Security Directory

C

CSL Plasma

cslplasma.com

66

CSL Plasma operates as a leading plasma collection organization in the United States, with over 300 centers. The company focuses on donor experience and wellbeing, providing plasma for life-saving medicines. Their website reflects a mature digital presence with modern technologies such as Drupal 9 CMS, Bootstrap 5, and integration of Google Analytics and Tag Manager for tracking and marketing. The site is well-structured, mobile-optimized, and provides comprehensive information for donors including rewards programs and FAQs. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers could be improved. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the strong brand presence and content quality. Strategic recommendations include enhancing security headers, improving incident response visibility, and ensuring WHOIS data transparency.

V

VARTA AG

varta-storage.com

73

VARTA AG is a German-based company specializing in energy storage solutions, offering a range of products including modular DC high-voltage storage systems and AC complete systems with integrated battery inverters. The company emphasizes quality manufacturing in Germany, sustainability, and customer-centric services such as installation support and a dedicated monitoring portal (VARTA.energy). The website is professionally designed using TYPO3 CMS, featuring rich multimedia content and clear navigation tailored for both consumers and installers. Security posture is strong with HTTPS, cookie consent mechanisms, and no visible vulnerabilities, although explicit security policies and incident response contacts are not prominently published. WHOIS data is missing or unavailable, which is unusual but the website content and external references strongly support legitimacy. Overall, the site demonstrates a mature digital presence with good compliance and user experience.

N

National Institute for Health and Care Excellence

nice.org.uk

78

The National Institute for Health and Care Excellence (NICE) is a UK government agency providing authoritative guidance and standards for the NHS and wider health and care system. The website serves healthcare practitioners, commissioners, policymakers, patients, and industry stakeholders by offering comprehensive health guidance, standards, formularies, and knowledge resources. The site is well-positioned as a trusted source in the healthcare sector with a large audience and a strong market presence. Technically, the website is built on modern frameworks such as Next.js and uses a headless CMS (Storyblok), integrating various analytics and marketing tools like Google Analytics, Hotjar, and Google Optimize. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and shows good security practices, though explicit security policies and vulnerability disclosure mechanisms are not publicly documented. No critical vulnerabilities or suspicious indicators were found. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable resource for its target audience.

B

BTL

btl-kariera.cz

57

BTL is a Czech-based company specializing in the development and manufacturing of advanced medical technologies, including devices for cardiology, physiotherapy, and aesthetic medicine. The company operates globally with over 80 branches worldwide and positions itself as a leader in physiotherapy device manufacturing. Their website focuses on career opportunities, showcasing innovation and a strong presence in the healthcare technology sector. Technically, the website uses modern web technologies such as Ruby on Rails, Google Tag Manager, and YouTube integrations, hosted on Wedos.net infrastructure. The site is well-optimized for SEO, mobile-friendly, and includes comprehensive privacy and cookie consent mechanisms, reflecting good digital maturity. Security posture is solid with HTTPS enforcement and CSRF protections, although explicit security headers are not confirmed. No critical vulnerabilities or blocking mechanisms were detected, and contact information is clearly provided. Overall, the website demonstrates a professional and trustworthy online presence aligned with the company's business goals.

T

Trustwave Security Colony

securitycolony.com

74

Security Colony is a cybersecurity resource platform operated under the Trustwave brand, offering a comprehensive suite of consulting-derived resources, assessments, and monitoring tools. The website targets CISOs and security professionals seeking cost-effective access to compliance toolkits (ISO27001, HIPAA), vendor risk assessments, maturity and ransomware readiness evaluations, breach monitoring, and expert forums. The business model is subscription-based with transparent tiered pricing, positioning Security Colony as a trusted partner leveraging years of consulting experience. Technically, the website is built with modern frameworks including Bootstrap and Hugo CMS, uses CDN-hosted libraries, and integrates Google Tag Manager for analytics. The site is mobile-optimized with good navigation and professional design. Security posture is solid with HTTPS enforced and cookie consent implemented, though security headers and explicit incident response contacts could be improved. WHOIS data is unavailable, which slightly reduces trust but the strong association with Trustwave and professional presentation support legitimacy. Overall, the website is a credible, well-structured cybersecurity resource platform with room for enhanced security transparency and incident response information.

A

AFS Norge

afs.no

59

AFS Norge is a well-established non-profit organization focused on providing intercultural exchange and learning opportunities primarily for students, host families, and volunteers in Norway. The website demonstrates a strong market position within the educational exchange sector, offering diverse programs such as student exchanges, language travel, and volunteer roles. The organization emphasizes cultural understanding and global citizenship, supported by a consistent and professional online presence. Technically, the website is built on WordPress with modern plugins like Yoast SEO and Google reCAPTCHA Enterprise, ensuring good SEO, security, and user experience. The site is hosted on AWS Cloudfront CDN, providing moderate performance and good mobile optimization. Accessibility and navigation are well implemented, contributing to an excellent user experience. Security posture is strong with HTTPS enforced, use of reCAPTCHA, and privacy banners for cookie consent. However, explicit security headers could be more visible or enhanced. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust with clear policies and GDPR adherence. Overall, the website is trustworthy, professional, and secure, with minor recommendations for security header improvements and ongoing maintenance. The lack of public WHOIS data is typical for privacy-protected domains and does not detract from the site's legitimacy. Strategic recommendations include enhancing security headers, continuous plugin updates, and periodic security audits to maintain a high security standard.

A

AFS Interkulturelle Begegnungen e.V.

afs.de

68

AFS Interkulturelle Begegnungen e.V. is a well-established non-profit organization specializing in intercultural youth exchange programs, including student exchanges, volunteer services, and host family programs. With over 75 years of experience and a global network of more than 50 partner organizations, AFS holds a strong market position in Germany's educational and cultural exchange sector. The website reflects a professional and comprehensive digital presence, targeting youth, parents, schools, and volunteers with clear navigation and rich content. Technically, the site is built on WordPress with modern plugins and integrations such as Google reCAPTCHA Enterprise and social media APIs, hosted behind Cloudflare for performance and security.

A

AFS Austauschprogramme für interkulturelles Lernen

afs.at

64

AFS Austauschprogramme für interkulturelles Lernen is a well-established Austrian non-profit organization specializing in intercultural educational exchange programs such as student exchanges, gap years abroad, language stays, and volunteer opportunities. The organization targets students, parents, host families, and volunteers, offering a broad portfolio of programs supported by a global network. Their website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a strong market position in the education sector within Austria. The presence of comprehensive privacy and cookie policies, along with clear contact details and social media engagement, enhances their credibility and trustworthiness. Technically, the website is built on WordPress with modern plugins and integrations including Yoast SEO, Google reCAPTCHA Enterprise, and WPML for multilingual support. Hosting leverages CDN services for performance, and the site demonstrates good SEO and accessibility practices. Security posture is solid with HTTPS enforced and reCAPTCHA protecting forms, though explicit security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the site reflects a mature digital presence with good compliance to GDPR and privacy standards. The domain registration details align with the organization's identity, supporting legitimacy. The site is safe for general audiences and free from adult or questionable content. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining regular security audits to sustain trust and compliance.

A

AFS Intercultural Programs Philippines

afs.ph

60

AFS Intercultural Programs Philippines operates as a non-profit organization specializing in intercultural learning and study abroad programs primarily targeting secondary school students, families, and volunteers. The organization holds a strong market position as a leading provider of educational exchange opportunities in the Philippines, supported by scholarships, volunteer programs, and a global competence certificate. Their digital presence is professional, well-branded, and optimized for search engines, reflecting a mature and user-friendly website experience. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Google reCAPTCHA Enterprise, leveraging Amazon Cloudfront CDN for content delivery. The site demonstrates good mobile optimization, accessibility, and performance, although there is room for improvement in publishing explicit security policies and incident response information. From a security perspective, the site employs HTTPS with strong SSL configuration and security headers, uses reCAPTCHA to protect forms, and avoids exposing sensitive data. However, it lacks a dedicated security policy or vulnerability disclosure mechanism, which could enhance trust and compliance. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy, professionally managed, and secure, with minor gaps in security transparency. The domain registration data aligns well with the organization's identity, reinforcing legitimacy and credibility.

K

Krytoland.cz

krytoland.cz

59

Krytoland.cz is an established Czech e-commerce retailer specializing in mobile phone accessories including cases, tempered glass, and custom-designed products. The website offers a broad product catalog targeting consumers seeking affordable and customizable mobile accessories. Technically, the site employs modern web technologies such as jQuery, Font Awesome, Google Tag Manager, and tracking tools like Facebook Pixel and Smartlook, indicating a mature digital infrastructure. Security-wise, the site uses HTTPS and some security best practices but lacks comprehensive security headers and explicit privacy and cookie policies, which are critical for GDPR compliance and user trust. The absence of WHOIS data limits the ability to fully verify domain legitimacy, which slightly impacts business credibility. Overall, the site is functional, user-friendly, and safe for general audiences but would benefit from enhanced privacy compliance and clearer contact information.

Saint-Gobain Weber España operates as a leading provider of industrial mortars and construction solutions in Spain, specializing in products such as ceramic tile adhesives, thermal insulation systems (SATE), continuous flooring, and technical mortars. The company is part of the global Saint-Gobain group, which enhances its market position and trustworthiness. The website is professionally designed, content-rich, and targets construction professionals, architects, and contractors with comprehensive product information, tools, and services. Technically, the site is built on Drupal CMS, employs modern analytics and consent management tools, and is optimized for mobile and accessibility. Security posture is strong with HTTPS enforced and no evident vulnerabilities, though additional security headers could improve defenses. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. WHOIS data is privacy protected but domain registration details and website content align with a legitimate, active business. Overall, the site demonstrates a mature digital presence suitable for a large enterprise in the manufacturing and construction sector.

A

AFS Intercultural Programs

afs.org

68

AFS Intercultural Programs is a well-established international non-profit organization focused on intercultural learning and global citizenship development through exchange programs, education, volunteerism, and advocacy. The organization has a strong market position with a large global community and a comprehensive digital presence. The website is professionally designed, mobile-optimized, and SEO-friendly, leveraging modern technologies such as WordPress, Google Analytics, Hotjar, and Cloudflare CDN. Security posture is solid with HTTPS enforcement, reCAPTCHA integration, and cookie consent mechanisms, although some security headers could be explicitly implemented and DNSSEC enabled for enhanced protection. Privacy policies are comprehensive and GDPR compliant, reflecting a mature approach to data protection. Overall, the domain registration and WHOIS data confirm the legitimacy and trustworthiness of the organization.

CMS Legal Services EEIG operates an international law firm website focused on Germany, providing a wide range of legal and tax advisory services. The firm targets business clients requiring expertise in areas such as corporate law, banking, compliance, dispute resolution, and various industry sectors including automotive, energy, and healthcare. The website reflects a mature and professional market position with multiple offices in Germany and abroad, supporting a large enterprise scale. Technically, the website employs modern web technologies including Bootstrap for responsive design, Piwik PRO for analytics, and is hosted behind Cloudflare DNS services. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers and DNSSEC are not enabled, indicating room for improvement in security hardening. From a security perspective, the site uses HTTPS and has domain transfer protections in place, but lacks visible security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or blocking mechanisms were detected, and the domain WHOIS data aligns well with the business identity, supporting legitimacy. Overall, the website presents a trustworthy and professional digital presence for CMS Legal Services EEIG, with recommendations to enhance privacy compliance, security policies, and DNS security to further strengthen its posture.

S

Saint-Gobain España

saint-gobain.es

55

Saint-Gobain España operates as the Spanish branch of the global Saint-Gobain group, specializing in manufacturing and distributing construction materials and sustainable building solutions. The website reflects a mature enterprise with a strong focus on sustainability, innovation, and market leadership in Spain. The digital presence is professional, well-structured, and optimized for multiple devices, targeting construction professionals and stakeholders interested in sustainable construction. Technically, the website is built on Drupal 10, leveraging modern analytics and tracking tools such as Google Tag Manager and Microsoft Clarity. The site employs HTTPS and cookie consent mechanisms, indicating compliance with privacy regulations like GDPR. However, explicit security headers and a published security policy are absent, representing an area for improvement. Security posture is solid with no evident vulnerabilities or exposed sensitive data, but the lack of incident response contact information and vulnerability disclosure mechanisms suggests room for enhancement in security transparency and readiness. Overall, the website is trustworthy, with strong brand consistency and multiple trust signals including official social media accounts and comprehensive privacy policies. Recommendations include adding security headers, publishing a security policy and incident response contacts, and implementing a vulnerability disclosure program to further strengthen security posture and stakeholder trust.

R

Rigips GmbH

rigips.de

62

Rigips GmbH is a leading German manufacturer specializing in sustainable drywall and building materials for walls, ceilings, floors, and facades. As part of the Saint-Gobain group, it holds a strong market position with a comprehensive product portfolio and a focus on environmentally friendly construction solutions. The website targets construction professionals, architects, and distributors, providing product information, technical downloads, and a dealer locator. Technically, the site is built on Drupal 10, employs modern tracking and consent tools, and is hosted on reliable infrastructure. Security posture is strong with HTTPS, security headers, and no exposed vulnerabilities detected. Privacy compliance is well addressed with detailed policies and consent mechanisms. Overall, the site demonstrates good digital maturity, professional design, and trustworthy business representation.

Weber Vietnam is a subsidiary of the global Saint-Gobain group, specializing in manufacturing and distributing tile adhesives, grouts, waterproofing products, and silicone sealants. The company holds a leading market position in Vietnam and globally, serving construction professionals and consumers with a comprehensive product range and technical support. The website is professionally designed, content-rich, and well-branded, reflecting the company's strong market presence and parent company association. Technically, the website is built on Drupal CMS with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools including Google Tag Manager, Facebook Pixel, TikTok Pixel, and Microsoft Clarity. The site is mobile-optimized and accessible, with good SEO practices. However, some security headers are missing, and there is no explicit cookie consent mechanism despite cookie policy presence. Security posture is good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The WHOIS data is unavailable, likely due to privacy protection, but the website's legitimacy is supported by consistent branding and structured data linking to Saint-Gobain. No signs of phishing or malware were detected. Overall, the website presents a low risk profile with strong business credibility and technical maturity. Strategic improvements could focus on enhancing security headers, implementing explicit cookie consent, and publishing a dedicated security policy or incident response page.

R

ROXY

roxy.cz

42

ROXY Prague is a well-established entertainment venue specializing in concerts, DJ events, and cultural activities since 1992. The website effectively showcases upcoming events, integrates multiple social media platforms, and provides a merchandise shop, targeting music and nightlife enthusiasts primarily in the Czech Republic. Technically, the site uses a modern JavaScript stack including jQuery, Google Analytics, Facebook Pixel, and asynchronous loading of Vue.js and Moment.js, indicating a moderate level of digital maturity. However, the absence of explicit privacy and cookie policies and lack of visible security headers highlight compliance and security gaps. The WHOIS data confirms the domain's legitimacy and long-term presence, supporting business credibility. Overall, the site is functional and professional but requires improvements in privacy compliance and security hardening.

L

Lady Virtual

ladyvirtual.cz

44

Lady Virtual is a small Czech-based SEO consultancy led by Michaela Matanelli, specializing in SEO, linkbuilding, copywriting, and keyword analysis with over 15 years of experience. The website presents a professional image with clear service offerings, client testimonials, and certifications such as Google Analytics Individual Qualification. Technically, the site is built on WordPress with modern plugins and tracking tools, including Google Tag Manager and Smartlook, and implements GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS enforced and consent-based data collection, though some security headers could be improved. The absence of WHOIS data suggests privacy protection, which is typical for small consultancies. Overall, the site is trustworthy, well-structured, and compliant with privacy regulations.

F

FABAS LUCE S.P.A.

fabasluce.it

53

Fabas Luce S.p.a. is an established Italian manufacturer specializing in decorative and technical lighting solutions, serving primarily specialized retailers and professional clients. The company offers a broad product portfolio including modular lighting systems, architectural lighting, and naval lighting, complemented by a commitment to sustainability through photovoltaic energy production. Their market position is supported by a long domain history dating back to 1999 and a professional digital presence. Technically, the website employs modern JavaScript frameworks and asynchronous loading techniques, integrating third-party services such as YouTube and Google Tag Manager for analytics and media. The site is mobile-optimized with good navigation and design quality, though some SEO and accessibility features could be enhanced. Hosting and CMS details are not explicitly identified. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks advanced security headers and DNSSEC. There is no visible cookie consent mechanism or comprehensive privacy policy addressing GDPR compliance, which represents a compliance gap. Incident response and security policies are not published, limiting transparency. Overall, the website is professional and trustworthy with moderate technical and security maturity. Strategic improvements in privacy compliance, security headers, and DNS security would enhance the security posture and regulatory adherence, reducing risk and improving user trust.

D

Dansk Offshore

danskoffshore.dk

50

Dansk Offshore is a Danish industry association focused on the offshore energy sector, including oil, gas, and renewable offshore activities. The organization provides knowledge sharing, advocacy, and networking services to companies and professionals within this sector. The website reflects a professional and consistent brand presence, targeting industry stakeholders in Denmark. The business model centers on membership and industry collaboration, positioning Dansk Offshore as a key player in the Danish offshore energy market. Technically, the website is built on WordPress and leverages common web technologies such as Google Analytics for tracking and Video.js for media playback. Hosting is provided by Simply.com, and the site uses HTTPS with a good SSL configuration. The site is mobile-optimized and offers a moderate performance profile. Privacy compliance is well addressed with GDPR-compliant privacy and cookie policies, including a consent mechanism. From a security perspective, the site implements standard security headers and enforces HTTPS, but lacks DNSSEC and a published security.txt file. No explicit incident response or security policy pages are found, which could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the security posture is solid but could benefit from enhancements in DNS security and transparency around vulnerability disclosure. The overall risk assessment is low, with the site demonstrating good business credibility, privacy compliance, and technical implementation. Strategic recommendations include enabling DNSSEC, publishing a security.txt file, and enhancing security policy transparency to further strengthen trust and security culture.

P

Pumpkin TD | Official website of the known Warcraft III Map

pumpkintd.com

52

Pumpkin TD is a fan-made custom tower defense map for Warcraft III, offering players a strategic and engaging gameplay experience. The website serves as the official hub for downloads, community engagement via Discord, and support through Patreon. It features rich multimedia content including video guides and changelogs, targeting Warcraft III players and tower defense enthusiasts. The business model is primarily community-driven with free distribution and optional supporter contributions. Technically, the website is built using modern web technologies including HTML5, CSS3, JavaScript, and integrates third-party services such as YouTube IFrame API, Google Tag Manager, and Redistats for analytics. The site is mobile-optimized, accessible, and performs well with fast loading times. However, it lacks some security headers and formal privacy or cookie policies. From a security perspective, the site enforces HTTPS and implements good practices such as ARIA labels and keyboard navigation support. No forms collect sensitive data, reducing risk exposure. However, the absence of privacy and cookie policies, security headers, and incident response contacts indicates areas for improvement. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the active and professional website presence. Overall, Pumpkin TD's website is a well-designed, content-rich platform with strong community engagement but requires enhancements in privacy compliance, security headers, and domain registration transparency to improve trust and security posture.

S

Sønderborg Kommune

sonderborg.dk

67

Sønderborg Kommune operates an official municipal website providing comprehensive information on culture, jobs, newcomer services, youth programs, and business opportunities within the Sonderborg region of Denmark. The website serves as a key digital portal for residents and visitors, positioning itself as a trusted source of local government information and community engagement. The business model is focused on public service and community support, with a medium-sized organizational footprint consistent with municipal operations. Technically, the website is built on WordPress using the Divi theme, integrating modern web technologies such as jQuery, Matomo analytics for privacy-conscious tracking, and Cookiebot for cookie consent management. The site demonstrates good SEO practices and mobile optimization, though accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks advanced security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The domain registration is consistent and longstanding, reinforcing trustworthiness. Overall, the website presents a professional and credible digital presence for the municipality, with recommendations to enhance security posture by enabling DNSSEC, adding security headers, and publishing security and vulnerability disclosure policies to further strengthen trust and compliance.

T

timeacle GmbH & Co. KG

timeacle.com

68

timeacle GmbH & Co. KG operates a professional SaaS platform specializing in digital appointment booking and call-up systems, targeting sectors such as healthcare, banking, and public services. The company offers a modular system with a full version and enterprise modules, emphasizing customer convenience through mobile notifications and queue management. The website reflects a mature business with a domain age since 2012 and consistent branding. Technically, the site uses modern frontend technologies including Vue.js and Vuetify, ensuring a responsive and user-friendly experience. Security posture is good with HTTPS and GDPR compliance, though formal security policies and incident response information are not publicly available. Overall, the website is professional, trustworthy, and well-optimized for its target audience.

E

European Southern Observatory

eso.org

65

The European Southern Observatory (ESO) is a leading intergovernmental organization dedicated to astronomical research and the operation of world-class ground-based observatories in the Southern Hemisphere. The website serves as a comprehensive portal for scientific discoveries, public outreach, educational resources, and detailed information about ESO's telescopes and instruments. It targets a broad audience including researchers, educators, students, and astronomy enthusiasts worldwide. The business model is non-profit and government-oriented, focusing on advancing astronomy and related technologies. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, jQuery, and integrates Matomo analytics for privacy-conscious visitor tracking. It is hosted on CDN77, ensuring fast content delivery and good performance. The site is mobile-optimized, accessible, and SEO-friendly, with clear navigation and multilingual support. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and implements cookie consent mechanisms aligned with GDPR. While explicit security headers like Content-Security-Policy are not confirmed, best practices are largely followed. No vulnerabilities or exposed sensitive data were detected. However, the absence of a public security policy or vulnerability disclosure program is noted. Overall, the website presents a low-risk profile with strong trust indicators and professional content. The lack of WHOIS data limits domain registration insights but does not detract from the site's legitimacy. Strategic recommendations include enhancing security header implementation, publishing a security policy, and establishing a vulnerability disclosure channel to further strengthen trust and compliance.

S

State Portal Mecklenburg-Vorpommern

sea-your-future.de

49

The website www.sea-your-future.de serves as an official educational portal promoting university studies in Mecklenburg-Vorpommern, Germany. It is operated by the State Portal Mecklenburg-Vorpommern and targets prospective students, especially international ones, offering comprehensive information about study programs, universities, and regional advantages. The portal integrates official university partners and provides resources such as study course search and news about academic prizes. Technically, the site is built on TYPO3 CMS with modern web technologies including jQuery, Typekit fonts, and embedded video content. It features a cookie consent mechanism compliant with GDPR and uses email obfuscation techniques to protect contact information. Security posture is moderate with HTTPS usage and cookie consent but lacks visible security headers and explicit security policies. Overall, the site is professional, trustworthy, and well-structured, with good content quality and user experience.

A

Alan Hržica

alanhrzica.com

10

Alan Hržica is a recognized Croatian Christian musician with a professional online presence promoting his music albums, concerts, and videos. The website serves as a personal branding platform targeting Croatian-speaking audiences interested in spiritual and religious music. The site is built on WordPress using the Salient theme and WPBakery Page Builder, with a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced DNS security and security headers. Privacy compliance is addressed with a cookie consent banner and a basic cookie policy page, though no privacy policy or terms of service are explicitly found. Contact information is limited to social media links without direct emails or phone numbers. Overall, the website is professional and trustworthy but could improve security and compliance documentation.

L

Landesportal Mecklenburg-Vorpommern

studieren-mit-meerwert.de

47

The website 'Studieren mit Meerwert' serves as a comprehensive regional education portal promoting universities and study programs in Mecklenburg-Vorpommern, Germany. It targets prospective and current students, including international visitors, by providing detailed information about study opportunities, campus life, and career prospects. The platform is operated under the Landesportal Mecklenburg-Vorpommern, reflecting a public sector educational initiative with a strong regional focus. Technically, the site is built on TYPO3 CMS and employs modern web technologies such as jQuery, YouTube iframe API, and Typekit fonts. It features a responsive design with good accessibility and SEO practices. Cookie consent is implemented with an opt-in mechanism, ensuring GDPR compliance. The site integrates social media channels and interactive elements like study program search and multimedia galleries. From a security perspective, the website uses HTTPS and obfuscates email addresses to prevent spam. However, it lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or malicious content were detected. The WHOIS data aligns with the website's regional educational purpose, showing consistent domain usage and hosting. Overall, the website demonstrates a high level of professionalism, content quality, and user experience, with minor recommendations to enhance security headers and publish vulnerability disclosure information.

L

Lemon Chili Games

superfarmingboy.com

56

Super Farming Boy is an indie game developed by Lemon Chili Games, offering a unique blend of action, puzzle, and farming simulation gameplay. The business targets casual and indie gamers across multiple platforms including Steam, Epic Games Store, Xbox, Android, and Nintendo Switch. The website serves as the official promotional and informational hub, providing demos, purchase links, and company contact information. Technically, the website is built on the Readymag platform, leveraging modern web technologies and standard marketing analytics tools. Security posture is solid with HTTPS enforced and domain protections in place, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of use, but lacks a cookie consent mechanism. Overall, the website is professional, trustworthy, and well-aligned with the business's indie game market presence.

N

Nutricia

dieta-ketogenna.pl

70

Dieta-ketogenna.pl is a professionally maintained website focused on providing educational content and support related to the ketogenic diet as a therapeutic method, primarily for treatment-resistant epilepsy and other medical conditions. The site is operated under the Nutricia brand, a recognized name in medical nutrition. The website offers comprehensive information, patient testimonials, and resources, targeting patients, caregivers, and healthcare professionals in Poland. Technically, the site is built on WordPress with modern JavaScript frameworks and integrates monitoring tools such as New Relic and Google Tag Manager, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The domain registration is consistent with the business profile, showing a stable and legitimate online presence. Overall, the site demonstrates a good balance of content quality, technical implementation, and privacy compliance, making it a trustworthy resource in its niche.

D

DefleMask

deflemask.com

50

DefleMask is a specialized software company offering a cross-platform chiptune music tracker that supports multiple retro gaming systems. The product is targeted at musicians, game developers, and enthusiasts of retro game music, providing real-time soundchip emulation and multi-format export capabilities. The company maintains an active community and distributes the app across major platforms including Windows, macOS, Linux, iOS, Android, and Raspberry Pi. The website is professionally designed using WordPress and Elementor, with good content quality and user experience. However, the absence of privacy and cookie policies, as well as missing WHOIS data, slightly detracts from overall trust. Security posture is moderate with HTTPS enabled but lacking explicit security headers and policies.

M

Městské sportovní centrum Hořovice příspěvková organizace města Hořovice

bazenhorovice.cz

43

Bazén Hořovice is a municipal swimming pool and aquapark facility operated by the Městské sportovní centrum Hořovice, a city sports organization in the Czech Republic. The website provides comprehensive information about the indoor swimming pool, summer aquapark, services such as refreshments, gym access, and specialized massages. It targets local residents and visitors seeking recreational aquatic activities. The business operates as a public service entity with a local government affiliation, emphasizing community engagement and leisure services. Technically, the website is built on WordPress CMS, utilizing plugins like Smart Slider 3 and integrating YouTube videos for enhanced user experience. The site is hosted by hosting-profi.cz and demonstrates moderate performance with good mobile optimization. SEO and accessibility are basic but functional. The cookie consent mechanism complies with GDPR requirements, although privacy and terms of service policies are missing. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks advanced security headers and published security policies or incident response contacts. No vulnerabilities or suspicious activities were detected. The WHOIS data confirms domain legitimacy with consistent registration details and appropriate domain age. Overall, the website is a trustworthy, well-maintained municipal service portal with room for improvement in privacy compliance and security hardening. Strategic recommendations include publishing privacy and terms policies, enhancing security headers, and improving accessibility features.

B

Baker Hughes

bakerhughes.com

77

Baker Hughes is a leading energy technology company focused on advancing safer, cleaner, and more efficient energy solutions globally. The company offers a broad portfolio of services and technologies including energy transition, hydrogen technologies, geothermal solutions, carbon capture, emissions abatement, remote operations, AI-driven energy operations, liquefied natural gas, industrial technology, and mature asset solutions. Their market position is that of a large, established enterprise headquartered in the United States, serving energy industry professionals and partners worldwide. Technically, the website is built on Drupal CMS with modern JavaScript integrations, including analytics and consent management tools, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit security policies and incident response information are not publicly detailed. Overall, the website presents a professional, trustworthy, and well-structured digital presence aligned with enterprise standards.

F

Fianona

fianona.hr

41

Fianona.hr is the website of a Croatian restaurant specializing in Italian cuisine, primarily pizza, operating under the hospitality industry. The business appears to be a small, local restaurant established in 2007, with a consistent brand presence and a website built on WordPress using the Elementor page builder. The site offers online booking capabilities and includes a cookie consent mechanism, indicating some awareness of GDPR compliance. However, explicit privacy policies and terms of service are not found, which could be improved for better compliance and user trust. Technically, the website uses modern web technologies including WordPress, Elementor, jQuery, and YouTube iframe API for embedded videos. The site is served over HTTPS with a valid SSL certificate, but lacks advanced security headers which are recommended to enhance security posture. Performance is moderate with good mobile optimization and basic accessibility features. SEO optimization is basic but present. From a security perspective, the site benefits from HTTPS and cookie consent but lacks visible security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is consistent with the business location and domain age, supporting legitimacy. Overall, the site is moderately secure but could benefit from enhanced security headers and clearer privacy documentation. The overall risk is low to moderate, with recommendations to implement comprehensive privacy and security policies, add security headers, and provide clear contact information for incident response. These steps will improve compliance, user trust, and security resilience.

A

Activia

activia.nl

46

Activia.nl is the official Dutch website for the Activia brand, a well-known consumer packaged goods company specializing in probiotic yogurt products. The site targets general consumers interested in health and wellness, providing product information, engaging content such as podcasts, and brand stories. The website is part of the Danone group, a global leader in dairy and nutrition products, which adds to its market credibility and positioning. Technically, the website is built using modern web technologies including React and Gatsby, ensuring fast performance and good mobile optimization. It integrates standard analytics and marketing tools such as Google Analytics, Google Tag Manager, and TrustCommander for cookie consent management. The site demonstrates good SEO practices and basic accessibility features, although there is room for improvement in accessibility. From a security perspective, the site uses HTTPS with excellent SSL configuration and implements cookie consent mechanisms aligned with GDPR requirements. However, it lacks explicit security policies and incident response information, which could be enhanced to improve transparency and trust. No critical vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, Activia.nl presents a professional, trustworthy, and user-friendly online presence consistent with a large retail brand. Strategic recommendations include publishing dedicated security and incident response policies, enhancing security headers, and maintaining regular audits of third-party scripts to sustain a strong security posture.

L

Landesportal Mecklenburg-Vorpommern

mv-tut-gut.de

44

The website www.mv-tut-gut.de is the official Landesportal (state portal) for Mecklenburg-Vorpommern, Germany. It serves as a comprehensive information hub presenting the state's strengths in economy, education, culture, tourism, and government services. The portal targets a broad audience including residents, visitors, and businesses, providing access to various official partner portals and service platforms. The content is professionally curated with multimedia elements, event calendars, and regional news, reflecting a mature and well-established digital presence. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies such as jQuery, YouTube APIs, and Typekit fonts. It implements a cookie consent mechanism with opt-in for web analytics, indicating good privacy awareness. The site is mobile optimized and accessible, with clear navigation and consistent branding. Performance is moderate, suitable for a content-rich government portal. From a security perspective, the site uses HTTPS with strong SSL configuration and employs spam-protection techniques for email addresses. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not published, representing areas for improvement. No critical vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. It is a reliable digital asset for the Mecklenburg-Vorpommern government, though enhancing transparency around security policies and incident handling would strengthen its security posture further.

W

WVRC Video

wvrcvideo.com

51

WVRC Video is a small, award-winning media company specializing in professional video production services including corporate videos, commercials, and promotional videos. The company emphasizes storytelling and client collaboration to deliver high-quality, customized video content. The website reflects a consistent brand identity and provides clear contact information, client testimonials, and service descriptions, positioning WVRC Video as a credible player in the media production sector. Technically, the site is built on WordPress with modern plugins and APIs, hosted by A2 Hosting, and shows moderate performance and mobile optimization. Security posture is adequate with HTTPS and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but could improve in privacy and security transparency.

C

Chevrolet Canada

chevrolet.ca

67

Chevrolet Canada operates a comprehensive and professionally designed website serving as the official Canadian portal for Chevrolet vehicles. The site offers detailed product information, promotional offers, build and price tools, and dealer locator services, targeting Canadian consumers interested in Chevrolet's automotive lineup. The business is a subsidiary of General Motors Canada Corporation, reflecting a strong market position in the automotive transportation sector. The website demonstrates a mature digital infrastructure leveraging Adobe Experience Manager CMS and a robust marketing and analytics technology stack including Adobe Launch, Google Tag Manager, Facebook Pixel, and Datadog RUM. Privacy and cookie consent mechanisms are well implemented, reflecting compliance with GDPR and Canadian privacy standards. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, professional, and well-optimized for performance and user experience.

S

SiteGround

siteground.eu

72

SiteGround is a large, established web hosting provider offering services to over 3 million domains globally. Their business model focuses on providing ultrafast, secure, and reliable web hosting solutions with 24/7 expert support. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to website owners and developers. Technically, the site uses modern JavaScript libraries, Google Tag Manager, Cookiebot for GDPR compliance, and integrates with trusted third-party services such as Stripe for payments and Typeform for forms. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and policies could be improved. Overall, the website demonstrates a high level of professionalism and trustworthiness consistent with a major technology company.

A

Agencija za mobilnost i programe Europske unije

europskesnagesolidarnosti.hr

52

The website www.europskesnagesolidarnosti.hr serves as the official Croatian portal for the European Solidarity Corps (Europske Snage Solidarnosti), an EU program aimed at fostering solidarity through volunteering and community projects. Managed by the Agencija za mobilnost i programe Europske unije, the site provides comprehensive information, support, and resources for youth and organizations engaged in solidarity activities. It holds a strong market position as a government-backed platform promoting EU initiatives in Croatia. Technically, the website employs modern web technologies including Google Analytics, YouTube API, and a custom CMS. It is hosted by a Croatian registrar and uses HTTPS with good performance and accessibility features. The site is mobile optimized and SEO friendly, with structured data enhancing search visibility. From a security perspective, the site enforces HTTPS and implements cookie consent and accessibility options, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or suspicious content were detected. WHOIS data confirms domain legitimacy and consistency with the business entity. Overall, the website is professional, trustworthy, and well-aligned with its mission. Strategic improvements could focus on enhancing security headers, publishing security policies, and expanding incident response transparency to further strengthen trust and compliance.

B

Basketballverse

basketballverse.gg

9

Basketballverse is a niche technology company operating in the gaming and crypto space, offering a real-time free-to-play arcade basketball game enhanced with digital assets and community features. The platform targets basketball enthusiasts, gamers, and crypto users, providing engaging gameplay, digital collectibles, and interactive content such as podcasts and Q&A sessions. The business model leverages free access with optional digital asset ownership to enhance user experience and generate revenue. Technically, the website is built on modern frameworks like Next.js and React, with asynchronous loading of scripts and integration of YouTube APIs for multimedia content. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, with room for improvement in loading speed and accessibility. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data but lacks important security headers and explicit privacy and cookie policies, which are critical for compliance and user trust. No vulnerability disclosures or incident response information are provided, indicating a gap in security transparency. Overall, Basketballverse presents a professional and engaging platform with moderate security posture and compliance gaps. Strategic improvements in privacy compliance, security headers, and incident response readiness are recommended to enhance trust and regulatory adherence.

M

Matima Studio

matima-studio.com

49

Matima Studio is a small game development company specializing in rhythm-based first-person shooter games, notably 'Tempo Punk'. The company benefits from EU funding and participation in the GameTech accelerator program, positioning itself in a niche market of rhythm shooters. Their website is professionally designed using WordPress and Elementor, showcasing their game and social media presence. Technically, the site uses modern web technologies and is hosted by a reputable provider, with HTTPS enabled and a moderate performance profile. However, the site lacks explicit privacy and cookie policies, security headers, and vulnerability disclosure information, which are areas for improvement. Overall, the security posture is moderate with no critical vulnerabilities detected, but enhancements in DNS security and security headers are recommended. The website content is safe for general audiences and well-aligned with the company's business focus.

4

404 Agency

404.agency

10

404 Agency is a Croatian digital agency specializing in solving communication challenges for businesses in the digital age. The company offers services including communication strategy, digital marketing, and creative campaigns, targeting businesses seeking to enhance their digital presence. The website demonstrates a professional and modern design with clear navigation and mobile optimization, reflecting a mature digital infrastructure. The technical stack includes modern analytics tools such as Amplitude and Google Tag Manager, supporting data-driven marketing efforts. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though additional security headers and published security policies could enhance trust. The absence of WHOIS data suggests privacy protection, common for agencies, and does not detract from the legitimacy of the business. Overall, the site is trustworthy, compliant with GDPR, and well-positioned in its market niche.

N

Nanobit

nanobit.com

50

Nanobit is a well-established technology company specializing in game development, with a domain age of over 23 years reflecting its long-standing market presence. The company targets gamers and potential employees, offering a portfolio of games and career opportunities. The website is professionally designed using modern technologies such as Angular and Bootstrap, providing a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS enforced and domain protections in place, though improvements can be made by enabling DNSSEC and publishing explicit security policies. Privacy compliance is addressed with a cookie consent mechanism and accessible privacy and terms of service pages. Overall, the website demonstrates high business credibility and trustworthiness with strong social media presence and consistent branding.

B

Belka Games

belka-games.com

64

Belka Games is a well-established company specializing in the development and promotion of social and mobile games since 2010. With a large team of over 300 professionals, they focus on creating games with high average revenue per user (ARPU) and strong player retention. The company holds a strong market position as one of the top 20 highest-grossing companies in the EU gaming sector according to data.ai. Their website reflects a professional and modern digital presence, showcasing their games, career opportunities, and company news. Technically, the site uses modern frameworks such as Next.js and React, integrates Google Analytics for tracking, and implements cookie consent mechanisms to comply with privacy regulations. Security-wise, the domain is securely registered with GoDaddy and employs HTTPS, though DNSSEC is not enabled. Privacy policies and terms of service are comprehensive and easily accessible, indicating good compliance practices.

G

Guerrilla Games

guerrilla-games.com

68

Guerrilla Games is a well-established video game development studio based in Amsterdam, founded in 2000 and known for major franchises such as Killzone and Horizon. The company operates under Sony Interactive Entertainment Europe, positioning itself as a leading European game developer with a strong brand presence and professional digital footprint. The website reflects a mature business with excellent design, clear navigation, and comprehensive content tailored to gamers, industry professionals, and potential employees. Technically, the site employs modern web technologies including Google Analytics, Google Tag Manager, and video embedding services, with a strong emphasis on user privacy through cookie consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security headers and incident response information suggests room for improvement. The WHOIS data is unavailable, which is unusual but does not detract significantly from the site's legitimacy given the professional presentation and consistent branding. Overall, the website demonstrates a high level of digital maturity and business credibility.

D

DICE Studios

dice.se

66

DICE Studios is a Swedish-based game development company with a professional online presence hosted on the Squarespace platform. The website focuses on showcasing the company's identity, career opportunities, games, and playtesting activities, targeting gamers and industry professionals. The technical infrastructure leverages modern web technologies including HTTPS, HSTS, and popular font services, ensuring a secure and visually appealing user experience. However, the site lacks explicit privacy, cookie, and terms of service policies, which are critical for compliance and user trust. Security posture is strong in terms of transport security but could be enhanced with additional HTTP headers and incident response contact information. Overall, the website is legitimate and professionally maintained but would benefit from improved privacy compliance and transparency.

L

Lexicon

lexiconpro.com

68

Lexicon is a well-established brand specializing in professional audio reverb and effects products, offering both hardware processors and software plugins. The company operates under the HARMAN Professional Solutions umbrella, which enhances its market credibility and reach. The website targets audio professionals and enthusiasts, providing detailed product information, support resources, and training materials. The brand maintains a consistent and professional online presence with clear navigation and comprehensive content. Technically, the website uses a modern tech stack including jQuery, Foundation framework, and integrates Google Analytics and HubSpot for marketing and analytics. Hosting is on AWS infrastructure, ensuring reliable performance. Security posture is solid with HTTPS enforced and CSRF protections, though DNSSEC is not enabled and some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Overall, the site is trustworthy, professional, and well-maintained, supporting Lexicon's position as a leader in audio effects technology.

D

dbx

dbxpro.com

68

dbx is a well-established professional audio brand specializing in modular processors, loudspeaker management, and audio accessories. The company operates under the Harman Professional Solutions umbrella, leveraging a strong market position and a legacy dating back to 1995. Their website reflects a mature business with a clear focus on audio professionals and businesses requiring high-quality audio equipment. The product range includes the 500 Series modular processors and DriveRack loudspeaker management systems, supported by comprehensive multimedia content and customer engagement channels. Technically, the website employs a modern technology stack including jQuery, Google Analytics, and HubSpot marketing tools, hosted on AWS infrastructure. The site is mobile-optimized with good SEO and accessibility features, providing a positive user experience. Security practices include HTTPS enforcement, CSRF protection, and domain transfer restrictions, although there is room for improvement in DNSSEC and HTTP security headers. From a security perspective, the site shows a solid posture with no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy or incident response contact limits transparency. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR considerations. The domain WHOIS data aligns with the brand's history and legitimacy, reinforcing trustworthiness. Overall, dbx.com represents a professional, secure, and compliant online presence for a reputable audio technology company. Strategic enhancements in security transparency and DNS security could further strengthen their posture.

A

Aetna

myplanportal.com

74

Aetna is a major US-based health insurance provider offering a broad range of insurance products including health, dental, vision, Medicare, Medicaid, and pharmacy plans. The company targets individuals, families, employers, healthcare providers, and insurance agents/brokers. As a subsidiary of CVS Health, Aetna holds a strong market position with an enterprise-scale operation. The website reflects a mature digital presence with comprehensive content, clear navigation, and multiple user portals for different customer segments. Technically, the website is built on Adobe Experience Manager CMS and leverages Adobe Launch for tag management, Qualtrics for user feedback, and Boomerang for performance monitoring. The site is well-optimized for mobile and accessibility, with good SEO practices and modern web technologies. Hosting and CDN appear to be provided by Akamai, ensuring reliable delivery. From a security perspective, the site enforces HTTPS, implements security headers such as CSP and HSTS, and uses cookie consent mechanisms compliant with GDPR. No obvious vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not publicly detailed, and no vulnerability disclosure program is evident. Overall, the website is professional, trustworthy, and secure, supporting Aetna's reputation as a leading healthcare insurer. The lack of public WHOIS data is consistent with privacy protection practices common for large enterprises. Strategic recommendations include publishing detailed security and incident response policies, establishing a vulnerability disclosure program, and enhancing transparency on data retention and DPO contacts.

O

O'Neal Comprehensive Cancer Center

onealcanceruab.org

56

The O'Neal Comprehensive Cancer Center at the University of Alabama at Birmingham (UAB) is Alabama's sole National Cancer Institute-designated comprehensive cancer center. It provides advanced, personalized cancer care, cutting-edge research, education, and community outreach services. The center serves patients, caregivers, medical professionals, and researchers primarily in Alabama and surrounding regions. The website reflects a well-established healthcare institution with strong branding and trust signals, including social media presence and institutional affiliations. Technically, the website is built on WordPress with modern SEO and analytics tools such as Yoast SEO, Google Analytics, and Facebook Pixel. It demonstrates good mobile optimization and accessibility, though some security headers are not explicitly detected. The site uses HTTPS and includes cookie consent mechanisms, indicating a good privacy posture. Security-wise, the site shows no critical vulnerabilities or exposed sensitive data. However, it lacks visible security policies or incident response information, and WHOIS data is unavailable due to malformed responses, which slightly impacts trust analysis. Despite this, the institutional affiliation and content quality strongly support legitimacy. Overall, the website is professional, secure, and compliant with privacy standards, serving as a reliable resource for cancer patients and professionals. Strategic improvements include enhancing security header implementation and publishing explicit security and incident response policies.