Security Directory

M

Mark Levinson

marklevinson.com

69

Mark Levinson is a premium luxury audio brand specializing in high-fidelity audio equipment including amplifiers, headphones, streaming CD players, and turntables. The brand is positioned in the luxury retail sector and maintains a strong partnership with Lexus for in-car audio systems. The website is built on Salesforce Commerce Cloud and uses modern web technologies such as Google Tag Manager and OneTrust for privacy compliance. The site is well-designed, mobile-optimized, and provides a rich user experience with multimedia content and clear navigation. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security headers and incident response information are not publicly available. WHOIS data for the domain is unavailable, which raises some concerns but the overall branding and external links to Harman International support legitimacy. Strategic recommendations include improving security headers, publishing security policies, and verifying domain registration details.

GIANTS Software GmbH operates the official website for Farming Simulator, a leading farming simulation game with a strong global community and multi-platform availability. The website serves as a hub for game sales, downloadable content, mods, tutorials, and community engagement, supporting a diverse audience of gamers and content creators. The business model includes direct sales, DLC offerings, merchandise, and community-driven content, positioning GIANTS Software as a prominent player in the simulation gaming industry. Technically, the website employs modern web technologies including jQuery and the Foundation framework, ensuring responsive design and good mobile optimization. The site is well-structured with clear navigation and SEO-friendly metadata, supporting a positive user experience. However, some technical details such as hosting provider and CMS are not explicitly identified. From a security perspective, the site enforces HTTPS and includes a cookie consent banner, indicating attention to privacy compliance. Nonetheless, the absence of explicit security headers and lack of visible incident response or security policy pages suggest areas for improvement. The WHOIS data is unavailable or protected, which slightly reduces transparency but is not uncommon for commercial entities. Overall, the website is professional, trustworthy, and content-rich, with no signs of adult or questionable content. The main risk lies in the incomplete WHOIS data and limited direct contact information, which could be addressed to enhance trust and compliance.

G

GIANTS Software GmbH

giants-software.com

50

GIANTS Software GmbH is a well-established Swiss technology company specializing in game development and publishing, best known for the Farming Simulator series. The company maintains a professional online presence with a content-rich website targeting gamers, partners, and potential employees. Their market position is strong within the simulation gaming niche, supported by active social media channels and partnerships. Technically, the website uses a traditional tech stack with jQuery and CSS, hosted by Hetzner Online GmbH, and demonstrates moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced DNS security and security headers. Privacy compliance is basic but includes a cookie consent mechanism and a privacy policy. Overall, the website is trustworthy and professionally maintained, though improvements in security and transparency could enhance its posture further.

Grand Prix Gear is a specialized e-commerce retailer offering official merchandise for prominent motorsport events such as the Firestone Grand Prix of St Petersburg, the Grand Prix of Portland, and the Honda Indy Toronto, as well as NASCAR Xfinity Cup races. The company operates primarily through a Shopify-based online storefront, targeting motorsport fans and event attendees with branded apparel and souvenirs. The business appears to be small-sized, founded in 2021, and focused on niche retail within the transportation and retail sectors. Technically, the website leverages modern web technologies including Shopify's Dawn theme, JavaScript, and CSS, hosted on Amazon AWS infrastructure. The site demonstrates good performance, mobile optimization, and accessibility. Shopify's integrated payment solutions such as Shopify Payments and Apple Pay are utilized, enhancing the user experience and transactional security. From a security perspective, the site enforces HTTPS and benefits from domain status protections that prevent unauthorized domain modifications. However, DNSSEC is not enabled, and explicit security headers are not clearly visible in the HTML content. There is no evidence of a security policy, incident response contacts, or vulnerability disclosure mechanisms, which are areas for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. Overall, the website is professionally designed and functional, with a moderate security posture and some gaps in privacy compliance and transparency. Strategic enhancements in privacy policy publication, cookie consent, and security disclosures would improve trust and compliance standing.

G

gamescom

gamescom.global

67

gamescom is a major European event organizer specializing in digital games culture, hosting the leading trade fair in Cologne. The website reflects a mature digital presence with modern technologies such as Next.js and React, integrating identity management and analytics tools. The security posture is strong with HTTPS and security headers, though explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Overall, the site demonstrates professionalism and trustworthiness appropriate for a large-scale event organization.

V

VP Production

vp-production.com

54

VP Production is a Ukrainian audio agency specializing in sound design, audio branding, music creation, and voiceover services primarily for games, brands, and applications. Established in 2016, the company positions itself as a creative partner helping clients create memorable audio identities. The website is professionally designed using the Hugo static site generator, with good SEO, mobile optimization, and accessibility. The technical infrastructure includes modern JavaScript and CSS assets, with Google Tag Manager for analytics. Security posture is solid with HTTPS and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite tracking. Contact is primarily via email, with no phone or physical address listed. Social media presence is strong across major platforms. Overall, the website is trustworthy, professional, and well-maintained.

A

Arbeitsgemeinschaft der Wissenschaftlichen Medizinischen Fachgesellschaften e. V.

awmf.org

55

The Arbeitsgemeinschaft der Wissenschaftlichen Medizinischen Fachgesellschaften e. V. (AWMF) is a prominent non-profit network of scientific medical societies in Germany. It focuses on the development, publication, and coordination of high-quality medical guidelines, serving as a central hub for medical professionals and scientific societies. The website reflects a professional and well-structured platform that supports its mission through guideline registers, events, and publications. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies with good mobile optimization and SEO practices. Security posture is moderate, with HTTPS usage but lacking explicit security headers and privacy policies. The absence of visible contact information and WHOIS data limits full verification but does not detract from the site's credibility given its professional content and external affiliations. Overall, the site is trustworthy, well-positioned in the healthcare sector, and serves a specialized audience effectively.

Unreal Engine, operated by Epic Games, Inc., is a leading technology company specializing in real-time 3D creation tools. Their flagship product, Unreal Engine, serves a broad audience including game developers, designers, and creators across multiple platforms such as PC, console, mobile, VR, and AR. The company holds a strong market position as a premier provider of advanced real-time technology solutions, enabling users to build high-quality games and cinematic experiences. Technically, the website demonstrates a mature digital infrastructure leveraging modern frameworks like Next.js and React, with optimized performance and excellent mobile responsiveness. The use of OneTrust for cookie consent and tracking indicates a commitment to privacy compliance. The site is well-structured with comprehensive metadata, SEO optimization, and accessibility considerations. From a security perspective, the website enforces HTTPS, employs multiple security headers, and integrates cookie consent mechanisms. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. The absence of WHOIS data is likely due to privacy protection, which is common for large enterprises and does not detract from the site's legitimacy. Overall, Unreal Engine's website reflects a professional, secure, and privacy-conscious digital presence aligned with its industry stature. Strategic recommendations include publishing detailed security and incident response policies and maintaining vigilance on third-party scripts to uphold security standards.

I

indieprize

indieprize.org

54

indieprize.org is a niche content website dedicated to World of Warcraft players, providing daily news, in-depth guides, and expert tips focused on Mythic+ dungeons and raid content. The site targets WoW gamers seeking practical and tested gameplay advice to enhance their experience. Technically, the site is built on WordPress with a modern block-based theme, hosted behind Cloudflare DNS, and uses HTTPS with standard domain protections. However, it lacks advanced security headers and DNSSEC, which could improve its security posture. Privacy compliance is minimal, with a basic privacy policy but no cookie consent mechanism or GDPR indicators. No contact or incident response information is provided, limiting transparency. Overall, the site is professionally designed with good content quality and moderate technical implementation, but security and privacy practices need enhancement to meet higher standards.

The domain pixellb.com is currently a parked domain hosted by GoDaddy.com, LLC, with no active business content or services offered. The page serves as a placeholder and includes basic branding and a Trustpilot review widget. The target audience is primarily potential domain buyers. The technical infrastructure is minimal, relying on GoDaddy's parking platform with embedded scripts for cookie consent (TrustArc) and customer reviews (Trustpilot). The site lacks a CMS and advanced SEO or accessibility features. Security posture is basic, with no DNSSEC enabled and no visible security headers, but the domain is protected by registrar status flags preventing unauthorized changes. Privacy compliance is basic, with a cookie consent banner and a link to GoDaddy's privacy policy. No contact information, security policies, or incident response details are provided, limiting business credibility. Overall, the site is low risk but offers limited value beyond domain parking.

K

Outlook

kishpandi.com

57

The website kishpandi.com hosts an Outlook Web Access (OWA) login page, providing users access to Microsoft Exchange email services. The domain is registered since 2011 with a reputable registrar, indicating a stable domain history. However, the website content is minimal, serving solely as a login portal without any business branding, contact information, or policy disclosures. The technical infrastructure relies on legacy Microsoft OWA technologies with basic HTML, CSS, and JavaScript, and no modern web frameworks or CMS detected. Security posture is limited with no visible security headers or HTTPS enforcement details, and no privacy or cookie policies are present. Overall, the site functions as a standard email access portal but lacks transparency and compliance features expected for public-facing business websites.

U

Unity

ironsrc.com

67

Unity is a leading technology company specializing in real-time 3D development platforms and mobile app marketing solutions. Their website showcases a comprehensive suite of products aimed at helping developers monetize, acquire users, and grow their games and apps. The company holds a strong market position with a large enterprise footprint and multiple subsidiaries such as ironSource, Tapjoy, and Supersonic. Technically, the website is built on modern frameworks like React and Next.js, hosted on Akamai, and optimized for performance and mobile use. Security posture is strong with HTTPS, domain locking, and reputable registrar usage, though DNSSEC is not enabled and explicit security policies are not published. Privacy compliance is partially addressed with a cookie consent mechanism but lacks visible privacy and terms of service pages on the analyzed content. Overall, the site is professional, trustworthy, and business-focused, with no signs of malicious or adult content.

M

Michal Danko

michaldanko.com

45

Michal Danko operates as a freelance full stack web developer based in Košice, Slovakia, with over 10 years of experience. The website serves as a professional portfolio showcasing his skills in web development technologies including WordPress, WooCommerce, Laravel, and front-end frameworks. The business model is focused on freelance client engagements, targeting clients seeking custom web development and design services. The website is well-structured and presents a clear overview of services and past projects, positioning Michal as an experienced independent developer in the Slovak market. Technically, the website uses a modern tech stack with HTML5, CSS3, Bootstrap, JavaScript, PHP frameworks, and CMS platforms like WordPress and October CMS. Hosting is provided by Websupport, a Slovak hosting provider, with domain registration consistent with the business location. Google Analytics is used for visitor tracking, and Google Fonts are loaded for typography. The site is mobile optimized and performs moderately well, though accessibility features are basic. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protection enabled. However, DNSSEC is not enabled, and no security headers were detected, which could improve security posture. There are no privacy or cookie policies present, indicating gaps in GDPR compliance. No vulnerability disclosure or incident response information is provided. Overall, the security posture is moderate but could be enhanced with additional best practices. The overall risk assessment is low to moderate. The site is professional and trustworthy but lacks formal privacy and cookie policies and some security hardening. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and providing vulnerability disclosure information to improve compliance and security maturity.

The website viacarpatia.eu serves primarily as a navigation portal linking to several related regional and community project websites in Slovakia. It appears to support initiatives such as small project funds and active aging centers, targeting local communities and stakeholders interested in these projects. The website is relatively simple, with basic content and navigation, and does not provide direct business or contact information on the landing page. Technically, the site is built on WordPress with a custom theme and hosted by a reputable Slovak registrar, WebSupport s.r.o. The technical infrastructure is basic but functional, with moderate performance and basic mobile optimization. Security posture is minimal, with no detected security headers or privacy policies, and no visible analytics or tracking scripts. The site uses HTTPS but lacks advanced security best practices. Overall, the site is safe for general audiences and does not contain any adult or explicit content. The domain registration is consistent with the website's regional focus and shows no suspicious patterns. Strategic recommendations include implementing privacy and cookie policies, enhancing security headers, adding contact information, and establishing a vulnerability disclosure policy to improve trust and compliance.

E

European Association for Artificial Intelligence

eurai.org

52

The European Association for Artificial Intelligence (EurAI) is a well-established non-profit organization dedicated to promoting AI research and collaboration across Europe. The website serves as a hub for AI professionals, researchers, and academics, offering information on conferences, awards, membership, and sponsored activities. The association has a strong market position within the European AI community, supported by numerous member societies and reputable events. The business model focuses on community building, education sponsorship, and recognition of excellence in AI research. Technically, the website is built on modern web technologies including Next.js and React, providing a responsive and user-friendly experience. The site demonstrates good SEO practices and mobile optimization, though accessibility features are basic. Hosting and domain registration are managed through reputable providers, with domain security measures such as domain locking in place. Performance is moderate, with no significant technical debt or vulnerabilities detected. From a security perspective, the site uses HTTPS and has domain status protections enabled, but lacks advanced DNS security features like DNSSEC. There are no visible security policies, incident response contacts, or vulnerability disclosure mechanisms, which represent areas for improvement. Privacy compliance is partial; while a cookie consent banner is present, no dedicated privacy or terms of service pages were found. Contact information is limited to a web form, with no direct emails or phone numbers provided. Overall, the website is professional, trustworthy, and safe for general audiences. The main risks relate to compliance gaps in privacy and security policy disclosures. Strategic recommendations include publishing comprehensive privacy and terms policies, enabling DNSSEC, and establishing a vulnerability disclosure process to enhance trust and security posture.

The domain damagedadvice.com currently serves as a 404 Not Found error page with no active website content. It is used by Admiral, a service provider specializing in copyright access control and privacy consent management for digital publishers. The domain is hosted on Google Cloud Platform and registered via NameCheap, Inc. The technical infrastructure is basic, relying on standard web technologies such as JavaScript, HTML, and CSS, with no advanced frameworks or CMS detected. Security practices are mentioned in the page content, including encryption and certificate rotation, but no detailed security policies or vulnerability disclosures are published. The absence of privacy and cookie policies, contact information, and business details limits the website's credibility and compliance posture. Overall, the site is safe with no adult or questionable content, but the lack of substantive content and policies results in a low trust and quality score.

The website serves as a private access portal for member entities of the 'Acord Ciutadà', a local government initiative in Barcelona focused on social inclusion and reducing social inequalities. It allows members to update their organizational data, request official seals, and participate in strategic social programs. The site targets non-profit and governmental organizations involved in this agreement. The business model is membership-based, supporting collaboration and data management within a defined community. Technically, the website uses basic HTML, CSS, and JavaScript without advanced frameworks or CMS detected. The design is functional but basic, with limited mobile optimization and accessibility features. No analytics or advertising technologies are present, indicating a focus on privacy and minimal tracking. However, the absence of HTTPS enforcement and security headers is a notable technical gap. From a security perspective, the site uses POST for login but lacks visible protections such as CSRF tokens or security headers. No privacy or cookie policies are present, which is a compliance concern under GDPR. The WHOIS data is unavailable due to .es domain restrictions, but the domain aligns with the local government context, suggesting legitimacy. Overall, the security posture is moderate but requires improvements to meet modern standards. The overall risk is moderate with recommendations to implement HTTPS, add security headers, introduce privacy and cookie policies, and enhance form security. These steps will improve trust, compliance, and protection for users accessing sensitive organizational data.

The website pistolo1.com/de/ appears to be a newly created site with minimal content and limited business information. The domain was registered in January 2025, consistent with the website's build date in October 2025. The site uses Cloudflare DNS and Google Fonts but lacks common business trust indicators such as privacy policies, contact information, or social media presence. The technical infrastructure is basic with no detected CMS or frameworks. Security posture is limited, with no security headers or advanced configurations detected, and no GDPR compliance indicators present. Overall, the site appears to be in an early development or placeholder stage, with low business credibility and limited content quality.

S

SapphireBet: Online Sports Betting & Casino - High Odds

sapphirebet.com

65

SapphireBet operates as an online sports betting and casino platform offering a variety of gambling services including live betting, slots, jackpots, esports, and fast games. The platform targets adult gamblers internationally, providing multiple language options and a range of promotions and bonuses to attract users. Technically, the website leverages modern JavaScript frameworks such as Vue.js and uses CDN services for content delivery, indicating a moderate level of digital maturity. Performance and mobile optimization are good, though accessibility features are basic. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks visible security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. Overall, the site is functional and professional but would benefit from enhanced transparency and security practices.

S

Sparkasse Arnstadt-Ilmenau

spk-arnstadt-ilmenau.de

70

Sparkasse Arnstadt-Ilmenau is a regional financial institution in Germany offering a broad range of banking and financial services to private and corporate customers. The website reflects a mature digital presence with comprehensive service information, secure online banking access, and clear customer support channels. The bank emphasizes security and privacy compliance, including GDPR adherence and cookie consent mechanisms. The technical infrastructure is modern, likely based on Adobe Experience Manager, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforced and secure forms, though some security headers could be improved. Overall, the website is professional, trustworthy, and well-aligned with the bank's business model and market position.

Mateřská škola Borohrádek operates as a local preschool educational institution in the Czech Republic, providing early childhood education services with a focus on a natural environment. The website serves primarily parents and guardians seeking information about the school, its classes, events, and admission procedures. The business model is community-focused education with a small organizational size and a founding date around 2010. Technically, the website is built using standard web technologies including HTML5, CSS, JavaScript, and jQuery, likely managed via the WebConfig CMS platform. The site is moderately optimized for mobile devices and offers a clear navigation structure. However, performance and accessibility are basic, and there is room for improvement in SEO and technical modernization. From a security perspective, the site uses HTTPS (inferred but not explicitly confirmed), includes cookie consent mechanisms, and employs common tracking tools such as Google Analytics and Facebook Pixel. There is a lack of advanced security headers and no visible incident response or security policy pages. WHOIS data is missing, which reduces domain trustworthiness, though the website content and structure suggest a legitimate educational entity. Overall, the website is functional and provides relevant content for its audience but would benefit from enhanced security practices, improved transparency in contact information, and better technical optimization to strengthen trust and compliance.

Truhlářství Roman Vodehnal is a small Czech woodworking business specializing in custom furniture manufacturing, including kitchens, interior doors, built-in wardrobes, and bedrooms. Established in 1992, the company serves customers primarily in Eastern Bohemia, near cities such as Pardubice and Hradec Králové. The website presents a professional image with clear service descriptions and regional focus but lacks detailed contact information and formal privacy or security policies. Technically, the site uses standard web technologies including Google Analytics and Google Fonts, but does not demonstrate advanced security configurations or compliance features. The absence of WHOIS data reduces domain trustworthiness, although the business appears legitimate based on content and longevity claims.

ZŠ TGM Borohrádek is a Czech elementary school providing educational services to the local community. The website offers detailed information about school schedules, staff, cafeteria, after-school programs, and various projects. The site targets students, parents, and school staff, serving as an informational portal for the school community. The business model is that of a public educational institution with a local market position. Technically, the website is built on a CMS platform identified as RWBC, using standard HTML, CSS, and JavaScript. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. No advanced frameworks or hosting provider details were detected. The website design is professional and consistent with the school's branding. From a security perspective, the site lacks visible security headers and advanced security practices. HTTPS presence and SSL configuration could not be confirmed from the provided data. Privacy and cookie policies are present, indicating some compliance with GDPR, but no cookie consent mechanism is implemented. No contact emails or phone numbers were found, limiting direct communication channels. No WHOIS data was available, which reduces the ability to fully verify domain legitimacy. Overall, the website is functional and serves its educational purpose well but would benefit from improved security measures, enhanced privacy compliance, and clearer contact information to strengthen trust and compliance posture.

A

Anemos s.r.o.

multishare.cz

55

MultiShare.cz is a Czech-based technology service operated by Anemos s.r.o. that provides a unique file download aggregation platform allowing users to download from 16 different file sharing servers using a single credit system. The service targets general internet users who frequently download files from multiple sources and offers integration with popular tools like JDownloader 2 and Synology NAS servers. The website is professionally designed with good content quality and consistent branding, supporting a moderate-sized user base with over 90,000 customers. The business model is credit-based, providing convenience and speed for file downloads.

FajnCom s.r.o. is a small Czech telecommunications company specializing in internet and television services, targeting residential and small business customers primarily in Prague. The website promotes key offerings such as free installation and promotional discounts, positioning the company as a local service provider with a membership in the Tlapnet group, indicating some business network affiliation. The digital presence is functional with a professional design but lacks advanced interactive features such as forms or user accounts. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, Google Fonts, and Font Awesome. However, some external resources are loaded over HTTP, posing mixed content risks. The site lacks visible security headers and there is no evidence of HTTPS enforcement in the provided data, which are critical for securing user interactions and building trust. Mobile optimization and accessibility are basic but functional. From a security perspective, the absence of privacy and cookie policies indicates compliance gaps with GDPR and related regulations. No incident response or security contact information is provided, and no vulnerability disclosure or security certifications are evident. The WHOIS data is consistent and supports the legitimacy of the domain and business, with a domain age of over 15 years. Overall, the security posture is moderate but requires improvements to meet modern standards. The overall risk is moderate with no critical vulnerabilities detected in the visible content, but the lack of HTTPS and privacy compliance are significant issues. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, securing external resources, and enhancing security headers to improve trust and compliance.

Oklahoma Press operates a straightforward website providing downloadable advertising PDFs primarily serving the Oklahoma region. The business appears to be a small regional media service provider with a focus on facilitating ad content distribution to clients. The website is minimalistic, with basic design and limited interactive features, focusing solely on the ad download functionality. The technical infrastructure is simple, relying on basic HTML, CSS, and PHP for form handling, hosted on HostGator servers. There is no evidence of advanced CMS or modern frameworks, and SEO and accessibility features are minimal. Security posture is weak, with no DNSSEC, no visible security headers, and no explicit HTTPS confirmation in the provided data. The site lacks privacy, cookie, and terms of service policies, which impacts compliance and user trust. Contact information is limited to phone numbers without email or social media presence. Overall, the site is functional but basic, with room for significant improvements in security, privacy compliance, and technical modernization.

B

BRIESE SCHIFFAHRT

briese.de

54

BRIESE SCHIFFAHRT is a medium-sized German maritime shipping company managing a fleet of over 130 multipurpose heavylift vessels. The company operates several divisions including chartering, research vessel management, and crew management, serving clients in the shipping and logistics sectors. The website presents a professional and consistent brand image with clear navigation and relevant content targeting maritime industry professionals and potential crew members. Technically, the site uses NeoCMS with jQuery and related libraries, delivering moderate performance and basic mobile optimization. Security posture is moderate with HTTPS implied but lacking explicit security headers and advanced protections on login forms. Privacy compliance is limited, with no cookie consent mechanism detected and only a basic privacy policy present. WHOIS data is consistent and supports the legitimacy of the domain and business. Overall, the website is functional and professional but could improve in security and privacy compliance to enhance trust and regulatory adherence.

L

home

lungenatlas.de

40

The website www.lungenatlas.de appears to be an informational platform focused on lung atlas data, likely related to medical or scientific research in Germany. The content primarily consists of an interactive SVG map of German regions, with minimal textual content and no evident privacy or cookie policies. The site lacks visible contact information and social media presence, indicating a limited digital engagement strategy. Technically, the site uses SVG and CSS with no detected JavaScript frameworks or analytics tools, hosted likely via GoDaddy based on nameserver data. Security posture is basic with no HTTPS or security headers confirmed from the data, and privacy compliance is minimal due to absence of policy documents. Overall, the site serves a niche informational purpose but requires enhancements in security, privacy, and user engagement to improve trust and compliance.

S

Sundial Media Group

sundialmg.com

57

Sundial Media Group is a newly established media company founded in 2024, managing a portfolio of influential brands such as Essence, Refinery29, Beautycon, and Afropunk. The company focuses on cultural media, community engagement, and event experiences, positioning itself as a significant player in the media industry with a strong brand ecosystem. The website reflects a professional and modern digital presence, hosted on Amazon AWS and built using modern technologies like Astro, ensuring fast performance and excellent mobile optimization. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and DNSSEC, and no explicit security or incident response policies are published. Privacy compliance is good with clear privacy and cookie policies, though no active cookie consent mechanism is implemented. Overall, the website is trustworthy, well-branded, and provides a positive user experience, but could improve security and compliance transparency.

O

OnlineWebFonts.COM

onlinewebfonts.com

59

OnlineWebFonts.COM operates as a popular online platform offering a vast catalog of over 8 million free desktop and web fonts for preview and download. The website targets designers, developers, and general users seeking font resources, providing additional tools such as font format converters and embedding code generators. The business model revolves around free font distribution and community engagement through font design job listings. Technically, the site is built on WordPress and leverages common web technologies including jQuery and JavaScript, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and secure form submissions, but lacks advanced security headers and explicit incident response policies. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, indicating GDPR awareness. However, the absence of WHOIS registration data raises concerns about domain legitimacy, impacting overall trustworthiness. The site is safe for general audiences with no adult or explicit content detected.

K

Kyst24

kyst24.no

56

Kyst24.no is a Norwegian maritime news portal delivering updated news focused on coastal industries such as aquaculture, fisheries, shipping, and shipbuilding. The site operates under the parent company Oceanspacemedia and maintains a network of related industry-specific media brands. The business model includes paywalled content and job listings tailored to maritime professionals, positioning Kyst24 as a niche media provider in the Nordic maritime sector. Technically, the website employs modern web technologies including JavaScript, CSS, and responsive design with Google Fonts. It uses JWT cookies for authentication and paywall management, indicating a moderate level of digital maturity. The site is mobile optimized and accessible, with good SEO practices evident from meta tags and structured data. From a security perspective, HTTPS is used, and no sensitive data is exposed in the HTML. However, explicit security headers are not detected, and privacy and cookie policies are not clearly presented, indicating areas for improvement. No vulnerabilities or malicious content were found, and the site does not appear to be blocked by any WAF or security challenge. Overall, Kyst24.no presents a professional and trustworthy media platform with moderate security and privacy compliance. Strategic enhancements in privacy disclosures, security headers, and contact transparency would strengthen its security posture and user trust.

O

Oceanspace Media AS

oceanspacemedia.com

52

Oceanspace Media AS is a Norwegian-based media company specializing in marine and maritime industry publications. With a portfolio of established magazines and web portals, they serve a professional audience across Norway, Chile, and international markets. Their content is published in multiple languages including Norwegian, English, Spanish, and Danish, reflecting a broad international reach within their niche. The company positions itself as a knowledge hub for marine sectors such as salmon farming, shipping, and boat building. Technically, the website employs modern web standards including HTTPS, responsive design, and JavaScript enhancements. However, it lacks some advanced security headers and privacy compliance features such as explicit privacy and cookie policies. The site is accessible without WAF or security challenges, indicating good availability but also a potential area for security hardening. Security posture is moderate with HTTPS enabled and no visible vulnerabilities, but the absence of security policies and WHOIS data raises concerns about domain legitimacy and compliance. The WHOIS query returned no registration data, which is unusual and warrants further investigation to confirm domain ownership and legitimacy. Overall, the website is professionally designed and functional, serving its business purpose well. Strategic improvements in privacy compliance, security headers, and domain registration transparency would enhance trust and security posture significantly.

A

Alingsås Tidning

alingsastidning.se

54

Alingsås Tidning is a regional news media organization founded in 2005, serving the Alingsås area and nearby municipalities in Sweden. It provides local news, sports, economy, opinion pieces, video content, and podcasts, targeting local residents and Swedish-speaking audiences. The website is professionally designed with a modern tech stack including Next.js and React, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and a consent management platform for GDPR compliance. However, WHOIS data for the exact www subdomain is unavailable, likely due to subdomain usage, but the overall business legitimacy is supported by consistent branding and parent company affiliation with Stampen Media. The site uses multiple advertising and tracking services but manages user consent effectively.

N

Navigate360, LLC

p3intel.com

62

P3 Global Intel, operated by Navigate360, LLC, provides advanced anonymous tip acquisition and management software primarily targeting Crime Stoppers programs, law enforcement agencies, and school safety initiatives. The company positions itself as a pioneer and industry leader with a strong footprint in the United States, serving over 30,000 schools and multiple government agencies. The website reflects a professional and consistent brand image with clear messaging about its services and customer testimonials endorsing its effectiveness. Technically, the website is custom-built with standard web technologies and hosted on Amazon AWS infrastructure. While the site is functional and moderately optimized for performance and mobile use, it lacks advanced SEO and accessibility features. No CMS or modern frameworks are detected, indicating a possibly static or lightly dynamic site. From a security perspective, the domain is well-registered with GoDaddy and protected against unauthorized changes via domain status flags. However, DNSSEC is not enabled, and no security headers or privacy-related policies are present on the site, indicating room for improvement in compliance and security best practices. No forms or direct contact information are visible, which may impact user engagement and trust. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance, security hardening, and clearer contact channels to improve user confidence and regulatory adherence.

MONKS Vertriebsges. mbH is a specialized web and media agency based in Munich, Germany, focusing on web development, design, smartphone applications, and virtual training primarily for the medical sector. Their offerings include telemedicine expert consultations, certified online medical training, and practice apps with video consultation capabilities. The company positions itself as a niche provider serving healthcare professionals and institutions, leveraging digital technologies to enhance medical services and education. Technically, the website is built on the TYPO3 CMS platform, a mature and widely used open-source content management system. The site employs HTTPS with a good SSL configuration and includes a cookie consent mechanism that respects user privacy by limiting cookies to strictly necessary ones and avoiding tracking cookies. However, the site lacks advanced security headers and visible analytics or advertising scripts, indicating a focus on privacy and minimal tracking. From a security perspective, the website demonstrates a moderate security posture with HTTPS enforcement and cookie consent but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or suspicious patterns were detected. The WHOIS data aligns well with the business claims, showing consistent registration information and no privacy protection, which supports legitimacy. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, serving a specialized audience with relevant content. Recommendations include enhancing security headers, publishing security policies, and improving mobile optimization and accessibility to further strengthen the site's security and user experience.

A

ARO Inc.

aro.ca

46

ARO Inc. is a Canadian accounts receivable management company established in 1993, providing debt collection and payment solutions primarily to Canadian consumers and businesses. The company maintains a professional online presence with clear contact information and multiple office locations, positioning itself as a reliable service provider in the finance sector. The website is built using modern web technologies including Vue.js and Google Fonts, offering a responsive and user-friendly experience. However, the site lacks key compliance documents such as privacy and cookie policies, which are critical for regulatory adherence and user trust. Security posture is generally good with HTTPS enforced, but could be improved by enabling DNSSEC and adding security headers. No incident response or vulnerability disclosure information is published, indicating room for maturity in security governance. Overall, the domain registration is consistent with the business claims, supporting the legitimacy of the company. Strategic improvements in privacy compliance and security transparency would enhance trust and reduce risk.

H

Hyundai Avto Trade d.o.o.

hyundai.si

56

Hyundai Avto Trade d.o.o. is the authorized importer and distributor of Hyundai motor vehicles in Slovenia, operating since 2004. The company offers a range of automotive products including electric and hybrid vehicles, servicing, financing, and after-sales support. The website reflects a professional and consistent brand presence targeted at Slovenian consumers interested in Hyundai vehicles. Technically, the site leverages Cloudflare for DNS and CDN services, uses Cookiebot for GDPR-compliant cookie consent, and integrates multiple analytics and advertising platforms with user consent. Security posture is strong with HTTPS enforced and standard security headers likely in place, although no dedicated security or incident response policies are published. Overall, the website is well-structured, accessible, and compliant with privacy regulations, supporting a trustworthy business image.

R

Rancho Los Cerritos

rancholoscerritos.org

61

Rancho Los Cerritos is a non-profit historic site dedicated to preserving and sharing California's rich cultural history through tours, events, and educational experiences. The website reflects a well-established local attraction with a clear focus on community engagement and cultural education. Technically, the site is built on WordPress using the Bricks Builder framework, hosted with BunnyCDN for performance optimization, and demonstrates excellent mobile responsiveness and SEO practices. Security posture is strong with HTTPS enforced and appropriate security headers, though the absence of visible privacy and cookie policies and incomplete WHOIS data present areas for improvement. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and compliance documentation.

The website p3tips.com serves as a platform for anonymous crime tip submissions, supporting Crime Stoppers programs, law enforcement, schools, and corporations globally. It is part of the Navigate360 family, indicating a medium-sized business focused on public safety and crime prevention. The site offers key services such as anonymous tip submission via web and mobile apps, targeting a broad audience including the public and institutional entities. Technically, the site uses basic HTML, CSS, and JavaScript without modern frameworks or CMS, hosted likely on AWS infrastructure. Mobile optimization and accessibility are basic, and SEO is minimal. Security posture shows some strengths like domain registration protections but lacks DNSSEC and security headers, with no visible privacy or cookie policies, indicating compliance gaps. Overall, the site is functional and trustworthy but would benefit from enhanced security and privacy measures.

A

Appel Nowitzki

appelnowitzki.com

55

Appel Nowitzki is a specialized consulting and design agency focused on real estate marketing and corporate design. Established in 2012, the company offers integrated strategy, design, and content services aimed at creating sustainable brand identities for real estate clients. The agency has a strong market position supported by numerous prestigious design awards and a professional online presence. Technically, the website is built on the Contao CMS platform, uses modern web technologies including SVG graphics and JavaScript, and demonstrates good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and domain protections in place, but lacks DNSSEC and security headers, and does not publish privacy or terms of service policies. Overall, the website is professional, trustworthy, and business-focused with minimal user tracking and a cookie consent mechanism implemented. Strategic improvements in security and compliance documentation would enhance trust and regulatory adherence.

G

goneo Webmail Plus

goneo.email

62

The goneo.email website serves as a webmail portal for goneo email customers, providing access to email services powered by the Group-Office platform. The site is primarily a login interface with minimal content beyond authentication forms. The business appears to focus on email hosting and management services targeted at goneo customers, with no direct marketing or extensive business information presented on this page. The domain is active and maintained with privacy-protected WHOIS data, consistent with typical hosting service practices. Technically, the site uses ExtJS 3 framework and standard web technologies such as JavaScript, CSS, and HTML5. It enforces HTTPS and uses security tokens for AJAX requests, indicating a baseline security posture. However, the absence of explicit security headers and privacy/cookie policies suggests room for improvement in compliance and security best practices. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. From a security perspective, the site shows no signs of WAF blocking or content filtering, and no vulnerabilities are evident from the HTML content. The lack of exposed sensitive data and use of HTTPS are positive indicators. However, the missing security headers and privacy policies reduce the overall security and privacy compliance score. No contact or incident response information is publicly available, which could impact user trust and compliance. Overall, the website is functional and serves its purpose as a webmail login portal but would benefit from enhanced privacy disclosures, security headers, and contact information to improve trust and compliance. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, and improving accessibility and SEO to enhance user experience and regulatory compliance.

V

Archiv československých her a vývojářů Visiongame Visiongame

visiongame.cz

46

Visiongame.cz is a niche Czech and Slovak gaming archive and community platform established in 2006. It catalogs games, studios, and developers from the region, providing news, articles, and curated collections. The website targets gamers and developers interested in regional game development history and current projects. Technically, it is built on WordPress with modern JavaScript libraries and uses Google Analytics and Facebook Pixel for tracking. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and reCAPTCHA but lacks some security headers and explicit privacy and cookie policies, indicating room for compliance improvement. No contact emails or phone numbers are explicitly provided, which may affect user trust and support accessibility. Overall, the domain registration data is consistent with the website's regional focus and age, supporting legitimacy.

The domain recessrain.com currently serves a 404 Not Found error page with no active website content or business information. The domain is registered through NameCheap, Inc. and hosted on Google Cloud Platform, with DNS managed by AWS DNS servers. The site appears to be a placeholder or under development, with content related to Admiral's copyright access control and privacy consent services. There is no direct business presence or contact information on the site. Technically, the site uses standard web technologies (HTML, CSS, JavaScript) but lacks SEO, accessibility, and performance optimizations. Security posture is moderate due to HTTPS usage and encryption, but no advanced security headers or vulnerability disclosures are present. Overall, the site is low trust and low content quality, reflecting a new or inactive domain.

The website nano.no, titled 'Sidespeilet Utvikling', appears to be a small-scale service provider focused on remote support solutions, primarily offering TeamViewer QuickSupport downloads. The business is likely operated by an individual named Tom Øyvind Hogstad, based in Norway, with contact details provided directly on the site. The site content is minimal and primarily serves as a download portal rather than a full corporate website. From a technical perspective, the website is built with basic HTML and CSS, lacking modern frameworks or CMS platforms. There is no evidence of advanced analytics, tracking, or advertising technologies. Mobile optimization and accessibility are basic, and SEO features are minimal. The site does not include privacy or cookie policies, nor terms of service, which limits its compliance posture. Security posture is weak due to the apparent absence of HTTPS enforcement and security headers. No forms or data collection mechanisms are present, reducing exposure to input-based vulnerabilities but also limiting user engagement. The WHOIS data is consistent with the website's business profile and origin, indicating legitimacy but a small operational scale. Overall, the website scores low to moderate in content quality, technical implementation, security, and privacy compliance. Strategic improvements in security (HTTPS, headers), privacy policies, and technical modernization would enhance trust and compliance.

The domain fewkittens.com currently serves a 404 Not Found error page with minimal content. The page indicates that the domain is hosted by Admiral, a service provider specializing in copyright access control and privacy consent management for digital publishers. The website lacks substantive business content, contact information, or user engagement features, suggesting it is either a placeholder or under development. The technical infrastructure is based on Google Cloud Platform with standard web technologies (JavaScript, HTML, CSS) and employs industry-standard encryption with frequent certificate rotation. Security posture is reasonable given the lack of executable content and continuous scanning, but the absence of security headers and DNSSEC represents areas for improvement. Privacy compliance is basic with mention of GDPR and no third-party cookies, but no explicit consent mechanism is implemented. Overall, the site’s risk is low due to minimal content and no suspicious elements, but the lack of business and contact information limits trust and credibility.

TIDAL is a globally recognized music streaming service specializing in high fidelity sound and high-definition video quality, offering expertly curated playlists and original content. The platform targets music enthusiasts and culture followers worldwide, operating on a subscription-based business model. The website reflects a mature and professional digital presence consistent with a large media company, founded in 1995. Technically, the site employs modern web technologies, including JavaScript, HTML5, CSS, and integrates cookie consent management via OneTrust. Hosting is inferred to be on Amazon AWS infrastructure, with DNS managed by AWS nameservers. Security measures include HTTPS enforcement, Content Security Policy headers, and anti-clickjacking scripts, although DNSSEC is not enabled. No explicit privacy policy or terms of service were detected in the provided content, and no direct contact or security incident response information is publicly visible. The WHOIS data confirms the domain's legitimacy, showing consistent registration details with a reputable registrar and appropriate domain age. Overall, the site demonstrates good security posture and technical implementation but would benefit from enhanced privacy compliance documentation and clearer contact information.

G

Goetheanum

goetheanum.org

55

Goetheanum is an educational and cultural institution focused on spiritual science and anthroposophy, serving as the seat of the General Anthroposophical Society. The website presents a professional and consistent brand image with good content quality targeted at individuals interested in spiritual and educational topics. Technically, the site uses modern web technologies including JavaScript, CSS, Google Fonts, and integrates cookie consent via iubenda, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, but lacks explicit security headers and published security policies. Privacy compliance is partial due to the absence of a visible privacy policy and terms of service. Overall, the site is safe, trustworthy, and well-positioned within its niche educational sector.

F

Fagforbundet

fagforbundet.no

74

Fagforbundet is a prominent Norwegian labor union dedicated to supporting workers in Norway by advocating for their wages and rights. The website presents a professional and consistent brand image, targeting Norwegian union members and workers. The business model revolves around membership services and collective bargaining support, positioning Fagforbundet as a key player in the Norwegian labor sector. Technically, the website employs modern web technologies including JavaScript, CSS, and analytics tools such as Piwik PRO and Google Tag Manager, with a cookie consent mechanism indicating GDPR compliance efforts. Security posture is solid with HTTPS enabled and cookie consent implemented, though there is room for improvement in security headers and explicit security policies. Overall, the website is accessible, well-structured, and trustworthy, with no signs of blocking or WAF interference.

The domain givevacation.com currently serves a 404 Not Found error page with no accessible website content. The domain is registered with NameCheap, Inc. since March 2023 and is used by Admiral (getadmiral.com) to provide copyright access control and privacy consent services for digital publishers. The page content describes the service but lacks any privacy policy, cookie policy, terms of service, or contact information. Technically, the site uses industry-standard encryption and is hosted on Google Cloud Platform, but no advanced security headers or SEO optimizations are present. The security posture is good in terms of encryption and content scanning, but the lack of policies and contact details reduces compliance and trust. Overall, the site is not accessible for normal user interaction and scores low on content quality and business credibility.

The domain haplessland.com is currently serving a 404 Not Found error page with content indicating it is used by Admiral, a service provider specializing in copyright access control and privacy consent management for digital publishers. The website content is minimal and primarily informational about the service's role in copyright compliance and GDPR privacy support. The technical infrastructure is hosted on Google Cloud Platform, with DNS managed via AWS name servers, but DNSSEC is not enabled. Security practices mentioned include encryption and frequent certificate rotation, with no executable files hosted, indicating a focus on secure content delivery. However, the lack of visible security headers and cookie consent mechanisms are areas for improvement. Overall, the site is accessible but provides limited business or user-facing content, impacting its content quality and business credibility scores.