Security Directory

S

Schnarwiler AG

schnarwiler.ch

57

Schnarwiler AG operates a well-established e-commerce platform specializing in health, beauty, wellness, and sleep products, with a strong Swiss heritage dating back to 1987. The company holds exclusive general representations of top brands and targets consumers seeking natural and high-quality wellness products. The website is professionally designed, multilingual, and offers a comprehensive product catalog with clear navigation and user-friendly features such as customer accounts and shopping carts. Technically, the site is built on Magento 2, leveraging modern JavaScript libraries and third-party services including Google Analytics and Facebook Pixel for marketing and analytics. The infrastructure supports mobile optimization and basic accessibility, with moderate performance. Security is robust with HTTPS enforced and a Content Security Policy in report-only mode, although further enhancements are recommended. From a security perspective, the website demonstrates good practices including secure forms and no exposed sensitive data. However, explicit security policies and incident response contacts are not published, which could be improved to enhance trust and compliance. Privacy compliance is strong, with clear cookie consent mechanisms and GDPR-aligned privacy policies. Overall, Schnarwiler AG presents a trustworthy and professional online presence with a solid business model and technical foundation. Strategic improvements in security policy transparency and enhanced security headers would further strengthen their posture.

Ost|Est Osteuropanetzwerk is a small non-profit association based in Switzerland focused on fostering cultural, historical, political, and economic understanding of East-Central, Eastern, and Southeastern Europe. The organization operates primarily in the Bern-Fribourg region and targets academic and public audiences interested in Eastern European studies. Their activities include organizing cultural events, lectures, film screenings, and facilitating engagement between universities and the public. The website reflects this mission with multilingual content and event listings. Technically, the site is built on the Weebly/EditMySite platform, using older JavaScript libraries and standard web technologies. While HTTPS is properly implemented, the site lacks modern security headers and privacy compliance documents, which are areas for improvement. Overall, the security posture is moderate with no critical vulnerabilities detected. The site is accessible without WAF or blocking mechanisms, and WHOIS data aligns well with the organization's profile, indicating legitimacy.

O

Osservatorio sui Diritti Umani ETS

osservatoriodiritti.it

66

Osservatorio Diritti is an independent Italian media outlet specializing in investigative journalism and analysis on human rights and defenders of rights both in Italy and globally. Established in 2017, it operates as a non-profit entity focused on social justice, advocacy, and raising awareness through various content formats including articles, podcasts, and campaigns. The website demonstrates a solid market position as a trusted source for human rights information in Italy, supported by consistent branding and a strong social media presence. Technically, the site is built on WordPress with modern plugins for SEO and GDPR compliance, showing good digital maturity and mobile optimization. Security posture is sound with HTTPS enforced and consent management implemented, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with privacy regulations, making it a reliable platform for its audience.

N

Netlantic GmbH

youtv.de

65

YouTV, operated by Netlantic GmbH, is a well-established German online TV recording and streaming service founded in 2005. It offers users a cloud-based personal video recorder for German TV programs with features such as HD streaming, subtitles, and audio description. The service is accessible worldwide on multiple platforms including mobile devices, smart TVs, and streaming boxes. The company holds a strong market position as a test winner and partners with major telecom providers like Deutsche Telekom and Vodafone. Technically, the website employs modern frameworks and integrates social login and payment SDKs securely, hosted on Amazon AWS infrastructure. Privacy and cookie compliance are well implemented with explicit consent mechanisms and comprehensive policies. Security posture is strong with HTTPS, CSRF protection, and no visible vulnerabilities, though some security headers could be explicitly confirmed. Overall, the website is professional, user-friendly, and trustworthy, with no signs of malicious or adult content.

Anobii is an independent social network platform dedicated to book lovers, enabling users to discover books, write reviews, build personal libraries, and engage with a global community of readers. The platform targets readers and literary enthusiasts, offering features such as collections, discussion forums, and user ratings. The website is developed using modern technologies including Angular and Bootstrap, with integration of major advertising and analytics services like Google Ads and Facebook SDK. While the site demonstrates good design quality and user experience, it lacks explicit privacy and terms of service documentation, which impacts its privacy compliance score. The absence of WHOIS domain registration data raises concerns about domain legitimacy and trustworthiness. Overall, the platform is functional and well-structured but would benefit from enhanced transparency and security practices.

M

Main-Echo

main-echo.de

60

Main-Echo is a regional news media company serving Aschaffenburg and surrounding areas in Germany. The website provides news, event information, and local announcements targeting a general audience interested in regional developments. The business model is focused on regional news publishing with digital services including newsletters and push notifications. Technically, the site uses a modern CMS (fidion fCMS), integrates Google Tag Manager, Facebook SDK, and other analytics and advertising technologies, and is optimized for mobile devices with good SEO practices. Security posture is adequate with HTTPS enforced and consent management implemented, but lacks explicit security headers and published security policies. Privacy compliance is basic, with no explicit privacy or cookie policy pages found in the provided content. Overall, the site is professional, trustworthy, and aligned with its business purpose, but could improve transparency and security documentation.

I

Imagemakers Creative Agency

imagemakers.de

56

Imagemakers Creative Agency is a small, established marketing and creative agency based in Munich, Germany, with approximately 20 years of experience. They specialize in marketing, advertising, and web design services targeting businesses seeking professional creative solutions. The website is built on WordPress with a modern tech stack including Yoast SEO, WPBakery Page Builder, and Real Cookie Banner Pro, indicating a mature digital infrastructure. Social media integration and GDPR-compliant privacy and cookie policies demonstrate a commitment to compliance and user engagement. Security posture is solid with HTTPS enabled and Wordfence plugin active, though some security headers could be improved. Overall, the website is professional, trustworthy, and well-optimized for SEO and user experience.

C

Caritas Österreich

aufrunden.at

48

The website 'Aufrunden, bitte.' is a charitable initiative operated by Caritas Österreich in partnership with major Austrian retail chains such as BILLA, PENNY, BIPA, and SUTTERLÜTY. It enables customers to round up their purchase amounts to support social projects for disadvantaged people in Austria. The initiative has been active since 2013 and has collected significant donations, demonstrating strong market presence and community engagement. The website content is well-structured, professionally designed, and targets Austrian consumers with clear calls to action and informative content about the initiative and its impact. Technically, the website uses a modern tech stack including Bootstrap for responsive design, jQuery for interactivity, and integrates Google Analytics and Facebook SDK for tracking and social media engagement. The site is mobile optimized and SEO friendly, although some accessibility features could be improved. Security practices include anonymized IP tracking and a cookie consent banner, but there is a lack of explicit security headers and no published security or incident response policies. From a security perspective, the site is accessible without WAF blocking and shows no signs of vulnerabilities or exposed sensitive data. However, it lacks advanced security policies and vulnerability disclosure mechanisms. The WHOIS data confirms the domain is legitimately registered to Caritas Österreich with consistent registration details and domain age matching the initiative's history. Overall, the website is trustworthy, professionally maintained, and compliant with basic privacy regulations. Strategic improvements in security headers, incident response transparency, and vulnerability disclosure would enhance its security posture and user trust.

Associazione Per i Pazienti con Ipoparatiroidismo (A.P.P.I.) is a small non-profit organization based in Italy dedicated to supporting patients affected by hypoparathyroidism, a rare endocrine disorder. The website serves as an educational and advocacy platform providing disease information, patient support resources, event announcements, and medical professional training. The organization maintains an active presence on social media channels such as Facebook and YouTube to engage with its community. Technically, the website is built on WordPress using the Zephyr theme and includes common web technologies like jQuery and Google Fonts. While the site uses HTTPS and DNSSEC for domain security, it relies on an outdated jQuery version which poses potential security risks. No privacy or cookie policies were found, indicating compliance gaps with GDPR and related regulations. Contact information is clearly presented, enhancing business credibility.

Z

Zbornica za razvoj slovenskega zasebnega varovanja

zrszv.si

55

Zbornica za razvoj slovenskega zasebnega varovanja is a Slovenian chamber focused on the development of private security services. Established in 2000, it provides professional training, membership services, and information for private security companies and their clients. The website serves as an information hub and a platform for education and membership management. Technically, the site uses a custom CMS with ASP backend, Bootstrap framework, and integrates Google Analytics and Facebook SDK for tracking. The site is mobile optimized and presents a professional design with clear navigation. Security posture is moderate with HTTPS assumed but lacks explicit security headers and a published vulnerability disclosure policy. Privacy compliance is basic with cookie consent mechanisms and terms of service available. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and serves its niche audience effectively.

M

Mairie de Versoix

versoix.ch

41

The website www.versoix.ch is the official digital presence of the City of Versoix, Switzerland, serving as a municipal government portal. It provides residents and visitors with comprehensive information on local news, events, administrative services, public projects, and community resources. The site targets local citizens and stakeholders, positioning itself as a trusted source for municipal information and services. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript libraries such as jQuery and Flickity, and integrates third-party services like Google Tag Manager, Google reCAPTCHA, and social media SDKs. The site is mobile-optimized and features good navigation and content structure, although accessibility features are basic. From a security perspective, the site enforces HTTPS and uses reCAPTCHA for form protection, but lacks some recommended security headers such as Content-Security-Policy and X-Frame-Options. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is weak due to the absence of explicit privacy and cookie policies. Overall, the website is professionally designed and trustworthy, with a strong business credibility score. However, improvements in privacy compliance and security headers are recommended to enhance user trust and regulatory adherence.

E

East Coast Radio

ecr.co.za

69

East Coast Radio (ECR) is a leading commercial radio station based in KwaZulu-Natal, South Africa, offering music, news, and community content primarily targeting local residents and listeners. The website provides live streaming services, news updates, event information, and community engagement features, positioning itself as a key media player in the region. The digital infrastructure leverages modern web technologies including Google Analytics, Facebook SDK, Hotjar, and DoubleClick for advertising and analytics, indicating a mature digital presence. Security posture is solid with HTTPS enforced and no evident vulnerabilities, though some security headers could be improved. Privacy compliance is moderate with a cookie consent mechanism but lacks explicit privacy and terms of service pages on the homepage. Overall, the website is professional, content-rich, and trustworthy, supporting the station's market position effectively.

M

MVV Energie AG

mvv.de

70

MVV Energie AG is a leading German energy company based in Mannheim, offering a broad range of energy products and services including electricity, gas, water, district heating, solar energy, and e-mobility solutions. The company targets both general consumers and business customers within Germany, positioning itself as a major player in the German energy market. The website is professionally designed using TYPO3 CMS, with good SEO and accessibility features, and integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, and HubSpot. Cookie consent is implemented, indicating awareness of privacy compliance requirements. Security posture is adequate with HTTPS enabled, but lacks explicit security headers and published security policies. No privacy policy or terms of service pages were detected in the provided content, which is a compliance gap. Overall, the website is trustworthy and professional but could improve transparency and security documentation.

Technische Universität Graz (TU Graz) is a prominent technical university in Austria focused on education, research, and innovation. The website serves multiple audiences including prospective and current students, researchers, faculty, and industry partners. It offers comprehensive information on study programs, research activities, career opportunities, and university services. The institution positions itself as a knowledge-driven community emphasizing technology and passion. The technical infrastructure is built on TYPO3 CMS with modern web technologies including JavaScript frameworks and analytics tools such as Google Analytics and Facebook SDK. The site is well-structured, mobile-optimized, and accessible, reflecting a mature digital presence. Privacy and cookie policies are clearly presented with a consent mechanism, indicating good compliance with GDPR. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies and incident response contacts suggests room for improvement in transparency and readiness. WHOIS data could not be retrieved due to quota limits, limiting domain registration trust verification. Overall, TU Graz's website is professional, trustworthy, and well-maintained, supporting its role as a leading educational institution. Strategic enhancements in security policy disclosure and incident response communication would further strengthen its security posture and stakeholder confidence.

A

Associazione IWA Italy (International Web Association Italia)

iwa.it

47

IWA Italy is a well-established professional association founded in 2000, dedicated to supporting and enhancing the professionalism of web practitioners in Italy. It offers certifications, training, advocacy, and networking opportunities, positioning itself as a key player in the Italian digital professional landscape. The website reflects a clear focus on quality, ethical standards, and community building among web professionals. Technically, the site uses a modern tech stack including Bootstrap and jQuery, with integrations for social media and privacy compliance via Iubenda. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security policy and incident response information. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

B

BlaBlaCar

blablacar.de

11

BlaBlaCar is a leading European transportation platform specializing in ridesharing and long-distance bus travel. The website www.blablacar.de offers users a comprehensive and user-friendly interface to find and book affordable travel options across Europe, primarily targeting German-speaking customers. The platform emphasizes trust and safety through member verification and ratings, supported by modern identity verification technologies such as Onfido. The company maintains a strong digital presence with mobile apps and active social media channels. Technically, the site leverages modern web frameworks, cloud hosting, and integrates analytics and marketing tools to optimize user experience and business insights. Security posture is robust with HTTPS, CSP, and secure data handling practices, though explicit security policies and incident response contacts are not publicly detailed. Overall, the domain registration and website content align well, indicating a legitimate and trustworthy business with a mature digital infrastructure.

Nemzeti Filmtörténeti Élménypark is a Hungarian cultural institution dedicated to preserving and presenting the history of Hungarian film through interactive exhibitions, educational programs, and event services. The website serves as an information portal for visitors, schools, and event organizers, highlighting key attractions and services. It maintains a strong national cultural identity with affiliations to government and cultural bodies. Technically, the site is built on WordPress with common front-end libraries and includes standard tracking tools like Google Analytics and Facebook SDK. The site is mobile-optimized and provides basic accessibility features. Security posture is adequate with HTTPS and cookie consent but lacks advanced security headers and explicit incident response information. Privacy compliance is addressed with clear policies and cookie banners. Overall, the site is professional, trustworthy, and well-suited for its cultural and educational mission.

1

1749

1749.hu

45

1749.hu is a Hungarian literary and cultural media platform founded in 2020, offering a variety of content including prose, poetry, essays, interviews, and news. The website targets a general audience interested in literature and culture, positioning itself as a niche content provider with a consistent brand and good content quality. Technically, the site uses modern frontend technologies such as Bootstrap, AOS, and integrates analytics tools like Gemius, Hotjar, and Google Tag Manager. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is solid with HTTPS enforced and no exposed sensitive data, but lacks security headers and a formal security policy. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the site is trustworthy and professionally maintained but could improve in privacy and security transparency.

F

Feria de Valladolid

feriavalladolid.com

65

Feria de Valladolid operates as a regional event venue and organizer based in Valladolid, Spain, hosting a variety of trade fairs, congresses, and public events across multiple sectors including technology, wine, tourism, and sports. The website serves as a comprehensive portal for event information, ticket sales, and venue details, targeting businesses and the general public interested in these events. The company is well-established with a domain age dating back to 1999, indicating a mature presence in the market. Technically, the website is built on WordPress with a modern plugin ecosystem including EventON for event management, Slider Revolution for visual content, and integrations with social media platforms and analytics tools such as Google Analytics and Facebook SDK. The site is hosted with DNS managed by Cloudflare and secured with HTTPS, although DNSSEC is not enabled. Performance and mobile optimization are good, with a professional design and clear navigation. From a security perspective, the site employs HTTPS and has domain transfer protections in place, but lacks advanced security headers and DNSSEC, which are recommended for enhanced security. Privacy compliance is partially addressed with a cookie consent banner, but no explicit privacy policy or terms of service are found on the homepage. Contact information is clearly provided, enhancing business credibility. Overall, Feria de Valladolid presents a professional and trustworthy online presence with room for improvement in security hardening and privacy policy transparency. Strategic enhancements in these areas would strengthen user trust and compliance posture.

O

Owners Club

ownersclub.immo

49

Owners Club is a German real estate focused platform aiming to increase property ownership rates and provide access to previously inaccessible market segments. The website offers investment webinars, market news, and tools for property owners, targeting investors and homeowners primarily in Germany. The platform uses WordPress CMS with a moderate technical infrastructure including Matomo analytics and social media integrations. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website presents a professional and trustworthy image but could improve in compliance and security transparency.

C

Camera Nazionale della Moda Italiana

milanomodagraduate.it

66

Camera Nazionale della Moda Italiana operates as a key institution in the Italian fashion industry, organizing events such as Milano Moda Graduate to showcase emerging fashion talent. The website serves as an official platform providing event information, galleries, and partner details, targeting fashion professionals and enthusiasts. The organization holds a strong market position within Italy's fashion media sector, supported by numerous official partners and sponsors. Technically, the website employs modern web technologies including Google Analytics, Facebook SDK, and Vimeo API, with a responsive design optimized for mobile devices. Security posture is solid with HTTPS enforcement and privacy-conscious analytics configurations, although explicit security policies and incident response contacts are not published. Privacy compliance is evidenced by a cookie consent banner and a privacy policy document in Italian, indicating GDPR awareness. Overall, the site is professional, trustworthy, and well-maintained, with room for improvement in security transparency and terms of service availability.

I

Istituto Pace Sviluppo Innovazione Acli

ipsia-acli.it

49

Istituto Pace Sviluppo Innovazione Acli (IPSIA) is a well-established Italian non-governmental organization founded in 1985 and promoted by ACLI. The organization focuses on international cooperation, social development, volunteering, and professional training. It operates primarily in Italy and several international countries, offering projects related to migration, human rights, environment, and social entrepreneurship. The website reflects a mature digital presence with a Joomla CMS infrastructure, modern web technologies, and active social media engagement. Privacy and cookie policies are clearly presented with consent mechanisms, demonstrating compliance with GDPR requirements. Security posture is adequate with HTTPS and DNSSEC enabled, though improvements are recommended in HTTP security headers and incident response transparency. Overall, the website is professional, trustworthy, and serves its target audience effectively.

W

World Association of Girl Guides and Girl Scouts

wagggs.org

67

The World Association of Girl Guides and Girl Scouts (WAGGGS) operates as the largest voluntary global movement dedicated to empowering girls and young women. Their website reflects a professional and well-structured platform offering educational programs, leadership development, advocacy, and capacity building for national associations. The organization targets a global audience of girls, young women, supporters, and volunteers, emphasizing non-profit and social impact activities. The site includes clear calls to action for donations and volunteering, supported by comprehensive privacy and cookie policies, indicating a mature digital presence. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, Google Tag Manager, Facebook SDK, and Google Analytics. The site is mobile-optimized with good accessibility and SEO practices, delivering a moderate performance. Security posture is strong with HTTPS enforced and no exposed sensitive data, though there is room for improvement in publishing explicit security policies and enhancing HTTP security headers. No signs of WAF or content blocking were detected, and the site is fully accessible. WHOIS data is unavailable due to privacy protection, which is common for non-profit organizations. The domain appears legitimate and consistent with the organization's branding and global presence. Social media integration is robust, linking to official Instagram, Facebook, LinkedIn, and YouTube channels. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. Strategic recommendations include publishing a dedicated security policy, adding vulnerability disclosure mechanisms, and enhancing security headers to further strengthen the security posture.

C

Confederazione Nazionale dell'artigianato e della Piccola e Media Impresa

cna.it

63

CNA (Confederazione Nazionale dell'artigianato e della Piccola e Media Impresa) is a well-established Italian national confederation representing artisans and small to medium enterprises across various sectors including energy, transport, finance, and cultural industries. The organization provides advocacy, research, member services, and event organization to support its members. The website reflects a professional and consistent brand image targeting SMEs and industry stakeholders in Italy. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates analytics and marketing tools such as Google Tag Manager, Hotjar, and Facebook SDK. Security posture is strong with HTTPS enforced, cookie consent mechanisms, and no visible vulnerabilities, although explicit security and incident response policies are not published. Overall, the site is compliant with GDPR, offers good user experience, and maintains a high level of trustworthiness.

P

Państwowe Muzeum Auschwitz-Birkenau

auschwitz.org

54

The Państwowe Muzeum Auschwitz-Birkenau website serves as the official digital presence of the Auschwitz-Birkenau State Museum, a large non-profit organization dedicated to preserving the memory and history of the former Nazi concentration and extermination camp. The site provides extensive educational content, museum information, and visitor resources, targeting a broad audience including educators, researchers, and the general public. The museum is internationally recognized and operates with a strong focus on historical accuracy and memorialization. Technically, the website employs a custom CMS (edito) and utilizes common web technologies such as jQuery, Owl Carousel, Google Analytics, and Facebook SDK. The site is mobile optimized and accessible, with good SEO practices and a moderate performance profile. HTTPS is enforced, ensuring secure communications. From a security perspective, the site demonstrates good practices with HTTPS and no visible sensitive data exposure. However, it lacks some security headers and explicit cookie consent mechanisms, which could be improved to enhance GDPR compliance and overall security posture. The absence of WHOIS data limits domain trust verification, but the website's content and branding strongly indicate legitimacy. Overall, the site is a professional, trustworthy resource for historical education and memorial activities. Strategic recommendations include implementing cookie consent banners, enhancing security headers, and publishing security and incident response policies to strengthen compliance and user trust.

I

Istituto Italiano della Donazione (IID)

istitutoitalianodonazione.it

55

Istituto Italiano della Donazione (IID) is a well-established Italian non-profit organization founded in 2004 that promotes transparency, credibility, and honesty in charitable donations. It certifies non-profit organizations with quality marks to foster donor trust and organizes events such as DonoDay to raise awareness. The website targets donors, non-profit associations, and enterprises interested in safe donation practices. Technically, the site uses a custom CMS with JavaScript, AJAX, and integrates social media SDKs and Google Tag Manager for analytics. The site is moderately optimized for mobile and SEO, with good content quality and clear navigation. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. WHOIS data confirms domain legitimacy with consistent registration since 2004. Overall, the site is trustworthy and professional but could improve security and privacy compliance.

B

Beikircher Grünland Srl

agritura.com

67

Agritura by Beikircher Grünland is an established Italian e-commerce platform specializing in agricultural products, animal husbandry supplies, and gardening accessories. Founded in 2008, the company targets farmers, hobby breeders, and gardening enthusiasts primarily in Italy, offering a wide range of Beikircher branded feeds and equipment. The website leverages Shopify as its platform, integrating customer review systems such as Google Reviews and Judge.me to build trust and credibility. The site is multilingual, supporting Italian, German, and English languages, enhancing its accessibility to a broader audience. Technically, the website employs modern web technologies and maintains good performance and mobile optimization, although some accessibility features could be improved.

R

Registro Imprese

registroimprese.it

65

Registro Imprese is the official Italian Chamber of Commerce portal providing authoritative business registry data and official documents to businesses, public administrations, and operators. The website serves as a critical infrastructure for accessing company information, financial statements, and legal documents, positioning itself as a trusted government resource in Italy. Technically, the site is built on the Liferay platform, leveraging modern JavaScript frameworks such as React and Clay UI, and integrates consent management via Didomi to comply with GDPR. The security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities, although explicit security and incident response policies are not publicly found. Overall, the site demonstrates a mature digital infrastructure suitable for its official role, with good user experience and compliance mechanisms.

H

Handels- und Dienstleistungsverband Südtirol

unione-bz.it

62

The Handels- und Dienstleistungsverband Südtirol (hds) is a regional trade and service association serving businesses in South Tyrol, Italy. It provides professional consulting, member services, training, and advocacy, positioning itself as a key regional player affiliated with the national Dachverband Confcommercio. The website reflects a mature digital presence with good content quality, clear navigation, and mobile optimization. Technically, it employs modern JavaScript libraries, consent management tools, and analytics platforms, hosted by a professional provider. Security posture is solid with HTTPS and consent mechanisms, though explicit security policies and headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and WHOIS data aligns well with the business identity, supporting legitimacy. Overall, the site is trustworthy and professionally maintained, serving its target audience effectively.

F

FingerHaus

fingerhaus.de

56

FingerHaus is a well-established German company specializing in turnkey prefabricated houses with over 75 years of experience and approximately 750 houses built annually. The company targets individuals and families seeking sustainable, customizable housing solutions. Their website is built on TYPO3 CMS and integrates modern marketing and analytics tools such as Google Tag Manager, Google Ads, and Facebook SDK. The site is well-designed, mobile-optimized, and provides comprehensive navigation and customer service portals. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit privacy policies and security headers are missing. The domain registration is consistent with the business claims, indicating legitimacy and trustworthiness.

F

Filifolli

filifolli.it

47

Filifolli is a niche Italian e-commerce business specializing in luxury women's legwear, including silk pants, capris, leggings, shorts, and culottes adorned with lace and embroidery. The website positions itself as a premium brand targeting women seeking high-quality, made-in-Italy fashion products. The digital infrastructure is built on WordPress with WooCommerce, leveraging a variety of marketing and analytics tools to support a mature online presence. The site demonstrates good SEO practices and mobile optimization, contributing to a positive user experience. Security measures such as HTTPS and Google reCAPTCHA are implemented, though explicit security and privacy policies are not published, representing an area for improvement. Overall, the website is professional and trustworthy, with no signs of blocking or malicious activity.

The Katholischer Verband der Werktätigen (KVW) is a well-established non-profit social association based in South Tyrol, Italy, founded in 1948. It focuses on social solidarity, justice, and community welfare, serving various demographic groups including seniors, women, youth, and widowed individuals. The organization offers a range of services such as education, travel, patronage, and financial aid, supported by a strong local presence and active community engagement. The website reflects this mission with comprehensive content, clear navigation, and consistent branding. Technically, the website employs a custom CMS with modern JavaScript libraries including jQuery, Google Analytics with IP anonymization, Google Maps API, and social media integrations. The site is mobile-optimized and performs moderately well, though some improvements in accessibility and security headers could enhance the technical posture. Privacy compliance is robust, featuring a detailed privacy policy and cookie consent mechanism aligned with GDPR requirements. From a security perspective, the site uses HTTPS and anonymizes user data in analytics, but lacks explicit security policies and incident response information. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain trust analysis, but the website's transparency and contact information support its legitimacy. Overall, the site presents a trustworthy and professional digital presence for a regional non-profit organization.

LeCambresien.tv is a local media outlet providing a television magazine focused on the city of Cambrai, France. The website primarily distributes video content through embedded YouTube videos and maintains a presence on Facebook. The business operates as a small media entity founded around 2012, delivering local news and information to residents and interested viewers. The content is basic but relevant to its target audience, with a straightforward web presence and moderate branding consistency. Technically, the website uses standard HTML, CSS, and JavaScript with integrations for Facebook SDK, Google Analytics, and AddThis social sharing tools. Hosting is provided by OVH sas, a reputable provider. The site shows moderate performance and basic mobile optimization but lacks modern frameworks or CMS usage. SEO and accessibility are basic, with legacy charset encoding and minimal meta tags. From a security perspective, the site uses HTTPS but lacks DNSSEC and important security headers, which reduces its security posture. No privacy or cookie policies are present, indicating non-compliance with GDPR and related regulations. No contact information or incident response channels are provided, limiting transparency and trust. The domain registration is consistent and stable, with protective domain status flags and an appropriate age for the business. Overall, the website is functional for its purpose but requires improvements in privacy compliance, security hardening, and user trust elements to enhance its digital maturity and reduce risk exposure.

S

SIGIC - Slovenski glasbenoinformacijski center

sigic.si

40

SIGIC - Slovenski glasbenoinformacijski center is a Slovenian non-profit cultural organization dedicated to providing comprehensive information about Slovenian music, including news, events, projects, and publications. The website serves as a central hub for music professionals, enthusiasts, and cultural institutions in Slovenia, offering a variety of resources and digitalization initiatives to promote Slovenian musical heritage. The organization is supported by governmental and cultural partners, enhancing its credibility and market position within the Slovenian cultural sector. Technically, the website employs a traditional web stack with Bootstrap and jQuery, integrating social media SDKs and newsletter subscription tools. The site is mobile responsive and moderately performant, hosted under the Slovenian academic network provider Arnes. While the site is well-structured and content-rich, it lacks some modern security headers and uses an outdated jQuery version, which could pose security risks. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service. From a security perspective, the site uses HTTPS and implements cookie consent, but lacks explicit security headers and documented incident response contacts. No critical vulnerabilities or WAF blocks were detected. The WHOIS data aligns well with the website's Slovenian cultural focus, showing a long-established domain registered with a reputable registrar. Overall, the site is trustworthy but could improve its security posture and privacy compliance. Strategically, SIGIC should prioritize publishing a comprehensive privacy policy and terms of service, upgrade its JavaScript libraries, and implement security headers to enhance protection. These steps will improve user trust, regulatory compliance, and reduce potential security risks.

P

Petofi Media Group Nonprofit Kft.

hotsmusic.hu

45

HOTS (Hungarian Oncoming Tunes) is a nonprofit music export brand coordinated by Petofi Media Group Nonprofit Kft. and supported by the National Cultural Fund in Hungary. It focuses on promoting Hungarian music acts internationally through tour support, PR, album production, audiovisual content, and participation in international music festivals and conferences. The website is built on WordPress with a moderate technical infrastructure including common libraries and analytics tools. Security posture is adequate with HTTPS but lacks advanced security headers and cookie consent mechanisms. Contact is primarily via email, and no phone or physical address is provided. Overall, the site is professional and trustworthy but could improve privacy compliance and security transparency.

S

Solothurner Filmtage

solothurnerfilmtage.ch

57

Solothurner Filmtage is a well-established Swiss film festival dedicated to showcasing Swiss cinema and supporting filmmakers. The website serves as a comprehensive platform for festival programming, industry offerings, media information, and ticketing services. It targets film professionals, media representatives, and the general public interested in Swiss film culture. The business model revolves around event organization, cultural promotion, and partnerships with sponsors and media entities. Technically, the website employs modern JavaScript libraries and analytics tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS and security headers, though it lacks visible cookie consent mechanisms and a published security policy. Overall, the site is professional, trustworthy, and compliant with GDPR in terms of privacy policy availability, but could improve transparency on cookie usage and incident response.

S

SIS Marchés

sis-marches.com

64

SIS Marchés is a French specialist software provider focused on public procurement management, operating as a subsidiary of the Ach@t Solutions group. The company offers a modular, collaborative software suite designed to streamline and secure public purchasing processes for buyers and suppliers. Their market position is strong within the French public sector, supported by over 450 clients and a broad user base. The website reflects a professional and consistent brand image, targeting public sector buyers and private suppliers with a comprehensive digital solution portfolio. Technically, the site is built on Drupal 8 with modern frontend libraries and integrates multiple marketing and analytics tools, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers and policies are lacking. The absence of WHOIS data for the domain is a notable concern, reducing trust in domain legitimacy despite the professional business presence. Overall, the website and business appear credible and well-established, but domain registration transparency should be improved.

P

Pharmatic

pharmatic.fr

60

Pharmatic is a specialized software publisher focused on public hospital procurement management, offering SaaS solutions to hospital buyers and pharmaceutical industrial clients. The company holds a strong market position in France with a significant client base and is part of the Ach@t Solutions group. The website is professionally designed using Drupal 8 and integrates modern web technologies and analytics tools with appropriate privacy and cookie consent mechanisms. Security posture is generally good with HTTPS enforced, but lacks explicit security policies and incident response information. WHOIS data is missing, which impacts domain legitimacy verification and trust. Overall, the website and business appear credible and professional, but domain registration details should be verified for full trust assurance.

A

Ach@t Solutions

achatsolutions.com

65

Ach@t Solutions is a leading French software publisher specializing in public procurement and transport management solutions. The group serves a large client base including public sector entities and private partners, supported by six expert subsidiaries. Their digital offerings include innovative software and a dematerialization portal (AW Solutions) aimed at optimizing buyer-supplier relationships in the public sector. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site is built on Drupal 8 with modern libraries and frameworks, ensuring good performance and accessibility. Security posture is moderate with cookie consent implemented but lacks explicit security headers and published security policies. WHOIS data is missing, which raises concerns about domain registration transparency, though the overall business credibility remains high due to detailed company information and certifications. Recommendations include enhancing security headers, publishing security and incident response policies, and verifying domain registration details to improve trust.

SmileCredit is a Bulgarian online lending platform specializing in fast payday loans and installment credit products up to 10,000 BGN. The company targets individuals seeking quick and accessible credit solutions with minimal documentation, emphasizing ease of use and speed. Their market position is that of an active microfinance lender with clear product offerings and a digital-first approach. Technically, the website employs modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and reCAPTCHA Enterprise, indicating a mature digital infrastructure. The site is mobile-optimized and uses HTTPS, ensuring secure communications. However, it lacks explicit privacy and cookie policies, which is a compliance gap. Security posture is generally good but could be improved by adding security headers and publishing vulnerability disclosure information. Overall, the website is professional and trustworthy, but improvements in privacy compliance and security transparency are recommended.

R

Rockjumper Birding Tours

rockjumperbirding.com

63

Rockjumper Birding Tours operates a specialized bird-watching adventure tour business targeting nature enthusiasts and bird watchers worldwide. The company positions itself as a niche leader offering global bird safaris and adventure travel experiences. The website is built on WordPress with a modern tech stack including jQuery, Google Analytics, and Trustpilot integration, reflecting a moderate level of digital maturity. The site is well-structured, mobile-optimized, and professionally designed, providing a good user experience and relevant content for its audience. Security posture is adequate with HTTPS and DigiCert SSL certification, but lacks some advanced security headers and explicit privacy policies. The absence of WHOIS registration data raises concerns about domain legitimacy, though the website content and trust signals suggest a legitimate business presence. Overall, the site is functional and trustworthy but would benefit from enhanced security and compliance documentation.

D

Decathlon spółka z ograniczoną odpowiedzialnością

decathlonkariera.pl

58

Decathlonkariera.pl is the official career website for Decathlon Poland, a large retail company specializing in sports equipment and apparel. The site targets job seekers passionate about sports, offering information about current job openings, company values, and employee benefits. The business is well-established with a domain age consistent with its market presence since 2013. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its audience. Technically, the site is built on WordPress and uses common analytics and marketing tools such as Google Analytics, Google Tag Manager, and Facebook SDK. Hosting is provided by OVH SAS, a reputable provider. Performance is moderate with good mobile optimization. However, some security best practices like DNSSEC and security headers are missing, and there is no visible cookie consent mechanism, which could impact privacy compliance. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries in the provided content. The absence of security headers and incident response information suggests room for improvement. Privacy compliance is partially met with a privacy policy linked on the main Decathlon domain, but cookie consent and GDPR explicit indicators are lacking. Overall, the website is trustworthy and professional, serving its business purpose effectively. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance its security posture and compliance standing.

M

MANIK – obuv, s.r.o.

manikobuv.sk

60

Manik – obuv, s.r.o. is a Slovak family-owned company specializing in the manufacture and direct sale of domestic footwear since 1992. The company has a strong market presence in Slovakia with a recognized brand and a focus on quality and customer satisfaction. Their e-commerce website is built on the Shoptet platform, integrating modern tracking and marketing tools such as Google Analytics and Facebook SDK, while maintaining GDPR compliance through cookie consent and privacy policies. The website offers clear contact channels and product information, targeting Slovak customers seeking comfortable home footwear. Technically, the site is well-structured with good mobile optimization and moderate performance, though some legacy libraries like jQuery 1.11.3 could be updated for security. Security posture is solid with HTTPS and CSRF protections, but could be enhanced by adding security headers and explicit incident response policies. Overall, the website reflects a professional and trustworthy retail business with room for minor technical and security improvements.

B

Buttercream Cakes & Desserts

welcometofullcircle.com

57

Buttercream Cakes & Desserts is a small retail business specializing in wedding cakes, special occasion cakes, and dessert displays primarily serving the Twin Cities area and surrounding regions. The company emphasizes high-quality, allergen-conscious products with easy pickup options and an online ordering platform. Their market position is strong locally, supported by testimonials and licensing claims. Technically, the website is built on WordPress with common plugins like Jetpack and Ecwid, hosted on WordPress.com atomic infrastructure, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS and domain protections but lacks DNSSEC and security headers. Privacy compliance is weak due to missing policies and consent mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security practices.

B

Best4Run Běžecká speciálka

best4run.cz

54

Best4Run is a Czech Republic based specialty retailer focused on running shoes, apparel, and equipment. Established in 2015, it operates both an e-commerce platform and a physical store in Přerov, serving customers from surrounding regions. The website offers a comprehensive product catalog, educational content, and diagnostic services for runners. Technically, the site is built on the Shoptet e-commerce platform, leveraging modern web technologies and multiple analytics and marketing tools with user consent mechanisms. Security posture is good with HTTPS and CSRF protections, though some security headers could be improved. The absence of WHOIS data reduces domain trust but the website content and business presence appear professional and legitimate. Overall, the site is well-structured, user-friendly, and compliant with privacy regulations.

Z

Zdravie.sk, s.r.o.

zdravie.sk

56

Zdravie.sk is a well-established Slovak health and lifestyle portal founded in 2004, operated by Zdravie.sk, s.r.o. It offers comprehensive health information, lifestyle content, medical news, and community forums targeting a general audience in Slovakia. The website enjoys a strong market position as a popular and trusted source of health-related content. Technically, the site uses a modern tech stack including Google Fonts, Google Analytics, Facebook SDK, and multiple advertising platforms. It is hosted with Google Domains and employs HTTPS for secure communications. However, the site lacks explicit privacy and cookie policies and does not display security headers, which are areas for improvement. No contact emails or phone numbers were found in the provided content, limiting direct communication channels. Overall, the site demonstrates good content quality and business credibility but could enhance privacy compliance and security posture.

Z

Zoznam, s.r.o.

plnielanu.sk

58

Plnielanu.sk is a Slovak lifestyle and health-oriented media website operated under the company Zoznam, s.r.o. It provides inspirational content focused on maintaining a healthy and active lifestyle for a general adult Slovak-speaking audience. The website leverages a WordPress CMS with Yoast SEO for content management and optimization, supported by a range of modern marketing and analytics tools including Google Tag Manager, Facebook Pixel, Gemius, and Didomi for GDPR-compliant consent management. The site integrates advertising networks such as Google Ad Manager and Adform, indicating a business model reliant on content publishing and advertising revenue. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, the website presents a professional and trustworthy digital presence consistent with a regional media brand.

N

News and Media Holding a.s.

novycas.sk

56

Nový Čas is a leading Slovak online daily newspaper operated by News and Media Holding a.s., providing current news from domestic and international sources including scandals, crime, and sports. The website is professionally designed with a consistent brand presence and targets a general audience interested in news media. Technically, the site uses modern web technologies such as Next.js, Google Tag Manager, and integrates multiple third-party advertising and analytics services. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS enforced but lacks security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies and no visible consent mechanisms. WHOIS data confirms the legitimacy and consistency of the domain registration with the business entity. Overall, the website is a credible and professional news platform with room for improvement in privacy and security transparency.

E

EKLEKTIK design & shop

eklekticky.cz

55

EKLEKTIK design & shop is a small Czech Republic based business specializing in interior design services and retail of unique home decorations and vintage furniture. The company operates both a physical store in Šumperk and an online e-shop, targeting customers interested in personalized interior design and stylish home accessories. The website is professionally designed, consistent in branding, and provides clear contact information and customer testimonials, indicating a trustworthy local boutique business. Technically, the website is built on the Shoptet CMS platform, utilizing common JavaScript libraries such as jQuery and Slick Carousel, and integrates Google Analytics and Facebook SDK for marketing and tracking purposes. The site is served over HTTPS with valid SSL, but lacks some security headers and up-to-date libraries, which could be improved to enhance security posture. Privacy and cookie policies are not explicitly present, representing a compliance gap with GDPR requirements. Overall, the website is accessible, functional, and presents a positive user experience with moderate technical maturity and a good security baseline.

E

E-BAAN,SE

hapra.cz

49

HAPRA Design is a Czech digital agency specializing in web design, e-commerce development, SEO, social media management, and online marketing services. With over 20 years of experience, the company offers comprehensive digital solutions aimed at businesses seeking to enhance their online presence. Their service portfolio includes website and e-shop creation, content management, PPC advertising, and technical maintenance, positioning them as a full-service digital partner. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their target audience. Technically, the site employs a modern technology stack including PHP, MySQL, JavaScript libraries such as jQuery, Bootstrap framework, and integrates marketing and analytics tools like Google Tag Manager and Facebook SDK. The site is mobile-optimized and uses a custom CMS named publishWEB. Performance is moderate with good SEO practices and basic accessibility features. From a security perspective, the website enforces HTTPS and includes a cookie consent mechanism aligned with GDPR requirements. However, no explicit security headers were detected, and no public security or incident response policies are available. The WHOIS data is missing, which limits domain trust verification, but the website content and business information appear legitimate and professional. Overall, the site scores well on content quality, technical implementation, privacy compliance, and business credibility, with recommendations to enhance security headers, publish security policies, and improve accessibility compliance to further strengthen their security posture and trustworthiness.