Security Directory

E

Extinction Rebellion

rebellion.global

70

Extinction Rebellion is a globally recognized environmental activist movement focused on combating climate and ecological collapse through non-violent direct action. The organization operates in 88 countries with nearly 1,000 groups and organizes numerous events worldwide. Their website serves as a hub for information, activism resources, and global coordination. Technically, the site employs modern web technologies including Matomo analytics for privacy-conscious tracking, and is well-optimized for mobile and accessibility. Security posture is solid with HTTPS enforced and captcha integration, though improvements could be made by adding security headers and explicit cookie consent mechanisms. The WHOIS data is privacy protected, which aligns with the activist nature of the organization. Overall, the website is professional, trustworthy, and effectively supports the organization's mission.

S

Stiftung "Zugang für alle"

access-for-all.ch

48

Stiftung "Zugang für alle" is a Swiss non-profit organization serving as the national competence center and certification authority for digital accessibility. The organization offers expert consulting, accessibility testing, certification services, and training courses aimed at helping website and app owners achieve digital accessibility compliance. With over 25 years of experience, it holds a leading market position in Switzerland for digital accessibility services. The website is built on WordPress with modern plugins and analytics tools, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS and no evident vulnerabilities, though some security headers could be improved. Privacy compliance is good with a comprehensive privacy policy, but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-optimized for accessibility and SEO.

L

Logos Translations

logos.net

68

Logos Group is a professional translation and localization service provider with over 40 years of experience, specializing in technical, marketing, scientific, legal, and corporate content translation across more than 250 language combinations. The company targets businesses requiring comprehensive language services and offers a broad range of solutions including website localization, software and app localization, multimedia services, and eLearning solutions. Their market position is that of an established, reliable player with ISO certifications and a strong client portfolio. Technically, the website is built on Joomla CMS with modern frameworks and includes structured data for SEO. The site uses Matomo analytics, indicating a moderate level of user tracking with some privacy considerations. Security posture is good with HTTPS and CSRF protections, but lacks some security headers and explicit privacy/cookie policies. WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency. Overall, the website is professional, trustworthy, and well-structured but would benefit from enhanced privacy compliance and clearer domain registration information.

B

billwerk plus

billwerk.plus

56

Billwerk+ is a technology company specializing in subscription and payment management solutions designed to help businesses grow, innovate, and optimize their operations. With a customer base exceeding 4000 companies, Billwerk+ positions itself as a reliable SaaS provider in the subscription economy space. The website reflects a mature digital presence with multilingual support and comprehensive content tailored to business clients. Technically, the site is built on WordPress using modern plugins and themes, with integrations for analytics and cookie consent management, indicating a focus on compliance and user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and explicit security policies. Overall, the domain's privacy-protected WHOIS data is typical for commercial SaaS providers and does not raise legitimacy concerns. The site is professional, trustworthy, and well-optimized for SEO and mobile use.

C

cyon GmbH

cyon.ch

59

cyon GmbH is a well-established Swiss web hosting provider based in Basel, offering a comprehensive range of services including domain registration, various tiers of web hosting, managed servers, agency servers, and a sitebuilder platform. With over 20 years of market presence and a strong reputation evidenced by high Google ratings, cyon targets individuals and businesses in Switzerland seeking reliable and secure web infrastructure solutions. The company emphasizes personal support, security, and sustainability in its offerings. Technically, the website employs modern web technologies such as Alpine.js for interactivity, Matomo for analytics, and Helpscout for customer support, ensuring a fast, mobile-optimized, and accessible user experience. The infrastructure appears robust with CDN usage and secure HTTPS enforcement. SEO and accessibility best practices are well implemented. From a security perspective, cyon demonstrates strong practices including HTTPS with excellent SSL configuration, security headers, and secure forms. However, there is room for improvement in publishing explicit security policies and incident response contacts. No vulnerabilities or suspicious activities were detected. Overall, cyon GmbH presents a low-risk profile with a mature digital presence, strong business credibility, and good privacy compliance. Strategic recommendations include enhancing transparency around security policies and incident response, and formalizing vulnerability disclosure mechanisms.

S

SWICA

swica.ch

76

SWICA is a prominent Swiss health insurance provider known for its high customer satisfaction ratings and comprehensive insurance offerings including basic, supplementary, and special insurance products. The company targets private customers primarily within Switzerland and emphasizes telemedicine and customer support services. The website reflects a mature digital presence with modern technologies such as Matomo analytics, Google Tag Manager, and a chatbot for customer interaction. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Security posture is strong with HTTPS enforcement and security headers, though explicit security policy and incident response details are not publicly available. Overall, the website is professional, trustworthy, and well-optimized for performance and accessibility.

Extinction Rebellion Italia is the Italian branch of the global Extinction Rebellion movement, focused on climate and ecological activism. The website serves as an informational and engagement platform for the movement's activities, events, and campaigns within Italy. It targets a general audience interested in environmental issues and activism. The organization operates as a non-profit entity with a clear mission to influence government policy and public awareness on climate emergencies. Technically, the website is built using modern web technologies including Bootstrap, jQuery, Leaflet, and Jekyll as a static site generator. It is mobile optimized and uses Matomo for analytics, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS and DNSSEC enabled, but lacks some advanced security headers and formal security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional and trustworthy but could improve in privacy and security transparency.

R

reichelt elektronik GmbH

reichelt.de

65

reichelt elektronik GmbH operates a large-scale German e-commerce platform specializing in electronics and technology products. The website offers a broad catalog of over 150,000 items targeting both private consumers and business customers, including educational institutions. The company maintains a professional online presence with multi-language support and a user-friendly interface. Technically, the site employs modern JavaScript modules, lazy loading, and Matomo analytics, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforcement and secure login forms, though explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is trustworthy, professionally maintained, and suitable for general audiences.

B

billwerk plus

billwerk.com

66

Billwerk+ is a technology company specializing in subscription and payment solutions designed to help businesses grow, innovate, and optimize their operations. The company serves a medium-sized market segment with over 4000 companies and organizations empowered by its SaaS platform. The website is professionally designed, multilingual, and provides clear business descriptions and calls to action such as booking demos and free trials. Technically, the website is built on WordPress using the Avada theme, incorporating modern web technologies including jQuery, Google Tag Manager, Matomo analytics, and Borlabs Cookie for consent management. The site demonstrates good mobile optimization and SEO practices, with structured data and Open Graph metadata enhancing search engine visibility. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, indicating GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in transparency and security maturity. Overall, the domain appears legitimate despite privacy-protected WHOIS data, which is common for SaaS providers. The website presents a trustworthy and professional front with good technical and privacy compliance, making it a reliable platform for subscription management services.

Konradin Mediengruppe is a well-established German media company founded in 1929, specializing in professional and specialized information services across print and digital media. Their portfolio includes over 40 media brands in seven thematic areas, complemented by corporate publishing, market research, and event services. The company targets professional and business audiences in various sectors, maintaining a strong market position in the German-speaking region. Technically, the website is built on WordPress with modern tools such as WPBakery, Google reCAPTCHA, Matomo analytics, and a consent management platform, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and reCAPTCHA protecting forms, though explicit security headers could be improved. Privacy compliance is strong, with clear GDPR-aligned policies and cookie consent mechanisms. Overall, the website is professional, trustworthy, and compliant, with a moderate level of user tracking and mature audience targeting due to tobacco-related content.

N

Nexway

nexway.com

65

Nexway is a well-established technology company specializing in eCommerce and digital transformation solutions, with over 20 years of market presence. Their offerings include subscription management, global payments, fraud prevention, risk management, and customer care services, targeting businesses seeking to expand and optimize their digital sales channels globally. The website reflects a mature digital infrastructure leveraging WordPress CMS with advanced performance and analytics tools such as WP Rocket, Matomo, and Google Tag Manager. Security posture is solid with HTTPS enforcement and domain transfer protections, though improvements like DNSSEC and formal security policies could enhance trust. Privacy compliance is robust with cookie consent mechanisms and GDPR-aligned policies. Overall, Nexway presents a professional, trustworthy, and technically sound online presence suitable for its B2B audience.

P

Prakalp Goa - New Goa International Airport

projetogoa.com

48

Prakalp Goa is a small, regionally focused platform dedicated to promoting the local economy of Goa by showcasing its art, crafts, and cultural heritage. Founded in 2022, the website serves as a community-centric hub supporting artisans, farmers, and self-help groups. The platform leverages WordPress with Elementor and Astra theme, integrating Google Analytics and Matomo for visitor tracking. While the site is well-designed and mobile-optimized, it lacks critical privacy and cookie policies, which impacts its compliance posture. Security measures such as HTTPS and reCAPTCHA are implemented, but DNSSEC is not enabled and security headers are absent, indicating room for improvement in security hardening. Overall, the domain registration details align well with the business claims, supporting legitimacy.

K

Konradin Medien GmbH

process-technology-online.com

64

Process Technology Online is a specialized online media platform operated by Konradin Medien GmbH, focusing on the latest developments in chemical, pharmaceutical, and food processing technology. The website serves industry professionals by providing news, company profiles, and event coverage, positioning itself as a niche media outlet within the manufacturing and media sectors. The business model revolves around content publishing and advertising, supported by subscription management tools.

K

Konradin Mediengruppe

direktabo.de

56

Direktabo.de is an e-commerce platform operated by the Konradin Mediengruppe, specializing in magazine subscriptions and single-issue sales primarily targeting German-speaking customers worldwide. The website offers a broad catalog of specialized magazines across various sectors such as science, architecture, industry, and lifestyle. The platform leverages Magento CMS with a custom theme and integrates multiple JavaScript libraries and tracking tools, including Matomo and Google Tag Manager, managed under GDPR-compliant cookie consent mechanisms. The business maintains a consistent brand presence and provides comprehensive subscription and reader services, positioning itself as a reputable niche media subscription provider.

G

GMR Airports Limited

delhidutyfree.co.in

61

Delhi Duty Free, operated by GMR Airports Limited, is a prominent duty-free retailer serving travelers at Indira Gandhi International Airport, New Delhi. The website offers a broad range of premium duty-free products including liquor, perfumes, beauty products, and confectionery. The business model focuses on e-commerce with a click & collect service tailored for airport customers, targeting adult travelers aged 25 and above. The company is well-established with a domain age consistent with its corporate history and strong branding aligned with its parent company, GMR Airports Limited. Technically, the website is built on Magento 2, leveraging modern JavaScript frameworks and libraries such as RequireJS and jQuery. It integrates multiple analytics platforms including Google Analytics and Matomo for comprehensive user tracking and marketing insights. The site demonstrates good mobile optimization and SEO practices, although accessibility could be enhanced further. From a security perspective, the site enforces HTTPS, uses CAPTCHA on critical forms, and implements age verification to comply with legal requirements for alcohol sales. However, some security headers are not explicitly detected and could be improved to harden the security posture. Privacy and cookie policies are present with consent mechanisms, indicating a good level of GDPR compliance. Overall, the website presents a professional, trustworthy, and compliant online presence for a large retail operation within the transportation sector. Strategic improvements in security headers and accessibility, along with enhanced incident response transparency, would further strengthen its security and compliance posture.

D

DATAKONTEXT

datakontext.com

70

DATAKONTEXT is a well-established German company specializing in professional training, expert information, certifications, and consulting services in the fields of data protection, payroll, human resources, and IT security. With nearly 50 years of experience, it serves a broad audience including beginners, experts, and corporate clients. The company leverages a network of experts and decision-makers to deliver high-quality educational content in print, in-person, and online formats. The website reflects a professional and trustworthy brand with clear navigation and comprehensive service offerings. Technically, the website employs modern technologies such as Google Tag Manager, Matomo Analytics, Friendly Captcha, and a privacy management SDK, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, running on a Shopware CMS platform. However, some security best practices like HTTP security headers are not detected, representing an area for improvement. From a security perspective, the site uses HTTPS and bot protection mechanisms, and implements cookie consent management, supporting GDPR compliance. No critical vulnerabilities or exposed sensitive data were found. The absence of a published security policy or incident response contact is noted. WHOIS data is missing, which slightly reduces trustworthiness, but the professional presentation and content quality support legitimacy. Overall, DATAKONTEXT presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include enhancing HTTP security headers, publishing security policies, and verifying domain registration details to improve trust and compliance.

U

Università degli Studi di Napoli Parthenope

uniparthenope.it

58

Università degli Studi di Napoli Parthenope is a well-established public university in Italy, founded in 1919, providing higher education and research services with an international orientation. The website serves as an educational portal primarily targeting students and the academic community. The digital infrastructure is built on modern web technologies such as Angular and Font Awesome, with moderate performance and good mobile optimization. Security posture is solid with HTTPS and DNSSEC enabled, though some security headers are missing and could be improved. Privacy compliance is evident through a cookie consent mechanism and a privacy policy page. Overall, the website is professional, trustworthy, and aligned with the institution's reputation.

F

formativ.net GmbH

formativ.net

46

formativ.net GmbH is a German internet agency specializing in web development, web design, SEO, and online marketing services primarily targeting the Mittelstand (small and medium-sized businesses) in Germany and Europe. With over 25 years of experience, the company positions itself as a reliable and experienced partner for digital transformation and online presence enhancement. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the website leverages WordPress and Joomla CMS platforms, enhanced with UIkit framework and Yoast SEO plugin for search engine optimization. The use of Matomo analytics indicates a privacy-conscious approach to user data collection. Performance and accessibility are rated excellent, with responsive design and good SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and explicit security policies or incident response contacts suggests room for improvement. The lack of a cookie consent mechanism is a minor compliance gap under GDPR. Overall, the website presents a trustworthy and professional image, though the absence of WHOIS domain registration data raises questions about domain legitimacy. Further verification is recommended to confirm domain ownership and registration history. Strategic improvements in security transparency and privacy compliance would enhance trust and compliance posture.

I

Industrie.de

industrie.de

69

Industrie.de is a German-language online media portal focused on industrial production, technology, and manufacturing sectors. It provides industry news, webinars, whitepapers, and a company directory targeting professionals and companies in the industrial domain. The website is operated by Konradin Medien GmbH and has been active since at least 2016, positioning itself as a reputable source for industrial information in Germany. The business model centers on content provision with subscription and advertising revenue streams. Technically, the website is built on WordPress CMS with modern plugins such as Yoast SEO Premium and Plenigo for subscription management. It employs GDPR-compliant cookie consent mechanisms and integrates multiple third-party services including ad networks and analytics platforms like Matomo and Google Tag Manager. The site demonstrates good mobile optimization and SEO practices, though some accessibility features are basic. From a security perspective, the site enforces HTTPS and uses consent management for privacy compliance. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposures were detected. The WHOIS data is minimal but consistent with the business profile, showing no privacy protection or suspicious registration patterns. Overall, Industrie.de presents a professional, trustworthy, and compliant online presence with moderate technical sophistication and a solid security posture. Strategic recommendations include enhancing security headers, continuous plugin updates, and regular security audits to maintain resilience against emerging threats.

S

Scienzainrete.it

scienceonthenet.eu

59

Science in the net (Scienzainrete.it) is an Italian scientific media platform dedicated to disseminating research news and scientific culture, with a particular focus on Italian research in the global context. The platform offers a variety of articles authored by experts and journalists, supported by a newsletter subscription and donation model. The website is professionally designed using Drupal 7 CMS and integrates modern analytics and marketing tools such as Google Analytics, Matomo, Facebook Pixel, and Google Tag Manager. It maintains GDPR compliance with a privacy policy and cookie consent mechanism in place. Security posture is adequate with HTTPS enforced, though additional security headers could enhance protection. The absence of public WHOIS data is consistent with EURid privacy policies and does not detract from the site's legitimacy, which is further supported by official journal registration and ISSN.

D

Diversity Konferenz

diversity-konferenz.de

67

Diversity Konferenz is a professionally organized annual event focused on promoting diversity and inclusion in the workplace, organized by the non-profit Charta der Vielfalt e. V. The website positions itself as a leading platform in Germany for diversity-related professional gatherings, offering a comprehensive program, speaker sessions, and networking opportunities. The business model centers on event hosting and community engagement within the diversity sector. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The presence of a cookie consent mechanism and Matomo analytics reflects a commitment to privacy and data protection. Hosting is managed via INWX, a reputable German provider, supporting good performance and security. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear policies and consent mechanisms in place. However, explicit security policies and incident response information are absent, which could be enhanced. Overall, the website is trustworthy, well-branded, and compliant with GDPR, serving its target audience effectively. Strategic improvements in security headers, incident response transparency, and accessibility would further strengthen its posture.

I

Institut für Internet-Sicherheit - if(is)

internet-sicherheit.de

58

The Institut für Internet-Sicherheit (if(is)) is a German research institute specializing in internet security. The website serves as an informational and educational platform targeting researchers, professionals, and students interested in internet security topics. The site is built on WordPress using Elementor and WP Rocket, with Matomo analytics integrated for user tracking. While the technical infrastructure is modern and the site is mobile optimized, there is a lack of visible privacy, cookie, and security policies, which impacts compliance and trust. No contact information or incident response details are provided, limiting user engagement and transparency. Security headers and explicit security best practices are not evident, suggesting room for improvement in security posture.

O

Ordine dei Medici Chirurghi e degli Odontoiatri della Provincia di Lucca

ordmedlu.it

54

The website www.ordmedlu.it represents the official online presence of the Ordine dei Medici Chirurghi e degli Odontoiatri della Provincia di Lucca, a professional regulatory body for medical doctors and dentists in the Lucca province of Italy. It serves as an information hub and service portal for registered professionals and the general public, offering access to professional registration, continuing education, news, and online services. The site is well-positioned as a local authoritative entity within the healthcare regulatory sector. Technically, the site is built on Joomla CMS with modern frontend frameworks like Bootstrap 5 and jQuery, ensuring a responsive and accessible user experience. The use of Matomo analytics with GDPR-compliant cookie consent reflects a mature approach to privacy and data protection. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the site is professional, trustworthy, and compliant with relevant regulations, supporting its role as a key resource for medical professionals in the region.

O

Ordine dei Medici Chirurghi e degli Odontoiatri della Provincia di Pescara

omceopescara.it

54

The website represents the Ordine dei Medici Chirurghi e degli Odontoiatri della Provincia di Pescara, a professional regulatory body for medical doctors and dentists in the Pescara province of Italy. It serves as an authoritative portal providing information, continuing education (ECM) events, online services, and regulatory updates to its members. The organization is well-established with a domain age of over 10 years, reflecting its longstanding presence in the healthcare sector. The site targets medical professionals and related stakeholders within the region, offering a range of services including professional registration, certificate issuance, and educational resources. Technically, the website is built on Joomla CMS with modern frontend technologies such as Bootstrap 5 and jQuery. It employs Matomo analytics for user tracking and has implemented GDPR-compliant cookie consent mechanisms. The site is mobile-optimized, accessible, and SEO-friendly, with a consistent and professional design. Security measures include HTTPS with DNSSEC enabled, though additional HTTP security headers could enhance its posture further. From a security perspective, the site shows good maturity with no visible vulnerabilities or blocking mechanisms. Privacy policies and cookie policies are clearly presented, supporting GDPR compliance. However, the absence of a published security policy or incident response contact limits transparency in security governance. Overall, the website is trustworthy, professional, and safe for general audiences. Strategically, the organization should consider publishing detailed security policies, implementing additional security headers, and maintaining up-to-date third-party libraries to further strengthen its security posture. Enhancing transparency around incident response and vulnerability disclosure would also improve trust and compliance.

C

Centro Regionale di Farmacovigilanza del Veneto

centrofarmacovigilanzaveneto.it

51

The Centro Regionale di Farmacovigilanza del Veneto is a regional public health institution focused on the surveillance, evaluation, and prevention of adverse drug and vaccine reactions. It operates under the Veneto regional government and is hosted by the University of Verona. The center plays a critical role in coordinating spontaneous adverse reaction reporting and providing information and training to healthcare professionals and the public. Its market position is that of a trusted regional healthcare authority with a specialized focus on pharmacovigilance and vaccinovigilance. Technically, the website employs a modern but straightforward technology stack including Bootstrap, jQuery, FontAwesome, and Matomo analytics, hosted on Amazon S3. The site is mobile-optimized and accessible with a consistent branding approach. However, there is room for improvement in security headers and cookie consent mechanisms. The use of Matomo indicates a privacy-conscious approach to analytics. From a security perspective, the site uses HTTPS and does not expose sensitive data. The lack of DNSSEC and security headers slightly reduces its security posture. No incident response or security policies are published, which is a gap for transparency and preparedness. The WHOIS data is consistent with the institutional nature of the site, supporting legitimacy. Overall, the website is professional, trustworthy, and serves its public health mission well. Strategic improvements in security headers, cookie consent, and published security policies would enhance compliance and trust. The risk level is moderate with no critical vulnerabilities detected.

I

InFarmaco

infarmaco.it

49

InFarmaco is an Italian healthcare information portal focused on providing independent pharmaceutical information. The website is relatively new, established in 2024, and targets a general audience interested in drug-related information. The business model appears to be content-driven, offering news and updates in the pharmaceutical sector. Technically, the site is built on WordPress using the Divi theme, with integrations for Matomo and Google Analytics for user tracking and SEO optimization via Yoast. The site is mobile-optimized and performs moderately well. Security-wise, the site benefits from HTTPS and DNSSEC, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to the absence of visible privacy and cookie policies, which is a significant gap given the use of tracking technologies. Overall, the site is legitimate and consistent with its domain registration data but would benefit from enhanced privacy and security measures.

S

Scienza in rete

scienzainrete.it

62

Scienza in rete is a reputable Italian science communication platform established since at least 2011, focusing on disseminating scientific knowledge through articles, podcasts, webinars, and educational content. It targets the Italian-speaking public, educators, and researchers, operating as a non-profit media entity with donation support and newsletter subscriptions. The website is built on Drupal 7 CMS with Bootstrap and uses modern web technologies including FontAwesome, Matomo, and Google Analytics for tracking and analytics. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Security posture is good with HTTPS enforced and no critical vulnerabilities detected, though the use of outdated CMS and older JS libraries poses some risk. The site maintains a strong social media presence and links to partner domains for donations and English content. Overall, the site is professional, trustworthy, and well-optimized for SEO and accessibility.

I

Internet Architecture Board

iab.org

63

The Internet Architecture Board (IAB) operates as a key governance and advisory body guiding the technical development of the Internet as a global communication and innovation platform. The website reflects a professional, authoritative presence with clear focus on internet standards, workshops, and publications. It serves a specialized audience including internet engineers, standards bodies, and stakeholders in internet governance. The business model is non-profit and centered on oversight and coordination within the internet technical community. Technically, the website employs modern web technologies including Bootstrap for responsive design and Matomo for privacy-conscious analytics. The site is well-structured, mobile-optimized, and accessible, with good SEO practices. Performance is moderate, with no blocking or WAF challenges detected. However, some security headers are missing, and no cookie consent mechanism is present, though cookies are disabled in analytics. From a security perspective, the site enforces HTTPS with excellent SSL configuration and avoids tracking cookies, enhancing user privacy. The absence of explicit security policies or incident response contacts is noted as an area for improvement. WHOIS data is unavailable due to privacy protection, which is justified for this type of organization. No suspicious indicators or vulnerabilities were found. Overall, the website is trustworthy, professional, and safe for general audiences. Strategic recommendations include enhancing security headers, publishing security and privacy policies, and implementing cookie consent if cookies are used in the future.

R

RFC Editor

rfc-editor.org

63

The RFC Editor website serves as the authoritative platform for the publication and management of the RFC Series, which includes technical and organizational documents about the Internet. It supports multiple streams such as IETF, IRTF, IAB, Independent Submissions, and Editorial content. The site targets Internet engineers, researchers, and policy makers, providing document retrieval, errata management, and author resources. The business model is non-commercial, focusing on editorial and publication services for Internet standards. The website is professionally designed with consistent branding and clear navigation, reflecting its authoritative market position. Technically, the site is built on WordPress 6.0.11 with jQuery and uses the Responsive Menu plugin alongside Matomo for analytics. The platform is web-based with moderate performance and good mobile optimization. SEO and accessibility are basic to good, with room for improvement in accessibility compliance. The site enforces HTTPS and uses secure form submissions but lacks advanced security headers and cookie consent mechanisms. From a security perspective, the site demonstrates a solid posture with HTTPS and no exposed sensitive data. However, it lacks certain security headers and a published vulnerability disclosure policy. WHOIS data is unavailable due to malformed responses, but the site’s content and affiliations with recognized Internet organizations strongly indicate legitimacy. No WAF or blocking mechanisms were detected, and the site content is safe for general audiences. Overall, the RFC Editor website is a credible, authoritative resource with good technical and security foundations. Strategic improvements in security headers, privacy compliance, and incident response transparency would enhance its security posture and trustworthiness.

M

Marktplatz IT-Sicherheit

it-sicherheit.de

62

Marktplatz IT-Sicherheit is a German-language online marketplace and knowledge platform focused on IT security. It offers a comprehensive directory of IT security providers, news, articles, blogs, podcasts, and event calendars targeting IT security professionals and businesses. The platform positions itself as an independent and collaborative hub for IT security knowledge and services. Technically, the website is built on WordPress using the Astra theme and Elementor page builder, with SEO optimization via Yoast and privacy-conscious analytics through Matomo. The site is hosted with Cloudflare DNS and CDN services, ensuring good performance and security. Security posture is solid with HTTPS enabled and no visible vulnerabilities, but lacks explicit security headers and published security policies. Privacy compliance is limited due to missing privacy and cookie policies and consent mechanisms. Business credibility is supported by professional content and consistent branding, though contact information is not readily visible. Overall, the website is a well-structured, professional platform with room for improvement in privacy and security transparency.

A

AppSphere AG

appsphere-karriere.de

51

AppSphere AG is a medium-sized, established IT consulting company based in Germany, specializing in digital innovation and Microsoft cloud technologies. Founded in 2010, it employs around 100 staff and offers a transparent, employee-focused career platform. The website demonstrates a mature digital infrastructure using modern frameworks like Next.js and React, integrated with Softgarden's career management platform and Matomo analytics for privacy-conscious tracking. Security posture is strong with HTTPS enforcement, consent mechanisms, and no visible vulnerabilities, though some enhancements like explicit security headers and incident response policies could improve resilience. Overall, the site reflects a professional, trustworthy business with a clear focus on IT consulting careers and employee satisfaction.

The Internet Engineering Task Force (IETF) is a globally recognized non-profit organization dedicated to developing and promoting voluntary Internet standards, particularly those related to the Internet protocol suite (TCP/IP). The website reflects the organization's authoritative position in the technology sector, providing extensive resources, documentation, and event information to a specialized audience of Internet engineers, developers, and researchers. The business model is community-driven and supported by donations and sponsorships, emphasizing openness and collaboration.

I

ISO - International Organization for Standardization

iso.org

73

ISO (International Organization for Standardization) is a globally recognized independent, non-governmental organization that develops and publishes international standards across a wide range of sectors including health, IT, energy, transport, and environmental sustainability. The website serves as a comprehensive portal for information on standards, certification, and sector-specific insights, targeting businesses, governments, and consumers worldwide. It holds a strong market position as the authoritative source for international standards and related services. Technically, the website is built on a modern stack including Jahia CMS, Bootstrap framework, and integrates advanced analytics tools such as Matomo and Google Analytics. It is hosted behind Cloudflare, ensuring fast performance and robust security. The site is mobile-optimized, accessible, and SEO-friendly, with extensive use of SVG graphics and asynchronous script loading for performance. From a security perspective, the site enforces HTTPS, employs multiple security best practices, and manages user consent for cookies and tracking comprehensively. However, explicit security policies and incident response contacts are not publicly detailed, and WHOIS data is unavailable, which slightly impacts trust. No vulnerabilities or sensitive data exposures were detected. Overall, ISO.org presents a professional, trustworthy, and authoritative online presence with excellent content quality and technical implementation. Strategic recommendations include publishing explicit security and incident response policies, adding a security.txt file, and improving transparency around security contacts to enhance trust and compliance.

IlFarmacistaOnline.it is a specialized Italian online news portal dedicated to providing daily updates and authoritative information related to the pharmaceutical sector, healthcare policies, and professional pharmacy topics. It serves pharmacists, healthcare professionals, and stakeholders within Italy, offering news, regulatory updates, and professional resources. The site is operated by SICS srl and maintains a consistent brand presence with a professional editorial team. Technically, the website uses standard web technologies with Matomo analytics for user tracking, but lacks advanced CMS or frameworks. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and formal privacy policies. The site is accessible without WAF or blocking mechanisms, indicating stable hosting and content delivery.

A

AppSphere AG

appsphere.com

72

AppSphere AG is a well-established German IT system house specializing in digital transformation services, including strategic consulting, IT modernization, cloud security, AI, and data analytics. The company holds ISO 27001 certification and is a Microsoft FastTrack Partner, indicating a strong market position and commitment to security and compliance. Their website is professionally designed, mobile-optimized, and rich in relevant content targeting businesses seeking IT modernization. Technically, the site uses WordPress with modern frameworks and analytics tools integrated with user consent mechanisms. Security posture is strong with HTTPS, cookie consent, and certification, though some security headers could be improved. Overall, the domain registration is consistent and trustworthy, supporting the company's legitimacy.

I

Initiative Cloud Services Made in Germany

cloud-services-made-in-germany.org

61

The Initiative Cloud Services Made in Germany is a consortium of cloud computing providers focused on promoting legal certainty and compliance for cloud services within Germany. Founded in 2017, the initiative targets German cloud service providers and their customers, especially small and medium-sized enterprises (SMEs). The website serves as an information hub offering solution catalogs, event listings, job postings, and resources to support cloud adoption under German legal frameworks. The initiative is positioned as a niche player emphasizing trust and compliance in the German cloud market. Technically, the website is built on WordPress using the GeneratePress theme and several plugins including Borlabs Cookie for GDPR-compliant cookie consent and Matomo for analytics. The site is hosted likely via IONOS SE, which is also the domain registrar. The technical infrastructure is modern and well-maintained, with good mobile optimization and SEO practices. Performance is moderate, and accessibility is basic but functional. From a security perspective, the site enforces HTTPS and uses domain transfer protection. However, DNSSEC is not enabled, and no advanced security headers were detected. The site lacks published security policies, incident response contacts, or vulnerability disclosure mechanisms. Cookie consent is properly implemented, supporting GDPR compliance. No critical vulnerabilities or suspicious content were found. Overall, the website is professional, trustworthy, and compliant with privacy regulations. It effectively supports its business goals but could improve security posture by enabling DNSSEC, adding security headers, and publishing security policies. The domain registration is consistent and legitimate, supporting the initiative's credibility.

I

Informationstechnikzentrum Bund (ITZBund)

itzbund.de

69

ITZBund is the official IT service provider for the German federal administration, delivering a broad range of IT services including digital transformation, software development, hosting, and service desk support. The organization serves over 200 federal authorities and supports more than 150,000 users from administration and industry. The website reflects a mature digital presence with comprehensive content, clear navigation, and a strong focus on government IT solutions and digital mission objectives. The technical infrastructure leverages a government-specific CMS (Government Site Builder) and is hosted on Deutsche Telekom's infrastructure, ensuring reliability and compliance with federal standards. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and privacy-respecting analytics via Matomo. No critical vulnerabilities or suspicious indicators were found. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with GDPR and other relevant regulations.

S

Sandoz Pharmaceuticals AG

mysandoz.ch

54

Sandoz Pharmaceuticals AG operates a professional customer portal targeting healthcare professionals and customers in Switzerland. The website provides secure login options including native Sandoz password authentication and integration with Swiss-rx-login, facilitating access to pharmaceutical services and information. The site is well-branded and consistent with the company's healthcare industry positioning. Technically, the website uses modern analytics tools such as Google Analytics and Matomo, and employs OneTrust for cookie consent management, reflecting a mature approach to privacy compliance. However, explicit privacy policies and terms of service are not directly found on the landing page, which could be improved for transparency. Security practices include CSRF protection on forms and HTTPS usage, but lack visible HTTP security headers and published security policies or incident response contacts. Overall, the website is professional, secure, and compliant with cookie consent regulations, but could enhance its security posture and privacy disclosures to better align with best practices.

B

Bundesamt für Sicherheit in der Informationstechnik

allianz-fuer-cybersicherheit.de

68

The Allianz für Cyber-Sicherheit website is operated by the Bundesamt für Sicherheit in der Informationstechnik (BSI), a German federal government agency responsible for IT security. The platform serves as a cooperative hub for companies, associations, authorities, and organizations in Germany to exchange information on current cyber threats and practical cybersecurity measures. It offers extensive resources including workshops, alerts, publications, and a trusted network of participants. The site is well-positioned as a national authority in cybersecurity, providing valuable services to a broad target audience including businesses and public institutions. Technically, the website is built on the Government Site Builder CMS, employing modern web technologies such as responsive design, slick sliders, and Matomo analytics for privacy-conscious tracking. The site demonstrates good performance, accessibility, and SEO optimization. Security is robust with HTTPS enforced, cookie consent mechanisms, and adherence to ISO 27001 standards. No critical vulnerabilities or exposed sensitive data were detected. Overall, the security posture is strong, supported by transparent WHOIS data consistent with the official German government entity. The site maintains high trustworthiness and professionalism, with comprehensive privacy and cookie policies aligned with GDPR requirements. The presence of official social media channels and certifications further enhance credibility. Strategically, the website effectively balances informative content delivery with strong security and privacy practices, making it a reliable resource for cybersecurity stakeholders in Germany.

I

Initiative Cloud Services Made in Germany

cloud-services-made-in-germany.de

62

The Initiative Cloud Services Made in Germany is a consortium of cloud computing providers focused on delivering cloud services under German legal jurisdiction, emphasizing data sovereignty and legal certainty. Founded in 2017, it targets medium-sized businesses and cloud service customers in Germany, offering a curated catalog of cloud solutions and partner integrations. The website serves as an information hub with news, events, and membership details, reinforcing its niche market position. Technically, the website is built on WordPress using the GeneratePress theme and several plugins including TablePress and Borlabs Cookie for consent management. It employs Matomo analytics, reflecting a privacy-conscious approach. The site is hosted likely via IONOS SE, consistent with the domain registrar. Performance and mobile optimization are good, though accessibility is basic. SEO practices are well implemented with proper meta tags and structured navigation. From a security perspective, the site uses HTTPS with a valid SSL certificate and enforces clientTransferProhibited status on the domain. However, DNSSEC is not enabled, and no advanced security headers were detected. Cookie consent mechanisms are in place, but no explicit security policy or incident response contacts are published. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. It effectively communicates its business purpose and maintains a good security posture with room for improvement in DNS security and published security policies. The risk level is low, and the site is suitable for its target audience.

C

camindu GmbH

aktion-barrierefrei.org

10

Aktion Barrierefrei, operated by camindu GmbH, is a specialized provider of digital accessibility solutions focused on helping organizations comply with legal standards such as WCAG, BITV, and EN301549. Their offerings include assistive widgets, automated audits, AI-powered language simplification, and certification services, targeting public authorities, companies, agencies, and associations. The website demonstrates a high level of professionalism, with clear navigation, comprehensive content, and strong branding consistency. Technically, the site uses modern frameworks like Bootstrap and integrates Matomo for analytics, ensuring good performance and accessibility. Security posture is solid with HTTPS and CSRF protections, though DNSSEC is not enabled and some security headers could be improved. The WHOIS data shows a domain creation date in the future, which is unusual and should be verified, but overall the domain and website content are consistent and trustworthy. No adult or questionable content is present, and the site is fully accessible without WAF or blocking mechanisms.

SCG NEWS CHANNEL is a corporate media platform operated by SCG, providing news, updates, and video content focused on business, sustainability, innovation, and products & services related to SCG. The website targets a general audience interested in corporate news and operates bilingually in Thai and English. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses multiple analytics tools including Google Analytics, Hotjar, and Matomo. The site is mobile optimized and has good SEO practices but lacks explicit privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business. Recommendations include adding privacy and cookie policies, enabling DNSSEC, and improving security headers to enhance security and compliance.

G

GS data business OHG

gsdb.de

52

GS data business OHG is a small IT system house based in Aurich, Ostfriesland, Germany, offering comprehensive IT services including IT service, telecommunication, IT security, ERP solutions, time tracking, and document management systems. The company targets businesses and organizations seeking reliable IT system house solutions. The website is professionally designed using WordPress with Astra theme and includes SEO optimizations and structured data for enhanced search engine visibility. The technical infrastructure is modern, leveraging popular plugins and Matomo analytics with privacy-conscious settings. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though the absence of security headers and incident response information suggests room for improvement. Overall, the website is trustworthy and well-positioned in its local market segment.

C

Cube 5

cube-five.de

53

Cube 5 is a technology-focused startup accelerator and incubator based in Germany, affiliated with Ruhr-Universität Bochum and the Horst-Goertz-Institute for IT Security. The organization specializes in supporting startups in cybersecurity and future communication technologies such as 6G by providing access to government funding programs, coaching, and a strong network of research institutions and investors. Their business model centers on facilitating sustainable success for innovative startups through tailored programs like sCUBE, preCUBE, inCUBE, and xCUBE. The website reflects a professional and well-structured digital presence with clear navigation and comprehensive content targeting technology entrepreneurs. Technically, the website is built on modern frameworks including Next.js and React, hosted on Hetzner servers, and uses Matomo for analytics, indicating a mature digital infrastructure. The site is optimized for performance, mobile responsiveness, and SEO, with a clean and consistent branding approach. Security-wise, the site enforces HTTPS and follows good practices, although explicit security headers and a cookie consent mechanism are not clearly present. No critical vulnerabilities or exposed sensitive data were detected. Overall, Cube 5 demonstrates a strong security posture and business credibility, with transparent contact information and trust signals such as government affiliations and social media presence. The absence of a cookie consent banner and explicit security policies are areas for improvement. The domain registration and hosting align well with the organization's academic and governmental ties, supporting legitimacy and trustworthiness.

E

European Chemical Industry Council (Cefic)

antwerp-declaration.eu

65

The Antwerp Declaration website represents a significant European industrial advocacy initiative coordinated by the European Chemical Industry Council (Cefic). It aims to promote a European Industrial Deal to complement the EU Green Deal, focusing on boosting green transition and securing quality jobs across multiple sectors. The site is well-positioned as a platform for industry stakeholders, policymakers, and organizations to engage with the declaration and its supporting framework. Technically, the website is built on modern web technologies including Next.js and React, with privacy-conscious analytics via Matomo and cookie management through Cookiebot. Hosting is EU-based, supporting GDPR compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the site is professional, trustworthy, and well-aligned with its business objectives.

P

Pilulka.sk - Lekáreň pre vaše zdravie a krásu!

pilulka.sk

54

Pilulka.sk operates as a leading online pharmacy and health product retailer in Slovakia, offering a wide range of products including medicines, supplements, cosmetics, and home care items. The company positions itself as a modern pharmacy with extensive physical pickup points, targeting general consumers seeking health and wellness products. The website demonstrates a mature digital infrastructure using modern frameworks like Nuxt.js and Vue.js, with PWA capabilities and multimedia content to enhance user engagement. Security posture is solid with HTTPS and no visible sensitive data exposure, though it lacks some advanced security headers and explicit privacy and cookie policies, indicating room for compliance improvements. Overall, the site is professional, trustworthy, and well-optimized for performance and user experience.

R

Roy Rosenzweig Center for History and New Media

rrchnm.org

57

The Roy Rosenzweig Center for History and New Media is an established academic non-profit organization affiliated with George Mason University, focused on democratizing history through digital media. Their offerings include free K-12 educational materials, narrative podcasts, historical data visualizations, and graduate education in digital history. The website reflects a professional and consistent brand presence targeting educators, students, and historians. Technically, the site is built on WordPress using Elementor and Slider Revolution, with Matomo analytics for user tracking. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and explicit security policies. Privacy compliance is limited; no privacy or cookie policies were found, and no consent mechanism is implemented, which is a compliance risk especially under GDPR. Contact information is primarily via a contact form, with no direct emails or phone numbers publicly listed. The domain registration is privacy-protected but consistent with the organization's profile and age. Overall, the site is trustworthy and professional but should enhance privacy compliance and security practices to reduce risk and improve user trust.

C

Canadian Writing Research Collaboratory

cwrc.ca

67

The Canadian Writing Research Collaboratory (CWRC) is a well-established academic platform focused on cultural and writing research in Canada. Founded in 2009, it serves researchers, academics, and students by providing digital infrastructure and hosting various research projects and collections. The website is professionally designed using Drupal 10 and incorporates modern web technologies and analytics tools such as Matomo with privacy considerations like DoNotTrack enabled. The platform is supported by reputable sponsors including the Social Sciences and Humanities Research Council of Canada, Mellon Foundation, and Canada Foundation for Innovation, which enhances its credibility and trustworthiness. Technically, the website demonstrates good mobile optimization, accessibility, and SEO practices. However, there is room for improvement in security posture by enabling DNSSEC, implementing security headers, and publishing explicit privacy and cookie policies with consent mechanisms. No contact emails, phone numbers, or security incident response information are publicly available, which could be enhanced to improve transparency and user trust. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks some advanced security headers and formalized security policies. No WAF or blocking mechanisms are detected, and the domain registration is privacy protected but consistent with the academic nature and longevity of the project. Overall, the website is safe, professional, and trustworthy but could benefit from enhanced privacy compliance and security best practices.

E

EventsAir

eventsair.com

72

EventsAir is a technology company specializing in comprehensive event management software solutions designed for in-person, virtual, and hybrid events. The platform offers a wide range of capabilities including event registration, abstract management, speaker management, mobile event apps, check-in and badging, attendee engagement, sponsorship management, networking, analytics, lead management, integrations, and payment processing. Positioned as a SaaS provider, EventsAir targets event managers and organizations seeking an all-in-one tool to streamline event planning and execution. The website reflects a professional and consistent brand image with excellent content quality and clear business messaging. Technically, the website is built on WordPress using Beaver Builder, integrating multiple modern analytics and marketing tools such as HubSpot, Google Tag Manager, Microsoft Clarity, Matomo, and Visual Website Optimizer. The site is mobile-optimized with good SEO practices and moderate performance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No exposed sensitive data or vulnerabilities were detected in the HTML content. The WHOIS data for the domain www.eventsair.com is not available, which raises concerns about domain registration legitimacy. Despite this, the website's professional presentation and comprehensive privacy compliance suggest a legitimate business operation. However, the absence of explicit contact information and terms of service pages slightly detracts from business credibility. Overall, EventsAir presents a mature digital presence with strong business and technical foundations. Strategic improvements in security headers, explicit contact details, and domain registration transparency would enhance trust and compliance.

S

Svenskt Visarkiv

svensktvisarkiv.se

56

Svenskt Visarkiv is Sweden's premier research archive specializing in folk music, songs, older popular music, jazz, and folk dance. It operates as a government-affiliated institution under Statens Musikverk, focusing on collecting, preserving, and narrating the cultural heritage of music and dance. The website serves researchers, musicians, and the general public interested in Swedish musical traditions, offering access to extensive archives, publications, and events. The organization is relatively new, founded in 2022, and maintains a strong national presence as a cultural repository. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and GDPR Cookie Consent, ensuring good SEO and privacy compliance. It uses Matomo analytics, which respects user privacy, and is hosted with Azure DNS services. The site is mobile-optimized, accessible, and features multilingual support, enhancing user experience and reach. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR. However, DNSSEC is not enabled, and security headers are not visibly configured, representing areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website's claims, reinforcing legitimacy. Overall, Svenskt Visarkiv presents a professional, trustworthy, and well-maintained digital presence aligned with its cultural and governmental mission. Strategic recommendations include enhancing DNS security with DNSSEC, implementing security headers, and publishing formal security and incident response policies to further strengthen trust and compliance.