Security Directory

T

toot.community

toot.community

73

toot.community is an independent Mastodon instance based in the Netherlands, operated by digital enthusiasts since 2022. It provides a federated social networking platform within the fediverse, targeting a global audience interested in decentralized social media. The platform offers trending posts, hashtag exploration, and user registration, positioning itself as a community-driven alternative to mainstream social networks. Technically, the site runs Mastodon version 4.4.2 on a Ruby on Rails backend with React frontend components, hosted on servers managed by the registrant's hosting provider. The website is moderately optimized for performance and mobile use, with good SEO and accessibility basics. Security posture is solid with HTTPS and script integrity checks, though it lacks advanced security headers and explicit security policies. Privacy compliance is basic with a privacy policy and terms of service present but no cookie consent mechanism. WHOIS data is transparent and consistent with the website's claims, enhancing trustworthiness. Overall, toot.community is a credible, well-maintained social platform with room for security and privacy enhancements.

N

notnite

notnite.com

54

The website notnite.com is a personal portfolio and blog site belonging to Jules, an 18-year-old student and programmer. The site serves as a hub for personal projects, social media links, and community engagement. It targets a general audience interested in programming, modding, and internet culture. The business model is non-commercial, focusing on personal expression and community presence. Technically, the site is built using the Astro static site generator (version 5.11.1) and is hosted with Cloudflare DNS services. The site uses modern web technologies including CSS custom properties and SVG icons, delivering fast performance and good mobile optimization. However, accessibility and SEO optimizations are basic. From a security perspective, the site enforces HTTPS and has domain registration protections such as clientDeleteProhibited and clientTransferProhibited statuses. However, DNSSEC is not enabled, and no security headers were detected. There are no published security policies or incident response contacts. Privacy and cookie policies are absent, which impacts compliance. Overall, the site is safe, trustworthy, and well-maintained for a personal website but lacks formal privacy and security documentation. Strategic improvements in privacy compliance and security headers would enhance trust and protection.

Y

Yacht

yacht.nl

71

Yacht is a professional recruitment and staffing company operating under Randstad Groep Nederland, targeting professionals seeking career advancement and organizations requiring specialized talent. The website offers comprehensive vacancy listings, traineeships, freelance assignments, and HR services, positioning itself as a key player in the Dutch recruitment market. Technically, the site employs modern tracking and analytics tools including Google Analytics, Google Tag Manager, and Recaptcha Enterprise, with a custom frontend framework. The site is mobile optimized and demonstrates good SEO and accessibility practices. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, though explicit security policies and vulnerability disclosures are absent. Overall, the domain registration aligns well with the business identity, supporting legitimacy and trustworthiness.

R

Randstad

randstad.nl

70

Randstad is a leading staffing agency in the Netherlands, providing a platform for job seekers to find vacancies and employment opportunities. The website is professionally designed, targeting a broad audience seeking employment. It leverages modern technologies including Google Analytics, Tag Manager, and reCaptcha to enhance user experience and security. The site is built on the Hippo CMS platform, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and standard security headers present, though explicit security policies and incident response information are not publicly available. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. Overall, the website presents a trustworthy and professional front for Randstad's staffing services.

G

GitLab

sc07.dev

57

The website is a self-hosted GitLab instance under the domain sc07.dev, primarily serving as a platform for hosting and exploring open source projects related to the Fediverse and Canvas technologies. It leverages the GitLab platform's capabilities to provide project collaboration and CI/CD catalog integration. The target audience includes developers and open source contributors interested in decentralized social networking and related software. The business model is focused on providing a self-managed GitLab environment rather than a commercial offering. Technically, the site uses modern web technologies including JavaScript, Webpack, Tailwind CSS, and Bootstrap, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies are absent. Privacy compliance is weak due to the lack of privacy and cookie policies and no consent mechanisms. Overall, the site is functional and professional but lacks formal compliance and contact transparency.

A

Autonomous non-profit organization (ANO) "TV-Novosti"

swentr.site

66

RT (Russia Today) is a Russian state-funded international news channel broadcasting 24/7 in English. It provides news, video content, and analysis from a Russian perspective to a global audience. The website is professionally designed with good content quality and consistent branding, targeting a general audience interested in international news with a focus on Russia and related geopolitical topics. Technically, the site uses modern web technologies including lazy loading, SVG icons, and integrates Yandex analytics and advertising services, indicating a mature digital infrastructure with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, and no explicit privacy or cookie policies were found, indicating compliance gaps. Overall, the site is legitimate and consistent with its stated identity, but improvements in privacy compliance and security best practices are recommended.

S

sr.ht, LLC

srht.site

51

The website srht.site represents sourcehut pages, a service offering static website hosting primarily targeted at software project maintainers and collaborators. The business operates within the technology sector, providing open source tools such as git repositories, bug tracking, continuous integration, and mailing lists. The domain is registered under sr.ht, LLC, with consistent WHOIS data and a domain age appropriate for the business. The website content is professionally presented, with clear navigation and a focus on open source ethos. Technically, the site is built using the Hugo static site generator and hosted on sourcehut infrastructure, ensuring fast performance and good mobile optimization. Security posture is moderate, with TLS enabled and domain transfer protection, but lacking DNSSEC and some security headers. Privacy compliance is good with clear privacy and terms pages, though no cookie consent mechanism is present. Overall, the site is trustworthy and well-positioned within its niche.

M

mCloud doo

rt.rs

62

RT Balkan is a Serbian language news media website operated by mCloud doo, established in 2012. It provides daily updated news content focused on Serbia, the Balkan region, and global events, including live TV streaming and program schedules. The website leverages modern web technologies such as React and lazy loading for performance optimization. It maintains an active presence on major social media platforms including Instagram, Telegram, Facebook, Twitter, and TikTok, enhancing its reach and engagement. The domain registration details align well with the website's regional focus, indicating legitimacy and consistency.

F

Free Radical

freeradical.zone

61

Free Radical operates an independent Mastodon social networking server focused on infosec, privacy, technology, and leftward politics. The platform offers users a space to engage in the fediverse with trending content, hashtags, and news exploration. The website is built on the Mastodon open-source platform version 4.4.2, utilizing React and modern JavaScript technologies. The domain is registered since 2017 with privacy protection, consistent with the site's privacy-focused mission. While the site provides basic privacy policy information, it lacks cookie consent mechanisms and explicit terms of service. Security posture is moderate with no detected security headers or incident response policies, but no critical vulnerabilities are evident. Overall, the site is functional, well-branded, and serves a niche community with moderate traffic and engagement.

R

RT

rt.com

69

RT is a large international Russian state-funded news organization providing 24/7 English-language news coverage with a focus on Russian perspectives on global events. The website offers multimedia content including videos, live streaming, and articles in multiple languages, targeting a general global audience interested in news and analysis. The business model centers on media broadcasting and digital news dissemination under the legal entity Autonomous non-profit organization (ANO) "TV-Novosti". The site maintains a consistent brand presence and leverages social media platforms for outreach. Technically, the website employs modern web technologies such as lazy loading images, SVG icons, and integrates analytics and advertising services primarily from Yandex and Google. The site is mobile-optimized and SEO-friendly but lacks explicit CMS identification and detailed hosting information. Performance is moderate with good mobile responsiveness. Security posture is moderate; HTTPS is enforced, but explicit security headers are not evident in the provided content. There is no visible privacy or cookie policy, which impacts privacy compliance negatively. No contact or incident response information is provided, limiting transparency. The WHOIS data is unavailable or protected, which is common for high-profile media but reduces domain trust slightly. Overall, RT presents a professional and content-rich platform with moderate technical and security maturity. Strategic improvements in privacy compliance, security headers, and transparency would enhance trust and compliance posture.

P

Privacy Guides

privacyguides.org

68

Privacy Guides is a small, non-profit organization founded in 2021 that provides comprehensive privacy and security resources, including tool recommendations, educational content, and a community forum. The website is highly regarded in the privacy community and is recognized by reputable publications. Technically, the site is built using mkdocs and mkdocs-material, delivering fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforced and no exposed sensitive data, though improvements could be made by adding explicit security headers and cookie consent mechanisms. Overall, the site demonstrates a high level of professionalism, trustworthiness, and commitment to privacy advocacy.

Z

Zeteo

zeteo.com

64

Zeteo is a small media organization hosted on the Substack platform, founded by journalist Mehdi Hasan. It focuses on delivering unfiltered news, bold opinions, and media accountability content to a general audience interested in political and social issues. The website leverages modern web technologies and is hosted via Substack with DNS managed by Cloudflare, ensuring a stable and moderately performant digital presence. Security posture is adequate with HTTPS and domain locks but lacks DNSSEC and comprehensive security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy but could improve transparency and security practices.

A

Aragon Ventures LLC

mstdn.plus

65

MSTDN+ is an independent Mastodon instance operated by Aragon Ventures LLC, providing a general-purpose federated social networking platform within the fediverse. The website offers trending posts, hashtags, and a profiles directory, targeting a general audience interested in decentralized social media. The platform is built on the open-source Mastodon software (version 4.4.2) and leverages modern web technologies including React and JavaScript ES modules, hosted with Cloudflare DNS and registrar services. The site demonstrates good content quality and user experience with mobile optimization and clear navigation. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and explicit security headers. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or terms of service found. Business credibility is supported by transparent WHOIS data and visible trust indicators such as donation and status pages. Overall, MSTDN+ is a trustworthy and functional Mastodon instance with room for improvement in security and privacy practices.

B

Blockscout Limited

storyscan.xyz

60

The website www.storyscan.io is an open-source blockchain explorer platform focused on the Story blockchain network, powered by Blockscout Limited technology. It provides users with tools to search transactions, verify smart contracts, analyze addresses, and track network activity. The platform targets blockchain users, developers, and analysts seeking comprehensive blockchain data and APIs. The business model is centered on providing free and open-source blockchain exploration services, positioning itself as a niche technology provider in the blockchain analytics space. Technically, the website leverages modern web technologies including React, Next.js, and Chakra UI, ensuring a responsive and moderately performant user experience. The site is mobile-optimized and structured with good navigation clarity, though content quality is basic with some loading skeleton placeholders visible. SEO and accessibility are implemented at a basic to good level. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. However, it lacks explicit security headers and privacy disclosures such as privacy and cookie policies, which are critical for compliance and user trust. The WHOIS data is unavailable due to privacy protection or malformed WHOIS responses, which is common in blockchain-related domains but reduces transparency. Overall, the website is functional and trustworthy for its intended purpose but would benefit from enhanced privacy compliance, security headers, and contact information to improve its security posture and business credibility. The risk level is moderate with no critical vulnerabilities detected.

S

ScriptsTown

scriptstown.com

11

ScriptsTown is a specialized technology business focused on providing premium WordPress themes, plugins, and comprehensive tutorials to WordPress users, developers, and businesses. Established in 2019, it has positioned itself as a niche provider with a strong emphasis on quality, usability, and performance. The website offers e-commerce capabilities for selling digital products alongside educational content, targeting a global audience interested in WordPress solutions. Technically, the website is built on WordPress 6.8.2 with a custom child theme and leverages the Yoast SEO plugin for search engine optimization. It uses Cloudflare for DNS management, employs lazy loading for images, and integrates SVG icons for visual clarity. The site demonstrates excellent mobile optimization, fast performance, and good accessibility features, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. However, it lacks DNSSEC and some recommended security headers. No explicit security policies or incident response contacts are published, which could be improved. Privacy compliance is supported by a comprehensive privacy policy and terms of use, though a cookie consent mechanism is absent. Overall, ScriptsTown presents a professional, trustworthy, and well-maintained online presence with a solid business model and technical foundation. Strategic improvements in security policies and privacy mechanisms would further enhance its risk posture and compliance standing.

T

Toyota Financial Services Slovakia s.r.o.

toyotafinance.sk

59

Toyota Financial Services Slovakia s.r.o. operates as a specialized financial services provider focusing on branded vehicle financing and insurance solutions for Toyota and Lexus customers in Slovakia. The company offers a range of products including loans for new and used vehicles, operational leasing, and insurance services tailored for both private individuals and businesses. With over 20 years of market experience and strong partnerships with Toyota and Lexus dealer networks, it holds a reputable position in the automotive finance sector within Slovakia. The website reflects a professional and consistent brand image aligned with its parent company, Toyota Financial Services Czech, s.r.o. From a technical perspective, the website employs modern web technologies including JavaScript, Google Tag Manager for analytics, and SVG icons for UI elements. It is built on the Edee.one CMS platform, optimized for mobile devices, and demonstrates good SEO and accessibility practices. Performance is moderate with lazy loading images and responsive design elements. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly configured, and there is no published security policy or incident response contact information. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and compliance.

M

MIA „Rossiya Segodnya“

sputnik-ossetia.com

53

Sputnik Хуссар Ирыстон is a regional news media outlet focused on providing news, radio broadcasts, videos, and infographics in the Ossetian language. It operates under the parent company MIA „Rossiya Segodnya“ and targets Ossetian-speaking audiences interested in regional and international news. The website offers a variety of content types including articles, radio schedules, and multimedia, positioning itself as a key regional information source. Technically, the site uses modern web technologies including responsive images, SVG icons, and asynchronous JavaScript loading. It integrates Matomo analytics and Yandex advertising services, reflecting a moderate level of digital maturity. Security-wise, the site enforces HTTPS and uses domain transfer protection but lacks DNSSEC and explicit security policies. Privacy compliance is basic, with privacy and cookie policies present but no active consent mechanism. Overall, the site is professional and trustworthy with room for improvement in security and privacy practices.

M

MIA „Rossiya Segodnya“

sputnik.kg

42

Sputnik Кыргызстан is a regional news media outlet operated by MIA „Rossiya Segodnya“, providing news, radio broadcasts, videos, infographics, and photo reports primarily in the Kyrgyz language. The website targets Kyrgyzstan residents and Kyrgyz-speaking audiences, positioning itself as a key media source in the region. The business model is based on digital media content delivery with advertising revenue streams. Technically, the site uses modern web technologies including JavaScript, SVG icons, responsive images, and integrates advertising and analytics tools such as Yandex AdFox and Google Tag Manager. The site is mobile optimized and has good SEO practices. Security posture is strong with HTTPS enforced and multiple security headers present, though no explicit security or incident response policies are published. Privacy compliance is weak due to the absence of visible privacy and cookie policies. Overall, the domain registration data is consistent with the business, supporting legitimacy and trustworthiness.

M

MIA „Rossiya Segodnya“

sputnik.kz

57

Sputnik Қазақстан is a Kazakh-language news portal operated under the MIA „Rossiya Segodnya“ media group, established in 2006. It provides timely and clear news coverage of national and international events, targeting Kazakh-speaking audiences interested in current affairs. The website offers a variety of content formats including articles, videos, photos, and infographics, supporting a comprehensive media experience. Technically, the site employs modern web technologies, including asynchronous JavaScript, responsive images, and integration with major analytics and advertising platforms such as Google Analytics, Yandex Metrika, and AdFox. Security measures include HTTPS enforcement and standard security headers, reflecting a good security posture. However, the absence of visible privacy and cookie policies indicates a gap in privacy compliance. Overall, the site is professionally designed, mobile-optimized, and maintains consistent branding aligned with the Sputnik media network.

M

MIA „Rossiya Segodnya“

noticiabrasil.net.br

61

Sputnik Brasil operates as a regional Portuguese-language branch of the international news agency Rossiya Segodnya, providing current news, urgent updates, and political, economic, and social analyses primarily targeting Brazilian and Portuguese-speaking audiences. The website offers multimedia content including videos and live radio streaming, positioning itself as a comprehensive news source within its market segment. Technically, the site employs modern web technologies such as responsive design, SVG icons, and asynchronous JavaScript loading, alongside third-party services for analytics and advertising, including Yandex Metrika and Google Tag Manager. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, reflecting GDPR adherence. Security posture is solid with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are absent. Overall, the site presents a professional and trustworthy media platform with moderate to good technical and security maturity.

M

MIA „Rossiya Segodnya“

sputnik.af

59

Sputnik Afghanistan is a regional news agency delivering the latest news, reports, analyses, and articles about Afghanistan and global affairs in the Dari language. Affiliated with the Russian media agency MIA „Rossiya Segodnya“, it targets Persian-speaking audiences interested in politics, economy, society, and multimedia content. The website features a modern technical infrastructure with multiple analytics and advertising integrations, responsive design, and comprehensive privacy and cookie policies. Contact information including email and phone is clearly provided, enhancing business credibility. Security posture is good with HTTPS and secure forms, though explicit security policies and incident response contacts are absent. Overall, the site presents a professional and trustworthy media outlet with moderate to good compliance and technical maturity.

M

MIA „Rossiya Segodnya“

sarabic.ae

58

The website sarabic.ae is a professional Arabic-language news portal affiliated with the international media group Rossiya Segodnya, operating under the Sputnik brand. It provides news articles, radio broadcasts, podcasts, and multimedia content targeting Arabic-speaking audiences interested in regional and global news. The site is well-branded and consistent with the parent media organization. Technically, the site uses modern web technologies including responsive design, SVG icons, and integrates analytics and advertising platforms such as Google Tag Manager, Yandex Metrika, and AdFox. Security posture is adequate with HTTPS and reCAPTCHA usage, but lacks explicit security headers and published privacy or cookie policies. Contact information is clearly provided in structured data, enhancing business credibility. Overall, the site is functional, content-rich, and trustworthy but could improve privacy compliance and security best practices.

M

MIA „Rossiya Segodnya“

sputniknews.in

67

Sputnik India is a global news media platform operated under the parent organization MIA „Rossiya Segodnya“. It focuses on delivering the latest news from India and the South Asia region, covering politics, economy, defense, science and technology, and social media trends. The website is positioned as an international news outlet with a regional focus, targeting a general audience interested in current affairs. The business model revolves around news publishing supported by advertising and analytics services. Technically, the site employs modern web technologies including JavaScript, CSS, and uses Google Tag Manager and Yandex Ads for marketing and tracking. The site is mobile-optimized and includes SEO best practices. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is evident with comprehensive privacy and cookie policies and consent mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, Sputnik India presents as a professional and legitimate news media website with moderate tracking and advertising transparency.

G

GMG Research

gmgresearch.com

9

GMG Research is a small financial research content provider focused on delivering curated investment strategies and market insights primarily through a weekly newsletter and public Twitter updates. The website presents a professional and clean design with clear disclaimers emphasizing that the content is not investment advice. The technical infrastructure is moderate, leveraging Google Fonts and Google Tag Manager for analytics, hosted likely via GoDaddy. Mobile optimization is good, but accessibility and SEO are basic. Security posture is weak due to lack of security headers, no DNSSEC, and absence of privacy or cookie policies. No contact information or formal business credentials are provided, which limits trust and compliance. Overall, the site is functional and relevant for its niche audience but requires improvements in security and privacy compliance to enhance credibility and user trust.

Dresdner Verkehrsbetriebe AG operates the MOBI platform, a comprehensive multimodal mobility service in Dresden, Germany. The website presents a well-structured and professional digital presence highlighting integrated public transport, bike- and carsharing, and electric vehicle charging services. The company positions itself as a local leader in sustainable urban mobility, supported by partnerships with local government and recognized organizations. The site targets residents and visitors seeking flexible and environmentally friendly transportation options. Technically, the website employs modern web standards including responsive design, SVG icons, and optimized images with WebP support. While no explicit CMS or frameworks are detected, the site demonstrates good mobile optimization and SEO practices. However, there is room for improvement in accessibility and performance tuning. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. No security headers or incident response policies are visible, and no cookie consent mechanism is implemented despite GDPR relevance. The WHOIS data aligns with the business claims, showing consistent domain registration without privacy protection, indicating legitimacy. Overall, the website is trustworthy and professionally maintained, though enhancements in security policies and privacy compliance would strengthen its posture. The absence of tracking scripts suggests a privacy-conscious approach. Strategic recommendations include implementing security headers, cookie consent, and publishing security and incident response policies.

F

Fraport Slovenija, d.o.o.

fraport-slovenija.si

45

Fraport Slovenija, d.o.o. operates Ljubljana Airport, providing airport management and passenger services in Slovenia. The company is a subsidiary of Fraport AG and holds a key position in the Slovenian transportation sector. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for passengers, partners, and job seekers. Technically, the site uses Adobe Experience Manager CMS, integrates Adobe Analytics for data insights, and employs Usercentrics for GDPR-compliant cookie consent management. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security headers could be improved. Overall, the site demonstrates a mature digital presence aligned with corporate standards.

J

Jobware Online-Service GmbH & Co. KG

bewerbung2go.de

60

bewerbung2go.de is a German online platform operated by Jobware Online-Service GmbH & Co. KG that provides a comprehensive suite of tools and templates for job seekers to create professional application documents such as cover letters, resumes, and cover pages. The platform targets German-speaking job seekers and offers over 500 templates tailored to various professions. The website is well-designed, mobile-optimized, and uses modern web technologies including Drupal CMS and JavaScript libraries for enhanced user experience. Analytics are implemented via Piwik PRO, indicating a moderate level of user tracking. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and policies could be improved. Privacy compliance is weak due to the absence of visible privacy and cookie policies. Overall, the domain registration data aligns with the business, supporting legitimacy and trustworthiness.

B

Busch-Jaeger

busch-jaeger.nl

55

Busch-Jaeger is a well-established market leader in electrical installation and smart home products, with a history spanning over 140 years. The website reflects a mature business with a strong brand presence, supported by its parent company ABB Group. The site offers comprehensive product information, training, and support resources targeting both consumers and professionals in the energy and smart home sectors. Technically, the website is built on TYPO3 CMS, employs modern JavaScript modules, and integrates consent management via Usercentrics, indicating a good level of digital maturity. Security posture is strong with HTTPS enforced and consent defaults denying tracking until user approval, though explicit security headers and policies are not publicly visible. Overall, the site is professional, trustworthy, and compliant with basic privacy standards, but could improve transparency by publishing privacy policies and security incident response information.

R

Rasch

rasch.de

63

Rasch is a well-established German company specializing in wallpaper products, with a history dating back to 1861. The website serves as an e-commerce platform offering a wide range of wallpaper collections, including self-adhesive and photo wallpapers, targeting general consumers interested in home decoration. The site is professionally designed with clear navigation and good mobile optimization, reflecting a mature digital presence. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and Mouseflow for analytics and user behavior tracking, hosted on Manitu servers. Security posture is solid with HTTPS enabled and domain verification via Google and Facebook, but lacks explicit security headers and incident response information. Privacy compliance is weak due to the absence of visible privacy and cookie policies. Overall, the site is trustworthy and credible but would benefit from enhanced privacy and security disclosures.

L

Land Tirol, p.A. DVT-Daten-Verarbeitung-Tirol GmbH

meteo.report

45

Meteo.report is a regional weather information service operated by Land Tirol, p.A. DVT-Daten-Verarbeitung-Tirol GmbH, providing weather station data, precipitation, webcams, mountain weather, and model forecasts for the Euregio region. The website targets the general public interested in accurate and localized weather information. The technical infrastructure is based on the Hugo static site generator, Bootstrap for styling, and Leaflet.js for interactive maps, indicating a modern and maintainable digital platform. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy and cookie policies are absent, which is a compliance gap. Overall, the website is professional, trustworthy, and serves its informational purpose well, but could improve in privacy compliance and security best practices.

F

Freundeskreis des Deutschen Handballs e.V.

fddh.de

36

Freundeskreis des Deutschen Handballs e.V. is a small non-profit organization dedicated to supporting German handball through funding, event support, and promotion of inclusion, particularly for deaf athletes. The website serves as an information hub with news, newsletters, and downloadable resources targeting handball enthusiasts and community members. Technically, the site is built on WordPress 6.8.2, hosted on a German hosting provider, and demonstrates good mobile optimization and accessibility. Security posture is adequate with HTTPS enforced but lacks security headers and cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site is trustworthy and professionally maintained but could improve privacy compliance and security best practices.

S

Stadt Offenbach am Main

offenbach.de

62

Stadt Offenbach am Main operates an official municipal website providing comprehensive information and services to its citizens, businesses, and visitors. The site features news, event listings, online services, and resources related to city governance and community engagement. It maintains a strong market position as the authoritative digital presence of the city government. The website is well-branded, professionally designed, and targets a broad audience including residents and tourists. The business model is focused on public service and information dissemination.

B

Bundesinstitut für Öffentliche Gesundheit

rauchfrei-info.de

64

The website www.rauchfrei-info.de is a professionally maintained, government-affiliated public health portal focused on tobacco cessation and related health education. It offers a variety of support services including forums, chat, telephone counseling, and educational resources, targeting smokers and individuals seeking to quit smoking in Germany. The site is well-positioned as a trusted source in the healthcare and non-profit sector with consistent branding and high-quality content. Technically, it is built on TYPO3 CMS with Matomo analytics, indicating a modern and privacy-conscious infrastructure. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is good with HTTPS enforced and secure forms, though some security headers and explicit security policies are not evident. Overall, the site is safe, mature content-wise, and trustworthy with no signs of blocking or WAF interference.

S

Survser

survser.com

63

Survser is a technology company specializing in customer feedback solutions through microsurveys tailored for E-Commerce and SaaS businesses. Their platform offers popup surveys, insightful reporting, sentiment tracking, and integrations to help businesses collect actionable customer insights in real-time. The website is professionally designed using modern web technologies such as React and Next.js, providing a responsive and user-friendly experience. The business model appears to be SaaS with a free trial to attract users. Technically, the site is well-implemented with good performance, mobile optimization, and SEO practices. Security posture is strong with HTTPS and standard security headers, though there is room for improvement in privacy compliance, particularly regarding cookie consent mechanisms. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, but the website content and structure suggest a legitimate business operation. Overall, Survser presents a solid digital presence with a focus on customer feedback solutions. Security and privacy practices are adequate but could be enhanced with explicit policies and disclosures. The lack of domain registration data should be investigated further to confirm legitimacy and reduce risk.

F

FrankfurtRheinMain International Office

find-it-in-frm.de

42

The website 'Find it in FRM' is operated by the FrankfurtRheinMain International Office, serving as a central information and contact point for international professionals and students relocating to the Frankfurt RheinMain region. It provides comprehensive guidance on immigration, employment, education, housing, and integration services, with multilingual support primarily in German and English. The platform is positioned as a regional government-affiliated service, offering free assistance and connecting users to relevant authorities and service providers. Technically, the site is built on TYPO3 CMS, employs modern web technologies, and integrates Google Tag Manager and Cookiebot for analytics and consent management. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Contact information is clearly presented, enhancing business credibility. No privacy policy or terms of service were detected, which is a compliance gap. Overall, the site is professional, trustworthy, and well-suited for its target audience, with moderate technical performance and good user experience.

J

JOBS IM SÜDWESTEN

jobs-im-suedwesten.de

61

JOBS IM SÜDWESTEN operates a regional job board targeting job seekers and employers in the Baden-Württemberg region of Germany, including areas such as Bodenseekreis, Schwarzwald, Hochrhein, and Karlsruhe. The platform aggregates job listings from local companies and other job portals, providing a comprehensive and user-friendly service for regional employment opportunities. The website features career advice content and tools for resume creation and job application management, positioning itself as a key regional employment resource. Technically, the website is built using modern web technologies including React and Next.js, hosted likely by the Suedkurier media group. It employs a consent management platform (Usercentrics) for GDPR compliance and integrates third-party services such as Tinypass for monetization or advertising. The site is mobile-optimized and SEO-friendly, with structured data enhancing search engine visibility. From a security perspective, the site enforces HTTPS and uses privacy and cookie consent mechanisms, but lacks explicit security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Overall, JOBS IM SÜDWESTEN presents a professional, secure, and privacy-compliant platform with strong regional focus and good technical implementation. Strategic improvements could include publishing explicit security policies and enhancing security headers to further strengthen the security posture.

J

Jobs-im-Allgäu

jobs-im-allgaeu.de

66

Jobs-im-Allgäu is a regional online job portal serving the Allgäu region in Germany, providing job listings, employer profiles, and career advice to job seekers and employers. The platform is professionally designed, mobile-optimized, and integrates modern web technologies such as Next.js and React. It is supported by the Mediengruppe Allgäuer Zeitung, a regional media group, which enhances its market credibility. The website includes GDPR-compliant privacy and cookie policies with a consent mechanism, ensuring compliance with European data protection regulations. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities or exposed sensitive data. The site uses third-party scripts for consent management and paywall services but maintains a good balance between functionality and privacy. Overall, the platform is trustworthy, well-maintained, and serves a clear regional niche effectively.

P

PORR

worldofporr.com

55

The website worldofporr.com serves as a professional construction industry magazine for PORR, a well-established construction and infrastructure company. It provides blog articles and technical insights on various construction projects, targeting professionals and stakeholders in the construction and engineering sectors. The site uses TYPO3 CMS and modern web technologies, with a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. No direct contact information or incident response details are provided, which limits user trust and compliance. Overall, the site is professional and trustworthy but requires improvements in privacy and security transparency.

igus® GmbH is a global leader in manufacturing high-performance polymer components for motion applications, including energy chains, polymer bearings, flexible cables, and linear slides. The Slovakian localized website www.igus.sk serves industrial customers and engineers with comprehensive product information, digital configurators, and CAD resources. The company operates a large, well-structured digital presence with multiple country-specific domains, reflecting its extensive global market reach. Technically, the website employs modern JavaScript libraries, analytics tools, and responsive design, ensuring good user experience and performance. Security posture is solid with HTTPS enforcement and no visible vulnerabilities, though some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, supporting strong privacy practices. Overall, the site is professional, trustworthy, and well-aligned with the company's business objectives.

igus® AB is a Swedish branch of the global igus® GmbH group, specializing in the development and manufacturing of high-performance polymer components such as energy chains, cables, bearings, and linear technology. The company serves a broad industrial audience with a strong focus on motion plastics® solutions, offering extensive product catalogs, configurators, and CAD resources. The website demonstrates a mature digital presence with multi-language support and comprehensive product and service information. Technically, the site uses modern JavaScript libraries, analytics tools, and secure HTTPS protocols, reflecting a well-maintained infrastructure. Security posture is strong with no visible vulnerabilities or exposed sensitive data, although explicit incident response and vulnerability disclosure information are not present. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the site is professional, trustworthy, and aligned with industry best practices.

igus® (India) Pvt. Ltd. is a subsidiary of igus GmbH, specializing in manufacturing and supplying high-performance polymer components for motion applications such as energy chains, polymer bearings, flexible cables, and linear slides. The company targets industrial sectors including automation, robotics, and manufacturing, providing both products and digital configurator tools to enhance customer experience. The website reflects a strong market position with comprehensive product offerings and a global footprint supported by localized country domains. Technically, the website employs modern web technologies and analytics tools, ensuring good performance, mobile optimization, and SEO. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response information could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-aligned with the business's industrial focus.

igus® Hungária Kft. is a Hungarian subsidiary of the global igus GmbH group, specializing in manufacturing and supplying high-performance plastic energy chains, flexible cables, and maintenance-free plastic bearings. The company targets industrial manufacturers and engineers, offering a broad product portfolio including ready-to-install cable systems, 3D printing services, and digital tools such as online configurators and CAD downloads. The website reflects a mature digital presence with localized content and multi-language support, positioning igus as a trusted leader in motion plastics technology within Hungary and internationally. The business model is B2B focused, serving over 188,000 customers worldwide across more than 50 industries.

igus® ApS is a well-established manufacturer and developer of high-performance polymer products including energy chains, flexible cables, maintenance-free bearings, and linear systems. The company operates a professional and comprehensive website targeting industrial customers, engineers, and manufacturers primarily in Denmark but with a global presence through multiple country-specific domains. The site offers extensive product information, configurators, CAD data, and digital services, reflecting a mature digital infrastructure. Technically, the website uses modern JavaScript libraries, analytics tools, and secure HTTPS protocols, ensuring good performance and user experience. Security posture is strong with appropriate headers and no visible vulnerabilities, although public security policies and incident response contacts could be improved. Overall, the website is professional, trustworthy, and compliant with GDPR and cookie regulations, supporting a high level of business credibility.

igus GmbH operates the website igus.cl as a localized Chilean presence offering advanced motion plastics solutions including cable carriers, linear bearings, and automation components. The company is a global leader in manufacturing technical plastics for motion with a strong B2B focus serving diverse industrial sectors. The website demonstrates a mature digital infrastructure with modern technologies such as jQuery, Google Tag Manager, and Piwik PRO analytics, ensuring good performance and user experience. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policy and incident response contacts are not found. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-aligned with the parent company's branding and market positioning.

D

Deutsches Krebsforschungszentrum (DKFZ)

dkfz.de

64

The Deutsches Krebsforschungszentrum (DKFZ) is Germany's largest biomedical cancer research institution, employing over 3,000 staff and focusing on understanding cancer development, risk factors, prevention, diagnostics, and treatment. The website reflects a mature, well-funded public research entity with strong collaborations and translational research centers. Technically, the site is built on TYPO3 CMS with modern web technologies, optimized for performance, accessibility, and SEO. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site projects high professionalism and trustworthiness, supporting DKFZ's mission and public engagement.

Weidmüller Interface GmbH & Co. KG is a well-established enterprise specializing in industrial connectivity solutions, including products and services for connection technology, automation, and digitalization. The company targets industrial customers, system integrators, and device manufacturers globally, positioning itself as a leader in manufacturing and technology sectors. Their website reflects a mature digital presence with comprehensive product catalogs and solution offerings. Technically, the website employs modern web technologies such as Google Tag Manager and OneTrust for privacy compliance, and it is optimized for mobile and accessibility standards. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS registration data is a notable anomaly but does not detract significantly from the overall legitimacy given the professional website and branding. Strategic recommendations include publishing detailed security policies and vulnerability disclosure information to enhance trust and compliance.

M

Moongate

moongate.id

68

Moongate is a technology company focused on building an attention asset protocol that leverages blockchain technology to transform the value exchange between consumers and brands. Their platform offers no-code tools for brands to deploy token campaigns, token gating, and rewards, integrating real-world activations with digital assets. The company targets brands and consumers interested in blockchain-based engagement and tokenization, positioning itself as an emerging player with backing from multiple venture capital and angel investors. Technically, the website is built on Webflow CMS, using modern web technologies including Google Fonts, Google Tag Manager, and JavaScript. The site is mobile optimized with good design quality and clear navigation. Hosting is provided by Webflow, and performance is moderate. However, some accessibility features are basic, and SEO optimization is good. From a security perspective, the site uses HTTPS with excellent SSL configuration but lacks visible security headers such as Content-Security-Policy or X-Frame-Options. There is no explicit privacy or cookie policy, nor a vulnerability disclosure or incident response policy, which are compliance gaps. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a moderate risk profile with good business credibility but needs improvements in privacy compliance and security best practices. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, and establishing a vulnerability disclosure process.

U

Ultima Media Germany GmbH

cmx-conference.com

61

The CMxC website represents a professional event platform organized by Ultima Media Germany GmbH, focusing on corporate mobility and sustainable fleet management. It serves as a knowledge-sharing and networking hub for professionals involved in corporate mobility, including fleet managers, IT, HR, and procurement. The site is well-structured, content-rich, and uses modern web technologies such as TYPO3 CMS and Google Tag Manager, with embedded privacy compliance tools. The event is positioned as a leading conference in Germany for corporate mobility and sustainability, featuring a strong lineup of industry experts and sponsors.

V

verlag moderne industrie GmbH

automotive-battery-conference.com

63

The website represents a professional and well-established international conference focused on automotive battery technology, organized by verlag moderne industrie GmbH. It targets industry experts and professionals involved in battery technology, production, strategy, and regulation. The site provides comprehensive event details, speaker information, and networking opportunities, positioning itself as a key niche event in the energy and transportation sectors. Technically, the site is built on TYPO3 CMS with modern web technologies and includes privacy compliance mechanisms such as Google Consent Mode and a comprehensive privacy policy. Security posture is good with HTTPS usage and no visible vulnerabilities, though security headers are not explicitly detected. The WHOIS data is unavailable, which slightly reduces transparency but does not significantly impact trust given the professional presentation and detailed content. Overall, the site scores well in content quality, technical implementation, security, privacy compliance, and business credibility.