Security Directory

Bubok is an international self-publishing platform focused on providing authors and publishers with unlimited publishing capabilities, including print-on-demand and digital distribution. The website demonstrates a moderate digital maturity with usage of legacy technologies such as jQuery 1.4.2 and integration of analytics tools like Google Analytics and Matomo. The site is accessible and links to multiple country-specific domains, indicating a broad market presence primarily in Spanish and other European language markets. However, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. Security posture is moderate but weakened by outdated libraries and lack of visible security headers or privacy policies. Overall, the website is functional but requires improvements in security, privacy compliance, and technical modernization to enhance trust and user confidence.

C

Caisses sociales de la CVCI

cvcicaisseavs.ch

52

Caisses sociales de la CVCI is a Swiss social insurance fund affiliated with the Chambre vaudoise du commerce et de l'industrie (CVCI), providing social insurance services including AVS, AI, APG, family allowances, and eServices for employers, employees, and independents. The website is professionally designed, multilingual, and targets Swiss residents and businesses requiring social insurance information and administrative support. Technically, the site is built on TYPO3 CMS with a traditional but stable tech stack including jQuery, Bootstrap, and privacy-focused Matomo analytics. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though formal security policies and incident response contacts are not published. Overall, the site is trustworthy, compliant with GDPR, and serves its niche effectively.

M

Morges Région Tourisme

morges-tourisme.ch

71

Morges Région Tourisme operates as a regional tourism information portal for the Morges district in Switzerland, offering comprehensive details on accommodation, dining, activities, events, and group services. The website targets tourists and visitors seeking travel and leisure information in the region. It maintains a consistent brand presence with professional design and structured navigation, supporting multiple languages to cater to international visitors. Technically, the site uses a specialized tourism CMS (MyCity Tourism Information System) and integrates several analytics and tracking tools including Google Analytics, Matomo, and Facebook Pixel, alongside a cookie consent mechanism. The site is mobile-optimized and performs moderately well, though accessibility features could be enhanced. Security-wise, the site enforces HTTPS with good SSL configuration but lacks visible security headers and explicit privacy or terms of service pages, which are areas for improvement. No blocking or WAF mechanisms were detected, and the domain registration details align well with the business purpose, indicating legitimacy. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

F

FDP Kanton Zürich

fdp-zh.ch

53

FDP Kanton Zürich is a regional political party representing liberal values in the canton of Zürich, Switzerland. The website serves as an information hub for party news, campaigns, events, and membership services, targeting residents, voters, and supporters within the region. It maintains a consistent brand presence and offers multiple channels for engagement including social media and direct contact. Technically, the site is built on TYPO3 CMS with modern web technologies and integrates analytics and marketing tools with user consent mechanisms. Security posture is solid with HTTPS and cookie consent, though explicit security headers could be improved. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

F

FDP.Die Liberalen Kanton St.Gallen

fdp-sg.ch

52

FDP.Die Liberalen Kanton St.Gallen is a regional political party in Switzerland representing liberal values in the canton of St. Gallen. Their website serves as an information hub for party news, events, membership, and political positions. The site targets local residents and voters interested in liberal politics. Technically, the website is built on TYPO3 CMS with modern frontend technologies such as Bootstrap and jQuery, and it integrates Matomo for analytics and tarteaucitron for cookie consent management. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms but lacks explicit security headers and incident response information. WHOIS data is unavailable, likely due to privacy protection, but the site’s legitimacy is supported by consistent branding and official contact information.

C

Compagnie Nationale des Commissaires aux Comptes

cncc.fr

62

The Compagnie Nationale des Commissaires aux Comptes (CNCC) is the official representative body for auditors in France, serving over 11,200 professionals nationwide. The organization provides a comprehensive range of services including professional representation, training, publication of technical documentation, and event organization. The website reflects a mature digital presence with a modern React-based infrastructure and integration of privacy-conscious analytics via Matomo. The content is professionally curated, targeting auditors and related professionals, with clear navigation and consistent branding. Security posture is strong with HTTPS enforcement and appropriate security headers, though improvements could be made in privacy compliance by implementing cookie consent mechanisms and publishing explicit security policies. WHOIS data is unavailable, which slightly impacts trust but is mitigated by the professional nature of the site and its institutional backing. Overall, the CNCC website is a high-quality, trustworthy resource for the auditing profession in France.

C

Commission Nationale de l’Informatique et des Libertés

cnil.fr

66

The CNIL website represents the official French national data protection authority, providing comprehensive information, guidance, and regulatory enforcement related to data privacy. It serves a broad audience including individuals, professionals, and the press, positioning itself as a key government regulator in the data protection sector. The website is well-maintained with a consistent brand identity and high-quality content that supports its mission effectively. Technically, the site is built on a modern Drupal CMS platform with Bootstrap for responsive design, enhanced by privacy-respecting analytics (Matomo) and a robust cookie consent mechanism (tarteaucitron.js). Hosting and DNS are managed via Cloudflare, ensuring good performance and security. The site is mobile-optimized and accessible, though accessibility could be improved further. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. It avoids exposing sensitive data and uses privacy-conscious analytics. However, explicit security policies, incident response information, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. Overall, the CNIL website demonstrates a strong security posture, excellent privacy compliance, and high business credibility as a government entity. It is a trustworthy source of information on data protection in France, with minimal risk factors identified.

C

Clair et Net.

clair-et-net.com

45

Clair et Net. is a Paris-based independent digital agency established since 1998, specializing in digital transformation, website and mobile application development, and AI project consulting. The company targets businesses and organizations seeking to modernize and leverage digital technologies. Their market position is that of a specialized boutique agency with a strong focus on human-to-human digital intelligence and innovation. Technically, the website is built on WordPress with modern SEO practices, uses Google Analytics and Matomo for analytics, and integrates Google Fonts and Font Awesome for design. The site is mobile optimized and presents a professional user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS but lacks visible security headers and formal privacy or cookie policies, which are areas for improvement. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency, although the website content and business information appear legitimate. Overall, the website scores well on content quality and business credibility but needs enhancements in privacy compliance and security posture.

M

MIM Edizioni Srl

mimesisedizioni.it

54

Mimesis Edizioni is a well-established Italian publishing house specializing in philosophy and the humanities. The company offers a broad catalog including books, journals, open access materials, and eBooks, targeting academics, researchers, and students. The website reflects a professional and consistent brand image with clear contact information and active social media engagement. The business operates within the education and media sectors and is part of a larger group of related publishing entities.

A

Altreconomia

altreconomia.it

45

Altreconomia is an independent Italian media outlet focusing on economy, lifestyles, environment, and culture. The website provides news and analysis targeted at Italian-speaking audiences interested in these topics. The business operates primarily as a media and publishing entity with a small organizational size and a founding date around 2000. Technically, the site is built on WordPress and uses common web technologies and analytics tools such as Matomo and Google Tag Manager. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility features. Security posture is basic with HTTPS enabled but no advanced security headers or DNSSEC. A critical concern is the domain's expired status, which poses risks to availability and trust. Privacy compliance is weak, with no visible privacy or cookie policies and no GDPR indicators. Contact information and incident response details are absent, limiting user trust and compliance. Overall, the site is functional and professional but requires urgent attention to domain renewal and privacy compliance to improve security and credibility.

A

Autohaus Ostmann

autohaus-ostmann.de

55

Autohaus Ostmann is a regional automotive dealership in Germany offering new and used vehicles from multiple brands including Audi, Volkswagen, Skoda, Seat, Cupra, MG, and Maxus. The company provides a comprehensive range of services such as vehicle sales, leasing offers, service appointments, and parts sales. The website is professionally designed with good navigation and mobile optimization, targeting car buyers primarily in the German regions of Wolfhagen, Bad Arolsen, and surrounding areas. The business model focuses on multi-brand vehicle retail and after-sales services, positioning itself as a trusted regional player in the transportation sector. Technically, the website uses modern web technologies including Bootstrap, FontAwesome, and JavaScript libraries. It employs Usercentrics for consent management and Matomo along with Facebook Pixel for analytics and tracking, indicating a moderate level of digital maturity and privacy awareness. Hosting is supported by Microsoft Azure DNS infrastructure, suggesting reliable backend support. The site is accessible without WAF or security challenges, and SEO practices are well implemented. From a security perspective, the site uses HTTPS and consent management but lacks visible security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of a privacy policy and terms of service pages reduces privacy compliance confidence. WHOIS data is consistent with a legitimate business domain without privacy protection, supporting the site's trustworthiness. Overall, Autohaus Ostmann presents a professional and trustworthy online presence with good business credibility and technical implementation. Improvements in explicit privacy documentation, security headers, and contact information visibility would enhance compliance and security posture. The site is safe for general audiences with no adult or questionable content detected.

M

Meckelburg Brilon GmbH

gartencenter-meckelburg.de

64

Gartencenter Meckelburg, operated by Meckelburg Brilon GmbH, is a regional garden center based in Brilon, Germany, specializing in retail sales of plants, gardening supplies, and related services. The company maintains a professional online presence with a focus on customer service, quality products, and community engagement through newsletters and social media. Their website is well-structured, providing clear navigation and relevant content tailored to gardening enthusiasts and local customers. Technically, the site employs modern JavaScript libraries such as jQuery, Bootstrap, Splide.js, and Owl Carousel, alongside Matomo Analytics for user tracking, indicating a mature digital infrastructure. Hosting is managed via rzone.de, and the site enforces HTTPS with a good SSL configuration, contributing to a secure browsing experience. Privacy compliance is robust, featuring a detailed cookie consent mechanism and a comprehensive privacy policy in German, aligned with GDPR requirements. However, the site lacks a publicly visible security policy or incident response information, which could enhance trust and preparedness. Overall, Gartencenter Meckelburg demonstrates a solid business and technical foundation with room for improvement in explicit security communications and advanced security headers.

V

Vitos Kurhessen

vitos-kurhessen.de

42

Vitos Kurhessen is a prominent healthcare provider specializing in psychiatric and psychosomatic care for children, adolescents, and adults across nine locations in Northern Hesse, Germany. The organization operates under the umbrella of Vitos Holding, a large healthcare group with multiple subsidiaries. The website reflects a mature digital presence built on TYPO3 CMS, featuring comprehensive service descriptions, clear navigation, and compliance with GDPR and cookie regulations. The use of Matomo analytics and Usercentrics consent management demonstrates a privacy-conscious approach. Security measures such as HTTPS and security headers are properly implemented, contributing to a strong security posture. However, explicit incident response contacts and vulnerability disclosure mechanisms are not evident, representing areas for improvement.

L

La Cimade

migrantscene.org

43

Festival Migrantscene is a cultural and social awareness festival organized by the non-profit organization La Cimade, focusing on migration themes through artistic and community events across France. The website serves as an information hub for the festival, providing event details, regional activities, and multimedia resources. The technical infrastructure is based on WordPress CMS with modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager, indicating a moderate level of digital maturity. The site is well-structured, mobile-optimized, and uses HTTPS, but lacks some advanced security headers and explicit incident response information. Privacy compliance is addressed with cookie consent mechanisms and a privacy policy in French, consistent with GDPR requirements. Overall, the website is professional and trustworthy, though the absence of WHOIS data limits domain trust assessment.

D

Deutsch-Griechisches Jugendwerk (DGJW)

dgjw-egin.org

55

The Deutsch-Griechisches Jugendwerk (DGJW) is a non-profit organization dedicated to fostering youth exchange and cooperation between Germany and Greece. Their website clearly communicates their mission to promote understanding and collaboration among young people and youth workers in both countries. The organization offers various programs including youth encounters, professional development for youth workers, internships, and project funding. Their market position is niche but well-defined within the international youth work sector. Technically, the website is built on WordPress with modern plugins such as WPBakery Page Builder and W3 Total Cache, ensuring a responsive and performant user experience. Privacy and compliance are well addressed with GDPR-compliant privacy and cookie policies, and the use of Matomo analytics with explicit consent mechanisms. The site is hosted with a reputable registrar and uses HTTPS with good SSL configuration. From a security perspective, the site follows best practices including HTTPS, reCAPTCHA on forms, and cookie consent management. However, there is room for improvement by enabling DNSSEC and adding additional HTTP security headers. No vulnerabilities or exposed sensitive data were detected. Overall, the site demonstrates a strong security posture suitable for a non-profit organization. The overall risk assessment is low with no critical issues found. Strategic recommendations include enhancing DNS security, implementing additional security headers, and publishing a vulnerability disclosure policy to further strengthen trust and security culture.

B

Bubok Publishing, S.L.

bubok.es

61

Bubok Publishing, S.L. operates www.bubok.es, a leading Spanish self-publishing platform specializing in independent authors seeking control over their book publishing process. The company offers a comprehensive suite of services including editorial assistance, international book distribution in both digital and physical formats, and a robust online bookstore. With over 140,000 authors worldwide, Bubok holds a strong market position in the Spanish-speaking publishing industry. The website is professionally designed, mobile-optimized, and rich in content, providing a seamless user experience for authors and readers alike. Technically, the site employs modern web technologies such as Bootstrap, jQuery, Matomo analytics, Google Tag Manager, and Facebook Pixel, ensuring effective tracking and marketing capabilities. Security measures include HTTPS enforcement, reCAPTCHA Enterprise integration, and basic security headers, though there is room for enhancement in header coverage and library updates. Privacy and cookie policies are comprehensive and GDPR compliant, with clear consent mechanisms. Contact information is prominently displayed, including phone numbers, email, and social media channels, reinforcing business credibility. WHOIS data is unavailable due to query restrictions, but no inconsistencies or suspicious patterns were detected. Overall, Bubok demonstrates a mature digital presence with strong trust signals and a secure, user-friendly platform.

L

Le Gruyère AOP

gruyere.com

51

Le Gruyère AOP website serves as the official digital presence for the traditional Swiss cheese brand, providing comprehensive information about the product's history, varieties, production process, recipes, news, and events. The site targets consumers, culinary enthusiasts, and industry professionals, positioning itself as an authoritative source for Gruyère AOP cheese. The business model is primarily informational and promotional, supporting the cheese industry and its stakeholders. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and frameworks, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and policies could be improved. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency, but the professional content and official contact details mitigate trust issues. Overall, the website is well-designed, user-friendly, and trustworthy for its intended audience.

L

L'Agefi

agefi.com

64

L'Agefi.com is a well-established Swiss media outlet specializing in political, economic, and financial news. It serves a professional and general audience interested in Swiss and global affairs, offering news articles, e-paper editions, market data, and sponsored content. The website demonstrates a solid market position with a consistent brand and professional content quality. Technically, the site is built on modern frameworks such as Next.js and React, hosted likely behind Cloudflare DNS, and uses Matomo for analytics, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is moderate with a cookie consent mechanism but no explicit privacy policy page found in the provided content. Contact information and social media presence are clear and professional, enhancing business credibility. Overall, the site is safe, trustworthy, and well-optimized for users.

The Centre hospitalier universitaire vaudois (CHUV) is a leading Swiss university hospital recognized globally for excellence in medical care, research, and education. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content targeting patients, healthcare professionals, and researchers. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and privacy-conscious analytics tools like Matomo and Maze. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site demonstrates high trustworthiness and aligns well with the institution's reputable status.

The website www.yverdon-les-bains.ch is the official digital portal for the municipal government of Yverdon-les-Bains, Switzerland. It provides comprehensive information and services related to administrative procedures, urban development, social cohesion, cultural events, sports, sustainability, and economic promotion. The site targets residents, visitors, entrepreneurs, and community members, positioning itself as a central hub for local governance and community engagement. The business model is public sector focused, delivering essential municipal services and information. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries such as jQuery, Bootstrap, Slick Slider, and AOS for animations. It integrates Matomo for analytics and uses tarteaucitron.js for cookie consent management, indicating a mature digital infrastructure. The site is mobile-optimized and exhibits good SEO and accessibility practices, although some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA on forms to mitigate spam. However, it lacks visible security headers like CSP or HSTS, and no explicit security or incident response policies are published. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data confirms the domain's legitimacy, registered to a Swiss municipal entity consistent with the website's claims. Overall, the website demonstrates a high level of professionalism, trustworthiness, and content quality suitable for a government portal. Strategic improvements include publishing comprehensive privacy and security policies, implementing security headers, and enhancing accessibility compliance to further strengthen the site's security posture and user trust.

C

Chambre vaudoise du commerce et de l'industrie (CVCI)

cvci.ch

51

The Chambre vaudoise du commerce et de l'industrie (CVCI) is a regional chamber of commerce and industry based in Vaud, Switzerland. It focuses on fostering business relationships among its members and promoting the local economy through services such as networking events, legal advice, export assistance, and training. The website is professionally designed, well-structured, and targets business professionals and entrepreneurs in the Vaud region. It maintains a strong digital presence with social media integration and partner sites. Technically, the site is built on TYPO3 CMS with modern libraries and frameworks, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced, cookie consent implemented, and no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response contacts are not found, which could be improved. Overall, the site is trustworthy, compliant with privacy regulations, and serves its business community effectively.

V

VAUD

vaud.ch

53

Vaud.ch is the official government website for the Canton of Vaud in Switzerland, serving as a comprehensive portal for tourism, local product promotion, economic development, culture, and community engagement. The site targets residents, tourists, local producers, and ambassadors, providing rich content in French, English, and German. It positions itself as a leading regional government platform with strong branding and trust signals such as official certifications and social media presence. Technically, the website is built on WordPress with modern technologies including Google Tag Manager, Matomo Analytics, and Facebook Pixel, combined with a consent management platform ensuring GDPR compliance. The site demonstrates good mobile optimization, SEO, and accessibility features, though some security headers could be enhanced. Security posture is strong with HTTPS enforced and no visible vulnerabilities, but improvements in security headers and incident response policies are recommended. Overall, the website is professional, trustworthy, and well-maintained, reflecting the stature of a government entity.

HathiTrust is a prominent non-profit digital library consortium that provides access to millions of digitized books and scholarly resources. Its mission centers on preserving knowledge and empowering research through a large-scale digital collection. The website is professionally designed, highly accessible, and optimized for mobile users, reflecting a mature digital presence. The technical infrastructure leverages WordPress with modern frameworks like Bootstrap and uses privacy-conscious analytics via Matomo. Security posture is strong with HTTPS enforced and secure forms, though some security headers and explicit policies could be improved. Privacy compliance is robust, featuring a comprehensive privacy policy and granular cookie consent mechanisms. Overall, the site demonstrates high trustworthiness and professionalism suitable for its educational and research audience.

L

Les Champs Libres

leschampslibres.fr

56

Les Champs Libres is a prominent public cultural institution based in Rennes, France, encompassing a library, the Museum of Brittany, a science center with a planetarium, an auditorium, and a café. It serves as a hub for cultural, educational, and scientific engagement for the general public. The website reflects a well-structured and professionally designed digital presence, offering comprehensive information about exhibitions, events, and resources. The institution is positioned as a key player in the regional cultural landscape, supported by Rennes Métropole.

L

La Cimade

lacimade.org

46

La Cimade is a well-established French non-profit organization founded in 1939, dedicated to supporting and defending migrants and refugees. The website reflects a mature digital presence with comprehensive content, including advocacy, legal support, regional activities, and educational resources. The organization targets a general audience interested in migration and human rights issues, leveraging donations and volunteer engagement as part of its business model. Technically, the site is built on WordPress with modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager, ensuring good SEO and user experience. Security posture is solid with HTTPS and consent mechanisms, though it lacks some advanced HTTP security headers and published security policies. The WHOIS data is incomplete, limiting domain trust verification, but the website content and branding strongly indicate legitimacy. Overall, the site scores well on content quality, technical implementation, and security, with room for improvement in transparency and incident response readiness.

S

Sawayo by Infoniqa

sawayo.de

67

Sawayo by Infoniqa offers a comprehensive digital HR management platform focused on simplifying employer obligations such as time tracking, absence management, digital personnel files, and compliance documentation. The company targets HR teams and employers primarily in Germany and the DACH region, positioning itself as a trusted and GDPR-compliant SaaS provider with a strong emphasis on ease of use and legal security. The website reflects a mature digital presence with multi-language support and integration with mobile and web apps. Technically, the site is built on Webflow with modern analytics and consent management tools, ensuring good performance and privacy compliance. Security posture is solid with HTTPS, secure cookie flags, and privacy-friendly analytics, though it lacks explicit security policy and incident response information. Overall, the site demonstrates high professionalism, trustworthiness, and business credibility, with room for improvement in publishing dedicated security and incident response documentation.

IATI Connect is a well-established global community platform dedicated to aid transparency, serving practitioners and members of the IATI community. The website offers a rich set of resources, discussions, events, and guidance to support transparency initiatives worldwide. It positions itself as a niche but important platform within the non-profit and government sectors focused on international aid transparency. Technically, the site is built on Drupal CMS and integrates modern analytics and bot detection tools, providing a good user experience with mobile optimization and accessibility features. Security posture is solid with HTTPS and some security best practices, though there is room for improvement in HTTP security headers. Privacy compliance is good with a clear privacy policy and GDPR considerations, though cookie consent mechanisms could be enhanced. Overall, the site demonstrates high professionalism and trustworthiness, despite the lack of publicly available WHOIS data due to privacy protection.

The d-portal website serves as a key tool within the International Aid Transparency Initiative (IATI) ecosystem, providing users with the ability to explore, search, and analyze international development and humanitarian aid data. The platform targets development professionals, NGOs, researchers, and policymakers, offering open access to detailed activity data from various reporting organizations. The site is well-branded and consistent with IATI standards, supporting multiple languages and providing helpful documentation links. Technically, the site employs a modern JavaScript stack including jQuery, Chartist.js for data visualization, and multiple analytics platforms such as Google Analytics, Matomo, and Plausible. The site is mobile-optimized with good navigation and user experience, though accessibility features are basic. Performance is moderate, with room for improvement in SEO and accessibility compliance. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in the HTML. However, no explicit security headers were detected, and privacy and cookie policies are not present in the analyzed content, indicating gaps in privacy compliance. WHOIS data is unavailable or malformed, likely due to privacy protection, but the domain is consistent with the official IATI network, supporting legitimacy. Overall, the site is a credible and professional resource for aid transparency, but it would benefit from enhanced privacy disclosures, security header implementation, and accessibility improvements to strengthen its security posture and compliance.

VRS Media GmbH & Co. KG is a specialized IT service provider and software house focused on delivering white-label SaaS solutions for over 120 newspaper publishers and 570 newspaper titles. Their offerings include themed internet portals, online classified ad markets, and ad submission systems tailored for media houses. The company holds a strong market position in Germany and surrounding countries, serving a medium-sized business segment with a comprehensive portfolio and full-service support including hosting, maintenance, and marketing assistance. Technically, the website is built on WordPress with a modern theme and plugins, optimized for mobile and SEO, and integrates privacy-respecting analytics via Matomo. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

Formez PA is an established Italian government service and training center focused on the modernization and reform of public administration. Founded in 1997, it provides training, recruitment, project management, and international cooperation services targeted at public sector employees and government entities. The website reflects a professional government presence with consistent branding and a clear focus on public administration modernization. Technically, the site uses modern frameworks such as Bootstrap and Sitefinity CMS, with analytics powered by Matomo and cookie consent managed by Cookiebot, indicating a mature digital infrastructure. Security posture is good with HTTPS enabled and cookie consent implemented, though improvements such as enabling DNSSEC and adding security headers are recommended. The domain registration is consistent with the organization's government affiliation and long-term presence, enhancing trustworthiness. Overall, the website is well-designed, accessible, and compliant with privacy regulations, though explicit privacy and terms of service pages were not found in the provided content.

I

International Aid Transparency Initiative

iatistandard.org

54

The International Aid Transparency Initiative (IATI) operates as a global non-profit initiative focused on improving transparency in development and humanitarian aid. It provides a standardized framework and tools for publishing and accessing data on aid activities worldwide. The website reflects a mature and well-established organization with a clear mission to enhance accountability and decision-making through open data. The target audience includes development agencies, governments, civil society, and researchers. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and uses analytics platforms such as Matomo and Plausible for minimal user tracking. It is hosted with Cloudflare DNS services, ensuring good performance and security. The site is mobile-optimized, accessible, and well-structured, providing a professional user experience. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers in the HTML. There is no publicly available security policy or incident response information, and no vulnerability disclosure mechanism is evident. The WHOIS data indicates a consistent and legitimate domain registration dating back to 2010, supporting the organization's credibility. Overall, the website is trustworthy, professional, and technically sound but would benefit from enhanced privacy compliance measures and explicit security documentation to improve user trust and regulatory adherence.

D

Das Trauerportal für den deutschsprachigen Raum

trauer.de

52

Trauer.de is a well-established German-language online portal specializing in obituary announcements, mourning support, and funeral-related services. It aggregates obituary notices from various regional newspapers and provides additional resources such as expert directories and live chat support for mourners. The platform targets German-speaking individuals seeking to find or place obituary notices and access related services. The website demonstrates a solid market position as a leading media portal in its niche within Germany.

T

The Stationery Office Limited

tsoshop.co.uk

62

TSO Shop is a specialist e-commerce platform operated by The Stationery Office Limited, providing official UK government publications and specialist books targeted at academics, professionals, and businesses. The website offers a broad catalog of authoritative publications including regulatory guides, official gazettes, and best practice manuals, positioning itself as a trusted source for official and specialist content in the UK market. The company has a well-established presence since 2004, reinforcing its credibility and market position. Technically, the website employs a moderately modern technology stack including jQuery, RequireJS, and polyfills to support legacy browsers. Analytics are implemented via Google Analytics and Matomo with user consent mechanisms in place, reflecting a reasonable level of digital maturity. The site is functional with good navigation and content relevance, though some technical improvements such as updated libraries and enhanced security headers could be beneficial. From a security perspective, the site uses HTTPS and implements cookie consent with opt-in for analytics, demonstrating compliance with privacy regulations like GDPR. However, the absence of explicit security headers and use of an older jQuery version present moderate risks. No incident response or vulnerability disclosure policies are publicly available, which could be improved to enhance security posture. Overall, the website is professional, trustworthy, and compliant with privacy standards, serving its niche market effectively. Strategic improvements in security practices and technical modernization would further strengthen its resilience and user trust.

localjob.de is a well-established regional job board headquartered in Munich, Germany, offering a broad spectrum of job listings across various industries and regions in Germany. Leveraging partnerships with 21 regional newspaper publishers and over 150 newspaper editions, it provides extensive reach and a diverse job market platform for both job seekers and employers. The platform supports employers with multi-channel advertising including social media and Google Ads, and offers personalized regional support. Technically, the site is built on modern web technologies including React and Next.js, hosted on Microsoft Azure CDN, and employs Matomo analytics alongside Google Tag Manager and a consent management platform, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement and consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. Overall, localjob.de presents a professional, trustworthy, and user-friendly platform with excellent content quality and regional market penetration.

localjob.de is a well-established regional job board platform based in Germany, specializing in connecting job seekers with employers through a broad network of regional newspaper partnerships. The platform offers a comprehensive range of job listings across multiple sectors and regions, supported by a professional and user-friendly website. Technically, the site leverages modern web technologies including React and Next.js, hosted on Azure CDN, ensuring fast performance and mobile optimization. Security posture is solid with HTTPS enforced and privacy policies in place, though explicit security headers and incident response contacts could be improved. Overall, localjob.de presents a trustworthy and professional service with strong regional market penetration.

The Gazette is the UK's official public record publication, established in 1665 and published by TSO under the authority of His Majesty's Stationery Office, part of The National Archives. It serves as a trusted source for official notices including insolvency, wills and probate, company data, and historical archives. The website targets businesses, legal professionals, government entities, and the general public seeking authoritative public records. Its business model includes providing official notices, data services, and archival access with paid options for notice placement and data subscriptions. Technically, the website employs modern JavaScript libraries such as RequireJS and Modernizr, uses Matomo Analytics with consent management, and integrates a live chat widget for customer support. The site is moderately optimized for performance and mobile devices, with good accessibility and SEO practices. The presence of cookie consent banners and privacy policies indicates a mature approach to privacy compliance. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms to manage analytics tracking. However, it lacks explicit security policy pages and incident response information, and security headers are not visibly present in the HTML. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is solid but could be improved with additional transparency and technical controls. The domain WHOIS data is unavailable due to Nominet UK restrictions, consistent with the domain being government-controlled. This lack of public WHOIS data does not detract from the site's legitimacy given its official status. The site is trustworthy, professionally maintained, and safe for general audiences.

I

immobilier.ch

immobilier.ch

62

immobilier.ch is a well-established real estate portal serving the Swiss Romande region, offering a comprehensive platform for residential and commercial property listings, tenant services, and real estate news. The website demonstrates a strong market position as a trusted intermediary connecting buyers, renters, and agencies. Technically, the site employs modern web technologies including Google Tag Manager, Matomo analytics, and Google Maps API, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and consent management implemented, though some security headers could be improved. Privacy compliance is robust with clear policies and cookie consent mechanisms. Overall, the site presents a professional and trustworthy digital presence with no critical security or content safety concerns.

C

Conventum TPS

conventum.lu

70

Conventum TPS is a Luxembourg-based fund management company specializing in third party fund governance and administrative services. Founded in 2001, it operates under the commercial name of BLI - Banque de Luxembourg Investments. The company targets professional investors and fund initiators, providing regulatory and operational support to enable clients to focus on asset management and client servicing. The website reflects a professional and consistent brand image with clear contact information and legal disclosures. Technically, the site is built on the Liferay CMS platform, utilizing modern JavaScript libraries and a cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information are absent. The lack of WHOIS data limits domain trust analysis, but the overall business credibility and website quality are high, supporting a positive risk assessment.

W

Weltwoche Verlags AG

weltwoche.ch

64

Die Weltwoche is a Swiss media publishing company operating the website weltwoche.ch, delivering independent and critical journalism primarily in the German language. The company positions itself as a reputable media outlet with a focus on quality content for a German-speaking audience. The website leverages a WordPress CMS with advanced SEO tools such as Yoast SEO Premium and integrates multiple analytics platforms including Matomo and Chartbeat, indicating a mature digital infrastructure. Consent management is implemented via consentmanager.net, reflecting attention to privacy compliance. Security posture is solid with HTTPS enforced and no obvious vulnerabilities detected, although explicit security headers could be improved. The absence of a visible privacy policy or terms of service in the provided content is a notable gap. Overall, the website is professional, trustworthy, and well-structured, serving a media audience with journalistic content.

D

Direkt und Online GmbH

direktundonline.de

69

Direkt und Online GmbH is a well-established German company specializing in healthcare marketing solutions, offering data, integration, and communication services tailored to the healthcare sector. With over 20 years of experience and a strong market position, the company targets healthcare businesses seeking precise and customized marketing approaches. The website reflects a professional and consistent brand image, supported by clear contact information and a multilingual setup. Technically, the site is built on WordPress with Elementor and Yoast SEO, leveraging Matomo for privacy-conscious analytics. Hosting is managed via INWX, a reputable German provider, ensuring regional consistency. Security posture is solid with HTTPS enforced and consent management in place, though some security headers and explicit policies could be improved. Overall, the site is accessible, well-structured, and compliant with GDPR requirements, indicating a mature digital presence.

A

Arbeiterkammer

arbeiterkammer.at

68

Arbeiterkammer is a prominent Austrian non-profit organization dedicated to advising and representing workers and consumers. The website serves as a comprehensive portal offering extensive information and services related to labor law, tax law, consumer protection, education, family support, and workplace health. It is well-positioned as a leading advocacy group in Austria with a strong regional presence through multiple subdomains. The site targets employees, workers, and consumers seeking legal advice and social support.

C

Conventum TPS

conventumtps.lu

71

Conventum TPS is a Luxembourg-based fund management company operating under Banque de Luxembourg Investments. Founded in 2001, it specializes in providing third party solutions including regulatory and administrative fund management services. The website reflects a professional and well-established business with clear service offerings targeted at asset managers and fund initiators. The digital infrastructure is built on the Liferay platform with modern web technologies and includes a cookie consent mechanism and Matomo analytics for privacy-conscious tracking. Security posture is good with HTTPS enforced and no exposed sensitive data, though some security headers could be improved. Overall, the website is trustworthy, compliant with GDPR, and provides comprehensive contact information.

B

BancaStato

bancastato.ch

58

BancaStato is a regional universal bank serving the Canton Ticino in Switzerland, offering a full range of banking services including credit, payment traffic, and asset management to private individuals, commercial clients, and private banking customers. The website reflects a mature digital presence with clear navigation and comprehensive service information. Technically, the site uses modern JavaScript libraries such as jQuery, integrates Matomo for analytics, and employs OneTrust for cookie consent management, indicating a good level of digital maturity. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear cookie consent and privacy policies in Italian. Overall, the website is professional, trustworthy, and well-aligned with the business's regional banking focus.

B

Banque de Luxembourg Investments

banquedeluxembourginvestments.com

67

Banque de Luxembourg Investments (BLI) is a specialist asset management company based in Luxembourg, focusing on equities, bonds, multi-asset strategies, and sustainable investing. The company targets both private and professional investors primarily in Europe, emphasizing active management and ESG principles. The website reflects a professional and consistent brand image with clear navigation and relevant content about their investment expertise and fund offerings. Technically, the site is built on the Liferay CMS platform, utilizing modern JavaScript libraries and analytics tools such as Matomo, ensuring a moderate to good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies are missing. The absence of WHOIS registration data is a notable anomaly, reducing domain trustworthiness despite the professional presentation. Overall, the site is credible and well-maintained but would benefit from enhanced transparency in privacy and security policies.

N

NewAlpha Asset Management

newalpha.com

71

NewAlpha Asset Management is a French asset management firm specializing in research, advisory, and portfolio management of investment funds. The company targets both professional and non-professional investors, offering a broad range of investment strategies including traditional asset classes, alternative investments, and private assets. The website is professionally designed, multilingual (French and English), and provides comprehensive information about the firm's expertise and services. Technically, the site is built on WordPress with modern SEO and privacy tools such as Yoast SEO and Cookiebot, and uses Matomo for analytics, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and headers are lacking. The absence of WHOIS data reduces transparency and trust somewhat, but the overall presentation and regulatory references support legitimacy. Strategic recommendations include enhancing security headers, publishing incident response information, and verifying domain registration details to improve trust and compliance.

S

SCOR

scor.com

71

SCOR is a leading global reinsurance company headquartered in France, offering a broad portfolio of innovative Property & Casualty, Life & Health, and Investment solutions. The company targets insurance firms and investors, positioning itself as a financially solid and innovative market leader. The website reflects a mature digital presence with comprehensive corporate, investor, and compliance information, supporting transparency and trust. Technically, the site is built on Drupal 10 with modern web technologies including Matomo analytics for privacy-respecting user tracking, lazy loading images, and embedded multimedia content. The site is mobile-optimized, accessible, and SEO-friendly, providing a fast and professional user experience. From a security perspective, the website enforces HTTPS, uses security cookies, and implements a robust cookie consent mechanism aligned with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security headers like Content-Security-Policy could be improved, and a security.txt file is absent. Overall, the domain WHOIS data is unavailable, likely due to privacy protection, but the website's professional content and compliance posture support legitimacy. The risk profile is low, with recommendations to enhance security transparency and incident response visibility.

T

The PHP Group

php.net

68

The PHP.net website represents The PHP Group, the steward of the PHP programming language, a widely used open-source scripting language for web development. The site provides comprehensive resources including downloads, documentation, news, and community engagement. It serves a global developer audience and maintains a strong position as a leading technology resource in its domain. Technically, the website employs modern web technologies, including Matomo for privacy-conscious analytics, and delivers content with good performance and mobile optimization. Security-wise, the site enforces HTTPS and disables tracking cookies in analytics, reflecting a privacy-aware posture. However, it lacks some security headers and a cookie consent mechanism, which are recommended for enhanced protection and compliance. The absence of WHOIS data is noted but does not detract from the site's legitimacy given its recognized brand and active community presence. Overall, the site is professional, trustworthy, and well-maintained, with room for minor improvements in security and privacy disclosures.

N

NetActuate

rootbsd.net

68

NetActuate is a technology company specializing in global edge infrastructure, cloud, networking, and AI services, with a strong emphasis on BSD-based hosting solutions. The company has integrated RootBSD since 2015, expanding its footprint and service capacity. Their market position is that of a medium-sized, reputable provider with a focus on high-performance, scalable infrastructure for enterprises and developers. The website reflects a professional and consistent brand with comprehensive service offerings including AI inference, GPU as a service, colocation, and advanced networking solutions. Technically, the website is built on Webflow CMS and leverages modern analytics and tag management tools such as Google Tag Manager, Matomo, and Plausible. The site is fast, mobile-optimized, and well-structured with good SEO and accessibility practices. Hosting appears to be on NetActuate's own infrastructure or via Cloudflare CDN. The cookie consent mechanism is robust and GDPR compliant, indicating a mature privacy posture. Security-wise, the site enforces HTTPS and employs layered consent management, but lacks explicit security headers and a published security.txt file. Certifications such as SOC 1, SOC 2, SOC 3, and PCI DSS are prominently displayed, enhancing trust. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS data for the domain introduces some uncertainty about domain registration legitimacy. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include adding explicit security headers, publishing vulnerability disclosure information, and clarifying incident response contacts to further enhance security posture and trust.

L

Linux Professional Institute (LPI)

lpi.org

62

Linux Professional Institute (LPI) is a well-established non-profit organization specializing in global Linux and open source certification and career support. It holds a strong market position as the world's first and largest vendor-neutral Linux certification body, serving over 350,000 certified professionals across more than 180 countries. The organization offers a comprehensive portfolio of certifications, training partnerships, and community engagement programs, targeting IT professionals, educators, and organizations worldwide. Technically, the website is built on a modern WordPress CMS with a robust tech stack including Bootstrap, Elementor, and various performance and analytics tools such as Matomo and Google Tag Manager. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, providing a fast and user-friendly experience. From a security perspective, the site enforces HTTPS, employs cookie consent mechanisms, and integrates CAPTCHA for form protection. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data due to privacy protection is justified given the organization's non-profit status and global presence. Overall, the website reflects a high level of professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable resource for Linux certification and open source community support.