Security Directory

C

Craft of Scandinavia AB

craftsportswear.ch

75

Craft Sportswear is a Swedish-based company specializing in high-quality training clothing for running, cycling, and cross-country skiing. Established in 1973, the company has a strong market presence in the sportswear retail sector, targeting athletes and fitness enthusiasts. The website reflects a professional e-commerce platform with a consistent brand image and comprehensive product offerings including teamwear and outlet sales. The parent company is New Wave Group SA, indicating a medium-sized enterprise with a solid business foundation. Technically, the website is built on modern technologies including React and Next.js, with Storyblok CMS integration. The site is well-optimized for mobile devices, SEO, and accessibility, providing a smooth user experience. Performance is moderate with good loading times and responsive design. Privacy and cookie policies are clearly presented with consent mechanisms, demonstrating compliance with GDPR requirements. From a security perspective, the site enforces HTTPS and uses cookie consent tools, but lacks explicit security policies, incident response contacts, and vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces trust slightly, but the overall digital footprint and business information support legitimacy. Overall, Craft Sportswear's website is a professional, secure, and user-friendly platform suitable for its retail business model. Strategic improvements in security transparency and WHOIS data visibility would enhance trust and compliance further.

C

Codana GmbH

codana.de

57

Codana GmbH is a professional software agency founded in 2020, specializing in custom digital solutions including mobile apps, web applications, AI integration, and digital process automation. The company targets businesses primarily in Germany, Austria, and Switzerland, offering tailored software development services to digitally transform enterprises. Their market position is that of a trusted small to medium-sized agency with over 100 satisfied clients and recognizable partnerships. Technically, the website leverages modern frameworks such as Next.js and React, with hosting on Microsoft Azure, ensuring fast performance and excellent mobile optimization. Security-wise, the site enforces HTTPS, integrates Google reCAPTCHA, and employs GDPR-compliant cookie consent mechanisms, though it lacks explicit privacy policies and incident response disclosures. Overall, the website is professional, trustworthy, and well-structured, with minor gaps in formal security and privacy documentation.

L

Luma

lu.ma

64

Luma is a technology-driven event hosting and ticketing platform that enables users to create event pages, invite friends, and sell tickets seamlessly. The company positions itself as an emerging player in the event management market, targeting a general audience interested in discovering and hosting memorable events. The website is professionally designed with a clear focus on user experience and mobile optimization, leveraging modern technologies such as React and Next.js, and hosted via Cloudflare for performance and security benefits. Security posture is strong with HTTPS enforcement and standard security headers, although DNSSEC is not enabled and no cookie consent mechanism is present. Privacy and terms policies are available, indicating a baseline compliance with GDPR. Overall, the platform demonstrates a mature and trustworthy online presence with room for improvement in privacy compliance and incident response transparency.

M

Minxli

minxli.com

55

Minxli was a telemedicine service provider operating in Germany for over seven years, offering video consultation services. The website currently serves as a farewell notice indicating the cessation of business operations. The site directs users to alternative certified telemedicine platforms but lacks active business or contact information. Technically, the website is built using modern React and Next.js frameworks, providing moderate performance and good mobile optimization. However, the content is minimal and basic, reflecting the business closure status. Security posture is weak due to missing security headers, absence of privacy and cookie policies, and no incident response information. The domain WHOIS data is missing, indicating potential domain expiration or deregistration, which conflicts with the website's claim of long-term operation. Overall, the site is safe but lacks business credibility and privacy compliance, resulting in a low overall risk score.

C

Charlotte Tilbury

charlottetilbury.com

68

Charlotte Tilbury is a well-established luxury beauty brand specializing in makeup, skincare, and fragrance products. The website targets the European market with localized content and currency options. The brand operates a sophisticated e-commerce platform leveraging modern web technologies such as React and Next.js, ensuring a fast and responsive user experience. The site demonstrates strong branding consistency and professional design, reinforcing its market position as a premium retailer. Security measures including HTTPS and comprehensive security headers are in place, contributing to a robust security posture. Privacy compliance is evident with clear privacy and cookie policies and consent mechanisms. However, the absence of publicly available WHOIS data limits domain trust verification. Overall, the site presents a low-risk profile with recommendations to enhance transparency around security policies and incident response.

DISCO S WAVE, INC. operates the website disco.ac, providing an all-in-one music management platform designed to help artists, rights holders, brands, and music supervisors organize, share, and discover music tracks efficiently. The company positions itself as a trusted SaaS provider in the media industry with a strong customer base and a focus on simplifying music catalog management and collaboration. The platform leverages AI-powered discovery tools and offers mobile applications on iOS and Android, reflecting a modern and accessible digital infrastructure. Technically, the website is built using modern frameworks such as React and Next.js, hosted likely on Cloudflare infrastructure, and integrates various analytics and marketing tools including Google Tag Manager, TikTok Pixel, Facebook Pixel, and Intercom for customer engagement. The site demonstrates excellent performance, mobile optimization, and SEO practices, contributing to a high-quality user experience. From a security perspective, the site enforces HTTPS, implements key security headers, and provides a cookie consent mechanism aligned with GDPR compliance. However, it lacks publicly available security policies, incident response details, and vulnerability disclosure information, which are areas for improvement. The WHOIS data is not publicly available, indicating privacy protection, which is common for commercial SaaS businesses but slightly reduces transparency. Overall, the website presents a professional, trustworthy, and well-structured digital presence with moderate risk due to limited public registrant information and absence of explicit security disclosures. Strategic enhancements in transparency and security communication would further strengthen trust and compliance.

A

adidas

adidas.sk

70

The website www.adidas.sk serves as the official e-commerce platform for adidas in Slovakia, offering a wide range of sportswear and sneakers. It targets a general audience interested in sports apparel, leveraging the global brand's strong market position. The site features modern web technologies including React and Next.js, hosted likely via Akamai CDN, ensuring a responsive and performant user experience. Security measures such as HTTPS and multiple security headers are implemented, reflecting a mature security posture. However, the absence of explicit privacy and cookie policies, as well as lack of visible contact information, indicates gaps in privacy compliance and user support. Overall, the site is professionally designed and trustworthy but would benefit from enhanced transparency and compliance documentation.

A

adidas

adidas.fr

69

Adidas.fr is the official French website of Adidas, a leading global sportswear brand specializing in footwear, clothing, and accessories. The site targets a broad audience interested in innovative sportswear that combines performance and style. The business model is primarily e-commerce retail, serving customers in France with a strong brand presence and consistent branding elements. The website demonstrates a high level of digital maturity, utilizing modern technologies such as React and Next.js, hosted on Akamai CDN, and employing advanced performance and user experience monitoring tools like Instana and Tealium. Security posture is strong with HTTPS enforced, security headers implemented, and no visible vulnerabilities or exposed sensitive data. However, explicit privacy and cookie policies were not detected in the provided content, which slightly impacts privacy compliance scoring. Overall, the site is professional, trustworthy, and well-optimized for performance and accessibility.

A

adidas Brasil

adidas.com.br

63

The website represents the official adidas Brazil e-commerce platform, offering a wide range of sports shoes, apparel, and equipment. It targets general consumers interested in sportswear and fitness products, positioning itself as a leading brand in the Brazilian retail market. The site leverages modern web technologies including React and Next.js, hosted on a robust infrastructure likely supported by Akamai CDN, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS and modern TLS protocols, though explicit security headers and privacy policies are not detected in the provided content. The absence of visible contact information and privacy compliance elements suggests areas for improvement. Overall, the site is professional and trustworthy, consistent with a global brand's standards.

A

adidas

adidas.se

70

The website www.adidas.se serves as the official Swedish online store for adidas, a globally recognized sportswear brand. It offers a comprehensive range of products including shoes, sports clothing, and equipment, targeting sports enthusiasts and general consumers in Sweden. The site reflects adidas' strong market position as a leading enterprise in the retail sector, supported by consistent branding and high-quality content. Technically, the site leverages modern web technologies such as React and Next.js, hosted on a robust infrastructure likely provided by Akamai, ensuring fast performance and excellent mobile optimization. Security measures are well implemented with HTTPS and multiple security headers, although explicit privacy and cookie policies were not detected in the provided content. Overall, the site demonstrates a mature digital presence with moderate user tracking and basic marketing tools integration.

A

adidas

adidas.fi

11

adidas.fi is the official Finnish e-commerce website for adidas, a globally recognized sportswear and equipment brand. The site offers a comprehensive range of sports apparel and equipment tailored to various sports such as swimming, football, and running. The website targets sports enthusiasts and general consumers in Finland, leveraging a strong brand presence and a well-established market position as a leader in the retail sportswear industry. The business model focuses on direct online sales, supported by extensive customer service and account management features. Technically, the website employs modern web technologies including React and Next.js frameworks, ensuring a fast, responsive, and accessible user experience. Hosting and CDN services appear to be provided by Akamai, contributing to excellent performance and global reach. The site is well-optimized for SEO and mobile devices, with comprehensive metadata and structured data enhancing search visibility. From a security perspective, adidas.fi demonstrates a strong posture with enforced HTTPS, robust security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. However, explicit incident response and vulnerability disclosure policies are not publicly found, suggesting areas for improvement. Overall, adidas.fi is a professional, secure, and trustworthy e-commerce platform with a high level of digital maturity. Strategic recommendations include enhancing transparency around security policies, publishing a vulnerability disclosure framework, and maintaining continuous security audits to uphold the strong security posture.

A

adidas

adidas.dk

9

The website represents the official adidas Denmark online store, offering a wide range of sportswear, sneakers, and accessories. It targets sports enthusiasts and general consumers within Denmark, operating under the globally recognized adidas brand. The site demonstrates a modern technical infrastructure leveraging React and Next.js frameworks, with a microfrontend architecture to enhance modularity and scalability. Performance and mobile optimization are well addressed, providing a smooth user experience. Security posture is solid with HTTPS enforced, though explicit security headers and vulnerability disclosure mechanisms are absent. Privacy compliance is limited due to missing visible privacy and cookie policies. Overall, the site is professional and trustworthy but could improve transparency and compliance documentation.

A

adidas Canada

adidas.ca

11

Adidas Canada operates a comprehensive e-commerce platform offering sneakers and activewear tailored for the Canadian market. As a subsidiary of the global adidas AG brand, it maintains a strong market position with a focus on quality, innovation, and customer engagement. The website reflects a mature digital infrastructure leveraging modern technologies such as React and Next.js, supported by robust CDN and monitoring services to ensure performance and reliability. Security posture is strong, with HTTPS enforcement, security headers, and privacy compliance evident throughout the site. No critical vulnerabilities or blocking mechanisms were detected, indicating a well-maintained and trustworthy platform. Strategic recommendations include enhancing incident response visibility and establishing a public vulnerability disclosure policy to further strengthen security culture and compliance.

A

adidas

adidas.be

10

The website is the official adidas Belgium e-commerce platform, offering sportswear and shoes with a strong brand presence and consistent design. It leverages modern web technologies such as React and Next.js, ensuring a fast, mobile-optimized, and accessible user experience. The site is hosted on a robust infrastructure with Akamai CDN and uses advanced monitoring and tag management tools like Instana and Tealium. Security posture is strong with HTTPS enforced and security headers in place, though explicit privacy and cookie policies are not detected in the provided content. The domain WHOIS data is restricted by DNS Belgium policies, which is typical for .be domains and does not indicate any legitimacy concerns. Overall, the site demonstrates a mature digital presence suitable for a large enterprise retail brand.

Transkribus is a mature AI-powered platform specializing in the transcription, recognition, and analysis of historical documents. Operated by the cooperative READ-COOP SCE, it serves a broad audience including researchers, archivists, and educational institutions. The platform offers advanced AI text recognition, custom model training, and collaborative tools, positioning itself as a leader in the niche of historical document digitization. Technically, the website leverages modern frameworks such as Next.js and React, with strong performance, mobile optimization, and accessibility. Security posture is robust with HTTPS, security headers, GDPR compliance, and consent management, although explicit security policies and incident response details are not publicly disclosed. Overall, the platform demonstrates high professionalism, trustworthiness, and a strong community-driven business model.

Y

Yet

yet.nl

67

Yet is a Dutch online mental health platform offering quick access to one-on-one sessions with qualified psychologists, coaches, and counselors using the Single Session Therapy method. The platform targets employees and organizations seeking confidential, effective mental health support without waiting lists. With over 400 employer clients and a parent company Colbe, Yet holds a strong market position in the Netherlands. Technically, the website is built on modern frameworks like Next.js and React, with good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS, cookie consent, and reputable analytics, though explicit security policies and incident response contacts are not publicly disclosed. The domain is long-established and registered with a reputable registrar, supporting legitimacy. Overall, Yet presents a professional, trustworthy, and user-friendly digital presence in the healthcare sector.

C

Colbe

colbe.com

63

Colbe is a European network specializing in workplace health and wellbeing, aiming to help employees feel better and maintain wellbeing at work. The company operates as a network of health and wellbeing specialists, providing integrated services such as corporate wellbeing, employee assistance, and absence management. The website presents a professional and consistent brand image, targeting organizations and employees across Europe, particularly in the Netherlands. The business is positioned as a trusted partner to leading European organizations, emphasizing connection and sustainable wellbeing. Technically, the website is built using modern frameworks including Next.js and React, with Google Tag Manager integrated for analytics. The site is mobile-optimized, accessible, and SEO-friendly, offering a smooth user experience. However, some technical improvements are recommended, such as implementing security headers and publishing a security policy. From a security perspective, the site uses HTTPS with good SSL configuration and no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. Overall, the website is professional and trustworthy in content and design, but the lack of WHOIS data and explicit contact emails or phone numbers slightly reduces business credibility. Strategic recommendations include verifying domain registration, enhancing security headers, and publishing incident response information to improve trust and security posture.

T

Twintos B.V.

twintos.com

70

Twintos B.V. is a specialized Dutch company focusing on database optimization, real-time monitoring, and security for critical sectors such as healthcare, transportation, and finance. Their website presents a professional image with detailed case studies and a skilled team, positioning them as trusted database experts in the Netherlands. The technical infrastructure is modern, leveraging Next.js and React frameworks, with good SEO and mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent, though explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS data for the domain introduces some uncertainty regarding domain legitimacy, but the overall digital presence is credible and professional.

D

Diffuse

diffuse.nl

60

Diffuse is a small creative development agency based in the Netherlands specializing in web and digital development services including custom Shopify themes, Wordpress sites, and headless CMS integrations. The company showcases a portfolio of client projects demonstrating expertise in modern web technologies such as Next.js and React. The website is professionally designed with good mobile optimization and clear navigation, targeting businesses seeking creative digital solutions. Technically, the site uses a modern tech stack and integrates Google Tag Manager for analytics. Security posture is solid with HTTPS and cookie consent implemented, though security headers and explicit security policies are absent. The domain registration is privacy protected, which is typical for small agencies, and no suspicious indicators were found. Overall, the site is trustworthy and well-maintained, with room for improvement in security transparency and contact information availability.

C

Convertia

convertia.com

10

Convertia is a strategic consulting and technology company specializing in marketing, sales, and customer experience optimization through digital strategies and AI integration. The company positions itself as an expert partner for businesses seeking to enhance their digital acquisition and operational efficiency. The website demonstrates a mature digital presence with comprehensive service offerings and client case studies, indicating a medium-sized enterprise with a strong market position in the technology sector. Technically, the site is built on modern frameworks like Next.js and React, optimized for performance and mobile responsiveness. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional, trustworthy, and business-focused, though WHOIS data is unavailable, suggesting privacy protection or registration opacity.

S

Sparda-Bank Baden-Württemberg eG

sparda-bw.de

56

Sparda-Bank Baden-Württemberg eG is a leading regional cooperative bank in Germany offering a broad range of retail banking services including online banking, loans, mortgage financing, savings, and investment products. The website is professionally designed with clear navigation and targets private banking customers primarily in Baden-Württemberg. The technical infrastructure leverages modern web technologies such as React and Next.js, with a content management system likely based on Storyblok. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place. No critical vulnerabilities or suspicious content were detected. Overall, the site reflects a mature digital presence consistent with a reputable financial institution.

A

Aiuto alla Chiesa che Soffre (ACN)

aiuto-chiesa-che-soffre.ch

61

Aiuto alla Chiesa che Soffre (ACN) is a Swiss-based non-profit organization dedicated to providing aid to persecuted and impoverished Christians worldwide. The website serves as an informational and donation platform targeting supporters and donors interested in humanitarian and religious aid. The organization appears established with a consistent brand and a clear mission focused on Christian humanitarian support. Technically, the website is built using modern frameworks such as Next.js and React, hosted on a reputable Swiss hosting provider. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Security posture is solid with HTTPS enabled and no obvious vulnerabilities, but lacks explicit security headers and formal security policies. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

D

Diffuse

diffuse.tools

64

Diffuse Tools is a technology-focused SaaS provider offering easy-to-implement customizable widgets and code snippets to enhance websites. Their product suite includes Cookie Notice, Store Locator, Donations, and Contact Button widgets, targeting web developers and businesses seeking to improve their web presence without coding. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive policy documentation, reflecting a mature digital presence. Technically, the site is built on modern frameworks such as Next.js and React, leveraging Google Tag Manager for analytics and tracking. Security posture is generally good with HTTPS enforced and no exposed sensitive data, though the absence of security headers and explicit incident response policies suggests room for improvement. WHOIS data is unavailable due to TLD restrictions and privacy, but the website's branding and content support legitimacy. Overall, the site scores well on content quality, technical implementation, privacy compliance, and business credibility, making it a trustworthy and professional offering in its niche.

S

Super Partners

betwaypartners.com

10

Super Partners operates as a large-scale affiliate marketing platform specializing in casino and sports betting brands. It is part of the Super Group ecosystem and promotes over 15 brands across multiple licensed jurisdictions. The website is professionally designed with clear navigation and strong branding, including partnerships with major sports teams. Technically, the site uses modern frameworks such as Next.js and integrates analytics tools like Microsoft Clarity and Google Tag Manager, ensuring good performance and mobile optimization. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response details are not published. The absence of WHOIS registration data is a concern for domain legitimacy, but the overall business credibility is supported by the professional web presence and known parent company. Privacy compliance is addressed with cookie consent and GDPR indicators. Overall, the site presents a trustworthy and mature affiliate marketing business with room for improvement in transparency and direct contact information.

T

The Motley Fool

fool.com

11

The Motley Fool is a well-established financial services company founded in 1993, specializing in providing investing insights, stock market research, and personal finance education to a broad audience of individual investors. The company operates a content-rich website featuring articles, premium subscription services, podcasts, and financial planning tools. It holds a strong market position as a trusted source for retail investment advice and financial literacy. Technically, the website is built on modern frameworks such as Next.js and React, delivering fast performance, excellent mobile optimization, and good accessibility. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms. The absence of WHOIS data is noted but likely due to registry privacy or query limitations rather than suspicious activity. Overall, the site demonstrates high professionalism, trustworthiness, and business credibility.

MakoLab S.A. is a well-established technology company specializing in digital solutions, technology consulting, custom software development, and global 24/7 support. With over 30 years of experience and a focus on intelligence amplified—combining AI with human expertise—they serve businesses seeking innovative and efficient digital transformation. The company maintains a strong market position in Poland and internationally, supported by professional branding and comprehensive case studies. Technically, the website is built on modern frameworks such as Next.js and React, integrated with HubSpot for marketing and analytics, and uses Cookiebot for GDPR-compliant cookie consent. The site is fast, mobile-optimized, and SEO-friendly, reflecting a mature digital infrastructure. Analytics and tracking are moderate and privacy-conscious. Security posture is solid with HTTPS enforced and domain transfer protections in place. However, there is room for improvement by enabling DNSSEC, adding security headers, and publishing formal security policies or incident response contacts. No critical vulnerabilities or exposures were detected. Overall, the website and domain exhibit high legitimacy and professionalism, with strong business credibility and compliance. Strategic recommendations include enhancing security transparency and further hardening domain and web security configurations.

A

Automobile Club de l'Ouest (ACO)

lemans.org

65

The Automobile Club de l'Ouest (ACO) is a well-established French motorsport organization founded in 1906, best known for creating and organizing the prestigious 24 Hours of Le Mans endurance race. The website serves as the official portal for the ACO, providing information about the club, its history, membership benefits, and event details. The site targets motorsport enthusiasts, club members, and the general public interested in endurance racing. The business model revolves around event organization, membership services, and motorsport promotion. Technically, the website is built on modern frameworks such as Next.js and React, hosted likely on Google Cloud Platform, and integrates consent management via Didomi, reflecting a mature digital infrastructure. Security posture is good with HTTPS and consent mechanisms, though explicit security headers and policies are not evident. The absence of WHOIS data limits domain trust analysis, but the website content and branding strongly indicate legitimacy. Overall, the site is professional, GDPR-aware, and serves its audience effectively.

A

Autohaus Heydasch GmbH

nissan-heydasch-worms.de

49

Autohaus Heydasch GmbH is an established automobile dealership located in Worms, Germany, serving as an official Nissan partner. The company offers a wide range of services including new and used car sales, vehicle trade-ins, service bookings, and maintenance. Their market position is that of a trusted local Nissan dealership catering to private and commercial customers. The website reflects a professional business model focused on automotive sales and services with clear contact channels and customer engagement features. Technically, the site is built on modern frameworks such as React and Next.js, ensuring a responsive and user-friendly experience. Privacy compliance is well addressed with GDPR-aligned policies and a visible data protection officer contact. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response information are absent. Overall, the website is trustworthy, well-structured, and suitable for its target audience.

Crownd Estates GmbH operates a premium luxury real estate platform focused on exclusive properties in Vienna, Austria. The company positions itself as a boutique investment and property sales firm targeting affluent clients seeking high-end residential projects. The website showcases multiple luxury projects with rich multimedia content, indicating a strong market presence in the Vienna real estate sector. Technically, the site is built on modern frameworks such as Next.js and React, hosted on Microsoft Azure, and employs Usercentrics for cookie consent, reflecting a mature digital infrastructure. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, though privacy and terms policies are lacking. Overall, the site is professional and trustworthy but could improve compliance documentation and incident response transparency.

I

ImmoScout24

immobilienscout24.de

60

ImmoScout24 is Germany's leading online real estate marketplace, offering a comprehensive platform for property seekers and owners to buy, rent, and sell residential and commercial real estate. The platform serves both private individuals and professional real estate agents, providing extensive listings and additional services such as mortgage financing and agent search. The website demonstrates a mature digital infrastructure leveraging modern web technologies like React and Next.js, hosted on AWS, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS enforcement and security headers, although explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is robust with clear GDPR-aligned policies and cookie consent mechanisms. Overall, ImmoScout24 presents a trustworthy, professional, and well-maintained online presence with high business credibility and technical maturity.

Z

zooplus SE

zooplus.at

60

zooplus SE operates a professional e-commerce platform focused on pet supplies and pet food in Austria. The website offers a wide range of products including food for cats, dogs, and other animals, as well as accessories and specialty veterinary diets. The business targets pet owners in Austria and positions itself as a leading online retailer in this sector. The platform is well-branded and provides promotional offers to attract customers. Technically, the website is built using modern web technologies such as Next.js and Contentful CMS, ensuring a responsive and accessible user experience across devices. The site loads with moderate performance and includes SEO best practices. Security is well implemented with HTTPS and visible buyer protection logos, although explicit security headers and policies are not evident in the provided content. The security posture is solid with no detected vulnerabilities or WAF blocking. However, the absence of visible privacy and cookie policies and the inability to access WHOIS data due to quota limits restrict a full compliance and trust assessment. Contact information is available via a contact page, but no direct emails or phone numbers are found in the HTML snippet. Overall, the website appears trustworthy and professionally managed, but improvements in transparency regarding privacy, cookie consent, and security policies would enhance compliance and user trust.

I

ImmoScout24

immoscout24.de

10

ImmoScout24 is a leading German real estate marketplace platform offering extensive listings for renting, buying, and selling residential and commercial properties. The platform targets both private individuals and professional real estate agents, providing services such as property search, listing, valuation, and digital management tools. The website demonstrates a high level of digital maturity, utilizing modern web technologies like React and Next.js, hosted on AWS infrastructure, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though there is room for improvement in security headers and published security policies. Privacy compliance is moderate due to the absence of explicit privacy and cookie policies in the analyzed content. Overall, the platform is professional, trustworthy, and well-positioned in the German real estate market.

V

Virgin Group

virgin.com

77

Virgin.com is the official website of the Virgin Group, a globally recognized conglomerate founded by Richard Branson. The site serves as a central hub for information about the Virgin Group and its diverse subsidiaries spanning travel, telecommunications, finance, hospitality, and space exploration. The website features comprehensive content about Virgin companies, news, and initiatives, targeting a broad audience including customers, investors, and partners. The business model is that of a diversified holding company with a strong brand presence and multiple revenue streams from its subsidiaries.

W

Woosmap

woosmap.com

64

Woosmap is a technology company specializing in location intelligence solutions, offering a suite of APIs and services that transform location data into actionable insights. Their platform supports a wide range of industries including retail, e-commerce, logistics, hospitality, finance, and government sectors. The company positions itself as a privacy-conscious provider with GDPR-compliant solutions, catering primarily to developers and enterprises seeking scalable geolocation services. The website showcases strong branding, client testimonials, and detailed product offerings, reflecting a mature market presence.

B

Brook Street Foods

brookstreetfoods.co.uk

58

Brook Street Foods is a family-run wholesale food supplier based in Suffolk, UK, with over 30 years of experience. The company offers a broad range of food products including ambient, chilled, frozen, fresh meat, and non-food items, targeting wholesale customers and businesses. Their website provides an online ordering platform with a focus on competitive pricing, including price locks and a Booker price promise, positioning them as a trusted regional wholesaler. Technically, the website is built on modern frameworks such as Next.js and React, hosted on Vercel, and employs Tailwind CSS for styling. The site is performant, mobile-optimized, and uses security best practices including HTTPS and security headers. However, the absence of explicit privacy, cookie, and security policies, as well as missing contact information, limits their privacy compliance and business credibility. The WHOIS data is unavailable and indicates domain registration issues, which raises concerns about domain legitimacy despite the active website presence. Overall, the site is professional and secure but would benefit from improved transparency and compliance documentation.

Y

YONEX

yonex.de

10

YONEX is a well-established sports equipment company specializing in badminton, tennis, golf, running, and snowboarding products. The website serves as a regional German portal providing product catalogs, promotional offers, and social media integration, targeting sports enthusiasts and clubs. The site demonstrates a mature digital presence with modern web technologies such as Next.js and React, ensuring good performance and mobile responsiveness. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. Security posture is solid with HTTPS and some security best practices, though explicit security policies and incident response contacts are absent. Overall, the website is professional, trustworthy, and aligned with the brand's market position.

B

Betway Limited

betway.de

11

Betway Limited operates a comprehensive online gambling platform focused on sports betting, casino games, and live betting experiences. The company holds official partnerships with prominent football clubs such as Arsenal FC, Manchester City, Chelsea, and Brighton & Hove Albion, reinforcing its strong market position in the European gambling sector. Licensed and regulated under German authorities, Betway targets adult users interested in regulated and responsible gambling services. The website is professionally designed, mobile-optimized, and provides clear navigation and content relevant to its audience. Technically, the website leverages modern web technologies including React and Next.js frameworks, hosted behind Cloudflare for performance and security. Analytics and tracking are implemented via Google Tag Manager and Snowplow, enabling extensive user behavior insights while maintaining GDPR compliance through cookie consent mechanisms. The site demonstrates good accessibility and SEO practices, contributing to a positive user experience. From a security perspective, Betway enforces HTTPS, employs multiple security headers, and avoids exposing sensitive data in its HTML content. However, explicit security policies and incident response details are not publicly available, and no vulnerability disclosure program is evident. The domain registration data aligns well with the business claims, showing transparency and legitimacy. Overall, the security posture is strong but could benefit from enhanced transparency and formalized disclosure processes. The overall risk assessment indicates a mature and trustworthy online gambling platform with robust technical and security foundations. Strategic recommendations include publishing detailed security policies, establishing a vulnerability disclosure channel, and providing data protection officer contact information to further enhance trust and compliance.

V

Vista Musical Instruments

vistamusic.com

10

Vista Musical Instruments is a global collective of music-related brands specializing in the manufacturing, retail, and distribution of musical instruments and accessories. The company manages several historic and well-known brands such as MONO, Teisco, Harmony, Heritage Guitars, Dawsons, Manny's, and Swee Lee. The website reflects a professional and consistent brand image, targeting musicians, retailers, and the broader music community worldwide. The parent company is Caldecott Music Group, which is referenced and linked on the site. Technically, the website is built using modern web technologies including React and Next.js, with optimized images and good mobile responsiveness. Hosting and domain registration are stable and consistent with the business profile. Google Tag Manager is used for analytics and tracking, indicating moderate user tracking levels. However, there is a lack of explicit privacy and cookie policies, which presents compliance gaps. From a security perspective, the site uses HTTPS with a good SSL configuration and domain status protections to prevent unauthorized changes. However, DNSSEC is not enabled and no security headers are detected, which are areas for improvement. No critical vulnerabilities or exposed sensitive data were found. The absence of privacy and cookie policies and consent mechanisms lowers the privacy compliance score. Overall, the website is professional, trustworthy, and technically sound but would benefit from enhanced privacy compliance and security hardening. Strategic recommendations include publishing privacy and cookie policies, enabling DNSSEC, adding security headers, and providing incident response contact information to improve trust and compliance.

N

NME Networks

nmenetworks.com

10

NME Networks is a next generation global media network focusing on pop culture through the lens of music. Founded in 2021 and operating under the parent company Caldecott Music Group, it offers media content, brand management, and newsroom services. The website reflects a professional and consistent brand image targeting a general audience interested in music and pop culture. Technically, the site is built on modern frameworks such as Next.js and React, hosted on AWS infrastructure, and employs Google Analytics for user tracking. The site is mobile optimized and performs well with good SEO practices. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though it lacks some security headers and explicit incident response policies. Privacy and cookie policies are present but lack a consent mechanism. Overall, the site is trustworthy with a legitimacy score of 85 and no signs of suspicious activity.

C

Családbarát Magyarország Központ Nonprofit Közhasznú Kft.

csalad.hu

62

csalad.hu is an official Hungarian government-affiliated family support portal operated by Családbarát Magyarország Központ Nonprofit Közhasznú Kft., founded in 2019. The website provides comprehensive information on family support programs, benefits, and calculators tailored for Hungarian families. It serves as a centralized resource to help families understand and access various governmental support schemes. The portal is well-positioned as a trusted source within the government and non-profit sector in Hungary.

D

Debreceni Szakképzési Centrum

dszc.hu

48

Debreceni Szakképzési Centrum is a prominent vocational education institution based in Debrecen, Hungary, founded in 2015. It offers a wide range of vocational and professional training programs tailored to meet the needs of the local economy and various age groups. The institution operates multiple schools and collaborates with dual corporate partners to provide practical training opportunities. The website reflects a well-structured and modern digital presence, utilizing contemporary web technologies such as React, Next.js, and Chakra UI, ensuring good performance and accessibility. However, the absence of explicit privacy and cookie policies indicates a gap in compliance with data protection regulations. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but the lack of security headers and incident response information suggests room for improvement. Overall, the website is professional, trustworthy, and serves its educational mission effectively.

D

DKV

menetrend-debrecen.hu

52

The website menetrend-debrecen.hu serves as a comprehensive public transportation schedule portal for Debrecen, Hungary, primarily focusing on DKV-operated tram, bus, and trolleybus lines. It provides users with up-to-date departure times, routes, and stops, targeting local commuters and visitors relying on public transit. The site is well integrated with the official DKV domain, reinforcing its legitimacy and business alignment. Technically, the site leverages modern frameworks such as Next.js and React, ensuring a responsive and user-friendly experience across devices. While performance is moderate, the site benefits from good SEO and mobile optimization. Security-wise, HTTPS is enforced and cookie consent mechanisms are implemented, though additional security headers could enhance the posture. No critical vulnerabilities or suspicious content were detected, and privacy compliance appears robust with a clear GDPR-aligned privacy policy. Overall, the site is a trustworthy and professional resource for public transport information in Debrecen.

A

adidas CZ

adidas.cz

72

The website www.adidas.cz is the official e-commerce platform for adidas in the Czech Republic, offering sports clothing and footwear. It represents a major global brand with a strong market position in retail sportswear. The site targets sports enthusiasts and general consumers within the Czech market, providing a comprehensive online shopping experience. Technically, the site is built on modern frameworks such as React and Next.js, hosted likely on Akamai infrastructure, and employs advanced performance and monitoring tools like Instana and Tealium. The website is well-optimized for SEO and mobile devices, with excellent design and user experience. Security posture is strong with HTTPS enforced and standard security headers, though explicit privacy and cookie policies are not clearly found in the provided content. Overall, the site demonstrates high professionalism and trustworthiness, though improvements in visible privacy compliance and contact information are recommended.

D

DKV Debreceni Közlekedési Zrt.

dkv.hu

11

DKV Debreceni Közlekedési Zrt. is the primary public transportation operator in Debrecen, Hungary, providing bus, trolleybus, and tram services. The company offers ticket and pass sales, travel planning, and maintains a strong digital presence with a modern, well-structured website. Their market position is solid as a key local transportation provider serving a broad audience including daily commuters and visitors. The website is professionally designed, mobile-optimized, and integrates essential services such as ticket purchasing and real-time travel information. Technically, the site leverages modern frameworks like React and Next.js, integrates Google Maps API for location services, and uses tracking tools such as Google Analytics and Facebook Pixel with proper consent mechanisms. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers could be improved. Overall, the site reflects a mature digital infrastructure supporting a large transportation business with clear contact information and trust signals. No critical vulnerabilities or suspicious content were detected.

G

GMI Pte Ltd

gawker.com

52

Gawker.com is a media website operated by GMI Pte Ltd, focusing on news and entertainment content. The site features articles such as tributes and current events, targeting a general audience. Its business model relies primarily on advertising revenue, leveraging Google AdSense and DoubleClick for monetization. The website uses modern web technologies including Next.js and React, indicating a contemporary technical infrastructure with moderate performance and mobile optimization. However, the content quality is basic with limited depth and minimal interactive features. Security posture is moderate with HTTPS enabled but lacks critical security headers and documented security policies. Privacy compliance is partial, with privacy and terms pages present but no cookie consent mechanism or GDPR compliance indicators. Contact information is minimal, limited to a single email address. Overall, the site is functional but would benefit from enhanced security, privacy, and user engagement features.

B

Bocoup

bocoup.com

63

Bocoup is a worker-owned technology consultancy specializing in the development of web standards, software tools, and digital projects with a strong emphasis on accessibility, privacy, and inclusivity. They serve a diverse clientele including tech companies, nonprofits, and institutions, positioning themselves as a niche player with a values-driven approach. Their market presence is supported by reputable clients such as Google, Mozilla, and Meta Accessibility, and they maintain a strong commitment to creating technologies that resist capture and safeguard user privacy. Technically, the website is built using modern frameworks such as Next.js and React, with a focus on performance, mobile optimization, and accessibility. The site integrates a headless WordPress CMS for blog content and uses minimal tracking via plausible.io, reflecting a privacy-conscious digital maturity. The technical infrastructure supports a fast, responsive, and user-friendly experience. From a security perspective, the site enforces HTTPS and employs secure forms but lacks explicit security headers and formal privacy or cookie policies. No vulnerability disclosure or incident response information is provided, which could be improved to enhance trust and compliance. The absence of WHOIS data for the domain is a notable anomaly, potentially indicating privacy protection or a data retrieval issue, but it introduces some uncertainty regarding domain legitimacy. Overall, Bocoup presents a professional and trustworthy online presence with strong technical and business foundations. Strategic improvements in transparency around privacy, security policies, and domain registration details would further strengthen their security posture and business credibility.

Bleacher Report is a well-established sports media platform founded in 2005, offering sports news, highlights, expert analysis, and scores to a broad audience of sports fans. The website demonstrates a strong market position as a recognized brand in the sports media industry. Technically, the site leverages modern web technologies including React and Next.js, hosted on AWS infrastructure, and incorporates GDPR-compliant cookie consent mechanisms. The site performs moderately well with good mobile optimization and SEO practices. Security-wise, HTTPS is enforced and domain registration includes protective status flags; however, security headers and explicit security policies are not evident, indicating room for improvement. Overall, the website is professional, trustworthy, and safe for general audiences, with no adult or explicit content detected.

K

Kirche in Not

kirche-in-not.ch

63

Kirche in Not is a Swiss-based Catholic non-profit organization dedicated to supporting persecuted and impoverished Christians worldwide. The website serves as an informational and awareness platform, highlighting their mission and activities. The organization appears established with consistent branding and a clear focus on charitable aid. Technically, the website is built on modern frameworks such as Next.js and React, with integration of Google Maps and Google Tag Manager for enhanced user experience and analytics. Security posture is adequate with HTTPS enabled, but lacks visible security headers and formal privacy and cookie policies, which are critical for compliance and user trust. No signs of blocking or WAF interference were detected, allowing full content access. Overall, the site demonstrates a good level of professionalism and credibility, though improvements in privacy compliance and security best practices are recommended.

N

NOVASOL

novasol.se

63

NOVASOL is a well-established European holiday rental company offering a wide range of cottages, houses, and apartments across 19 countries. With a history dating back to 1968 and a large inventory of over 50,000 properties, NOVASOL positions itself as a trusted and comprehensive provider in the hospitality sector. The website reflects a mature digital presence with modern technologies such as React and Next.js, integrated analytics, and marketing tools. Security measures including HTTPS, CSP, and reCAPTCHA Enterprise are implemented, indicating a strong security posture. However, explicit security policies and incident response information are not publicly available, which could be improved to enhance trust. Overall, the site is professional, user-friendly, and compliant with privacy regulations, serving a broad consumer audience seeking holiday rentals in Europe.

N

NOVASOL

novasol.no

64

NOVASOL is a well-established European holiday home rental company with a strong market presence, offering a wide range of vacation properties across 19 countries. The website is professionally designed, mobile-optimized, and uses modern web technologies including React and Next.js. Security measures such as HTTPS, Content Security Policy, and Google reCAPTCHA Enterprise are implemented, indicating a mature security posture. However, explicit security policies and incident response contacts are not publicly available, which could be improved. Overall, the site is trustworthy, compliant with GDPR, and provides a good user experience.