective, the site demonstrates a solid posture with no visible vulnerabilities or exposed sensitive data. However, the absence of a public security policy or incident response information and lack of a vulnerability disclosure program represent areas for enhancement. The WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trustworthiness from a domain registration perspective but does not detract significantly given the professional web presence. Overall, Omnisend presents a credible and professional ecommerce marketing platform with strong technical and content quality. Strategic improvements in security transparency and WHOIS data availability could further enhance trust and compliance.

U

Universidad de Zaragoza

unizar.es

46

The Universidad de Zaragoza is a large, established public university in Spain offering a wide range of undergraduate, graduate, and doctoral programs alongside robust research and community engagement activities. The website reflects a mature digital presence built on Drupal 10, featuring modern web technologies and compliance with privacy regulations such as GDPR. The site is well-designed, mobile-optimized, and provides comprehensive academic and institutional information targeting students, faculty, researchers, and the general public. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. WHOIS data is restricted due to .es domain policies, but the domain's legitimacy is supported by consistent branding and extensive content. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance suitable for a major educational institution.

P

Premium Residences

premiumresidences.cc

54

Premium Residences is a specialized luxury real estate platform showcasing high-end properties primarily in Austria and other select global locations. The website targets affluent buyers and investors seeking premium residential properties. The platform offers curated listings with detailed descriptions and integrates modern technologies such as Google Maps for enhanced user experience. Technically, the site is built on a Laravel-based custom CMS using Alpine.js and Livewire, with assets hosted on Amazon S3, indicating a modern and scalable infrastructure. Security posture is solid with HTTPS enforced and no exposed sensitive data, though improvements can be made by adding security headers and explicit incident response contacts. Privacy compliance is partial with a privacy policy present but lacking cookie consent mechanisms. Overall, the site is professional and trustworthy but could enhance user trust and compliance by addressing these gaps.

E

Elvi

elvi.lv

41

Elvi.lv is the official website of SIA ELVI Latvija, a large retail supermarket chain operating in Latvia. The site provides comprehensive information about their stores, promotions, recipes, job vacancies, and loyalty programs, targeting general consumers in Latvia. The business is well-established with a consistent brand presence and clear contact channels. Technically, the website is built on WordPress and uses modern JavaScript libraries such as jQuery, Swiper, and Tooltipster, along with Google Analytics and Facebook SDK for tracking and marketing. The site is mobile optimized and SEO friendly, though some lazy loading images have errors that should be addressed. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, but lacks advanced security headers and explicit security policies. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, though it could improve transparency by adding terms of service and incident response information.

F

Galvenā

fix-price.lv

66

The website lv.fix-price.com is an online retail platform targeting Latvian consumers, offering a variety of products including food, toys, household chemicals, and seasonal items. The site is professionally designed with a clear navigation structure and localized content in Latvian and Russian. It leverages modern frontend technologies such as Vue.js and Nuxt.js, indicating a contemporary technical infrastructure. The presence of Cloudflare Turnstile captcha suggests some level of bot protection. However, the absence of WHOIS data for the domain raises questions about domain registration transparency. No privacy, cookie, or terms of service policies were detected, which may impact compliance and user trust. Overall, the site appears functional and user-friendly but lacks some critical compliance and transparency elements.

S

SK ID Solutions AS

smart-id.be

50

Smart-ID is a well-established digital identity authentication provider offering a secure, user-friendly app compliant with European eIDAS regulations. The company targets businesses and end-users across Europe, positioning itself as a market leader with strong trust signals including certifications and major banking clients. The website is professionally designed, multilingual, and built on a modern WordPress infrastructure with Elementor and Astra theme, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and privacy compliance is well addressed. Overall, the site reflects a mature digital service provider with a strong focus on security and compliance.

A

AMFF 2025

atlantidafilmfest.com

50

Atlàntida Mallorca Film Fest (AMFF) is a cultural media entity organizing a film festival in Mallorca, Spain, with a focus on sustainability and artistic expression. The website serves as a portal for festival programming, news, and event information, targeting a general audience interested in film and culture. The business is positioned as a niche cultural event with a small organizational size and a history dating back to 2013. Technically, the website is built on WordPress using Elementor and Yoast SEO Premium, hosted with domain registration via GoDaddy and DNS managed by Cloudflare. The site demonstrates moderate performance and good mobile optimization, with modern web technologies and SEO best practices implemented. Analytics are handled via Google Analytics and Google Tag Manager, with a cookie consent mechanism in place to comply with GDPR. From a security perspective, the site uses HTTPS with a good SSL configuration and domain-level protections such as clientDeleteProhibited status. However, DNSSEC is not enabled, and security headers are not explicitly detected, suggesting room for improvement. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is good, with a clear cookie policy and consent mechanism, though no explicit privacy or security policy pages were identified. Overall, the website is professional, trustworthy, and well-maintained, with a strong focus on cultural content and user experience. Strategic recommendations include enabling DNSSEC, adding security headers, and publishing explicit security and incident response policies to enhance trust and compliance.

Frölich Reisen is a German travel agency specializing in organized travel packages including bus tours, flights, cruises, and premium travel options. The website presents a professional and well-structured digital presence with a focus on user experience and clear navigation. The technical infrastructure is based on WordPress with modern web technologies and integrations such as Google Tag Manager and Facebook Pixel for marketing and analytics. Security posture is solid with HTTPS enforced and some security best practices observed, though explicit security policies and incident response contacts are not publicly available. Privacy compliance is partial, with a cookie consent mechanism implemented but no visible privacy policy or terms of service pages. Overall, the website is trustworthy and serves its business purpose effectively, though improvements in privacy transparency and security documentation are recommended.

Masin Idriss is a small German-based interior design and furniture company specializing in creating functional and individual design concepts for various types of spaces including homes, lofts, and commercial premises. The company emphasizes craftsmanship and professional planning, supported by a partner network (GOETHE 64) and a commitment to fostering young talent through internships and coaching. The website reflects a niche market position with a focus on quality and personalized service. Technically, the website uses modern web technologies such as HTML5, CSS3, JavaScript, and Swiper.js for interactive galleries. It is hosted by IONOS SE, a reputable provider, and shows moderate performance with good mobile optimization. However, the site lacks advanced security headers and DNSSEC, which are recommended for improved security posture. From a security perspective, the site uses HTTPS but does not implement additional security policies or incident response contacts. Privacy compliance is minimal, with a basic privacy policy linked in the imprint but no cookie consent mechanism or GDPR explicit indicators. No forms or tracking scripts are present, reducing data collection risks but also limiting marketing insights. Overall, the website is professional and trustworthy for its business domain but would benefit from enhanced security measures and privacy compliance improvements to align with best practices and regulatory requirements.

G

Göhler Treppen GmbH & Co. KG

goehlertreppen.de

57

Göhler Treppen GmbH & Co. KG is a specialized manufacturer and installer of custom staircases based in Germany, with over 30 years of industry experience. The company offers bespoke stair solutions including wooden, metal, and design stairs, as well as renovation and integrated furniture solutions. Their market position is that of a trusted regional expert with a strong emphasis on craftsmanship and customer-centric service. The website reflects a mature digital presence built on WordPress, featuring modern technologies such as jQuery, Swiper.js, and Borlabs Cookie for privacy compliance. SEO and accessibility are well addressed, with structured data enhancing search visibility. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security headers and policies are not fully evident. The domain WHOIS data is minimal but consistent with the business claims, hosted on German infrastructure. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

E

evenito AG

evenito.com

68

evenito AG operates a decentralized event management software platform designed to empower enterprises to scale their event planning efforts while maintaining central control. The platform offers a comprehensive suite of features including guest management, event registration and ticketing, virtual and hybrid event support, automated communication, and analytics. The company targets a broad audience including corporates, SMEs, agencies, and conference organizers, positioning itself as a leading event management solution with strong trust signals such as ISO 27001 certification and GDPR compliance. Technically, the website is built on modern web technologies including Webflow CMS, Google Analytics, Microsoft Clarity, Hotjar, and Leadfeeder for analytics and user behavior tracking. The site is well-optimized for performance, mobile responsiveness, and SEO, with a professional and consistent branding approach. Hosting appears to be via Webflow's CDN, ensuring fast content delivery. From a security perspective, the site enforces HTTPS and demonstrates compliance with key standards such as ISO 27001 and GDPR. However, explicit security headers are not detected, and there is no publicly available vulnerability disclosure or incident response contact information. The absence of WHOIS registration data for the domain is a notable concern, potentially indicating an unregistered or expired domain, which should be verified to ensure legitimacy. Overall, the website presents a professional and trustworthy front with strong business and technical maturity. The main risk lies in the missing WHOIS data, which impacts domain legitimacy assessment. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure policies, and clarifying domain registration status to improve trust and security posture.

C

CNCC (Compagnie Nationale des Commissaires aux Comptes)

assises-cncc.fr

63

The website www.assises-cncc.fr serves as the official platform for the 36th National Conference of Statutory Auditors organized by the CNCC in France. It provides comprehensive event-related information including program details, registration, accommodation, and professional editorial content targeted at statutory auditors and related professionals. The site demonstrates a professional and consistent branding aligned with the CNCC identity. Technically, it employs modern frontend technologies such as Vue.js and Swiper.js, and includes a cookie consent mechanism compliant with GDPR. Security-wise, while HTTPS is presumably enabled, explicit security headers are not evident, and no direct incident response or security policies are published. WHOIS data is unavailable, likely due to privacy protection, which is justified for this type of professional event site. Overall, the site is trustworthy, well-structured, and serves its audience effectively.

E

EFFA

ecole-audit.fr

43

EFFA (École Française de Formation à l'Audit) is a specialized French educational institution focused on training auditors and commissioners of accounts. Supported by recognized professional bodies such as the Compagnie Nationale des Commissaires aux Comptes and ENOES Paris, EFFA offers a range of certifications and training programs including CAFCAC, DU Audit Légal, and a Master MAE in partnership with IAE Angers. The institution targets students with or without a Master degree, experienced audit professionals, and audit firms seeking training for their collaborators. The website reflects a strong market position as a reference school in France for audit training. Technically, the website is built on WordPress with modern libraries such as jQuery and Swiper.js, and integrates Google Tag Manager and Google Analytics for marketing and analytics purposes. The site is well-optimized for SEO and mobile devices, with a professional design and clear navigation. Security measures include HTTPS enforcement, Content-Security-Policy headers, and cookie consent mechanisms with GDPR compliance. However, additional security headers and a public security policy or incident response page are absent. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent management. The absence of WHOIS data reduces domain trust slightly, but the professional presentation and clear contact information mitigate concerns. Overall, the website is trustworthy, professional, and well-suited for its educational mission.

M

Montreux-Vevey Tourisme

montreuxriviera.com

66

Montreux Riviera is a regional tourism organization promoting the Montreux Riviera area in Switzerland. The website offers comprehensive information on accommodations, events, activities, and local attractions, targeting tourists and visitors seeking travel and leisure experiences. The platform supports multiple languages and provides booking capabilities, event calendars, and curated content to enhance visitor engagement. Technically, the site uses a modern technology stack including Google Tag Manager, Facebook Pixel, and a proprietary CMS (MyCity Tourism Information System). The site is mobile-optimized with good SEO and accessibility features. Security posture is adequate with HTTPS usage and no exposed sensitive data, though security headers are not explicitly detected. Privacy compliance is supported with visible privacy and cookie policies and consent mechanisms. However, the absence of WHOIS data for the domain reduces trustworthiness from a domain registration perspective. Overall, the site is professional, content-rich, and trustworthy for its intended audience.

Frölich Reisen is a German travel agency specializing in a variety of travel services including bus tours, flights, cruises, and premium travel packages. The website targets German-speaking travelers seeking well-organized and comfortable travel experiences. The company appears to be a medium-sized regional player in the transportation sector with a diversified portfolio of travel offerings. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, Google Tag Manager, and Facebook Pixel for analytics and marketing. The site is hosted by webgo.de and uses HTTPS with good SSL configuration. Security posture is solid with HTTPS and cookie consent implemented, but lacks advanced security headers and explicit privacy or terms of service pages. No contact emails or phone numbers are explicitly found, which may affect user trust and compliance. Overall, the website is professional and well-branded with good SEO and mobile optimization but could improve privacy compliance and security practices.

K

Kasseler Markthalle 2020 GmbH

kasseler-markthalle.de

50

Kasseler Markthalle 2020 GmbH operates a regional market hall in Kassel, Germany, offering a wide range of regional and international food products through over 70 market stands and gastronomy services. The business emphasizes local specialties, fresh produce, and culinary events, positioning itself as a key local retail and hospitality venue. The website is professionally designed using WordPress with SEO optimization and structured data, providing a rich user experience and clear navigation. GDPR compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and incident response information could be improved. Overall, the site reflects a trustworthy and established local business with good digital maturity.

CBF is a well-established Dutch non-profit organization specializing in oversight and certification of charitable organizations, ensuring donor trust and transparency. The website reflects a strong market position as the leading authority for charity certification in the Netherlands, offering services such as the CBF-Erkenning certification, donor guidance, research, and municipal support. The digital infrastructure is modern and performant, leveraging Google Tag Manager, Cookiebot for consent management, and ReadSpeaker for accessibility. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is strong with HTTPS, DNSSEC, and no visible vulnerabilities, although explicit security policies and incident response details are not published. Overall, the site is professional, trustworthy, and compliant with GDPR, with clear contact and accreditation information.

S

Sveriges Annonsörer

100wattaren.se

56

100-wattaren.se is the official website for the 100-wattaren competition, a well-established Swedish contest recognizing effective communication efforts since 1990. The site is operated by Sveriges Annonsörer, a reputable Swedish advertising organization. The website offers detailed information about the competition, categories, jury, winners, and gala events, targeting marketing professionals and organizations in Sweden. The business model is non-profit, focusing on industry inspiration and recognition. Technically, the site is built on WordPress with modern JavaScript libraries like Alpine.js and Swiper.js, and integrates Google Tag Manager and CookieHub for analytics and cookie consent management. The site is hosted by Loopia AB, a Swedish registrar and hosting provider, with a domain age consistent with the competition's history. Security posture is good with HTTPS enabled and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is strong with clear cookie and privacy policies linked to Sveriges Annonsörer. No contact emails or phone numbers are explicitly listed on the homepage, and no terms of service or security policy pages were found. Overall, the site is professional, well-branded, and trustworthy, with no signs of malicious or adult content.

F

Fondazione Luigi Einaudi

fondazioneeinaudi.it

64

Fondazione Luigi Einaudi is a well-established Italian non-profit foundation dedicated to supporting research and education in social sciences. Founded in 1964, it offers extensive resources including a large library, archives, scholarships, publications, and organizes academic events. The website reflects a professional and consistent brand image targeting researchers, academics, and students interested in social sciences. The foundation maintains a strong market position as a reference point in its sector in Italy. Technically, the website employs modern technologies such as Google Tag Manager and Iubenda for privacy compliance, with good mobile optimization and moderate performance. The site uses HTTPS with strong security headers and cookie consent mechanisms, indicating a mature digital infrastructure. However, no explicit CMS or hosting provider was identified. From a security perspective, the site demonstrates good practices including HTTPS enforcement, security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms. However, the absence of a terms of service page and incident response information are minor gaps. Overall, the website is trustworthy, content-rich, and professionally maintained with a strong focus on privacy and security. The risk level is low, but improvements in transparency around security policies and incident response would enhance trust further.

L

Libéritas Editorial

liberitasediciones.es

47

Libéritas Ediciones is a Spanish educational publishing company specializing in textbooks and educational resources aimed at facilitating an itinerary for encountering truth. It operates as a subsidiary of CEU Ediciones, linked to the Fundación Universitaria San Pablo CEU. The website is professionally designed using WordPress with a child theme, featuring good mobile optimization and clear navigation. The technical infrastructure includes modern libraries such as jQuery, Google Tag Manager, and Contact Form 7, supporting analytics and user interaction. Security posture is solid with HTTPS enabled, reCAPTCHA on forms, and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is good with a visible privacy policy and GDPR acceptance on forms. Overall, the site presents a trustworthy and professional image with a focus on educational content.

S

SauerlandKurier

sauerlandkurier.de

58

SauerlandKurier is a regional news media outlet serving the Sauerland region in Germany, focusing on local news, events, and community information. The website is professionally designed with a consistent brand presence and offers a variety of content including news articles, photos, and videos. It operates under the parent company Ippen.Media, leveraging a modern technical infrastructure with multiple third-party integrations for advertising and user engagement. The site employs HTTPS and consent management to ensure privacy compliance, although explicit security and incident response policies are not publicly disclosed. Overall, the website demonstrates a mature digital presence suitable for its regional audience.

D

Digitale Kreativ Agentur

digitale-kreativ-agentur.de

57

Digitale Kreativ Agentur is a small, full-service advertising and marketing agency based in Kassel, Germany. They specialize in crossmedia marketing solutions including print, digital marketing, social media management, employer branding, content creation, graphic design, and multimedia production. The agency serves a diverse client base ranging from auto dealerships to healthcare and real estate sectors, positioning itself as a trusted regional partner with a strong local presence. Their website reflects a professional and modern digital footprint with comprehensive service offerings and client testimonials that reinforce their market position. Technically, the website is built on WordPress with modern JavaScript libraries such as Swiper.js and jQuery, and employs SEO best practices via the Rank Math plugin. Cookie consent is managed through the Borlabs Cookie plugin, ensuring GDPR compliance. The site is mobile-optimized and performs moderately well, with good accessibility and SEO optimization. No significant technical debt or performance bottlenecks were detected. From a security perspective, the website uses HTTPS with an excellent SSL configuration. However, security headers are not explicitly detected, and no formal security or incident response policies are published. There are no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. The WHOIS data is consistent with the website's claims, indicating a legitimate and trustworthy domain registration. Overall, the website demonstrates a high level of professionalism, security awareness, and compliance, making it a reliable digital presence for the agency. Strategic improvements in security headers and incident response transparency could further enhance their security posture.

C

ClimaGrün

climagruen.it

57

ClimaGrün is a specialized company focused on intelligent green roofing systems, with over 20 years of research and development in sustainable roof greening and technical greening solutions. The company targets planners, architects, landscape architects, investors, and private customers, offering patented thin-layer water storage technology integrated into their green roof systems. Their market position is that of an established niche player in the sustainable urban greening sector, primarily operating in Germany. The website demonstrates a high level of digital maturity, built on WordPress with Elementor, enhanced by SEO tools and modern JavaScript libraries for animations and user experience. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though formal security policies and incident response contacts are not explicitly published. Overall, the site is professional, trustworthy, and compliant with GDPR, providing a solid platform for business and customer engagement.

N

Niseko

niseko.ch

53

Niseko is a Swiss-based web agency specializing in bespoke web solutions, including custom website design, web applications, and AI/data integration services. The company targets businesses seeking tailored digital projects, emphasizing quality, performance, and user experience. Their market position is that of a small but professional agency with a clear focus on delivering solid and well-thought-out web solutions. Technically, the website is built on WordPress using Elementor, with modern JavaScript libraries and Google Analytics for tracking, complemented by a GDPR-compliant cookie consent mechanism. The site is well-optimized for SEO and mobile devices, offering a professional and consistent user experience. Security-wise, the site enforces HTTPS, includes standard security headers, and avoids exposing sensitive data, though it lacks explicit security policies and incident response information. Overall, the website is trustworthy and professional, with room for improvement in publishing security and compliance documentation.

A

adminster ag

adminster.ch

51

adminster ag is a Swiss-based professional services firm specializing in accounting, tax, payroll, and consulting solutions tailored for small and medium-sized enterprises (KMUs) primarily in Zürich and Zug. The company positions itself as a trusted local partner offering comprehensive financial and administrative outsourcing services, including external CFO support and company formation assistance. Their market approach emphasizes personal, uncomplicated service with a strong focus on digital processes and client collaboration. The website reflects a mature digital presence with modern technologies such as WordPress, Breakdance builder, and SEO optimization tools, ensuring excellent user experience and mobile responsiveness. Security posture is solid with HTTPS enforced and cookie consent implemented, although explicit security headers and incident response policies are not publicly detailed. Overall, the domain registration and website content are consistent and legitimate, supporting a high trustworthiness rating.

S

Stockholm International Water Institute

siwi.org

64

Stockholm International Water Institute (SIWI) is a well-established non-profit organization focused on water governance and sustainable water management. Founded in 1997, SIWI operates globally to influence policy and decision-making in water-related sustainable development. The website reflects a professional and consistent brand presence targeting policymakers, researchers, and water sector professionals. Technically, the site is built on WordPress with modern frameworks like Bootstrap and hosted on Microsoft Azure DNS infrastructure, indicating a moderate to good level of digital maturity. Security posture is adequate with HTTPS and domain transfer protections, but lacks DNSSEC and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and content-rich but would benefit from enhanced privacy and security disclosures.

C

creandi Medienagentur GmbH

trauer.nrw

59

The website trauer.nrw operates as a regional obituary and grief support portal focused on the Westphalia region in Germany. It is managed by creandi Medienagentur GmbH under the umbrella of VRS Media GmbH und Co KG, a recognized media company. The portal offers comprehensive services including obituary searches, memorial pages, grief counseling, and informative guides, targeting a general audience seeking regional death notices and support. The site is well-structured with clear navigation and professional design, supporting a positive user experience.

M

Movable Ink

movableink.com

71

Movable Ink is an established enterprise-level technology company specializing in AI-driven personalized marketing solutions. Their platform enables marketers to deliver dynamic, data-driven content across multiple customer touchpoints including email, mobile, and web. The company positions itself as a leader in autonomous marketing, blending creativity with machine intelligence to optimize customer engagement and revenue. The website reflects a mature digital presence with modern design, mobile optimization, and integration of advanced marketing and analytics tools such as Adobe Marketo and Intellimize. Security posture is strong with HTTPS enforcement and standard security headers, though there is room for improvement in DNS security and explicit security policy disclosures. Privacy compliance is partially addressed with cookie consent mechanisms but lacks visible privacy and terms of service documentation in the provided content. Overall, the domain registration data aligns well with the business profile, indicating a legitimate and stable online presence.

M

Monrif Net - S.p.A.

quotidiano.net

64

Quotidiano Nazionale is a prominent Italian news media website operated by Monrif Net - S.p.A., founded in 1997. It delivers comprehensive news coverage across politics, economy, international affairs, and magazine content, targeting a broad general audience in Italy. The business model combines digital news publishing with subscription offerings and advertising revenue. The website demonstrates a mature digital infrastructure using modern technologies such as React and Next.js, integrated with multiple advertising and analytics platforms. Security posture is strong with HTTPS enforcement and standard security headers, though some areas like incident response contact and vulnerability disclosure could be improved. Privacy compliance is evident with GDPR-aligned policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-positioned in the Italian media market.

L

Lantbrukarnas Riksförbund (LRF)

lrf.se

57

Lantbrukarnas Riksförbund (LRF) is Sweden's leading organization representing agriculture, forestry, and rural businesses. The website serves as a comprehensive platform for members and stakeholders, offering information on membership benefits, advocacy, news, events, and regional activities. The organization positions itself as a key player in promoting sustainability, innovation, and strong green industries in Sweden. Technically, the website is built on modern frameworks including Umbraco CMS, Alpine.js, and integrates Google Tag Manager and New Relic for analytics and performance monitoring. The site is well-optimized for mobile and accessibility, with a professional design and clear navigation. Security posture is strong with HTTPS enforcement, use of reCAPTCHA, and cookie consent mechanisms, although explicit security policies and incident response information are not published. Overall, the site reflects a mature, trustworthy organization with good digital maturity and compliance with privacy regulations.

D

Digital Control Room

digitalcontrolroom.com

71

Digital Control Room is a specialized company providing automated compliance and digital asset monitoring solutions primarily for the pharmaceutical and life sciences sectors. Their platform enables clients to discover and audit digital content across multiple brands and languages, ensuring regulatory compliance and reducing risk. The company positions itself as a trusted partner for global oversight of distributed digital content, supported by client testimonials from top pharma companies and recognized by awards such as The Kings Awards for Enterprise Innovation. Technically, the website is built on WordPress using modern plugins like Breakdance and Yoast SEO, with jQuery and Swiper.js for interactive elements. The site is well-optimized for SEO and mobile devices, offering a professional user experience. Security measures include HTTPS enforcement and cookie consent management, though there is room for improvement in implementing additional security headers and a dedicated security.txt file. The security posture is solid with no visible vulnerabilities or exposed sensitive data, and privacy compliance is well addressed with comprehensive policies and consent mechanisms. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness, warranting further verification. Overall, the site demonstrates a mature digital presence with strong business credibility but should enhance transparency around domain registration and security policies.

G

Gedenkzeit.ch

gedenkzeit.ch

59

Gedenkzeit.ch is a Swiss regional online platform specializing in obituary listings, memorial pages, and funeral service directories. It serves a German-speaking audience seeking to find or place death notices and related services. The website is well-branded with regional newspaper affiliations and is part of the CH Media group, indicating a solid market position in Swiss media. The platform offers search and submission functionalities for obituaries and a directory of funeral-related service providers.

В

ВІннер Імпортс Україна, Лтд

ford.ua

68

The website ford.ua is the official online presence of the authorized Ford importer in Ukraine, ВІннер Імпортс Україна, Лтд. It offers a comprehensive portfolio of Ford vehicles including passenger cars, commercial vehicles, and electric models, alongside services such as vehicle servicing, financial products like credit and leasing, and a dealer locator. The site targets Ukrainian consumers and corporate clients, positioning itself as a major player in the Ukrainian automotive market. Technically, the site employs modern web technologies including Tailwind CSS, StimulusJS, and integrates multiple analytics and marketing pixels such as Google Analytics, Facebook Pixel, and TikTok Pixel, indicating a mature digital marketing approach. Security-wise, the site enforces HTTPS and includes CSRF tokens, but lacks explicit security headers and visible security policies, which are areas for improvement. Overall, the site is professional, well-branded, and trustworthy, though it would benefit from enhanced privacy and cookie compliance documentation.

C

Conventum TPS

conventum.lu

70

Conventum TPS is a Luxembourg-based fund management company specializing in third party fund governance and administrative services. Founded in 2001, it operates under the commercial name of BLI - Banque de Luxembourg Investments. The company targets professional investors and fund initiators, providing regulatory and operational support to enable clients to focus on asset management and client servicing. The website reflects a professional and consistent brand image with clear contact information and legal disclosures. Technically, the site is built on the Liferay CMS platform, utilizing modern JavaScript libraries and a cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information are absent. The lack of WHOIS data limits domain trust analysis, but the overall business credibility and website quality are high, supporting a positive risk assessment.