Security Directory

Fillout is a technology company providing a comprehensive SaaS platform for creating forms, surveys, quizzes, scheduling, payments, workflows, and signatures. The website positions itself as a trusted solution used by over 100,000 organizations, emphasizing ease of use and powerful integrations. The technical infrastructure is modern, leveraging React, Next.js, and Vercel hosting, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS and security headers implemented, though privacy and cookie policies are not evident, which is a compliance gap. The absence of WHOIS data is a concern for domain legitimacy but the website content and branding are professional and trustworthy. Overall, Fillout presents as a credible and mature SaaS provider with room to improve transparency and compliance documentation.

F

F.I.S.A.S.C.A.T. (Federazione Italiana Sindacati Addetti Servizi Commerciali, Affini e del Turismo)

fisascat.it

51

FISASCAT is a well-established Italian trade union federation affiliated with CISL, representing workers in the tertiary, tourism, and services sectors. The organization provides collective bargaining, consultancy, welfare services, and publishes sector-specific insights. The website reflects a mature digital presence with a modern Next.js framework, mobile optimization, and integration with social media and mobile apps. Security posture is strong with HTTPS and DNSSEC enabled, though some improvements in security headers and library updates are recommended. The site maintains comprehensive contact information including a designated Data Protection Officer, and complies with GDPR and cookie consent requirements. Overall, the website is professional, trustworthy, and serves its target audience effectively.

Y

Yubo

yubo.live

69

Yubo is a social discovery platform designed to help users make new friends and connect with like-minded people through live chat and group hangouts. The company targets primarily Gen Z and young adults, positioning itself as a safe and engaging social networking app. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience. Technically, the site leverages modern web technologies including React, Next.js, and Chakra UI, and integrates with Prismic CMS for content management. The platform is optimized for mobile and desktop with fast performance and good accessibility features. Security posture is strong with HTTPS enforcement, security headers, and visible safety tools such as age verification and transparency reports. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. However, incident response and vulnerability disclosure information are not publicly available, representing an area for improvement. Overall, the domain appears legitimate and privacy-protected, consistent with the business profile. The site is free from blocking or WAF challenges, allowing full content access and analysis.

A

Amazon.com, Inc.

aboutamazon.com

63

The website www.aboutamazon.com serves as Amazon.com's official corporate news and information portal, providing breaking news, company updates, and insights into Amazon's innovations, workplace culture, sustainability efforts, and community impact. It targets a broad audience including consumers, investors, employees, and media professionals. The site reflects Amazon's position as a global leader in e-commerce, cloud computing, and technology services, showcasing key services such as AWS, retail operations, devices, and entertainment. Technically, the site is built on modern web technologies including React and Next.js, with a strong focus on performance, mobile optimization, and accessibility. It employs advanced tracking and analytics tools like Adobe Alloy and Adobe DTM, and integrates comprehensive SEO and metadata strategies to enhance discoverability. The content is rich, professionally curated, and regularly updated, supporting a high-quality user experience. From a security perspective, the site enforces HTTPS with excellent SSL configuration and implements multiple security headers to protect users. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not prominently available, representing an area for improvement. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. Overall, the site demonstrates a mature digital presence with strong business credibility and security posture. The absence of WHOIS data is noted but does not detract from the site's legitimacy given its official branding and content. Strategic recommendations include publishing detailed security policies, establishing a vulnerability disclosure program, and enhancing security contact transparency to further strengthen trust and compliance.

B

Biologische Heilmittel Heel GmbH

heel-vital.de

44

HeelVital is a German natural health portal operated by Biologische Heilmittel Heel GmbH, offering comprehensive information on natural remedies, homeopathic products, and wellness tips. The website serves a broad audience interested in health and natural medicine, positioning itself as a trusted source with strong brand association to the Heel family of products. Technically, the site is built on modern frameworks such as Next.js and React, with a CMS integration via Storyblok, ensuring a fast, mobile-optimized, and accessible user experience. The presence of Google Tag Manager, Visual Website Optimizer, and Usercentrics indicates a mature digital marketing and consent management setup. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though the site lacks explicit security and incident response policies. WHOIS data is minimal and lacks registrant transparency, which slightly impacts trust but is mitigated by the professional site and brand presence. Overall, the site is well-maintained, compliant with GDPR, and trustworthy for its intended audience.

Testudo Srl is an Italian boutique software company specializing in custom software development, innovative SaaS products, and strategic consulting. The company targets businesses seeking tailored digital solutions to improve operational efficiency and market competitiveness. Their website showcases a strong client portfolio including major brands across various sectors such as logistics, insurance, manufacturing, and professional services, positioning them as a reputable player in the technology industry. Technically, the website is built using modern frameworks like Next.js and React, delivering fast performance, excellent mobile optimization, and good SEO practices. Security-wise, the site enforces HTTPS and includes essential security headers, reflecting a mature security posture. However, the absence of WHOIS registration data and lack of direct contact emails or phone numbers slightly reduce trust. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though it would benefit from publishing explicit security policies and incident response contacts.

O

Oral-B Germany

oralb.de

71

Oral-B Germany operates a comprehensive e-commerce and brand marketing website focused on oral health products including electric and manual toothbrushes, replacement brush heads, toothpaste, and oral hygiene accessories. The site targets German consumers and is part of the global Procter & Gamble portfolio, positioning Oral-B as a leading trusted brand in dental care. The website demonstrates a high level of digital maturity, utilizing modern technologies such as Next.js and React, hosted on Microsoft Azure infrastructure, and integrates advanced marketing and analytics tools like Google Analytics and Bazaarvoice. The site is well-optimized for mobile and SEO, providing an excellent user experience with clear navigation and rich content. Security posture is strong with HTTPS, security headers, and secure forms, though explicit security policies and incident response contacts are not published. Privacy compliance is robust with GDPR-aligned policies and cookie consent mechanisms. Overall, the website reflects a professional, trustworthy, and secure online presence for a major consumer brand.

S

Spf QODIO

kodio.fo

62

Kodio is a Faroese-based creative technology company specializing in digital solutions such as websites, intranets, branding, and email services. With over 10 years of experience and a client base exceeding 900 customers worldwide, Kodio positions itself as a trusted partner for businesses ranging from small private companies to public institutions. Their service model focuses on delivering tailored, high-quality digital communication and branding solutions that strengthen client identity and internal collaboration. Technically, the website is built on modern frameworks like Next.js and React, hosted on Vercel, ensuring fast performance and excellent mobile optimization. Security posture is adequate with HTTPS enabled and secure forms, but lacks advanced security headers and formal privacy and cookie policies. Overall, Kodio demonstrates a professional and trustworthy online presence with room for improvement in privacy compliance and security best practices.

S

Social9

social9.com

55

Social9 is a small technology company founded in 2023 that provides a suite of AI-powered tools designed to assist social media users, marketers, and agencies in creating engaging content across multiple platforms such as Facebook, Instagram, LinkedIn, and Twitter. Their business model centers on SaaS delivery of content generation and social media management tools, positioning them as a niche player in the AI content creation market. The website demonstrates a modern technical infrastructure leveraging Next.js, React, and Cloudflare DNS, with integration of Google Tag Manager for analytics and marketing purposes. The site is well optimized for mobile and SEO, offering a professional user experience with clear navigation and consistent branding. Security posture is solid with HTTPS enforced and domain registration protections in place, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is basic, with privacy and terms pages present but lacking cookie consent mechanisms and explicit GDPR compliance indicators. Overall, Social9 presents a credible and professional online presence with moderate risk and room for enhancement in security and privacy practices.

S

Sparkasse.de

s.de

72

Sparkasse.de serves as the central information portal for the Sparkassen-Finanzgruppe, a major financial institution in Germany. The website provides comprehensive information about banking products, services, and branch locations, targeting a broad general audience primarily within Germany. The business model focuses on delivering accessible financial information and facilitating customer engagement with local Sparkasse branches. The site demonstrates a strong market position as part of a well-established financial group. From a technical perspective, the website employs modern web technologies including React and Next.js, indicating a mature digital infrastructure. The site is well-structured, mobile-optimized, and exhibits good SEO practices. However, there is limited evidence of advanced security headers or explicit privacy and cookie policies, which are critical for compliance and user trust in the financial sector. Security posture analysis reveals gaps such as the absence of visible security headers and lack of published security policies or incident response contacts. While HTTPS is presumed given the domain and modern setup, explicit confirmation is not available in the provided data. The lack of privacy and cookie policies also indicates potential compliance risks with GDPR requirements. Overall, Sparkasse.de is a professionally designed and credible financial information portal with strong business credibility and technical implementation. To enhance security and compliance, it is recommended to implement comprehensive privacy and cookie policies, security headers, and vulnerability disclosure mechanisms. These improvements will strengthen user trust and regulatory adherence.

Cookies.fo is a specialized service provider offering cookie consent management solutions tailored to comply with Faroese data protection laws, GDPR, ePR, and CCPA. Founded in 2020 and operated by Spf QODIO, the company targets website owners needing to ensure legal compliance with cookie usage regulations. The website presents a clear business model based on subscription services with a free trial and standard paid plans. The market position is niche and local, focusing on the Faroe Islands and GDPR-regulated regions. Key services include a customizable cookie consent banner, centralized legal updates, and integration with Google Tag Manager.

B

Bundesrepublik Deutschland

govdata.de

63

GovData is the official open data portal for Germany, providing centralized access to datasets from all levels of government administration. It serves a broad audience including government agencies, researchers, developers, and the general public interested in open government data. The platform offers key services such as dataset search, SPARQL query assistance, and regional data filtering by federal states. The website is well-branded with consistent government identity and maintains a strong market position as the national open data hub. Technically, the site is built using modern web technologies including React and Next.js, with Matomo analytics for privacy-conscious user tracking. The site demonstrates excellent performance, mobile optimization, and accessibility features. Security posture is strong with HTTPS enforcement and appropriate security headers, though there is room for improvement in publishing explicit security policies and incident response information. Overall, GovData exhibits a high level of professionalism, trustworthiness, and compliance with GDPR, supported by clear privacy and usage policies. The absence of cookie consent mechanisms and vulnerability disclosure pages are minor gaps. The domain registration data aligns well with the official nature of the site, reinforcing its legitimacy. Strategic recommendations include implementing explicit cookie consent, publishing security and incident response policies, and enhancing accessibility further to maintain leadership in government open data provision.

V

VRT NWS

vrtnws.be

67

VRT NWS is a leading Belgian public news media organization providing reliable, clear, and engaging news content in text, image, and audio formats. The website serves a broad audience interested in current affairs, regional news, politics, culture, and international events. It operates under the parent company VRT and maintains a strong market position as a trusted news source in Belgium. The platform offers diverse content including liveblogs, videos, podcasts, and thematic dossiers, supported by a consistent and professional brand identity. Technically, the website is built on modern web technologies including Next.js and React, with integrations of Adobe DTM for tag management and Gemius for analytics. The site is well optimized for mobile devices, accessibility, and SEO, ensuring a fast and user-friendly experience. The infrastructure supports rich multimedia content and interactive features, reflecting a mature digital presence. From a security perspective, the site enforces HTTPS and follows best practices such as responsible disclosure policies. While explicit security headers were not detected in the provided data, the overall posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, with clear privacy and cookie policies aligned with GDPR requirements. The WHOIS data is restricted, which limits domain registration transparency but does not detract from the site's legitimacy given its official status and professional presentation. Overall, VRT NWS demonstrates a high level of digital maturity, security awareness, and business credibility, making it a reliable and authoritative news platform in its region.

V

VRT

vrt.be

76

VRT is the primary public broadcaster for the Flemish community in Belgium, providing a wide range of television, radio, and online news and entertainment services. The website serves as a portal to their various media offerings including VRT MAX streaming, VRT NWS news, and multiple radio and TV channels. The site is well designed with a modern tech stack leveraging Next.js and React, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforced and appropriate security headers in place. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms. The WHOIS data is restricted due to DNS Belgium policies, which is typical and justified for privacy reasons. Overall, the website is professional, trustworthy, and serves a broad general audience effectively.

C

Coolblue

coolblue.nl

72

Coolblue is a leading Dutch e-commerce retailer specializing in consumer electronics and appliances, known for its customer-centric services such as next-day delivery and free returns. The website demonstrates a modern technical infrastructure utilizing React and Next.js frameworks, indicating a mature digital presence. However, the security posture is moderate due to the absence of visible security headers and explicit security policies. Privacy compliance is low as no privacy or cookie policies were detected in the provided content. Overall, the website is professional and trustworthy but would benefit from enhanced security and privacy transparency.

P

Play Suisse

playsuisse.ch

63

Play Suisse is a Swiss media streaming platform offering free access to Swiss films, series, and documentaries. The service targets a general Swiss audience interested in local content and cultural stories. The platform positions itself as a national streaming service with a focus on Swiss productions, leveraging modern web technologies such as Next.js and React for a performant and mobile-optimized user experience. Hosting is delivered via Akamai CDN, ensuring fast content delivery. Security posture is adequate with HTTPS enforced but lacks explicit security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies and no visible consent mechanisms. Contact information and business transparency details are not present in the analyzed content, limiting direct user engagement and trust signals. Overall, the website is professionally designed, safe for general audiences, and technically modern but would benefit from enhanced privacy, security, and contact disclosures.

K

K.D. Feddersen GmbH & Co. KG

kdfeddersen.com

58

K.D. Feddersen GmbH & Co. KG is a well-established distributor and service provider specializing in engineering plastics, serving primarily European and Asian markets. The company offers a comprehensive portfolio of polymers and related services including application advice and supply chain management, positioning itself as a premium supplier with over 70 years of corporate history through its parent group. The website reflects a mature digital presence with modern technologies such as React and Next.js, and is supported by a CMS (Storyblok) that enables rich content delivery and multilingual support. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and explicit security policies are not publicly disclosed. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site demonstrates high professionalism, trustworthiness, and business credibility, making it a reliable digital asset for the company.

Sennheiser is a globally recognized leader in the audio technology industry, specializing in the design and manufacture of high-quality headphones, microphones, and wireless systems. With a legacy spanning over 75 years, the company serves a diverse audience including professional audio users, consumers, and businesses requiring advanced audio solutions. The website reflects a mature digital presence with comprehensive product information, support resources, and a global dealer network. Technically, the site leverages modern frameworks such as Next.js and React, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and vulnerability disclosure mechanisms are not publicly detailed. Overall, the site demonstrates high professionalism and trustworthiness, supporting Sennheiser's market position as a premium audio brand.

C

Circle

circle.so

71

Circle is a technology company founded in 2019 that offers a comprehensive community platform enabling users to build branded communities, manage events, and host courses. The platform targets community builders, event organizers, and course creators, positioning itself as a complete SaaS solution in the community management space. The website is professionally designed, mobile-optimized, and leverages modern web technologies such as Next.js, React, and Builder.io for content management. Hosting and CDN services appear to be provided by Vercel and Cloudflare, ensuring fast and secure delivery. Security posture is strong with HTTPS enforced, multiple security headers, and no exposed sensitive data, although DNSSEC is not enabled. The site integrates various marketing and analytics tools including Google Analytics, Facebook Pixel, and HubSpot, indicating moderate user tracking. However, explicit privacy and cookie policies are not found, and no direct contact information or security incident response details are provided, which are areas for improvement. Overall, Circle demonstrates a mature digital presence with a solid technical foundation and good security practices but should enhance privacy compliance and transparency to further build trust.

Moneyview.in is a prominent Indian fintech platform offering a comprehensive suite of financial products including personal loans, home loans, business loans, credit cards, digital gold investment, fixed deposits, UPI payments, and motor insurance. The platform boasts a large user base with over 65 million users and 5 crore+ app downloads, positioning itself as a top fintech app in India. The website is professionally designed with consistent branding and clear navigation, targeting Indian consumers seeking convenient financial services. Technically, the site leverages modern web technologies such as React, Next.js, and Material UI, and integrates analytics and marketing tools like Google Tag Manager, Microsoft Clarity, and Facebook Pixel. Security posture is strong, evidenced by HTTPS enforcement and ISO 27001:2022 certification, though explicit privacy and cookie policies are absent, indicating room for compliance improvement. Overall, the site is trustworthy and functional, but could enhance privacy transparency and incident response disclosures.

Z

Zeppelin Konzern

zeppelin.com

71

Zeppelin Konzern is a large German enterprise specializing in providing innovative solutions across construction, industry, plant engineering, and energy sectors. The company operates globally with over 200 locations, emphasizing sustainability and corporate social responsibility. Their business model focuses on B2B services including machinery, rental, power systems, and engineering solutions. The website reflects a mature digital presence with professional design and comprehensive content tailored to industrial clients and partners. Technically, the website leverages modern frameworks such as Next.js and React, supported by CDN hosting and enhanced with Google Tag Manager and OneTrust for privacy compliance. The site is mobile-optimized, fast-loading, and accessible, indicating a high level of digital maturity. Security best practices are observed with HTTPS enforcement and security headers, although no public vulnerability disclosure or incident response information is provided. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well implemented with clear cookie consent mechanisms and GDPR-aligned privacy policies. However, the absence of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy, though the website content and branding strongly support the authenticity of the business. Overall, Zeppelin Konzern presents a professional, trustworthy, and secure online presence suitable for its enterprise audience. Strategic recommendations include publishing a vulnerability disclosure policy, incident response contacts, and continuing regular security audits to maintain and enhance trust.

W

WeNet Group S.A.

wenet.pl

11

WeNet Group S.A. operates a professional digital marketing and technology services website targeting small and medium enterprises in Poland. The company offers a broad range of services including website creation, SEO, e-commerce solutions, Google Ads, social media management, hosting, and email marketing. The website is well-branded, consistent, and supported by strong trust indicators such as Microsoft and Google partnerships. Technically, the site is built on modern frameworks like Next.js and React, with good performance and mobile optimization. Security posture is solid with HTTPS, reCAPTCHA, and consent mechanisms, though some security headers could be improved. No blocking or WAF interference was detected, allowing full content access. WHOIS data confirms domain legitimacy and consistency with the business identity. Overall, the site reflects a mature digital presence with strong business credibility and compliance.

S

Städtereinigung Gerke GmbH

staedtereinigung-gerke.de

62

Städtereinigung Gerke GmbH is a well-established regional service provider specializing in municipal and industrial waste management and sanitation services in Tönisvorst, Willich, and surrounding areas in Germany. With over 60 years of history, the company offers a broad range of services including hazardous waste disposal, sanitary rentals, and container rentals through an online shop. The website reflects a professional and consistent brand image targeting local businesses, municipalities, and citizens. Technically, the site is built on modern frameworks such as Next.js and React, hosted on Vodafone infrastructure, and incorporates consent management and analytics tools like Usercentrics and Google Tag Manager. Security posture is solid with HTTPS and basic security best practices, though explicit security headers and incident response policies are not published. Overall, the site is accessible, well-structured, and compliant with GDPR, but could improve transparency on security and incident response. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms.

S

Sally & Friends AG

hisally.ch

59

Sally & Friends AG is a Swiss-based company specializing in branding, digital marketing, development, design, and event management services. The company positions itself as a strategic partner for startups, SMEs, and large enterprises aiming to elevate their events and digital presence. Their key services include customer experience design, product engineering, digital growth and marketing, and event management. The website showcases a strong client portfolio, indicating a reputable market position within the media and technology sectors in Switzerland. Technically, the website is built using modern technologies such as Next.js and React, with Contentful as the CMS and Vimeo for video hosting. The site is well-optimized for performance and mobile devices, featuring professional design and clear navigation. However, there is room for improvement in security practices, particularly the implementation of security headers and publishing security policies. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. However, the absence of privacy and cookie policies, as well as incident response information, indicates compliance gaps. No WAF or blocking mechanisms were detected, allowing full content accessibility. Overall, the website presents a professional and trustworthy business front with excellent content quality and business credibility. Strategic recommendations include enhancing privacy compliance, implementing security headers, and publishing incident response and security policies to strengthen trust and regulatory adherence.

Turbine Kreuzberg is a technology consultancy and software development company founded in 2017, specializing in high-performance enterprise applications including commerce platforms, PIM, CMS, middleware, and search solutions. The company targets B2B clients seeking digital transformation and technology consulting services. Their market position is that of an established mid-sized technology service provider with a strong portfolio of clients and case studies. Technically, the website is built on modern frameworks such as Next.js and React, with a well-implemented cookie consent mechanism and integration of analytics tools like Google Tag Manager and HubSpot. Security posture is solid with HTTPS enforced, domain locks in place, and no evident vulnerabilities, though DNSSEC is not enabled and explicit security policies are not published. Overall, the site is professional, well-structured, and compliant with GDPR, with comprehensive privacy and legal documentation. The risk level is low, but improvements in security transparency and DNS security are recommended.

Museum Utopie und Alltag Digital is a German non-profit digital museum platform that collects and showcases personal stories, comments, and photographs related to museum objects, initially focusing on the theme of travel. The platform encourages community engagement and collective memory creation through user-generated content. The website is bilingual (English and German) and provides educational and cultural content aimed at a general audience interested in heritage and history. Technically, the website is built using modern web technologies including React and Next.js, with a WordPress backend serving content via API. It is hosted on Amazon AWS infrastructure, uses Matomo for privacy-conscious analytics, and implements GDPR-compliant cookie consent mechanisms. The site is mobile-optimized and has good SEO and accessibility basics. From a security perspective, the website enforces HTTPS, includes standard security headers, and does not expose sensitive data or use vulnerable libraries. However, it lacks explicit security or incident response policies and does not provide vulnerability disclosure information. Privacy compliance is strong with a clear privacy policy and cookie consent. Overall, the website presents a trustworthy, professional, and secure platform for cultural heritage engagement. Recommendations include adding terms of service, security policies, and a vulnerability disclosure page to enhance transparency and trust further.

O

Otovo GmbH

otovo.at

64

Otovo GmbH is a medium-sized energy sector company specializing in photovoltaic solar solutions for private homeowners primarily in Austria and Europe. The company operates a marketplace model connecting customers with certified local installers, offering both purchase and leasing options for solar systems. Their website demonstrates a high level of digital maturity, utilizing modern technologies such as Next.js, React, and Sanity CMS, hosted likely on Vercel, ensuring fast performance and excellent mobile optimization. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although a dedicated security policy and incident response information are not publicly available. Overall, Otovo presents a professional, trustworthy, and user-friendly online presence aligned with its business goals.

B

Bankrolls Inc.

bankrolls.com

77

Bankrolls Inc. operates a specialized casino affiliate management platform designed to streamline payments, optimize affiliate earnings, and provide real-time analytics for casino affiliates and iGaming operators. Established in 2003 and headquartered in San Francisco, the company holds a strong market position with over 5,000 affiliates and 100+ casino partners. Their platform leverages AI to optimize offer walls and consolidates payments to simplify affiliate operations. Technically, the website is built on modern frameworks such as React and Next.js, hosted likely on Vercel, and demonstrates excellent performance, mobile optimization, and SEO practices. Security posture is strong with HTTPS, security headers, and reCAPTCHA integration, though DNSSEC is not enabled and explicit security policies or incident response contacts are absent. Overall, the business shows high credibility with verified reviews, consistent WHOIS data, and comprehensive contact information, making it a trustworthy and professional service in the iGaming affiliate sector.

P

Picto Access par APF France handicap

pictoaccess.fr

64

Picto Access, operated by APF France handicap, is a specialized provider of digital accessibility solutions aimed at improving inclusion and compliance for public establishments, workplaces, housing, and transport networks primarily in France. The company leverages modern web technologies including Next.js and Material-UI, hosted on OVH with Cloudflare CDN, ensuring a performant and secure user experience. The website demonstrates a strong security posture with HTTPS, security headers, and use of Google reCAPTCHA to protect forms. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR adherence is evident. Overall, the site is professional, trustworthy, and well-positioned in the accessibility technology market.

D

DICE

dice.fm

61

DICE is a digital platform specializing in live music event ticketing and personalized event recommendations. Founded in 2013, it offers a mobile app and website for users to discover and purchase tickets for concerts, festivals, and club nights. The platform targets music fans and event goers, positioning itself as a convenient and upfront pricing alternative in the live event ticketing market. Technically, the site leverages modern web technologies including React and Next.js, hosted with Cloudflare DNS and CDN services, and integrates multiple marketing and analytics tools such as Google Analytics, Braze, and Branch.io. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though some security headers are not explicitly detected and no public security policy or incident response contacts are published. Privacy compliance is partial, with a cookie consent mechanism via CookieHub but no explicit privacy policy or terms of service found in the analyzed content. Overall, the website is professional, well-designed, and technically mature, but could improve transparency and compliance documentation.

A

Airwallex

airwallex.com

71

Airwallex is a leading global payments and financial platform specializing in providing businesses with multi-currency accounts, high-speed international transfers, corporate cards, and embedded finance solutions. The company targets businesses requiring seamless cross-border financial services and offers a comprehensive API platform to integrate financial services programmatically. The website reflects a mature digital presence with excellent content quality, clear navigation, and professional branding consistent with a large fintech enterprise. Technically, the site leverages modern frameworks such as Next.js and React, with performance and mobile optimization rated as excellent. Security posture is strong, with HTTPS enforced, security headers present, and no visible vulnerabilities. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. However, WHOIS data is unavailable, which slightly impacts transparency but does not detract significantly from the site's credibility given other trust indicators. Overall, Airwallex demonstrates a robust business and technical foundation suitable for its market position.

U

Unareti S.p.A.

unareti.it

67

Unareti S.p.A. is a large Italian energy distribution company specializing in the integrated management of electricity and gas distribution in selected Italian territories. The company offers a range of services including emergency interventions, online customer services, and support for energy communities and electric vehicle charging infrastructure. The website reflects a professional and customer-focused approach, providing clear information and multiple contact channels. Technically, the site is built on modern frameworks such as Next.js and React, with good mobile optimization and SEO practices. Security posture is solid with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response details are not publicly available. Overall, the domain registration and website content align well, indicating a trustworthy and legitimate business presence.

A

A2A Ciclo Idrico

a2acicloidrico.eu

62

A2A Ciclo Idrico is a regional utility company managing integrated water services in Brescia and surrounding provinces in Italy. The company offers a range of digital services to facilitate customer interactions, including appointment booking, online document submission, and water quality verification. The website reflects a mature digital infrastructure with modern technologies such as Next.js and React, and integrates cookie consent and analytics tools responsibly. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly detailed. Overall, the company presents itself as a trustworthy and professional utility provider with a clear focus on customer service and regulatory compliance.

A

A2A Calore e Servizi

a2acaloreservizi.eu

64

A2A Calore e Servizi is a leading Italian utility company specializing in district heating and cooling services primarily in the Milan, Brescia, and Bergamo areas. As a subsidiary of the larger A2A group, it holds a strong market position as a key energy service provider focused on sustainable and decarbonized heating solutions. The website reflects a mature digital presence with professional branding and comprehensive service information targeted at residential, commercial, and industrial customers. Technically, the site leverages modern frameworks such as Next.js and React, integrates cookie consent via Iubenda, and uses Google Tag Manager for analytics, indicating a well-maintained infrastructure. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not publicly disclosed. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact information, supporting a positive risk profile.

S

RedCart – sklepy internetowe, integracje, automatyzacja

sellaio.com

55

RedCart is a well-established Polish e-commerce platform founded in 2008, offering comprehensive solutions for online store creation, sales management, multi-channel selling, and automation. The platform targets e-commerce businesses seeking integrated tools to streamline their operations and increase sales efficiency. With over 100,000 stores created and positive client testimonials, RedCart holds a strong market position in Poland's e-commerce sector. Technically, the website leverages modern web technologies including Next.js and React, ensuring fast performance and excellent mobile optimization. The platform integrates multiple analytics and marketing tools such as Google Tag Manager, Hotjar, Microsoft Clarity, and Facebook Pixel, indicating a mature digital marketing approach. Security-wise, the site uses HTTPS and DNSSEC, reflecting good domain and transport security. However, explicit privacy and cookie policy pages are missing, and some recommended security headers are not evident, which could be improved to enhance compliance and security posture. Overall, RedCart presents a professional, trustworthy, and technically sound e-commerce platform with room for improvement in privacy transparency and security header implementation.

O

Octopus Energy

electroverse.com

68

Electroverse, operated by Octopus Energy, is a platform providing extensive access to over one million electric vehicle chargers across the UK and Europe, positioning itself as Europe's largest EV charging network. The website targets EV owners and businesses seeking convenient charging solutions, offering a streamlined user experience with a modern React and Next.js based infrastructure hosted on Vercel. The digital maturity is high, with comprehensive use of analytics, marketing, and tracking tools to optimize user engagement and business insights. Security posture is strong, with HTTPS enforced and multiple security headers present, though there is room for improvement in publishing explicit privacy and security policies. Overall, the website demonstrates professionalism and trustworthiness, supported by a long-established domain and consistent branding.

A

Audioboost

speakup.ai

60

SpeakUp Article, operated by Audioboost, is a specialized AI-driven platform that transforms written content into engaging audio experiences for publishers and content creators. It offers advanced AI voice synthesis, a customizable audio player, and monetization capabilities through dynamic ad insertion. The platform is positioned as a trusted solution with over 2.5 million monthly listeners and partnerships with notable publishers and institutions. Technically, the website leverages modern web frameworks such as React and Next.js, integrates Google Analytics and Tag Manager for tracking, and uses Iubenda for privacy compliance. The site is well-optimized for performance, accessibility, and SEO, providing a professional user experience. Security-wise, the site enforces HTTPS, uses reCAPTCHA on forms, and complies with GDPR and accessibility standards, though it lacks explicit security headers and a public security policy. Overall, the domain WHOIS data is unavailable, likely due to privacy protection, but the website's professionalism and trust signals indicate legitimacy.

W

Web357

web357.com

62

Web357 is a specialized technology company delivering premium Joomla! extensions and WordPress plugins aimed at enhancing website functionality, security, and performance. Established since 2010 and based in Cyprus, the company targets developers, digital agencies, and web professionals seeking reliable and professional web development tools. Their market position is supported by a strong user base of over 10,000 satisfied customers and positive verified testimonials. The website reflects a mature digital presence with modern technologies such as React and Next.js, and integrates analytics and user feedback tools like Google Analytics and Hotjar. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, though some improvements in security headers and incident response transparency are recommended. Privacy compliance is adequate with a comprehensive privacy policy, but lacks a cookie consent mechanism despite tracking scripts. Overall, Web357 presents a professional and trustworthy online presence with minor areas for enhancement in security and privacy practices.

Z

Zurich Film Festival

zff.com

60

The Zurich Film Festival (ZFF) is a well-established non-profit cultural organization that hosts an internationally recognized film festival in Zurich, Switzerland. The website serves as a comprehensive platform for festival information, ticket sales, event schedules, and merchandise. It targets film enthusiasts, industry professionals, and cultural supporters, offering a rich program of auteur films, side events, and exclusive memberships. The festival enjoys strong partnerships with reputable brands such as UBS, Mercedes-Benz, and NZZ, reinforcing its market position. Technically, the website is built on modern frameworks including Next.js and React, with integration of Shopify for e-commerce and DatoCMS for content management. It leverages Cloudflare DNS and CDN services, ensuring fast performance and good mobile optimization. The site implements privacy compliance mechanisms such as Cookiebot for cookie consent and maintains comprehensive legal documentation. Analytics and marketing tools like Google Analytics, Facebook Pixel, and Google Tag Manager are used with user consent. From a security perspective, the site enforces HTTPS, uses clientTransferProhibited domain status, and employs cookie consent for privacy. However, DNSSEC is not enabled, and no explicit security.txt or incident response contacts are published. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is strong but could be improved with additional DNS security and public vulnerability disclosure. The overall risk assessment is low, with the website demonstrating professionalism, trustworthiness, and compliance with GDPR. Strategic recommendations include enabling DNSSEC, publishing a security.txt file, and enhancing security headers. These steps will further strengthen the site's security and trustworthiness for users and partners.

E

EGN Entsorgungsgesellschaft Niederrhein mbH

entsorgung-niederrhein.de

60

EGN Entsorgungsgesellschaft Niederrhein mbH is a regional full-service provider specializing in waste disposal and recycling services for commercial, industrial, municipal, and private sectors. The company emphasizes sustainable and resource-efficient circular economy solutions, offering a broad range of services including container rental, construction site services, hazardous waste disposal, and event services. Their market position is strong within the Niederrhein region, supported by a network of subsidiaries and partners that enhance their service offerings. Technically, the website is built on modern frameworks such as React and Next.js, ensuring fast performance, mobile optimization, and good SEO practices. The infrastructure appears professionally managed with no signs of blocking or WAF interference, and the site includes a cookie consent mechanism compliant with GDPR requirements. From a security perspective, the site enforces HTTPS, includes standard security headers, and avoids exposing sensitive data. However, explicit security policies and incident response information are not published, representing an area for improvement. The absence of a vulnerability disclosure or security.txt file also suggests opportunities to enhance transparency and trust. Overall, the website presents a professional, trustworthy, and well-maintained digital presence aligned with the company's business objectives. Strategic recommendations include publishing detailed security and incident response policies, adding vulnerability disclosure mechanisms, and explicitly listing data protection officer contacts to strengthen compliance and user trust.

E

Entsorgungsgesellschaft Krefeld GmbH & Co. KG

egk.de

62

The Entsorgungsgesellschaft Krefeld GmbH & Co. KG (EGK) is a regional municipal waste management and environmental services company based in Krefeld, Germany. The company operates a unique combination of waste incineration and sewage treatment plants, generating electricity and district heating for thousands of households. Additionally, EGK maintains an accredited laboratory for water and waste analysis and serves as a significant local employer with approximately 250 staff members. The website reflects a well-structured and professional digital presence, targeting local residents, businesses, and potential employees. It emphasizes environmental responsibility, energy production, and community engagement. Technically, the site is built on modern frameworks such as Next.js and React, with integrations for cookie consent (Usercentrics) and analytics (Google Tag Manager, Microsoft Application Insights). Security best practices are observed with HTTPS enforcement and security headers, although explicit security policies and incident response information are not published. Overall, the site is trustworthy, compliant with GDPR, and provides clear information about services and career opportunities.

S

Super Partners

superpartners.com

62

Super Partners is a well-established affiliate marketing platform specializing in casino and sports betting brands. With a domain age dating back to 1999 and strong parent company ties to Super Group, it holds a reputable market position. The website showcases a comprehensive portfolio of globally recognized brands and partnerships with major sports teams, reflecting a mature and professional business model. Technically, the site leverages modern frameworks like Next.js and React, with Cloudflare DNS and robust analytics integrations, ensuring a fast, responsive, and accessible user experience. Security posture is strong with HTTPS enforcement and security headers, though DNSSEC is not enabled. Privacy compliance is evident with clear privacy and cookie policies and GDPR adherence. Overall, the site presents a trustworthy and professional front for affiliates and partners in the iGaming industry.

R

Re:wild

rewild.org

69

Re:wild is a well-established non-profit organization dedicated to protecting and restoring wild places and wildlife globally. Their website reflects a mature digital presence with clear messaging focused on environmental conservation, biodiversity, and climate change solutions. The organization leverages modern web technologies including Next.js, React, and integrates analytics and marketing tools such as Google Tag Manager, Hotjar, and Microsoft Clarity to optimize user engagement and track impact. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although formal security policies and vulnerability disclosures are absent. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism, trustworthiness, and effective communication of their mission and impact.

F

Freename

freename.com

64

Freename is a technology company founded in 2022 specializing in domain registration and management services, including traditional domains and emerging Web3 domains. Positioned as an emerging player in the domain registrar market, Freename offers a platform for users to search, buy, transfer, and manage domain names with additional features such as custom TLDs and domain import. The website demonstrates a professional design and consistent branding, targeting individuals and businesses seeking domain services with a focus on digital identity and Web3 integration. Technically, the site is built on modern frameworks such as React and Next.js, hosted with Cloudflare DNS services, and incorporates Google Tag Manager and Facebook Pixel for analytics and marketing purposes. While the site is mobile optimized and SEO friendly, it lacks explicit privacy, cookie, and security policies, which impacts its privacy compliance score. Security posture is generally good with HTTPS enabled and domain locking status, but DNSSEC is not enabled and security headers are missing. Overall, the website is functional and trustworthy but would benefit from enhanced privacy and security disclosures.

M

meinebghm.de

meinebghm.de

57

The website meinebghm.de appears to be a digital portal for a statutory accident insurance institution in Germany, providing services such as insurance account management, seminar booking, and administrative functions for insured persons and companies. The site is built using modern web technologies including React and Next.js, indicating a contemporary technical infrastructure. However, the visible content is minimal, with no user-facing text or metadata such as privacy or cookie policies, contact information, or terms of service. Security posture is moderate but lacks visible security headers and explicit SSL/TLS configuration details. No signs of WAF or blocking mechanisms were detected, and the site appears accessible. Overall, the site demonstrates basic digital maturity but requires improvements in content completeness, privacy compliance, and security best practices to enhance trust and usability.

W

Wygodne Zwroty

wygodnezwroty.pl

61

Wygodne Zwroty is a Polish e-commerce service platform specializing in facilitating convenient returns of online purchases. The platform provides a comprehensive search engine for stores, easy parcel return management, and integration with major courier services such as InPost, DPD, DHL, and GLS. With over one million customers served, it holds a strong market position in Poland's e-commerce returns sector. The website is built on modern technologies including Next.js and React, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS enforced and CAPTCHA protections, although explicit privacy and terms of service pages are not found in the analyzed content. Overall, the platform demonstrates a mature digital infrastructure and trustworthy business model, though improvements in privacy transparency and contact information availability are recommended.

R

RedCart

redcart.pl

10

RedCart is a well-established Polish e-commerce platform founded in 2008, offering comprehensive tools for online store creation, sales management, multi-channel selling, and automation. The platform targets online retailers seeking integrated solutions to streamline their sales and marketing efforts. With over 100,000 stores created, RedCart holds a strong market position in the Polish e-commerce sector. Technically, the website leverages modern frameworks such as Next.js and React, ensuring fast performance and excellent mobile optimization. The platform is hosted by OVH SAS, a reputable provider, and employs HTTPS with DNSSEC for enhanced security. However, the site lacks explicit privacy and cookie policy pages, which are critical for GDPR compliance. Security posture is good with HTTPS and DNSSEC enabled, but could be improved by adding more security headers and formal security policies. Overall, the website is professional, trustworthy, and content-rich, but should enhance privacy compliance and contact transparency to improve user trust and regulatory adherence.

T

Treedom s.r.l.

treedom.net

72

Treedom s.r.l. operates an online platform dedicated to environmental sustainability by enabling individuals and companies to plant or gift trees and track their impact. The company positions itself as a niche leader in green business solutions and reforestation projects, targeting environmentally conscious consumers and businesses. The website is professionally designed, mobile-optimized, and provides clear information about its services and mission. Technically, the site leverages modern frameworks such as Next.js and React, integrates Google Tag Manager for analytics, and uses Iubenda for cookie consent management, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS and GDPR-compliant cookie consent but lacks explicit security headers and published security policies, indicating room for improvement in security transparency and incident response readiness. Overall, the website is trustworthy and safe, with no adult or questionable content, but the absence of WHOIS data slightly reduces domain trustworthiness. Strategic recommendations include enhancing security headers, publishing security policies, and establishing a vulnerability disclosure program to strengthen security posture and user trust.

A

A2A S.p.A.

gruppoa2a.it

46

A2A S.p.A. is a leading Italian multi-utility company specializing in energy, water, environmental services, and sustainable mobility. The company positions itself as a Life Company focused on sustainability and ecological transition, offering a wide range of services including electricity and gas supply, district heating and cooling, water management, waste collection, and electric vehicle charging solutions. The website reflects a mature enterprise with a strong market presence and diversified service portfolio targeting consumers, businesses, investors, and public entities. Technically, the website employs modern web technologies such as Next.js and React, integrates Google Tag Manager for analytics, and uses Dynatrace for performance and security monitoring. The site is mobile-optimized, accessible, and SEO-friendly, with comprehensive metadata and structured data enhancing search visibility. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS, implements multiple security headers, and avoids exposing sensitive data. However, explicit security policies and incident response information are not publicly detailed, and no vulnerability disclosure policy or security.txt file is found. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Overall, the website demonstrates high professionalism, trustworthiness, and business credibility. The domain WHOIS data aligns with the corporate identity, confirming legitimacy. Strategic recommendations include publishing detailed security policies, establishing a vulnerability disclosure program, and enhancing performance optimizations to further strengthen the security posture and user experience.

S

S-Kreditpartner

skpk.de

72

S-Kreditpartner is a German financial services company specializing in consumer and auto loans, operating fully online and in partnership with Sparkassen banks. The website presents a professional and modern interface built with Next.js and React, integrating Google Tag Manager for analytics. Security posture is strong with HTTPS and security headers implemented, though explicit privacy and cookie policies are not found in the provided content. Contact information and incident response details are not clearly visible, which could impact user trust and compliance. Overall, the business appears legitimate and well-positioned in the finance sector, targeting private customers and Sparkassen partners with streamlined online loan services.