Security Directory

U

Uniwersytet Mikołaja Kopernika

umk.pl

61

Uniwersytet Mikołaja Kopernika w Toruniu is a prominent public university in Poland, offering higher education and research services. The website serves multiple audiences including prospective students, current students, researchers, staff, and alumni. It highlights academic excellence initiatives and international partnerships, positioning itself as a major educational institution in the region. The site content is well-structured, professionally designed, and consistent with university branding. Technically, the website uses standard web technologies such as HTML5, CSS3, and JavaScript, with good mobile optimization and accessibility features. However, no advanced frameworks or CMS were detected. Performance is moderate with proper SEO meta tags and clear navigation. The absence of visible security headers and cookie consent mechanisms suggests room for improvement in security and privacy compliance. From a security perspective, the site uses HTTPS as implied by Open Graph URLs, but lacks explicit security headers and published security policies. No forms collecting sensitive data were found, reducing immediate risk exposure. The WHOIS data is missing, which is unusual and reduces domain trustworthiness. No WAF or blocking mechanisms were detected, and no adult or questionable content is present, making the site safe for general audiences. Overall, the website is credible and professional but would benefit from enhanced security practices, transparent privacy and cookie policies, and verification of domain registration details to improve trust and compliance.

W

Warner Bros. Discovery Poland

wbdpoland.pl

68

Warner Bros. Discovery Poland is a prominent media company operating as part of the global Warner Bros. Discovery conglomerate. It holds a leading position in the Polish media market, offering a wide range of content across multiple TV channels and streaming platforms. The website reflects a professional media brand with a focus on delivering entertainment and news content to a broad audience in Poland. Technically, the site uses modern web technologies including Next.js and integrates multiple analytics and advertising services, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though some advanced security headers and explicit security policies are absent. Overall, the site is safe, compliant with basic privacy standards, and trustworthy, but could improve transparency by publishing privacy policies and security disclosures.

S

ssd.sk

ssd.sk

56

The website www.ssd.sk is currently inaccessible beyond a security challenge page that requires human verification via captcha. This indicates the presence of a Web Application Firewall (WAF) or anti-bot mechanism that restricts automated access. Due to this, the actual website content, including business information, policies, and contact details, is not accessible for analysis. The visible page contains obfuscated JavaScript and minimal text, primarily focused on bot prevention rather than user engagement. No metadata, structured data, or social media links are present on the accessible page. The lack of visible HTTPS information and security headers further limits the security assessment. Overall, the site appears to be in a protective mode, possibly to prevent spam or attacks, but this also hinders transparency and user trust.

P

Polskie Sieci Elektroenergetyczne S.A.

pse.pl

65

Polskie Sieci Elektroenergetyczne S.A. (PSE) operates as the national electricity transmission system operator in Poland, managing over 15,000 km of high-voltage lines and 109 substations. The company ensures reliable electricity transmission and system stability across the country. The website serves as a comprehensive portal for stakeholders, providing real-time system data, reports, news, consultations, and business partner resources. The site demonstrates a mature digital infrastructure leveraging modern web technologies and analytics tools, with a focus on transparency and user engagement. Security posture is strong with HTTPS enforcement and privacy compliance, though explicit security policies and incident response contacts could be enhanced. Overall, PSE's website reflects a professional, trustworthy, and well-maintained digital presence aligned with its critical national role.

P

P4 Sp. z o.o.

play.pl

68

Play.pl is the official website of P4 Sp. z o.o., a leading telecommunications operator in Poland offering mobile telephony, fiber optic internet, mobile internet, television services, and device sales. The company targets both general consumers and business customers, positioning itself as a major player in the Polish telecom market since its founding in 2007. The website provides comprehensive information about its services, promotions, and customer support, reflecting a mature and professional business model. Technically, the site uses modern JavaScript frameworks (Vue.js), integrates Google Tag Manager and Analytics, and employs LiveChat for customer interaction. The site is mobile-optimized and accessible, with good SEO practices and performance. Security-wise, the website enforces HTTPS, uses security headers, and implements cookie consent mechanisms, though explicit security policies and incident response details are not publicly published. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the site demonstrates a strong digital presence with good security posture and privacy compliance, suitable for a large enterprise in the telecommunications sector.

S

SOMA GmbH

flexassistant.de

11

The website www.flexassistant.de represents SOMA GmbH's flexAssistant product, a digital worker assistance system designed for manual assembly and production processes. The company is positioned as a medium-sized, well-established player in the manufacturing technology sector, with a strong focus on Industry 4.0 solutions such as Pick by Light systems and paperless manufacturing. The site demonstrates a professional and comprehensive digital presence, supported by modern CMS technology (TYPO3), consent management, and analytics tools. Security posture is good with HTTPS and standard best practices, though some security headers could be improved. The business credibility is high, supported by certifications like ISO 9001 and awards such as the TOP 100 Innovator. Contact information is clear and includes a named contact person, enhancing trust.

N

Narozeninové dorty

narozeninove-dorty.cz

58

Narozeninové dorty is a small Czech-based cake business specializing in birthday, wedding, children's, and specialty cakes. The website showcases a variety of cake images and provides basic contact information including an email address and regional location. The business appears to target general consumers looking for custom cakes in the Karlovy Vary region. Technically, the website is built on the Webnode CMS platform, uses HTTPS with Google Analytics for visitor tracking, and is hosted via Cloudfront CDN. However, the site lacks advanced security headers and privacy policies, indicating room for improvement in compliance and security posture. The absence of WHOIS data reduces transparency but is likely due to privacy protection, which is common for small businesses. Overall, the site is functional with moderate technical maturity but requires enhancements in privacy compliance and security best practices.

H

Zakwaterowanie w Czechach i na Słowacji (5000+) - Hauzi.pl

hauzi.pl

46

Hauzi.pl is an online accommodation search and booking platform primarily targeting travelers seeking lodging in Slovakia and the Czech Republic. The website offers a comprehensive catalog of over 5000 accommodations including cottages, wooden houses, guest houses, apartments, and hotels, with user ratings and special offers. The platform is positioned as a popular and trusted search engine for accommodations in these regions, catering to a broad audience interested in vacation rentals and travel planning. Technically, the website employs modern web technologies such as Vue.js for frontend interactivity, integrates Google Tag Manager and Google Analytics for tracking and marketing purposes, and uses HTTPS to secure communications. The site is mobile-optimized and provides a user-friendly interface with clear navigation and search functionalities. However, some accessibility features and security headers could be improved to enhance security and compliance. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism with granular user options, indicating awareness of privacy regulations. Nonetheless, the absence of explicit privacy policy, terms of service, and security incident contact information represents gaps in compliance and transparency. The WHOIS data is not publicly available, which is common for commercial sites but reduces transparency regarding domain ownership. Overall, Hauzi.pl presents a professional and functional online platform with moderate security and privacy compliance maturity. Strategic improvements in policy transparency, security headers, and contact information would strengthen trust and regulatory adherence.

Z

Zambelli Holding GmbH

zambelli.com

56

Zambelli Holding GmbH is a medium-sized manufacturing company based in Germany specializing in metal system solutions across multiple sectors including roof drainage, building envelopes, shelving systems, caravaning, heating technology, and industrial metalworking. The company maintains a professional and well-structured website that targets business customers and industry professionals, showcasing its diverse product and service offerings. The website demonstrates consistent branding and good content quality, supporting the company's established market position. Technically, the website is built on modern web standards with responsive design, leveraging technologies such as HTML5, CSS3, JavaScript, and Adobe Typekit fonts. The CMS identified is Contao, which supports structured content management. Performance and mobile optimization are good, though accessibility features could be enhanced. SEO practices are adequately implemented with proper meta tags and structured data. From a security perspective, the site uses HTTPS with a good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, security headers are not explicitly detected, and there is no visible cookie consent mechanism, which could impact GDPR compliance. The absence of WHOIS data for the domain is a notable anomaly that slightly reduces trustworthiness, though the website content and business information appear legitimate. Overall, the website presents a professional and trustworthy digital presence for Zambelli Holding GmbH, with recommendations to improve privacy compliance and security headers to enhance user trust and regulatory adherence.

J

Jakub Kokeš CZ, s.r.o.

kotevnitechnika.cz

52

Jakub Kokeš CZ, s.r.o. operates a specialized e-commerce and informational website focused on providing high-quality anchoring technology and fastening materials primarily for construction professionals such as roofing specialists and craftsmen in the Czech Republic and Slovakia. The company offers a broad product range including screws, dowels, anchors, rivets, and accessories, complemented by expert consulting and free services like delivery and pull tests. The website demonstrates a consistent brand presence with multiple physical branch locations, enhancing customer trust and accessibility. From a technical perspective, the website employs modern web technologies including JavaScript, Google Tag Manager, and analytics tools, with a responsive design optimized for mobile devices. SEO and navigation are well implemented, although some accessibility features could be improved. The site uses HTTPS with strong SSL configuration, but lacks some recommended security headers, which could be enhanced to improve security posture. Security-wise, the site shows good privacy compliance with a clear cookie consent mechanism and GDPR-aligned privacy policy. However, it lacks explicit security policies, incident response information, and vulnerability disclosure mechanisms, which are important for mature security governance. No critical vulnerabilities or exposed sensitive data were detected, but improvements in security headers and transparency are advised. Overall, the website is professional, trustworthy, and well-suited for its target audience. The absence of WHOIS data due to privacy protection is noted but does not detract significantly from legitimacy given the comprehensive contact information and business details. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and adding vulnerability disclosure information to strengthen trust and compliance.

svt Products BV operates a specialized web platform and Android app called the Logboek manager, designed to facilitate fire protection project management including recordings, inventories, work preparations, and logbook compilation for clients and regulatory bodies. The company targets professionals and organizations involved in fire safety compliance in the Netherlands, positioning itself as a niche provider with a focused service offering. The website is built on a legacy ASP.NET WebForms platform with Telerik UI components, indicating a stable but somewhat dated technical infrastructure. The presence of DNSSEC and an active domain registered since 2015 supports the legitimacy and operational maturity of the business. However, the website lacks modern privacy and cookie policies, and security headers are absent, which are areas for improvement.

N

NPO

npoplayer.nl

66

NPO.nl is the official public broadcasting portal of the Netherlands, operated by the NPO organization. It aggregates programs, documentaries, podcasts, and articles from various Dutch public broadcasters, serving as a centralized media platform for Dutch audiences. The website is well-established, with a domain age dating back to 1998, reflecting its long-standing presence in the Dutch media landscape. The portal targets a broad audience interested in public media content and offers a comprehensive range of services including streaming and content aggregation from multiple broadcasters. Technically, the website employs modern web technologies such as JavaScript, CSS, SVG, and lazy loading for images to optimize performance and user experience. It uses a custom content management framework (CCM) and integrates third-party scripts for cookies and advertising opt-out. The site is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured navigation. Security-wise, the site enforces HTTPS with DNSSEC enabled, uses crossorigin anonymous scripts, and avoids exposing sensitive data, indicating a strong security posture. However, the site lacks explicit privacy and cookie policies in the provided HTML content, and no visible consent mechanism for cookies was detected. Contact information such as emails or phone numbers is not explicitly present in the analyzed content, which may impact user trust and compliance. There is also no visible security policy or incident response contact information. Overall, the site is professional, trustworthy, and secure but could improve transparency and compliance by publishing clear privacy, cookie, and security policies. The overall risk assessment is low, with recommendations focusing on enhancing privacy compliance, publishing security and incident response policies, and implementing explicit cookie consent mechanisms to align with GDPR and best practices.

G

GIH Bundesverband

gih.de

46

GIH Bundesverband is the largest German association representing energy consultants, focusing on political advocacy, professional training, networking, funding support, and professional representation. The website is built on WordPress with standard SEO optimizations and a professional design targeted at energy professionals in Germany. The technical infrastructure is moderate with hosting provided by Alfahosting. Security posture is weak due to lack of visible security headers, privacy policies, and incident response information. No blocking or WAF mechanisms were detected, allowing full content access. Overall, the site is functional and professional but lacks critical compliance and security documentation.

S

swissporTON

creaton.sk

54

swissporTON is a European roofing brand specializing in ceramic and concrete roof tiles, combining Swiss quality and design with durable materials. The company targets roofing professionals, architects, distributors, and end customers seeking innovative roofing solutions. The website demonstrates a mature digital presence with modern technologies such as Google Tag Manager, Facebook Pixel, and Cookie Script for marketing and compliance. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not published. Overall, the site is professional, well-branded, and trustworthy, supporting swissporTON's market position as a quality roofing materials provider.

S

swissporTON

creaton.cz

54

swissporTON is a European roofing brand specializing in ceramic and cement roof tiles, combining Swiss quality and design. The website presents a professional and modern digital presence with detailed product offerings, targeting roofing professionals, distributors, architects, and end customers. The technical infrastructure includes modern JavaScript libraries, Google Tag Manager, Facebook Pixel, and a cookie consent mechanism, indicating a mature digital marketing and analytics setup. Security posture is generally good with HTTPS enabled and no obvious vulnerabilities, though security headers and incident response information are lacking. The absence of WHOIS data reduces transparency and trust slightly but does not detract significantly from the professional appearance and content quality. Overall, the website is well-structured, user-friendly, and trustworthy for its business domain.

S

swissporTON

creaton.ua

55

swissporTON is a roofing materials manufacturer and distributor focused on high-quality ceramic and cement roof tiles, membranes, and roofing accessories. The company targets roofing professionals, distributors, architects, and end customers primarily in Ukraine and Europe. The website is professionally designed, content-rich, and well-structured, providing detailed product information and resources for professionals. Technically, the site uses modern web technologies including Google Tag Manager and Swiper.js, with good mobile optimization and SEO practices. Security posture is moderate with HTTPS usage but lacks explicit security headers and published security policies. WHOIS data is unavailable, reducing transparency and trustworthiness from a domain registration perspective. Overall, the site is safe, professional, and trustworthy but would benefit from improved privacy compliance and security disclosures.

S

swissporTON

creaton.pl

55

swissporTON is a reputable manufacturer and distributor of roofing materials, specializing in ceramic and cement roof tiles, roofing accessories, and integrated photovoltaic systems. The company targets professional builders, distributors, architects, and individual investors primarily in Poland and Europe. The website reflects a mature digital presence with comprehensive product information, professional design, and clear navigation. Technically, the site uses modern web technologies and integrates popular analytics and marketing tools while maintaining good performance and mobile optimization. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not published. WHOIS data is unavailable publicly, consistent with .pl domain privacy norms, and does not raise legitimacy concerns. Overall, swissporTON presents a trustworthy and professional business with a solid online presence.

C

CREATON South-East Europe Kft.

creaton.hr

55

CREATON South-East Europe Kft. is a medium-sized manufacturing company specializing in clay roof tiles and roofing accessories, serving primarily the South-East European market. The company offers a broad product range, technical consulting, and downloadable resources, targeting private investors, contractors, architects, and agricultural users. The website is professionally designed, multilingual, and provides clear navigation and relevant content. Technically, the site is built on the Neos CMS platform using the Flow PHP framework, hosted by Neosoft in Hungary, and integrates modern technologies such as Google Maps API and Facebook Pixel for marketing and analytics. Security posture is solid with HTTPS enforced and nonce usage in scripts, though some security headers are missing and no explicit incident response or vulnerability disclosure information is provided. Privacy and cookie policies are present and GDPR compliant. Overall, the website reflects a trustworthy and established business with good digital maturity.

C

CREATON South-East Europe Kft.

creaton.si

55

CREATON South-East Europe Kft. is a well-established manufacturer specializing in ceramic roof tiles with over 130 years of industry experience. As part of the French TERREAL group, it holds a strong market position in the manufacturing sector, offering a wide range of roofing products and technical support services. The website targets a broad audience including investors, architects, contractors, and agricultural users, providing comprehensive product information and reference projects. Technically, the site is built on the Neos CMS platform using the Flow PHP framework, integrating modern technologies such as Google Maps API and Facebook Pixel for marketing and analytics. The website demonstrates good mobile optimization, SEO practices, and a consistent branding approach. Security-wise, the site enforces HTTPS and uses nonce attributes for scripts, but lacks explicit security headers and published incident response policies. Privacy compliance is well addressed with clear privacy and cookie policies including consent mechanisms. Overall, the website is professional, trustworthy, and aligns well with the business's legitimacy and market presence.

C

CREATON South-East Europe Kft.

creaton.ro

56

CREATON Romania operates as a key supplier of roofing solutions, specializing in ceramic and concrete roof tiles with a broad product range and professional consulting services. The company positions itself as a leading European brand with over two centuries of brand heritage, targeting builders, architects, roof installers, and agricultural users. The website is well-structured, professionally designed, and offers multi-language support, reflecting a mature digital presence. Technically, the site is built on the Neos CMS platform using PHP and JavaScript, with integration of Google Maps API for location services. Performance and mobile optimization are good, though accessibility could be improved. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks some security headers and explicit cookie consent mechanisms. WHOIS data is privacy protected under ROTLD, which is typical for Romanian domains, and does not detract from the business legitimacy given the professional site content and contact information. Overall, the site demonstrates a strong business credibility and a secure, compliant digital footprint.

C

CREATON South-East Europe Kft.

creaton.hu

58

CREATON South-East Europe Kft. is a medium-sized manufacturing company based in Hungary specializing in ceramic roofing materials and related accessories. The company targets builders, roofers, architects, and agricultural users, offering a broad product range and technical support services. The website reflects a well-established regional presence with multilingual support and a clear focus on product quality and customer service. Technically, the site is built on the Neos CMS platform using the Flow PHP framework, with modern web technologies and good mobile optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information could be improved. Overall, the website is professional, trustworthy, and compliant with GDPR, providing clear contact information and social media engagement.

C

CREATON Benelux nv

creatondak.nl

59

CREATON Benelux nv operates as a specialized manufacturer and distributor of high-quality clay and concrete roof tiles along with system accessories, targeting private individuals, building owners, and professional stakeholders such as roofers, architects, and project developers. The company maintains a strong market position in the Benelux region with a professional and content-rich website that supports multiple languages and regional partner sites. The website infrastructure is built on the Neos CMS platform using the Flow PHP framework, incorporating modern technologies such as Google Tag Manager and Cookiebot for analytics and consent management. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website demonstrates good technical maturity, privacy compliance, and business credibility, supporting a trustworthy online presence for the company.

C

CREATON Benelux nv

creaton.be

58

CREATON Benelux nv is a specialized manufacturer and distributor of high-quality clay and concrete roof tiles along with roofing system accessories. The company targets both private individuals and professional roofing partners, positioning itself as an expert in pitched-roof solutions within Belgium and internationally through multiple localized websites. The website is professionally designed using the Neos CMS platform, featuring multi-language support and clear navigation tailored to different user groups such as homeowners and professionals. The business model focuses on manufacturing and supplying roofing materials with additional professional services and tools.

C

CREATON

creaton.it

68

CREATON is a well-established manufacturer and supplier specializing in roofing products, including clay tiles and roofing accessories, targeting both professional and consumer markets primarily in Italy and other European countries. The website reflects a mature digital presence with multi-language support and a professional design consistent with its industry. The technical infrastructure leverages modern frameworks such as Neos CMS and Flow PHP, integrating third-party services like Google Tag Manager and Cookiebot for analytics and privacy compliance. Security posture is solid with HTTPS enforced and a comprehensive cookie consent mechanism, though there is room for improvement in implementing additional security headers. Overall, the website demonstrates good compliance with GDPR and privacy standards, with transparent business information and a trustworthy online presence.

C

CREATON

creaton.ch

68

CREATON is a well-established manufacturer and supplier specializing in roofing products, including high-quality clay roof tiles and economical concrete roof stones, complemented by extensive original and system accessories. The company targets both B2B and B2C customers in the construction and renovation sectors, maintaining a strong market presence in Switzerland and Europe. Their website reflects a professional and consistent brand image, offering multilingual support and comprehensive product information. Technically, the site is built on the Neos CMS platform using the Flow PHP framework, integrating modern tools such as Google Tag Manager and Cookiebot for analytics and privacy compliance. The website demonstrates good mobile optimization and SEO practices, ensuring a positive user experience.

C

CREATON

creaton.com

68

CREATON is a specialized manufacturer and distributor of high-quality pitched roof tiles, including clay and concrete options, along with system accessories. The company targets roofing professionals, architects, residential construction companies, dealers, and end customers interested in pitched roofs. Their market position is that of an established expert with a broad product range and professional services. The website is built on the Neos CMS platform using the Flow PHP framework, incorporating modern technologies such as Google Tag Manager and Cookiebot for analytics and cookie consent management. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though security headers and explicit privacy policies are missing. WHOIS data is unavailable, which slightly reduces domain trust but the professional website and active cookie compliance indicate legitimate business operations. Overall, the website scores well in content quality, technical implementation, security, privacy compliance, and business credibility.

W

W.A.G. payment solutions, a.s.

ocrk.pl

63

W.A.G. payment solutions, a.s. operates a professional website focused on providing integrated mobility and payment solutions for the European transport sector. The site highlights expert services in driver work time management, compliance, and financial settlements, targeting transport companies and fleet managers. The company positions itself as a leading provider with a broad portfolio including fuel cards, toll services, telematics, and financial services. The website is well-structured, multilingual, and rich in content, reflecting a mature digital presence. Technically, the site leverages modern web technologies including Webflow CMS, JavaScript libraries like jQuery and intl-tel-input, and integrates Google Tag Manager and LiveChat for analytics and customer support. The site is mobile-optimized and accessible, with cookie consent mechanisms and GDPR-compliant privacy policies. Security measures include HTTPS and CAPTCHA on forms, though explicit security headers and incident response information are not evident. The security posture is solid but could be improved by adding security headers and publishing vulnerability disclosure information. The absence of WHOIS data reduces trust slightly but the professional presentation and consistent business information mitigate concerns. Overall, the site demonstrates a strong business and technical foundation with room for enhanced security transparency. Strategic recommendations include implementing security headers, publishing a security.txt file, providing incident response contacts, and improving WHOIS transparency to enhance trust and compliance.

W

Webwonders

webwonders.nl

59

Webwonders is a Dutch digital agency specializing in helping businesses enhance their online presence through strategic digital solutions, technology implementation, and marketing campaigns. Positioned as a leading agency in the Brainport region, it holds prestigious partnerships such as Umbraco Platinum and HubSpot Gold, reflecting its expertise and market credibility. The company targets businesses seeking to improve their digital impact and online business operations. Technically, the website employs modern frontend technologies including Alpine.js and Tailwind CSS, integrates marketing and analytics tools like HubSpot and Facebook Pixel, and is optimized for performance and mobile responsiveness. Security-wise, the site enforces HTTPS and cookie consent mechanisms but lacks explicit security headers and published security policies, suggesting room for improvement in formal security posture documentation. Overall, the website is professional, trustworthy, and compliant with GDPR, with clear contact information and strong branding. The risk profile is low, with no detected vulnerabilities or suspicious activities.

F

Franceinfo

francetvinfo.fr

10

Franceinfo is a prominent French public news media website providing real-time news updates, live information, and multimedia content such as photos, videos, and tweets. It targets a general audience interested in current events and live news coverage. The website demonstrates a high level of digital maturity with modern web technologies, mobile optimization, and strong branding consistency. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and privacy policies are not clearly presented in the HTML content. The absence of WHOIS data is likely due to registry privacy policies and does not detract significantly from the site's legitimacy given its public media status. Overall, Franceinfo is a trustworthy and professional news platform with room for improvement in privacy and security disclosures.

W

WEMAG Netz GmbH

wemag-netz.de

10

WEMAG Netz GmbH operates as a regional electricity and gas distribution network operator in Mecklenburg and parts of Brandenburg and Lower Saxony, Germany. The company manages extensive electricity and gas networks, providing services such as network connections, energy distribution, and customer portals. Their website reflects a professional and regionally focused utility business with clear service offerings and customer support channels. Technically, the site is built on Drupal 10, uses modern JavaScript libraries, and integrates GDPR-compliant cookie management via Usercentrics. Analytics are managed through Google Tag Manager, indicating a moderate level of digital maturity. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the site lacks explicit security policy and incident response information. Overall, the website is well-structured, accessible, and trustworthy, supporting the company's business credibility in the energy sector.

L

Laudert GmbH + Co. KG

laudert.de

74

Laudert GmbH + Co. KG is a European leader in holistic product communication, offering consulting, tools, content, and channel services primarily targeting businesses seeking to enhance their product messaging. The company positions itself as a highly effective partner in the media sector, with a professional and well-branded online presence. The website is built on WordPress with modern SEO and privacy compliance features, including a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Technically, the site employs standard web technologies and integrates Google Tag Manager and Cookiebot for analytics and consent management. Security posture is strong with HTTPS and Content-Security-Policy headers, though explicit security policies and incident response contacts are not published. The absence of WHOIS registration data for the domain is a notable anomaly that warrants further investigation. Overall, the website demonstrates a mature digital infrastructure and a high level of professionalism, supporting the company's market position.

N

Nahverkehrsservice Sachsen-Anhalt GmbH

insa.de

57

Nahverkehrsservice Sachsen-Anhalt GmbH operates the INSA platform, a regional public transportation service providing comprehensive timetable information and ticketing solutions for Sachsen-Anhalt and the Mitteldeutschen Verkehrsverbund (MDV). The website serves as a digital hub for users seeking mobility information, ticket purchases, and related services such as the INSA app and RufBus ordering. Positioned as a key regional mobility facilitator, INSA leverages modern web technologies and complies with GDPR regulations to ensure user privacy and data protection. Technically, the website is built on TYPO3 CMS, integrating JavaScript libraries such as ReadSpeaker for accessibility and Cookiebot for consent management. The infrastructure is hosted with professional DNS providers and employs HTTPS with good SSL configuration, ensuring secure communications. The site demonstrates good mobile optimization, accessibility, and SEO practices, providing a user-friendly experience. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and avoids exposing sensitive data. However, it lacks explicit published security policies or incident response contacts, which could be improved to enhance trust and readiness. Analytics usage is moderate with Piwik (Matomo), respecting privacy with clear retention policies. Overall, the website is trustworthy, professionally maintained, and compliant with privacy laws. Strategic recommendations include publishing a security.txt file, incident response contacts, and expanding security policy disclosures to strengthen the security posture and user trust.

S

SPL-XDEMAT

spl-xdemat.fr

47

SPL-XDEMAT is a French public local company established in 2012 by multiple departmental governments to provide digital dematerialization services tailored for local authorities. The company offers a suite of applications and services including administrative document management, electronic signatures, public procurement platforms, and citizen communication tools. The website reflects a mature regional service provider with a strong focus on government clients and compliance with French regulations. Technically, the site uses standard web technologies such as jQuery and JavaScript, with a responsive and accessible design optimized for mobile devices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers are missing and no explicit incident response or vulnerability disclosure information is provided. Privacy and cookie policies are present and appear comprehensive, supporting GDPR compliance. The absence of WHOIS data limits domain legitimacy verification but the professional presentation and official departmental partnerships support trustworthiness.

S

SPL-XDEMAT

maelis.info

47

Maelis.info is the official website for the MAELIS application, a service provided by SPL-XDEMAT aimed at facilitating local community engagement through a smartphone app. The app offers practical information, alerts, incident reporting, and access to local public services and associations. The website is professionally designed with clear navigation and mobile optimization, targeting French local government citizens and community members. The business model focuses on providing a digital platform for local government communication and citizen participation. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, and libraries such as jQuery and AOS for animations. It supports mobile platforms with links to iOS and Android app stores. While the site performs moderately well and is mobile-optimized, there is room for improvement in accessibility and security headers. No CMS or hosting provider details are evident. From a security perspective, the site lacks visible security headers and cookie consent mechanisms, which are important for GDPR compliance and user trust. The WHOIS data is privacy protected, which is common but reduces transparency. No forms or sensitive data collection points are present on the main page, reducing immediate risk exposure. Overall, the security posture is moderate but could be enhanced with standard best practices. The overall risk assessment is low, with no signs of malicious content or suspicious behavior. Strategic recommendations include implementing security headers, adding cookie consent, improving privacy disclosures, and providing clear contact information for security incidents to enhance trust and compliance.

M

Meta

facebook.fr

74

Facebook, accessible via the fr-fr.facebook.com subdomain, is a leading social networking platform operated by Meta Platforms, Inc. The website serves the French-speaking audience in France, providing a localized interface for users to connect, share, and communicate. As part of Meta's extensive ecosystem, Facebook maintains a dominant market position with a broad range of services including messaging, video content, and advertising solutions. The platform's business model is primarily advertising-based, leveraging extensive user data to deliver targeted ads. The website's content is professionally presented, with clear navigation and strong branding consistent with Meta's corporate identity. Technically, the website employs modern web technologies such as React and BigPipe for efficient content delivery and dynamic user experiences. The site is optimized for performance and mobile responsiveness, ensuring accessibility across devices. Security is robust, with HTTPS enforced, secure cookies, and standard security headers like HSTS. The login form includes anti-CSRF tokens and secure input handling, reflecting good security practices. Privacy and cookie policies are comprehensive and GDPR compliant, demonstrating Meta's commitment to regulatory adherence. The security posture is strong, with no visible vulnerabilities or exposed sensitive data. While no explicit incident response or vulnerability disclosure pages are found, the overall security framework appears mature. The website integrates multiple analytics and marketing tools, including Meta Pixel and Google Analytics, enabling extensive user tracking balanced with privacy compliance. No adult or questionable content is present, making the site safe for general audiences. Overall, Facebook's French site is a high-quality, secure, and professionally managed platform aligned with Meta's global standards. It effectively serves its target audience with a reliable and trustworthy user experience, supported by a mature technical infrastructure and strong business credibility.

H

Hurricane Electric

he.net

61

Hurricane Electric is a well-established Internet backbone and colocation provider founded in 1995, offering global IP Transit, Layer 2 transport, colocation, dedicated servers, and IPv6 certification services. The company targets ISPs, enterprises, and network operators seeking reliable and scalable Internet infrastructure. Their market position is strong, supported by a large IPv6 deployment and global network presence. Technically, the website uses standard web technologies with Google Analytics and Google Ads integrated for tracking and marketing. The site is moderately optimized for mobile and accessibility, with a professional design and clear navigation. Security posture is moderate; while HTTPS is implied, no DNSSEC or security headers are enabled, and no explicit security policies or incident response contacts are published. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Overall, the domain WHOIS data confirms legitimacy and long-term operation, enhancing trust. Strategic improvements in security headers, DNSSEC, and privacy compliance would strengthen the security and compliance posture.

Manpower France operates as a leading recruitment and temporary staffing agency in France, providing a wide range of employment services including permanent and fixed-term contracts. The company is part of the global ManpowerGroup, which enhances its market position and credibility. The website is professionally designed, targeting job seekers and employers with clear navigation and comprehensive service offerings. The content is primarily in French, reflecting its local market focus. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Google Tag Manager, ensuring a responsive and user-friendly experience across devices. Security best practices are observed with HTTPS enforcement and appropriate security headers, although there is room for improvement in accessibility and incident response transparency. The security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Contact information is readily available, including a dedicated Data Protection Officer email, enhancing trust and compliance. Overall, the website presents a low risk profile with a solid business credibility and technical foundation. The main limitation is the absence of WHOIS data, which is likely due to registry policies but should be monitored. Strategic recommendations include establishing a public vulnerability disclosure policy and enhancing accessibility features.

G

GoDaddy Operating Company, LLC

nicexpo.com

71

The website is a domain sales landing page operated by GoDaddy, offering the domain nicexpo.com for sale. It targets individuals and businesses interested in acquiring premium domain names, providing options to buy outright or lease to own. The platform leverages GoDaddy's established market presence and integrates partner services such as Afternic and Trustpilot to enhance trust and user confidence. The site is localized for the German market with appropriate language and currency settings. Technically, the site is built using modern web technologies including React and Next.js, hosted on GoDaddy infrastructure. It employs standard security measures such as HTTPS and reCAPTCHA for form protection, and uses tag management and analytics tools like Tealium and Google Analytics. Performance and mobile optimization are good, though some accessibility features could be improved. From a security perspective, the site demonstrates a solid posture with encrypted connections and secure payment options. However, explicit security headers are not evident, and no dedicated security or incident response policies are published. The WHOIS data for the domain is unavailable, which is typical for parked domains listed for sale, and does not raise concerns. Overall, the site is trustworthy and professionally maintained. The overall risk is low, with recommendations to enhance security headers, improve accessibility, and publish clear security policies to further strengthen user trust and compliance.

E

Europe 1

europe1.fr

10

Europe 1 is a major French media and radio broadcasting company offering live streaming, news articles, podcasts, and videos. The website targets a general audience interested in political, economic, and international news. It is part of the Lagardère Active group, a significant player in the media sector. The digital platform demonstrates good content quality, clear navigation, and mobile optimization, supported by modern JavaScript technologies and multimedia streaming capabilities. Security posture is solid with HTTPS and cookie consent mechanisms, though improvements in security headers and explicit security policies are recommended. The absence of WHOIS data limits domain trust analysis but does not detract from the site's professional presentation and compliance with GDPR. Overall, Europe 1's website is a reliable and well-maintained media platform with moderate to high digital maturity.

M

McDonald's

mcdonalds.fr

51

The website www.mcdonalds.fr represents the French domain of McDonald's, a leading global fast-food restaurant chain. The business focuses on quick-service meals including burgers, fries, and beverages, operating primarily through a franchise model. The brand is well-known and holds a strong market position in the retail food sector in France and globally. However, the provided HTML content is minimal and blocked by a CAPTCHA security mechanism, preventing access to substantive website content or metadata. From a technical perspective, the site employs JavaScript and external CAPTCHA services for bot protection, but no further technology stack or CMS details are discernible. The lack of accessible content and metadata limits the ability to assess performance, SEO, or mobile optimization. Security posture cannot be fully evaluated due to absence of visible security headers or SSL information in the provided data. Security-wise, the presence of a CAPTCHA indicates an active WAF or bot mitigation strategy, which is positive for protection against automated threats. However, the absence of visible privacy policies, cookie consent mechanisms, or contact information reduces transparency and compliance visibility. WHOIS data is unavailable, which is common for domains protected by privacy services but limits trust verification. Overall, the site is likely legitimate given the brand but is currently inaccessible for detailed analysis due to security controls. Strategic recommendations include improving transparency by publishing privacy and cookie policies, enhancing contact and incident response information, and ensuring visible security headers and SSL configurations are in place.

F

France Bleu / Radio France

francebleu.fr

59

France Bleu, a part of Radio France, operates the website www.francebleu.fr as a major French local news media outlet providing live news, radio broadcasts, cultural and sports content, and community services. The site targets French-speaking audiences interested in local and national news, offering a comprehensive media experience with strong branding and professional content. Technically, the site uses modern web technologies including the Svelte framework, privacy management SDKs, and advertising platforms like Outbrain and Google DoubleClick. The website is well-optimized for mobile and accessibility, with good SEO practices and performance. Security posture is strong with HTTPS, security headers, and GDPR-compliant cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly found. WHOIS data is unavailable due to privacy protection typical for .fr domains, but the domain and website are legitimate and professionally maintained. Overall, the site scores highly on content quality, technical implementation, security, privacy compliance, and business credibility.

A

Arbeitsgemeinschaft Medienwerbung GmbH im Zentralverband der Deutschen Elektro- und Informationstechnischen Handwerke

arge-medien.de

41

ArGe Medien im ZVEH is a marketing and PR service provider operating within the German electrical trade sector, affiliated with the Zentralverband der Deutschen Elektro- und Informationstechnischen Handwerke (ZVEH). The organization focuses on advertising, public relations, and developing marketing concepts aimed at both trade members and end customers, including campaigns for image building and recruitment. The website demonstrates a strong market position within its niche, supported by a broad network of reputable industry partners and suppliers. Technically, the site is built on TYPO3 CMS, hosted on RZone infrastructure, and employs modern web technologies including Usercentrics for consent management and Google Analytics for tracking. The site is mobile-optimized and accessible, with good SEO practices.

V

VDE VERLAG GmbH

vde-verlag.de

66

VDE VERLAG GmbH operates as a specialized technical publisher and seminar provider focused on electrical engineering standards, technical literature, and professional training. The company serves professionals and organizations in the energy and electrical engineering sectors primarily in Germany. Their business model centers on publishing DIN-VDE and IEC standards, technical books, journals, and offering subscription services and seminars. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding. Technically, the website employs modern web technologies including Bootstrap, jQuery, and FontAwesome, hosted on German Telekom infrastructure. The site is mobile-optimized, accessible, and SEO-friendly. Analytics are implemented via etracker with user consent mechanisms in place. Security best practices such as HTTPS enforcement and anti-clickjacking scripts are present, though HTTP security headers and a formal security policy are absent. Security posture is solid but could be improved by adding explicit security policies and incident response contacts. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. WHOIS data is minimal but consistent with a legitimate German entity. No suspicious or malicious indicators were found. Overall, the website is professional, trustworthy, and well-maintained, supporting the company's position as a reputable technical publisher. Strategic improvements in security transparency and header implementation would enhance trust and resilience.

Eline GmbH operates a professional e-commerce website targeting the electrical and information technology trade sector in Germany. The company offers specialized products such as inspection stickers, inspection protocols, advertising materials, and printed matter. Founded in 1991, the business leverages a Shopify platform with a modern technical infrastructure including JavaScript frameworks, hCaptcha for form security, and GDPR-compliant cookie consent mechanisms. The website is well-structured, mobile-optimized, and integrates social media channels to enhance customer engagement. Security posture is solid with HTTPS enforced and basic protections in place, though improvements in security headers and DNSSEC are recommended. Overall, the site presents a trustworthy and professional online presence with no critical vulnerabilities detected.

Zweckverband Verkehrsverbund Oberlausitz-Niederschlesien (ZVON) operates a regional public transportation portal serving the Oberlausitz and Niederschlesien regions in Germany. The website provides comprehensive information on public transit schedules, ticketing, network maps, and current service updates, targeting local commuters and travelers. The business model centers on facilitating access to public transport services and enhancing user experience through digital tools such as real-time departure monitors and fare calculators. The organization holds a solid regional market position as a trusted mobility service provider.

N

Nahverkehrsservice Sachsen-Anhalt GmbH

mein-takt.de

56

Mein Takt Sachsen-Anhalt is the official regional mobility brand for the German state of Sachsen-Anhalt, operated by Nahverkehrsservice Sachsen-Anhalt GmbH. The website provides comprehensive information and services related to regional trains, S-Bahn, PlusBus lines, train stations, and travel information via the INSA Fahrplanauskunft system. The site targets public transport users within the region and serves as a key information portal for mobility services. Technically, the website is built on TYPO3 CMS, integrates modern JavaScript libraries, and uses Cookiebot for GDPR-compliant cookie consent. The presence of accessibility features and mobile optimization indicates a mature digital infrastructure. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms but lacks explicit security headers and published security policies. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though it could improve transparency around security and incident response.

N

Nahverkehrsservice Sachsen-Anhalt GmbH

starker-nahverkehr.de

56

Mein Takt Sachsen-Anhalt is a regional public transportation brand operated by Nahverkehrsservice Sachsen-Anhalt GmbH, focusing on providing mobility services including regional trains, S-Bahn, PlusBus lines, and travel information via the INSA system. The website serves residents and travelers in the German state of Sachsen-Anhalt, offering comprehensive travel planning tools and service information. The site is built on TYPO3 CMS and integrates third-party services such as Cookiebot for cookie consent and INSA for travel planning. The technical infrastructure is modern and well-implemented, with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response policies are not publicly documented. Privacy compliance is strong, with a detailed privacy policy and GDPR-aligned cookie consent. Overall, the website is professional, trustworthy, and serves its target audience effectively.

S

Sysco Corporation

sysco.com

67

Sysco Corporation operates as the global leader in foodservice distribution, providing a comprehensive portfolio of food and related products to customers preparing meals away from home, including restaurants, healthcare, education, lodging, and entertainment sectors. The company maintains a strong market position as the largest food-away-from-home distributor, supported by an extensive network of distribution centers and a large workforce. Their business model focuses on B2B wholesale distribution with value-added services such as culinary consulting and supply chain solutions. The website reflects a mature digital presence with modern technologies and integrated marketing and analytics tools, supporting a seamless user experience and effective customer engagement. Security posture is robust with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response details are not publicly disclosed. The absence of WHOIS data is a notable anomaly but does not detract from the overall legitimacy given the company's established brand and digital footprint. Strategic recommendations include enhancing transparency on security policies, vulnerability disclosures, and data protection officer contacts to further strengthen trust and compliance.

A

Acne Studios

acnestudios.com

70

Acne Studios operates as a premium fashion brand offering a wide range of clothing, accessories, shoes, and denim for both men and women through a well-designed e-commerce platform. The website targets fashion-conscious consumers globally, with localized content for Germany. The company maintains a strong brand presence with consistent branding and active social media channels. Technically, the site leverages modern e-commerce technologies including Salesforce Commerce Cloud, Google Tag Manager, reCAPTCHA, and OneTrust for privacy compliance, ensuring a robust and user-friendly shopping experience. Security measures such as HTTPS, security headers, and fraud detection services like Riskified are implemented, reflecting a mature security posture. However, the absence of WHOIS data limits transparency regarding domain ownership, though the professional nature of the site and its compliance with GDPR mitigate concerns. Overall, Acne Studios presents a trustworthy and professional online retail presence with room for improvement in publishing explicit security policies and contact information for incident response.