Technology security reports

S

Splunk LLC

splunk.com

68

Splunk LLC is a leading enterprise technology company specializing in data analytics, security, and observability platforms. Founded in 2003 and headquartered in San Francisco, USA, Splunk offers a comprehensive suite of products including cloud platforms, enterprise security solutions, and observability tools. The company targets large enterprises and organizations seeking to enhance digital resilience and accelerate digital transformation. Splunk holds a strong market position with recognized certifications such as ISO 27001 and SOC 2, and maintains a robust partnership ecosystem including Cisco and its subsidiary AppDynamics. Technically, the website is built on a modern stack leveraging Adobe Experience Manager CMS, Akamai CDN, and advanced analytics and monitoring tools like Google Analytics, Google Tag Manager, and SignalFx RUM. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. Security best practices are evident with HTTPS enforcement, security headers, and dedicated security advisory pages. From a security posture perspective, Splunk demonstrates a high level of maturity with no detected vulnerabilities or exposed sensitive data. Incident response and vulnerability disclosure mechanisms are in place, though the addition of a security.txt file and explicit Data Protection Officer contact details could enhance transparency. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Overall, Splunk's website and digital presence reflect a professional, trustworthy, and secure enterprise-grade operation. The company’s business credibility is reinforced by comprehensive contact information, certifications, and consistent branding. No adult or questionable content is present, making the site safe for general audiences.

Secureworks is a leading cybersecurity company specializing in threat detection, managed security services, and incident response. Positioned as a trusted partner for enterprises and government organizations, Secureworks offers comprehensive solutions to reduce risks and improve security operations. The website reflects a mature digital presence with modern technologies and strong branding. The company demonstrates a robust security posture with HTTPS enforcement, security headers, and compliance with major frameworks such as ISO 27001 and NIST. Privacy and cookie policies are comprehensive and GDPR compliant, supporting a strong privacy stance. Despite the absence of WHOIS data, the overall digital footprint and certifications indicate a legitimate and established enterprise. Strategic recommendations include maintaining up-to-date libraries, enhancing multi-factor authentication, and continuous security monitoring to sustain their leadership in cybersecurity.

R

RCL Group

rcl-group.com

64

RCL Group is a medium-sized technology company based in Slovenia, specializing in business information systems tailored for various industries including retail, automotive, publishing, and business intelligence. With over 30 years of experience and a presence in multiple European countries, they offer integrated ERP solutions such as Microsoft Dynamics 365 Business Central alongside proprietary software suites like cBBIS and cDMS. Their business model focuses on B2B software solutions and system integration, targeting companies seeking comprehensive management systems. The website reflects a professional and consistent brand image with clear service offerings and client references. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, reCAPTCHA, Bootstrap, and Chart.js, indicating a mature digital infrastructure. The site is mobile-optimized with good navigation and basic accessibility features. Cookie consent mechanisms and privacy policies are implemented, supporting GDPR compliance. However, some security best practices such as security headers and explicit incident response information are missing. From a security perspective, the site uses HTTPS and protects forms with reCAPTCHA, but lacks published security policies and vulnerability disclosure channels. The absence of WHOIS data for the domain raises some concerns about domain legitimacy, although the website content and business references support its authenticity. Overall, the security posture is good but could be improved with additional transparency and technical controls. The overall risk assessment suggests a trustworthy and professional business website with minor gaps in security transparency and domain registration data. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding vulnerability disclosure information to strengthen trust and compliance.

K

Kabi d.o.o.

homeoffice.si

56

Kabi d.o.o. operates the Kabi Home Office platform, a cloud-based solution designed to facilitate effective remote work for small and medium-sized enterprises primarily in Slovenia. Their offerings include collaboration tools, project management, work time tracking, and email marketing, complemented by professional IT services such as business email hosting and security solutions. The company positions itself as a comprehensive provider of flexible and secure business tools for remote work environments. Technically, the website is built on a modern stack with HTML5, CSS3, JavaScript, and uses Google Fonts and Bootstrap components. The site is mobile-optimized and uses a CMS likely BCMS. Performance is moderate with good accessibility and basic SEO. Security best practices include HTTPS enforcement, CAPTCHA on forms, and a cookie consent mechanism, though some security headers and policies are missing. The security posture is solid but could be improved by publishing explicit privacy, security, and incident response policies. No vulnerabilities or exposed sensitive data were detected. The site is free from WAF blocking or security challenges, allowing full content access. Overall, the website is professional, trustworthy, and well-suited for its target audience, though it would benefit from enhanced privacy and security documentation to improve compliance and user trust.

K

KABI d.o.o.

antivirus.si

55

The website antivirus.si represents KABI d.o.o., a Slovenian company founded in 2005, offering WithSecure branded cybersecurity solutions primarily targeting businesses. Their key offerings include endpoint protection (EPP), endpoint detection and response (EDR), centralized cloud-based security management, and patch management services. The site is professionally designed with clear calls to action, including a 30-day free trial, and is localized in Slovenian for the local market. Technically, the site uses standard web technologies with a CMS likely BCMS, and integrates cookie consent mechanisms but lacks advanced SEO and accessibility features. Security posture is moderate with CAPTCHA on forms and cookie consent but lacks published privacy policies, security headers, and incident response information. The domain registration data is consistent with the business, indicating legitimacy and stability. Overall, the site scores well on business credibility and content quality but could improve in privacy compliance and security best practices.

K

Kabi d.o.o.

kabi.rs

57

Kabi d.o.o. is a Serbian technology company specializing in comprehensive online business solutions, including advanced web development, CRM and HRM applications, online stores, and digital marketing services. Established since 1994, the company has a strong market presence in Serbia and Slovenia, serving a diverse client base with tailored software and consulting services. Their business model focuses on B2B engagements, leveraging their proprietary BananaCloud platform to deliver integrated business solutions. Technically, the website employs modern web technologies such as Google Analytics, Google Tag Manager, and FontAwesome, supported by a custom CMS (Bananadmin). The site is mobile-optimized with good SEO practices and moderate performance. Hosting details are limited but the domain is registered with a reputable registrar. The website demonstrates a professional design and user experience with clear navigation and relevant content. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism, but lacks visible security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is partial, with no explicit privacy policy or terms of service found. The WHOIS data aligns with the business profile, showing consistent domain registration and legitimacy. Overall, the website is trustworthy and professional, with room for improvement in privacy documentation and security hardening. Strategic recommendations include enabling DNSSEC, publishing privacy and security policies, and adding security headers to enhance protection and compliance.

S

Sigmateh d.o.o.

sigmateh.si

55

Sigmateh d.o.o. is a Slovenian technology company specializing in e-government digital solutions for municipalities. Established in 2012, it offers a suite of services including municipal websites (E-občina), sports field reservation portals, obituary services, and other digital modules tailored for local government needs. The company holds a strong market position in Slovenia with over 150 satisfied clients and is recognized for its innovative and comprehensive municipal IT solutions. The website reflects a professional and consistent brand image aligned with its business focus. Technically, the website employs a modern but straightforward technology stack including jQuery and Bootstrap, with Cloudflare DNS services enhancing reliability. The site is mobile optimized and provides a good user experience, though accessibility and SEO could be improved. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and explicit privacy or cookie policies. No analytics or advertising scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site shows no signs of vulnerabilities or exposed sensitive data. However, the absence of privacy and cookie policies and lack of incident response or vulnerability disclosure information represent compliance gaps. WHOIS data is transparent and consistent with the business identity, reinforcing legitimacy. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced privacy and security disclosures. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, establishing a vulnerability disclosure program, and improving accessibility features to enhance compliance and user trust.

Alation is an enterprise software company specializing in data intelligence and AI-powered data governance platforms. Positioned as a leader in the data governance market, Alation offers a comprehensive suite of products including data cataloging, data lineage, analytics, and AI agents to help organizations scale and accelerate their data initiatives. The company targets large enterprises seeking trusted data solutions to build AI applications and improve data governance. The website reflects a mature digital presence with professional design, clear navigation, and extensive content tailored to enterprise customers. Technically, the website is built on modern frameworks such as Next.js and React, hosted on Vercel, and integrates advanced analytics and consent management tools like Google Tag Manager and OneTrust. The site is optimized for performance, mobile responsiveness, and accessibility, demonstrating a high level of digital maturity. Security best practices are evident through HTTPS enforcement, comprehensive security headers, and a dedicated trust center showcasing certifications like ISO 27001 and SOC 2. From a security perspective, Alation maintains a strong posture with no detected vulnerabilities or exposed sensitive data. The presence of incident response contacts and a data protection officer indicates readiness for compliance and incident management. Privacy compliance is robust, with clear policies and consent mechanisms aligned with GDPR requirements. The only notable concern is the absence of publicly available WHOIS data, which may be due to privacy protection or registrar issues but does not significantly detract from the overall trustworthiness given the company's market presence and transparency. Overall, Alation presents a secure, professional, and trustworthy online presence suitable for its enterprise audience. Strategic recommendations include enhancing transparency around vulnerability disclosures, maintaining up-to-date third-party libraries, and continuing to strengthen incident response communications to further solidify trust and compliance.

OCHOIMEDIO Tecnología Creativa is a Spanish digital agency specializing in design, web development, multimedia, and digital marketing services targeted primarily at freelancers and small to medium-sized enterprises (SMEs) in Spain. The company leverages government subsidy programs such as KIT Digital to offer cost-effective digital transformation solutions including websites, e-commerce platforms, and social media management. Their market position is that of a niche regional agency focused on helping local businesses increase their digital presence. Technically, the website is built on WordPress using the Divi theme and incorporates modern plugins for SEO, analytics, and GDPR compliance. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS, uses CAPTCHA on contact forms, and includes cookie consent mechanisms, but lacks advanced security headers and explicit security policies. The WHOIS data for the domain is unavailable, which raises some concerns about domain legitimacy, although the website content and contact information appear professional and trustworthy. Overall, the site scores well on content quality and technical implementation but could improve in security transparency and domain registration clarity.

W

Webhosting Franken

webhosting-franken.de

60

Webhosting Franken is a German-based web hosting provider specializing in high-performance NGINX hosting solutions, managed root and virtual servers, and classic PHP hosting. The company targets startups, small to medium businesses, and enterprises seeking reliable, secure, and eco-friendly hosting services. Their offerings emphasize speed, security, and customer service, supported by ISO 27001 certified data centers and 100% renewable energy usage. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site leverages modern technologies including NGINX, PHP versions 5.2 through 8.4, Apache2, NodeJS, and Matomo for analytics. The use of UKit framework ensures responsive design and good accessibility. Security best practices are evident with free SSL certificates, DDoS protection, app firewalls, and daily backups. However, some security headers could be explicitly implemented and documented. Privacy compliance is strong with clear GDPR-aligned policies and cookie consent mechanisms. The security posture is robust with no visible vulnerabilities or exposed sensitive data. The domain WHOIS data is partially obscured due to DENIC privacy policies but shows consistent branding and active maintenance. No WAF or blocking mechanisms interfere with content access. Overall, the site scores high on content quality, technical implementation, security, privacy, and business credibility, making it a trustworthy and professional hosting provider. Strategic recommendations include enhancing security header implementation, publishing an incident response contact or security.txt file, and continuing to maintain transparency in privacy and security policies to further strengthen trust and compliance.

M

Minotaure

minotaure.io

49

Minotaure is a Belgium-based technology company specializing in providing a comprehensive methodological and technological approach to digital project management and website development. Their offerings include UX kits, customizable technical frameworks (Minos and Ariane), and ongoing support services aimed at creating coherent and effective digital ecosystems for organizations. The company targets organizations seeking to build and maintain digital platforms with a focus on user experience and long-term strategy. Technically, the website is built on WordPress 6.8.2, utilizing modern JavaScript libraries such as jQuery, Swiper.js, and Tiny-slider. It integrates Google Tag Manager and Google Analytics for tracking and marketing purposes, alongside a robust cookie consent mechanism compliant with GDPR. The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and employs cookie consent controls, with no visible exposed sensitive data or vulnerabilities in the HTML content. However, explicit security headers are not clearly identified and could be improved. The WHOIS data is privacy protected, which is common for small technology providers, and the website content and physical office addresses support the legitimacy of the business. Overall, Minotaure presents a professional, secure, and privacy-conscious digital presence with strong business credibility and technical maturity. Strategic recommendations include enhancing security header implementation, maintaining updated software, and publishing explicit security policies to further strengthen trust and compliance.

T

tixxt

tixxt.dev

54

tixxt.com is a professional website offering enterprise social intranet and collaboration solutions targeted at member organizations and enterprises. The company positions itself as a specialized provider in the technology sector, focusing on boosting internal communication and collaboration. The website is built on a modern WordPress CMS with the Divi theme and integrates tools such as Google Tag Manager and Cookiebot for analytics and cookie consent management. While the technical infrastructure is solid and the website is mobile-optimized with good SEO practices, there is a lack of visible contact information and formal privacy or terms of service policies, which impacts trust and compliance perception. The security posture is adequate with HTTPS enforced and consent mechanisms in place, but could be improved by adding explicit security headers and incident response contacts. The absence of WHOIS data raises some concerns about domain registration transparency, though the website content suggests a legitimate business presence.

P

Pavel Leonidov

pavel-leonidov.de

51

Pavel Leonidov operates as a freelance software and web developer based in Stuttgart, Germany, specializing in custom software solutions and web development primarily for small businesses and non-profit organizations. The website serves as a professional portfolio showcasing skills, certifications, and open-source projects, emphasizing affordable and tailored solutions. The business model is focused on individual freelance services with continuous client support and hosting. Technically, the website employs a modern technology stack including PHP, Java, JavaScript, and popular CMS platforms like TYPO3 and WordPress. Hosting is managed via domaincontrol.com nameservers, likely GoDaddy, with AWS mentioned for hosting infrastructure. The site is mobile-optimized and uses Google Analytics with privacy-conscious settings such as IP anonymization and cookie consent mechanisms. From a security perspective, the site enforces HTTPS and includes a cookie consent banner compliant with GDPR. However, it lacks advanced security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The site demonstrates good privacy compliance but could improve by adding security policies and vulnerability disclosure information. Overall, the website is professional, trustworthy, and well-structured with a good balance of content quality, technical implementation, and privacy compliance. The risk level is low, with recommendations focusing on enhancing security headers and formalizing security policies to further strengthen the security posture.

S

Specto, Informacijske tehnologije d.o.o.

specto.si

40

Specto, Informacijske tehnologije d.o.o. is a Slovenian IT development company founded in 2008, specializing in web and mobile application development as well as advanced IT solutions. The company targets businesses seeking custom software solutions to enhance their digital presence and operational efficiency. Their website reflects a professional and consistent brand image with modern design elements and clear service offerings. Technically, the site uses contemporary web technologies including Bootstrap, jQuery, GSAP, and SVG graphics, supported by Google Analytics and Tag Manager for user tracking. However, explicit HTTPS usage is not confirmed in the HTML content, and no security headers or privacy policies are present, indicating room for improvement in security and compliance. The domain registration data is consistent with the company's location and business claims, supporting legitimacy. Overall, the website is well-structured and user-friendly but would benefit from enhanced security practices and privacy compliance documentation.

Z

Zoho

maillist-manage.eu

61

Zoho Campaigns is a component of Zoho Corporation's suite of online marketing tools, focusing on email and social marketing campaigns. The website content analyzed is a specialized explainer page clarifying the email sending domains used by Zoho Campaigns and emphasizing compliance with anti-spam laws. The site targets businesses and marketers who use Zoho's marketing software. Technically, the site uses Zoho's own content delivery networks and tag management services, with basic mobile optimization and SEO practices. Security posture is moderate, with clear abuse contact information but lacking visible security headers and privacy policies. The WHOIS data for the domain www.zoho.com is unavailable, likely due to registry restrictions, but the website's branding and content strongly indicate legitimacy. Overall, the site is functional and professional but could improve transparency and security disclosures.

E

Experian Employer Services

paperlessemployee.com

66

PaperlessEmployee.com is a web-based employee self-service platform operated by Experian Employer Services, providing employees access to tax documents such as W-2 and ACA forms, pay statements, and tax withholding forms. The platform targets employees of companies that use this service, offering a secure portal for document management. The website content is straightforward and business-focused, though it lacks detailed privacy and contact information. Technically, the site uses a modern JavaScript stack including jQuery, Bootstrap, and ASP.NET MVC frameworks, with session management and error handling implemented. However, the absence of explicit security headers and privacy policies indicates room for improvement in compliance and security posture. The WHOIS data is missing, which raises concerns about domain registration legitimacy despite the association with a reputable parent company. Overall, the site is functional and safe but would benefit from enhanced transparency and security measures.

GRITH AG is a small German technology company founded in 2003 specializing in project management, process management, IT infrastructure consulting, and custom software development. Their market position is niche-focused, targeting associations, clubs, and organizations with tailored intranet solutions and project management training. The website content is primarily in German and provides detailed descriptions of their services and partner platforms. Technically, the website is built with basic HTML and CSS, with some references to technologies used in their software development services such as C#/.NET and PHP/MySQL. However, the website lacks modern web practices such as mobile optimization and advanced SEO features. Security posture is weak due to the absence of HTTPS, security headers, and privacy compliance mechanisms, which poses risks for user data protection and trust. Overall, the site is functional but dated, with room for significant improvements in security and privacy compliance.

The analyzed website www.bznb.de currently serves a 404 error page indicating the requested page was not found. The page references 'Webhosting Franken' and mentions high-speed NGINX hosting services based in Germany, suggesting the business operates in the web hosting sector. However, the lack of accessible content, contact information, and policies limits the ability to fully assess the business or its market position. Technically, the site is hosted on servers associated with webhosting-franken.de, but no CMS, analytics, or security headers are detected. The security posture is weak due to missing HTTPS confirmation and absence of security best practices. Overall, the site appears to be a placeholder or misconfigured page rather than a fully operational business website.

N

NETZ-Zentrum für innovative Technologie Osterholz GmbH

netz-ohz.de

42

NETZ-Zentrum für innovative Technologie Osterholz GmbH is a regional technology and startup support center located in Osterholz-Scharmbeck, Germany. It provides modern office and hall spaces, comprehensive startup consulting including funding and financing support, and facilitates knowledge and technology transfer. The organization is well integrated with local government, banking partners, and innovation networks such as the Wasserstoffnetzwerk Nordostniedersachsen, positioning it as a key regional innovation hub. Technically, the website is built on TYPO3 CMS with standard JavaScript libraries, offering a professional and accessible user experience with moderate performance. Security posture is adequate but could be improved by implementing security headers and cookie consent mechanisms. No critical vulnerabilities or blocking mechanisms were detected, and the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

E

Experian Data Quality

edq.com

66

Experian Data Quality is a division of Experian plc specializing in data quality management solutions including address, phone, and email verification, as well as data enrichment and profiling. The company targets enterprise clients seeking to improve data accuracy and business decision-making. The website reflects a mature digital presence with comprehensive product offerings and strong branding aligned with Experian's global reputation. Technically, the site employs modern web technologies, analytics, and marketing tools, ensuring good performance and user experience. Security posture is solid with HTTPS and security headers, though explicit security policies and incident response details are not publicly disclosed. The absence of WHOIS data for the domain reduces transparency but is likely due to privacy or registrar policies. Overall, the site is professional, trustworthy, and well-positioned in the data quality market.

Anolisgroup is a Slovenian-based creative and technology company established in 2010, specializing in visual communication, web and mobile application development, VR & AR solutions, and product design. Their portfolio showcases a variety of projects involving graphic design, programming, 3D modeling, and content preparation, targeting businesses seeking integrated digital and visual solutions. The website reflects a small-sized enterprise with a niche market position focused on creative technological services. Technically, the website employs traditional web technologies including HTML5, CSS, and JavaScript with libraries such as jQuery, Isotope, and Fancybox. The presence of older technologies like Cufon indicates some legacy components. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. No CMS is explicitly identified, though custom CMS development is mentioned in project descriptions. From a security perspective, the website lacks HTTPS enforcement and security headers, which are critical for protecting user data and ensuring trust. There are no visible privacy or cookie policies, nor contact information for data protection or incident response, indicating gaps in compliance with GDPR and best practices. No forms or analytics scripts are detected, reducing data collection risks but also limiting user engagement tracking. Overall, the website is functional and professional in design and content but requires significant improvements in security posture, privacy compliance, and contact transparency to enhance trustworthiness and regulatory adherence. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, improving security headers, and providing clear contact information.

P

punkt.de GmbH

punkt.de

67

punkt.de GmbH is a well-established German digital agency specializing in open source web solutions, including TYPO3, Neos, Sylius, and related technologies. With over 28 years of experience and a medium-sized team, they offer comprehensive services ranging from custom web development to hosting and consulting. Their market position is strengthened by multiple technology partner certifications and a strong focus on sustainable, flexible open source solutions. Technically, the website is built on modern PHP frameworks (Neos CMS and Flow), integrates privacy-conscious analytics (Matomo), and is hosted on their own infrastructure, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of published security policies and security headers suggests room for improvement. Overall, the site is professional, trustworthy, and compliant with GDPR, though cookie consent mechanisms could be enhanced. Strategic recommendations include publishing security and incident response policies, implementing security headers, and adding vulnerability disclosure information to further strengthen trust and compliance.

S

SIEL, d.o.o.

siel.si

58

SIEL, d.o.o. is a Slovenian IT company established in 2005 specializing in hosting services, IT system planning, and custom web application development. The company offers a range of proprietary products including CMS, VoIP, WIFI management, DNS management, email notification systems, and VPN solutions. Their market position is that of a trusted small IT service provider with a focus on business clients and SMEs, supported by EU-funded projects and a portfolio of satisfied clients. Technically, the website employs a traditional tech stack with Bootstrap and jQuery, though some libraries are outdated, which may pose security risks. The site is mobile-optimized and SEO-friendly with clear navigation and professional design. Security posture is moderate with HTTPS usage and secure forms but lacks advanced security headers and updated libraries. Privacy compliance is basic with a cookie consent mechanism but no explicit privacy policy page. Contact information is comprehensive and includes phone, email, and contact forms. Overall, the website is professional and trustworthy with room for security and compliance improvements.

L

LeineGlück Online-Marketing

leineglueck.de

49

LeineGlück Online-Marketing is a German digital agency specializing in web design, online shops, SEO, SEA, and social media marketing. The company targets businesses seeking to enhance their online presence and grow their brand visibility. The website is built on WordPress using modern plugins such as Yoast SEO and Borlabs Cookie, indicating a mature digital infrastructure. The site is mobile-optimized and employs HTTPS with good SSL configuration, ensuring secure communications. However, the absence of a privacy policy and security headers suggests room for improvement in compliance and security posture. Overall, the website presents a professional image with good content quality and user experience but would benefit from enhanced privacy documentation and explicit contact information to increase trust and compliance.

T

tixxt

tixxt.com

53

tixxt.com is a professional website offering enterprise social intranet and collaboration solutions targeted at member organizations and enterprises. The company positions itself as a specialized provider of social intranet and enterprise social network platforms, aiming to boost internal communication and collaboration. The website is built on a modern WordPress CMS infrastructure using the Divi theme and includes common plugins such as Cookiebot for cookie consent and Google Tag Manager for analytics. The technical infrastructure is moderately optimized with good mobile responsiveness and SEO practices. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and visible incident response or vulnerability disclosure information. The absence of WHOIS data for the domain reduces trustworthiness and raises questions about domain registration transparency. Overall, the website is professional and business-focused but would benefit from enhanced privacy, security, and contact transparency.

S

Spade

spade.be

51

Spade is a small Belgian digital agency specializing in responsible and accessible digital solutions. They offer a comprehensive suite of services including digital strategy, branding, web development, content production, and design. The agency emphasizes sustainable and inclusive digital practices, positioning itself as a trusted partner for businesses, associations, and startups seeking impactful digital transformation. Their market position is strengthened by certifications such as the AnySurfer accessibility label and a clear commitment to digital responsibility. Technically, the website is built on WordPress with modern libraries and analytics tools like Matomo and Google Tag Manager, ensuring a solid digital infrastructure. The site is mobile-optimized, accessible, and professionally designed, reflecting a mature digital presence. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security headers and a public security policy, indicating room for improvement. WHOIS data is privacy-protected, which is typical for such businesses, and no suspicious patterns were detected. Overall, Spade presents a credible, professional, and trustworthy digital agency profile.

P

PHP Community Foundation

phpc.chat

56

The PHP Community Chat website serves as a dedicated platform for PHP developers and enthusiasts to engage via popular chat channels such as Discord and IRC. Operated by the PHP Community Foundation, the site supports community building and knowledge sharing within the PHP ecosystem. The platform is positioned as a niche community resource with a clear focus on developer engagement and support. Technically, the website is built with standard web technologies (HTML5, CSS3, JavaScript) and hosted on DigitalOcean, ensuring reliable performance and good mobile optimization. The site uses HTTPS with a valid SSL certificate, but lacks advanced security headers and DNSSEC, which could enhance its security posture. No analytics or tracking scripts are detected, indicating a privacy-conscious approach. From a security perspective, the site demonstrates a moderate security posture with HTTPS enabled and domain transfer protections in place. However, the absence of privacy and cookie policies, as well as missing security headers, represent compliance and security gaps. There is no evidence of incident response or vulnerability disclosure mechanisms, which could be improved to strengthen trust and security readiness. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic improvements in privacy compliance and security hardening would enhance its credibility and resilience against emerging threats.

R

RYZE Digital

ryze-digital.de

65

RYZE Digital is a German-based digital solutions provider specializing in corporate, business, and technology sectors. Their offerings include corporate communications, CRM and marketing automation with HubSpot, e-commerce solutions, and technology services such as AI and native app development. The company targets businesses seeking innovative and tailored digital strategies for sustainable growth. The website is professionally designed with consistent branding and clear navigation, reflecting a focused B2B business model. Technically, the website is built on TYPO3 CMS, hosted via SchlundTech, and integrates modern tools such as Cookiebot for consent management and HubSpot for marketing and contact forms. The site uses HTTPS with good SSL configuration and includes Google Tag Manager and reCAPTCHA for analytics and bot protection. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site demonstrates good practices including HTTPS enforcement, cookie consent with opt-in/out, and bot protection. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not confirmed and no published security or incident response policies are found. No vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic recommendations include enhancing security headers, publishing a security policy and incident response contacts, and considering a vulnerability disclosure policy to further strengthen trust and compliance.

B

BHE Bundesverband Sicherheitstechnik e.V.

bhe-videoueberwachung.de

63

The website www.bhe-videoueberwachung.de serves as a specialized portal for video surveillance technology under the auspices of the BHE Bundesverband Sicherheitstechnik e.V., a recognized German industry association. It provides comprehensive resources including news, legal guidance, certification information, and a directory for specialist companies. The site targets professionals such as installers, planners, manufacturers, and users of video security systems, positioning itself as a trusted industry knowledge hub. Technically, the site is built on the Neos CMS platform with the Flow PHP framework, hosted by punkt.de GmbH, and employs modern web technologies including Matomo for privacy-conscious analytics. The site is well-structured, mobile-optimized, and SEO-friendly, though it lacks a cookie consent mechanism despite using tracking scripts.

哔

哔哩哔哩游戏

biligame.com

57

The website www.biligame.com serves as a gaming platform branded under 哔哩哔哩游戏 (Bilibili Games), targeting gaming enthusiasts and creators within the Bilibili community. It offers game reservation and download services, leveraging Bilibili's unique gaming culture. The site is technically modern, utilizing Vue.js and other contemporary web technologies, and is optimized for both PC and mobile platforms. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the branding and content strongly associate with the reputable Bilibili company. Security posture is moderate with no HTTPS or security headers explicitly confirmed, and privacy compliance is low due to missing policies and contact information. Overall, the site is functional and professional but requires improvements in transparency and security to enhance trust.

O

Oracle

selectminds.com

73

Oracle's website for social media marketing presents a comprehensive and professional digital presence, showcasing their leadership in enterprise technology and marketing automation solutions. The site is well-structured, mobile-optimized, and rich in relevant content targeting marketing professionals and businesses seeking advanced social media marketing tools. Technically, the site leverages modern JavaScript frameworks, tag management, and consent management solutions, ensuring a robust and scalable infrastructure. Security posture is strong with HTTPS enforcement, privacy policies, and consent mechanisms, although explicit security headers could be more visible. WHOIS data is unavailable likely due to registry restrictions, but the site's branding and content strongly affirm its legitimacy. Overall, the site reflects Oracle's enterprise-grade standards and market position.

W

Webspeicherplatz24 GmbH

webspeicherplatz24.de

49

Webspeicherplatz24 GmbH operates a professional web hosting and domain registration service primarily targeting German-speaking customers. The company offers a range of services including webspace hosting, SSL certificates, dedicated servers, Microsoft 365 solutions, mail archiving, and Nextcloud hosting. The website is well-structured, SEO optimized, and uses modern web technologies such as WordPress, Bootstrap, and various JavaScript libraries to deliver a responsive and user-friendly experience. The presence of a customer login portal, support ticket system, and knowledge base indicates a mature customer service infrastructure. Security posture is adequate with HTTPS enforced and SSL certificates in use, but could be improved by implementing additional security headers and a formal security policy. Privacy compliance is supported by a comprehensive privacy policy, though the absence of a cookie consent mechanism is a gap. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. The website scores a solid 78 out of 100 in AI evaluation, reflecting good content quality, technical implementation, and business credibility, with room for improvement in security and privacy compliance.

B

BHE Bundesverband Sicherheitstechnik e.V.

bhe.de

63

BHE Bundesverband Sicherheitstechnik e.V. is a leading German non-profit industry association specializing in security technology. The organization provides certifications, training programs, publications, and advocacy services to security professionals, companies, and planners. Their market position is strong within Germany, supported by multiple certification schemes and a broad network of industry partners. The website reflects a professional and consistent brand image targeting security technology stakeholders. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, hosted by punkt.de GmbH. It employs modern web technologies with a moderate performance profile and good mobile optimization. The site uses Matomo analytics with cookies disabled, indicating a privacy-conscious approach. However, some security best practices such as security headers and cookie consent mechanisms are missing. From a security perspective, the site enforces HTTPS and uses privacy-friendly analytics but lacks explicit incident response contacts and vulnerability disclosure policies. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent and supports the legitimacy of the domain and business. Overall, the site demonstrates a solid security posture with room for improvement in security headers and privacy compliance. The overall risk assessment is low, with recommendations to enhance security headers, implement cookie consent, and publish incident response information to further strengthen trust and compliance.

S

Software & Design Loos

ferienprogramm-online.de

58

Software & Design Loos operates the website www.ferienprogramm-online.de, offering SFP+, a specialized software platform designed to streamline the organization and management of leisure and holiday programs primarily for German municipalities, youth offices, clubs, and schools. The platform supports both online and offline registrations, automated fair allocation of limited spots, and integrated billing with ePayment options. With over 35 years of experience and a growing customer base exceeding 300 clients nationwide, the company holds a strong market position in this niche. The website presents comprehensive product information, customer testimonials, and references, reinforcing its credibility. Technically, the website is built on a modern stack including HTML5, CSS3, Bootstrap, and JavaScript libraries such as Swiper.js and FontAwesome. It is hosted on Strato servers and employs HTTPS with good SSL configuration. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. No major performance issues or broken elements were detected. From a security perspective, the site uses HTTPS and secure forms with GDPR-compliant consent mechanisms. However, it lacks explicit security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were found in the HTML content. Privacy compliance is strong, with a clear privacy and cookie policy. No analytics or tracking scripts were detected, indicating minimal user tracking. Overall, the website is professional, trustworthy, and well-suited for its target audience. The absence of detailed WHOIS registrant information is a minor concern but does not detract significantly from legitimacy. Strategic recommendations include enhancing security headers, publishing incident response and security policies, and considering a security.txt file to improve transparency and trust.

C

Czech Video Center, a. s.

fameplay.tv

62

Fameplay.ai is a Czech-based company specializing in AI-powered audiovisual and sound production services. Leveraging generative AI technologies combined with traditional film production expertise, they offer innovative solutions such as AI avatars, voice cloning, localization, and imaging. Their unique market position is strengthened by their Emmy award recognition and a portfolio of notable clients including Microsoft and Universal Music Group. Technically, the website is built on the Webflow CMS platform, utilizing modern web technologies and Google Tag Manager for analytics, reflecting a moderate to good level of digital maturity. Security posture is adequate with HTTPS usage but lacks visible security headers and published security policies, indicating room for improvement in compliance and incident response readiness. Overall, the company presents a professional and trustworthy digital presence with clear business focus and moderate risk exposure.

O

Sign in - Matomo

obisk.si

52

The website obisk.si serves as a Matomo analytics platform login portal, primarily targeting website administrators and analytics users. It provides access to a free/libre analytics platform designed to track and analyze website visitor data with a focus on privacy. The platform is positioned as an open-source alternative to commercial analytics services, offering key services such as web analytics, user behavior tracking, and privacy compliance tools. The domain is registered since 2020, consistent with the platform's operational timeline. Technically, the site employs a modern JavaScript-based frontend (AngularJS) and a PHP backend typical of Matomo installations. It uses HTTPS with token-based authentication and supports two-factor authentication, indicating a reasonable security posture. However, the site lacks visible security headers and publicly accessible privacy or cookie policies, which are important for compliance and trust. From a security perspective, the site enforces HTTPS and uses authentication tokens, but it does not publicly disclose incident response or security policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of privacy and cookie policies and contact information reduces the site's privacy compliance score. The WHOIS data is consistent and indicates a legitimate domain registration. Overall, the site is functional and secure for its intended purpose as an analytics platform login but lacks public-facing compliance and contact information. Strategic recommendations include publishing comprehensive privacy and cookie policies, enhancing security headers, and providing clear contact channels to improve trust and compliance.

T

Team Internet SAS

centralnicgroup.com

56

Team Internet SAS is a well-established global internet solutions company founded in 2000, specializing in domains, identity & software, comparison, and search services. The company targets investors and online businesses, offering scalable technology solutions and maintaining a strong market position. The website reflects a mature digital infrastructure with WordPress CMS, integrated analytics, and consent management tools, demonstrating digital maturity and compliance with privacy regulations. Security posture is robust with HTTPS, security headers, and no detected vulnerabilities, though DNSSEC is not enabled. Overall, the site is professional, trustworthy, and transparent, supporting investor relations effectively.

P

PHP Community Foundation

phpcommunity.org

55

PHP Community Foundation operates a well-established online community hub dedicated to PHP programmers and enthusiasts. Founded in 2003, the organization provides resources, social platforms, and community engagement channels to foster collaboration and friendship among PHP developers. The website serves as a gateway to various community resources including chat, social media, and open collective funding. Technically, the site uses a modern frontend stack with Bootstrap and jQuery, hosted on DigitalOcean, and employs HTTPS for secure communication. However, it lacks advanced security headers and DNSSEC, which could be improved to enhance security posture. The absence of privacy and cookie policies indicates a gap in compliance with modern privacy standards. Overall, the site is professional, trustworthy, and serves its community well but would benefit from enhanced security and privacy practices.

N

NanodiagBW

nanodiag.de

60

NanodiagBW is a German innovation cluster focused on advancing nanopore technology for epigenetic analysis related to major diseases such as cancer and Alzheimer's. Supported by government funding through the Clusters4Future initiative, it unites universities, research institutions, and companies to accelerate technology transfer and commercialization. The website reflects a mature digital presence with professional design, multilingual support, and comprehensive content about their mission, projects, and network. Technically, the site is built on WordPress with Elementor and uses privacy-respecting analytics (Matomo). Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site is trustworthy, well-branded, and compliant with GDPR requirements.

C

Concept Check – Antje Jäger

concept-check.de

41

Concept Check, led by Antje Jäger, is a small but well-established creative agency based in Furtwangen, Germany, with over 20 years of experience. The company specializes in web design, print media, corporate branding, and innovative AI-powered solutions including workshops and consulting. Their market position is that of a trusted local expert combining traditional design expertise with modern AI technologies to deliver flexible, custom solutions for small and medium businesses. Technically, the website is built on a modern stack including Bootstrap and jQuery, hosted by DMSolutions, and optimized for mobile devices with good SEO practices. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is good with a comprehensive privacy policy, though a cookie consent mechanism is absent. Overall, the website is professional, trustworthy, and well-aligned with the business's claims and market positioning.

M

Mein-Office Webdesign

blog-webdesigner.de

57

The website blog-webdesigner.de operates as a specialized web design blog providing tips, techniques, and inspiration for website creation and improvement. It targets both beginners and advanced users interested in modern web design, while also promoting related web agency services. The business appears to be a small-scale operation focused on content delivery and service promotion within the German market. Technically, the site uses a REDAXO CMS platform with jQuery and flatpickr libraries, and it is mobile optimized with good SEO practices. Security posture is moderate with HTTPS implied but lacking explicit security headers and cookie consent mechanisms. Contact information is limited to a phone number displayed in a modal dialog, with no email or social media presence detected. Overall, the site is professional and trustworthy but could improve privacy compliance and security transparency.

T

TeamPlus

spielerplus.de

59

TeamPlus is a well-established digital platform specializing in sports team management, offering a comprehensive app that facilitates communication, event organization, and team administration for coaches, players, parents, and clubs. The company enjoys a strong market position with over 350,000 teams and 4.5 million users, supported by a professional and user-friendly website and mobile applications available on major app stores. Technically, the website employs modern frameworks and technologies, including Yii PHP framework, JavaScript, and a consent management platform, hosted securely via Cloudflare. Security posture is solid with HTTPS and privacy compliance mechanisms in place, though some security headers and explicit incident response policies are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

H

Handball4all AG

handball4all.de

53

Handball4all AG is a German-based IT solutions provider specializing in software and services for handball associations and related sports organizations. Their offerings include various management tools such as SpielberichtOnline, SpielplanOnline, and PassOnline, targeting handball clubs, referees, and sports administrators. The company positions itself as a niche provider with a focused market presence in the sports technology sector. Technically, the website is built on TYPO3 CMS, integrates modern video playback and advertising technologies, and employs consent management for GDPR compliance. The hosting is provided by Hetzner, a reputable German hosting provider. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though there is room for improvement in security headers and published policies. Overall, the website is professional, well-structured, and provides relevant content for its target audience, with moderate trustworthiness and good technical implementation.

P

PHP Community Foundation

phpc.social

66

phpc.social is a Mastodon-based decentralized social media server dedicated to the PHP programming community. Administered by the PHP Community Foundation, it provides a platform for PHP programmers and enthusiasts to engage in discussions about PHP language, frameworks, tools, open source projects, and related tech topics. The community-centric approach emphasizes inclusivity, moderation, and fostering a safe environment for both technical and off-topic conversations. The platform is positioned as a niche community server within the broader fediverse ecosystem, serving a specialized audience of PHP developers and friends. Technically, the website runs Mastodon version 4.4.2, leveraging modern JavaScript modules and React for its frontend. Hosting is managed by Masto.host with DNS services via DigitalOcean. The site demonstrates moderate performance and good mobile optimization, though accessibility and SEO optimizations are basic. The absence of a CMS and reliance on open-source Mastodon software reflects a focused and streamlined technical infrastructure. Security posture is solid with HTTPS enforced and domain transfer protections in place. However, DNSSEC is not enabled, and security headers are not explicitly detected, indicating room for improvement. The site maintains detailed moderation policies and incident response contacts, enhancing trust and safety. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms and terms of service, which are important for GDPR adherence. Overall, phpc.social presents a trustworthy, community-driven platform with a clear mission and consistent branding. Strategic improvements in security configurations and privacy compliance would further strengthen its position and user trust.

M

Mesago Messe Frankfurt GmbH

mesago.com

64

Mesago Messe Frankfurt GmbH is a medium-sized event organizer specializing in exhibitions, conferences, and online services focused on cutting-edge technology sectors such as automation, additive manufacturing, power electronics, and electromagnetic compatibility. The company operates as part of the Messe Frankfurt Group with a strong presence in Stuttgart, Germany. Their website reflects a professional and consistent brand image, targeting industry professionals and exhibitors. Technically, the site uses Adobe Experience Manager CMS, integrates Google Tag Manager and Usercentrics for consent management, and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS and consent mechanisms, though some security headers and explicit policies could be improved. The WHOIS data for the subdomain is unavailable, which is typical and not suspicious. Overall, the website is trustworthy, well-maintained, and compliant with privacy standards.

H

Hexonet

hexonet.net

68

Hexonet is a well-established domain reseller platform founded in 2001, operating under the parent company 1API GmbH. The company offers advanced domain reseller APIs, registrar platforms, and integration tools targeting domain resellers and partners globally. Their market position is solid, supported by a professional website with multi-language support and a broad portfolio of over 700 TLDs. Technically, the website employs modern frameworks such as Bootstrap and jQuery, integrates marketing and analytics tools like HubSpot, Google Tag Manager, and Hotjar, and maintains good mobile optimization and SEO practices. Security posture is strong with HTTPS enforced and domain transfer protections, though improvements could be made by enabling DNSSEC and adding security headers. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR considerations. Overall, the website reflects a credible and professional business with a strong digital presence.

M

Matrix42

matrix42.com

61

Matrix42 is a European enterprise software company specializing in IT service management, software asset management, endpoint security, and identity governance solutions. The company positions itself as a leader in European service management, offering AI-powered and cloud-flexible platforms tailored to enterprise needs. Their website reflects a mature digital presence with professional design, comprehensive content, and a focus on compliance and customer engagement through events and partnerships. Technically, the site leverages HubSpot CMS, modern JavaScript libraries, and integrates marketing and analytics tools such as Google Analytics and Facebook Pixel. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response details are not publicly disclosed. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the professional branding and content. Strategic recommendations include publishing detailed security policies, adding vulnerability disclosure mechanisms, and improving transparency on certifications and incident contacts.

F

Factori

factori.ai

65

Factori is a technology company specializing in providing global location intelligence data to businesses, enabling better decision-making through AI-powered insights and daily-updated granular data. The company positions itself as a leader in the DaaS market with a focus on privacy and data accuracy across 150 countries. The website is built on WordPress with modern technologies and integrates multiple analytics and marketing tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and privacy-first data handling, though explicit security policies and headers could be improved. Overall, the site is professional and trustworthy with clear business information and contact channels.

P

phg Peter Hengstler GmbH + Co. KG

phg.de

52

phg Peter Hengstler GmbH + Co. KG is a medium-sized German company specializing in customized connection and data technology solutions, serving system integrators and manufacturers with a broad portfolio of OEM components and cable assemblies. The company emphasizes engineering competence and high manufacturing depth, supported by certifications such as UL, ISO 13485, and EHEDG. Their website is professionally designed, multilingual, and provides comprehensive product and service information. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and includes marketing and analytics tools like LinkedIn Insight and Google Analytics. Security posture is solid with HTTPS and cookie consent mechanisms, though security headers and explicit incident response policies are absent. Overall, the site reflects a trustworthy and professional business with good compliance and technical maturity.

H

Hahn-Schickard-Gesellschaft für angewandte Forschung e.V.

hahn-schickard.de

58

Hahn-Schickard-Gesellschaft für angewandte Forschung e.V. is a German research and development organization specializing in microsystems technology. The company offers a comprehensive portfolio of services ranging from sensor development and integration to production and advanced manufacturing technologies. Their target audience primarily includes B2B partners, research institutions, and industry clients in technology and healthcare sectors. The website reflects a professional and consistent brand image with detailed service descriptions and active news and event updates. Technically, the website is built on TYPO3 CMS and leverages modern web technologies such as Modernizr, Google Analytics, and lazy loading for performance optimization. Hosting is provided by Hetzner, a reputable German hosting provider. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. From a security perspective, the site uses HTTPS with good SSL configuration and implements privacy compliance mechanisms including GDPR-compliant cookie consent. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. The domain registration data aligns well with the business profile, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen security posture.