Security Directory

M

Mandai Park Holdings Pte. Ltd.

mandai.com

71

Mandai Wildlife Reserve is a prominent wildlife and nature destination in Singapore, operated by Mandai Park Holdings Pte. Ltd., a subsidiary of Temasek Holdings. The organization manages multiple wildlife parks and offers diverse services including ticketing, memberships, educational programs, event venues, and accommodations. The website reflects a strong market position with a focus on family and wildlife enthusiasts, supported by comprehensive content and consistent branding. Technically, the site is built on Adobe Experience Manager with modern analytics and marketing tools integrated, providing a good user experience with mobile optimization and accessibility considerations. Security posture is strong with HTTPS, security headers, and secure forms, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though the lack of WHOIS data slightly reduces domain trust. Strategic recommendations include enhancing security transparency and vulnerability disclosure mechanisms.

C

card complete Service Bank AG

cardcomplete.com

73

card complete Service Bank AG is a leading Austrian financial services provider specializing in credit cards, prepaid cards, and comprehensive payment solutions for private and corporate customers. The company positions itself as a fully integrated card service provider, managing everything from product development to acceptance devices and transaction processing. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive service information targeted primarily at Austrian customers. Technically, the site employs modern web technologies including Google Tag Manager, Cookiebot for consent management, and ReadSpeaker for accessibility enhancements. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Security-wise, the site enforces HTTPS, uses CSRF protection cookies, and provides a detailed cookie consent mechanism aligned with GDPR requirements. However, no explicit security policy or incident response contact is publicly available. The absence of WHOIS registration data is a notable anomaly that slightly reduces trustworthiness, though the website content and branding strongly indicate a legitimate business. Overall, the site scores well on content quality, technical implementation, and privacy compliance, with room for improvement in business credibility and transparency of security policies.

Connex Marketing GmbH operates a well-established online platform specializing in gift vouchers and hotel bookings across Europe. With over 35 years of experience, the company targets consumers seeking convenient holiday voucher solutions. The website demonstrates a professional design with good content quality and strong accessibility features, including a comprehensive accessibility tool supporting various user needs. Technically, the site uses modern frameworks like Bootstrap and integrates Google Tag Manager for analytics, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS usage and no visible vulnerabilities, though the absence of security headers and a published security policy suggests room for improvement. The missing WHOIS data for the domain raises concerns about domain registration transparency, impacting trustworthiness. Overall, the business appears credible and professional, with clear contact information and privacy compliance mechanisms in place.

T

The Smurfs' Society

thesmurfssociety.com

61

The Smurfs' Society is a niche Web3 project focused on delivering an immersive, fully on-chain NFT and gaming experience centered around the Smurfs brand. The platform targets Web3 enthusiasts and NFT collectors, offering a custom marketplace, gaming utilities, and community engagement. The website is professionally designed using modern frameworks such as Nuxt.js and Vue.js, hosted on Cloudflare infrastructure, and integrates analytics and cookie consent mechanisms to ensure compliance and performance. Security posture is strong with HTTPS enforcement and standard security headers, though improvements like DNSSEC and a formal security policy could enhance trust further. Overall, the project presents a credible and well-executed Web3 business with a clear market position and consistent branding.

C

Cley Spy

cleyspy.co.uk

58

Cley Spy is a small UK-based retailer specializing in the sale of premium binoculars, telescopes, and outdoor equipment. The company targets outdoor enthusiasts and nature observers, offering both new and used products from well-known brands such as Swarovski, Leica, and Zeiss. The website serves as both an online store and a point of information for customers interested in quality optical gear. Technically, the site is built on WordPress with WooCommerce, integrating Google Analytics and Google Tag Manager for tracking, and Cookiebot for cookie consent management. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features are basic. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms, but lacks some advanced security headers and a published security policy or vulnerability disclosure mechanism. The domain WHOIS data is unavailable due to a registration error indicating the domain name violates Nominet UK naming rules, which raises concerns about domain legitimacy despite the professional website content. Overall, the site is functional and professional but would benefit from improved transparency and domain registration clarity.

S

Swarovski Optik

swarovskioptik.com

69

Swarovski Optik is a premium Austrian manufacturer specializing in high-quality rifle scopes, binoculars, spotting scopes, and tripods, targeting hunting, birding, and outdoor enthusiasts globally. The company maintains a strong market position as a premium optics brand with a comprehensive product portfolio and a well-established dealer network. The website reflects a mature digital presence with modern technologies such as React, Commercetools e-commerce platform, and integrated payment solutions like Adyen. Privacy and cookie compliance are well implemented with Usercentrics consent management. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. However, WHOIS data is unavailable, which slightly impacts trust but is mitigated by other trust signals and brand recognition.

B

Birding Ecotours

birdingecotours.com

63

Birding Ecotours is a specialized tour operator offering small group and custom birding adventures worldwide. The company targets birding enthusiasts and eco-tourists with a comprehensive portfolio of tours categorized by destination, date, and style. The website is professionally designed using WordPress with modern plugins and SEO optimizations, providing an excellent user experience and clear navigation. Technical infrastructure includes Google Analytics, Google Tag Manager, and Smart Slider 3 for rich media presentation. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though no explicit security policy or incident response information is published. The absence of WHOIS data raises some concerns about domain legitimacy, but the professional web presence and content quality suggest a legitimate business. Contact is primarily via web forms, with no direct emails or phone numbers publicly listed. Overall, the site is secure, privacy-conscious, and well-structured, but domain registration verification is recommended.

I

Institut F2I

institut-f2i.fr

59

Institut F2I is a private educational institution based in France specializing in post-baccalaureate education in information technology, digital technologies, and commerce. Founded in 2012, it offers courses from BAC to BAC+5 levels, including initial and alternating (work-study) programs. The institution targets students and professionals seeking specialized education in these sectors. The website reflects a focused educational business model with consistent branding and relevant content tailored to its audience. Technically, the website is built on WordPress CMS using modern libraries such as Bootstrap, jQuery, and Swiper, hosted by OVH. It employs Google Tag Manager and Google Analytics for tracking and marketing purposes, alongside reCAPTCHA for bot protection. The site demonstrates moderate performance and good mobile optimization but lacks advanced accessibility features. Security-wise, the website uses HTTPS with a good SSL configuration and some best practices like reCAPTCHA; however, it lacks security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies despite the presence of cookie consent SDK. Overall, the website is professional and credible but requires improvements in privacy disclosures and security hardening to enhance trust and compliance.

A

Arcus Foundation

stateoftheapes.com

58

State of the Apes is a non-profit publication initiative under the Arcus Foundation, focusing on the conservation of great apes and gibbons by examining the impact of human development activities. The website serves as a resource hub offering downloadable chapters, video interviews, and research reports targeting policymakers, academics, NGOs, and conservation experts. The platform is well-branded, professionally designed, and provides clear navigation and content relevant to its mission. Technically, the website is built on WordPress with Bootstrap and jQuery, enhanced by SEO plugins and integrated with marketing and analytics tools such as HubSpot Forms, Google Tag Manager, and LinkedIn Insight. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and publicly available security or incident response policies. The absence of WHOIS domain registration data is a notable concern, potentially impacting trustworthiness despite the reputable association with the Arcus Foundation. Overall, the website presents a low-risk profile with strong content and business credibility but would benefit from enhanced transparency in domain registration and security practices to improve trust and compliance.

M

Minor Hotels

minorhotels.com

66

Minor Hotels operates a professional and comprehensive hospitality website offering online hotel bookings across multiple global destinations and brands. The site targets travelers seeking luxury and diverse accommodations, including resorts, villas, and wellness services. The website demonstrates strong digital maturity with multi-language support, secure booking forms, and integration of major analytics and marketing pixels. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. Security posture is generally good with HTTPS and consent mechanisms, but lacks explicit privacy and terms of service documentation. Overall, the site is trustworthy and professional but would benefit from enhanced transparency and compliance documentation.

N

NetSalesMedia

netsalesmedia.pl

65

NetSalesMedia is a professional affiliate marketing network operating primarily in Poland, formed by the merger of NetSales and SalesMedia. The company offers an innovative platform with advanced tracking technologies such as customer journey tracking, cross-device tracking, and fingerprint tracking to ensure fair and accurate commission settlements for publishers. The website demonstrates a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the site uses modern frameworks like Bootstrap and jQuery, integrates Google Tag Manager for analytics, and employs a consent management platform to comply with GDPR requirements. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although security headers could be improved. The WHOIS data is not publicly available, which is typical for .pl domains, but the business legitimacy is supported by clear contact information, social media presence, and association with Cube Group, a recognized digital marketing leader in Poland.

C

CENTRALNIC CANADA INC

roulette-en-ligne.ca

47

The website roulette-en-ligne.ca is a French-language Canadian online casino review platform specializing in roulette games. It provides detailed casino reviews, bonus offers, and game listings targeted at Canadian players interested in online gambling. The business operates primarily as an affiliate marketing site, promoting various reputable online casinos. The domain is registered in Canada with a consistent registrant and appropriate domain age, supporting its legitimacy. Technically, the site is built on WordPress and uses common web technologies such as jQuery, Bootstrap, and various JavaScript libraries for UI and analytics. Hosting is behind Cloudflare DNS, ensuring reliable delivery, though no active WAF challenge is detected. The site is moderately optimized for mobile and SEO, with good navigation and content quality. From a security perspective, the site uses HTTPS and includes tracking via Google Analytics and Yandex Metrika but lacks visible security headers and explicit privacy or cookie policies. No contact information or incident response details are provided, which reduces trust and compliance posture. There are no detected vulnerabilities or exposed sensitive data, but improvements in security headers and privacy compliance are recommended. Overall, the site is functional and professional but would benefit from enhanced privacy disclosures, security hardening, and transparent contact information to improve trust and compliance with data protection regulations.

TAKT Fest is a cultural festival and traditional singer-songwriter competition based in Novi Sad, Serbia. The website provides detailed information about the event's program segments including music, theater, standup, circus, movies, and creative workshops. The festival targets artists and cultural enthusiasts, positioning itself as a niche event with international participation. The domain is registered since 2020 and is consistent with the festival's recent editions. Technically, the site uses Joomla CMS with common web technologies such as jQuery, Bootstrap, and Font Awesome, and integrates Google Analytics and Tag Manager for tracking. The site is mobile optimized and has a good design and user experience. Security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is available via a form and social media links. Overall, the site is trustworthy and professional but could improve compliance and security practices.

S

Selectra

selectra.co.uk

69

Selectra is a UK-based comparison and advisory platform specializing in helping consumers and businesses save money on energy, broadband, and mobile services. Established in 2004, it holds a strong market position with comprehensive guides, comparison tools, and a solid reputation evidenced by a high Trustpilot rating. The website is built on Drupal 10, leveraging modern web technologies and Google services for analytics and advertising. The site is well-optimized for mobile and accessibility, providing a professional user experience. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security policies and incident response information are not published. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

IN SITU is a well-established European cultural platform focused on artistic creation in public spaces, led by Lieux publics in Marseille, France. The platform supports emerging artists and fosters collaboration across more than 20 countries, with a history dating back to 2003. The website reflects a professional and content-rich presence, targeting artists, programmers, and cultural professionals interested in public space art. Technically, the site uses modern JavaScript libraries, integrates accessibility tools, and employs Google Analytics and Tag Manager for tracking. Security posture is generally good with HTTPS enforced, but lacks some security headers and explicit privacy compliance mechanisms. WHOIS data is unavailable due to a malformed request, which slightly reduces domain trustworthiness. Overall, the platform demonstrates a strong cultural mission with moderate technical maturity and room for improvement in privacy and security transparency.

A

Advertising Media s.r.o.

advertising-media.cz

51

Advertising Media s.r.o. is a Czech-based digital marketing and web development company specializing in creating functional websites, e-shops, and tailored marketing campaigns. They serve a diverse clientele including small businesses, schools, and public institutions, offering scalable solutions from simple websites to complex e-commerce platforms. Their market position is that of a trusted local provider with a strong emphasis on measurable and profitable marketing services. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and integrates multiple analytics and advertising tools including Google Tag Manager, Microsoft Clarity, and Facebook Pixel, demonstrating a mature digital infrastructure. Security-wise, the site enforces HTTPS and uses consent management for tracking scripts but lacks explicit security headers and published privacy or incident response policies, indicating room for improvement in compliance and transparency. The absence of WHOIS data reduces domain trustworthiness, though the professional presentation and clear contact information mitigate some concerns. Overall, the website is well-designed, user-friendly, and business-focused, with moderate risk due to missing WHOIS transparency and privacy documentation.

A

APECITA

apecita.com

51

APECITA is a specialized employment platform focused on agriculture, agro-food, and environmental sectors in France. It offers thousands of job listings annually and serves as a bridge between candidates and employers, providing tailored services and training resources. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, it employs modern JavaScript libraries and integrates cookie consent and tracking tools responsibly. Security posture is good with HTTPS enforced, though improvements in security headers and formal security policies are recommended. WHOIS data is not publicly available, likely due to privacy protection, which is common for such business domains. Overall, the site presents a trustworthy and credible business front with moderate risk due to limited WHOIS transparency.

Z

Zupimages

zupimages.net

60

Zupimages is a French-based free image hosting service established since 2009, offering users a simple and fast platform to upload and share images securely via HTTPS. The service supports multi-image uploads and provides instant links for sharing. It is supported primarily through advertising networks and targets a general audience seeking free image hosting solutions. The website demonstrates moderate digital maturity with a mix of legacy and modern technologies, including jQuery 1.10.2 and various ad and tracking services. While the site implements GDPR consent mechanisms and provides transparency on incident handling, it lacks a formal privacy policy page and security headers, which are important for compliance and security posture. The absence of WHOIS data for the domain is a notable anomaly that impacts trustworthiness, although the website content and service appear legitimate and professional. Overall, the security posture is moderate with room for improvement in updating libraries, enhancing security headers, and publishing comprehensive privacy and security policies.

I

IPcost

ipcost.com

61

IPcost.com is a specialized online service providing users with detailed information about their public IP addresses, including IPv4 and IPv6 detection, geolocation on a world map, and additional network details such as ISP, ASN, and VPN/proxy detection. The website targets general internet users who need quick and free access to IP-related data, positioning itself as a niche informational tool in the technology sector. The business model is primarily ad-supported, with Google Adsense integrated for monetization. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and the Leaflet.js library for interactive map rendering. It uses Google Tag Manager and Google Adsense for analytics and advertising. The site is hosted on infrastructure likely provided by Hetzner Online GmbH, inferred from IP geolocation data. The site demonstrates good mobile optimization and SEO practices but lacks some advanced accessibility features. From a security perspective, the site benefits from HTTPS encryption and domain transfer lock status, enhancing trustworthiness. However, it lacks DNSSEC, explicit security policies, incident response contacts, and a cookie consent mechanism, which are important for compliance and user trust. No critical vulnerabilities or exposed sensitive data were detected, but improvements in security headers and privacy compliance are recommended. Overall, IPcost.com is a legitimate, moderately mature service with a solid technical foundation and clear business purpose. Strategic enhancements in privacy compliance, security transparency, and DNS security would improve its risk posture and user trust.

C

CPS Test - Check your clicks per second

cpstest.click

64

The website cpstest.click offers a free online service focused on measuring and training users' mouse click speed, primarily targeting gamers and casual users interested in improving their click rate. The site provides multiple click speed tests, reaction time tests, and related gaming tools, supported by advertising revenue through Google Adsense and related ad services. The content is well structured, multilingual, and optimized for mobile devices, providing a good user experience with clear navigation and relevant gaming-related content. From a technical perspective, the site uses modern web technologies including HTML5, CSS3, and JavaScript, with integration of Google Tag Manager and DoubleClick for analytics and advertising. The domain is registered with a reputable registrar and uses Cloudflare DNS, but lacks DNSSEC and explicit security headers, which are areas for improvement. The site is served over HTTPS, ensuring encrypted communication. Security posture is moderate; while HTTPS is enforced and domain transfer protection is enabled, the absence of DNSSEC and security headers reduces the overall security maturity. Privacy compliance is basic, with a privacy policy and terms of service present, but no visible cookie consent mechanism despite use of tracking scripts. Contact information is limited to a contact form with no direct emails or phone numbers, which may affect user trust. Overall, the website is a legitimate, small-scale online gaming utility with a moderate security and privacy posture. Strategic improvements in security headers, DNSSEC implementation, and privacy compliance would enhance trust and security. The site is safe for general audiences with no adult or questionable content detected.

V

VDA-online

vda-online.de

41

VDA-online.de represents the Verband Deutscher Vereine für Aquarien- und Terrarienkunden, a well-established non-profit association founded in 1911, serving aquarium and terrarium enthusiasts in Germany with approximately 250 clubs and 9,000 members. The website is professionally built on WordPress using Elementor and related plugins, featuring good SEO and structured data implementations. The technical infrastructure is moderate in performance and well-optimized for mobile devices. Security posture is adequate with HTTPS usage but lacks explicit security headers and incident response disclosures. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site is trustworthy and serves its niche audience effectively but would benefit from enhanced security and privacy transparency.

L

LWS

lws-hosting.com

48

LWS operates a professional and content-rich blog focused on web hosting, domain registration, VPS, dedicated servers, and WordPress hosting services. The company has a strong market presence in France with over 20 years of experience, offering accessible and quality hosting solutions. The blog serves as an educational and marketing platform targeting website creators, small to medium businesses, and e-commerce users. Technically, the website is built on WordPress with modern technologies including Google Analytics, Google Tag Manager, and caching plugins. The site is mobile-optimized and provides a good user experience with clear navigation and multimedia content such as videos. Performance is moderate with room for improvement in accessibility and security headers. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published privacy or security policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data for the subdomain is not available, which is expected, and the main domain is presumed legitimate based on branding and business presence. Overall, the website is trustworthy and professional, but could enhance compliance and security transparency by publishing privacy policies, terms of service, and security incident response information.

I

IUCN

iucnleadersforum.org

71

The IUCN Leaders Forum website serves as a professional platform for promoting the 2024 edition of the IUCN Leaders Forum event, focusing on innovation and conservation. It is backed by the International Union for Conservation of Nature (IUCN), a well-established global environmental organization. The site provides comprehensive event details, speaker profiles, and multimedia content, targeting environmental leaders, policymakers, and sustainability professionals worldwide. The business model is non-profit, centered on convening stakeholders to advance nature-positive solutions. Technically, the website is built on Drupal 9 with Bootstrap 4, leveraging modern web technologies and performance optimizations such as lazy loading and responsive design. It integrates multiple marketing and analytics tools, including Google Tag Manager, LinkedIn Insights, and Twitter tracking, all managed with a clear cookie consent mechanism ensuring GDPR compliance. The site is hosted with Cloudflare DNS and secured with HTTPS, although DNSSEC is not enabled. From a security perspective, the website demonstrates good practices with HTTPS enforcement, domain locking, and cookie consent. However, there is room for improvement by enabling DNSSEC and publishing explicit security policies and vulnerability disclosure information. No critical vulnerabilities or security issues were detected. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. It effectively supports the IUCN's mission to foster collaboration and innovation in environmental conservation through its Leaders Forum event.

I

IUCN Academy

iucnacademy.org

51

The IUCN Academy website is a professionally developed online education platform specializing in environmental conservation and sustainability training. It offers a range of courses including professional certificates, delivered in hybrid and self-paced formats, targeting individuals and professionals seeking recognized environmental education. The platform leverages modern WordPress technologies including BuddyBoss and Learndash LMS to provide a structured and engaging learning experience. The website is well-branded and consistent, with clear navigation and relevant content that supports its educational mission. From a technical perspective, the site uses a modern tech stack with WordPress CMS, Elementor page builder, and integrates Google Tag Manager for analytics. Hosting and DNS management involve Cloudflare and GoDaddy, with domain registration locked against unauthorized changes. Performance and mobile optimization are good, though accessibility features are basic. SEO practices appear adequate with proper meta tags and structured content. Security posture is solid with HTTPS enforced and domain locking, but there are gaps such as the absence of DNSSEC and lack of published privacy and cookie policies, which impact compliance with GDPR and related regulations. No explicit incident response or vulnerability disclosure mechanisms are found, which could be improved to enhance trust and security readiness. Overall, the website presents a trustworthy and professional front for the IUCN Academy's educational offerings. Strategic improvements in privacy compliance, DNS security, and incident response transparency would further strengthen its security posture and regulatory adherence.

G

Gravitec.net

gravitec.net

57

Gravitec.net is a technology company specializing in automated web push notification services designed to enhance customer engagement, increase website traffic, and improve user retention. Established in 2016, the company has positioned itself as a market leader with over 40,000 websites and 15,000 companies leveraging its platform. Key services include AI-powered notification content generation, campaign automation, detailed analytics, and seamless integrations with popular platforms such as WooCommerce, Shopify, and WordPress. The technical infrastructure of Gravitec.net is robust, utilizing a modern tech stack with extensive use of JavaScript-based analytics and marketing tools including Google Analytics, Mixpanel, Microsoft Clarity, Hotjar, and Visual Website Optimizer. The website demonstrates excellent performance, mobile optimization, and accessibility, reflecting a mature digital presence. Security best practices are observed with HTTPS enforcement, security headers, and CAPTCHA-protected forms, although a dedicated security policy page and incident response contacts are not currently published. From a security perspective, Gravitec.net maintains a strong posture with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. The domain registration data is consistent with the business claims, supporting the legitimacy and trustworthiness of the entity. Overall, Gravitec.net presents a professional, secure, and user-friendly platform with a strong market position in the web push notification space. Strategic recommendations include enhancing transparency with a dedicated security policy, publishing vulnerability disclosure information, and continuous monitoring of third-party scripts to maintain security integrity.

S

Spline, Inc.

spline.design

62

Spline, Inc. is a technology company specializing in web-based 3D design software that enables real-time collaboration for creative teams and developers. Their platform offers tools for 3D modeling, animation, interactive experiences, and easy embedding into web projects. Positioned as an innovative SaaS provider, Spline targets designers and developers seeking accessible and collaborative 3D design solutions. The company was founded in 2019 and operates primarily from Iceland, leveraging modern web technologies and cloud hosting to deliver a performant and user-friendly experience. Their business model includes free browser-based tools, downloadable desktop apps, and enterprise offerings. The website reflects a professional brand with consistent messaging and strong trust signals including testimonials and customer logos.

O

Office Jack

officejack.de

70

Office Jack is a specialized e-commerce retailer based in Germany, focusing on ergonomic office furniture including height-adjustable desks and office chairs. The company targets businesses and institutes looking for modern, ergonomic office solutions. Their market position is that of a niche provider with a strong emphasis on quality, customization, and customer trust, supported by certifications such as Trusted Shops and CHIP Leading Shops 2025. The website is professionally designed, well-branded, and provides clear contact and business information. Technically, the website is built on WordPress with WooCommerce and Elementor, leveraging modern analytics and marketing tools such as Google Analytics, Microsoft Clarity, and Google Tag Manager. The site is mobile-optimized and SEO-friendly, with good performance and accessibility standards. Security posture is strong with HTTPS enforced and bot protection via reCAPTCHA, although some security headers could be improved. No WAF or blocking mechanisms interfere with content access, allowing full analysis. Privacy compliance is robust with a comprehensive privacy policy and cookie consent mechanism in place. No critical vulnerabilities or suspicious patterns were detected in the WHOIS data or website content. Overall, Office Jack presents a trustworthy and professional online presence with a solid technical foundation and good compliance practices, suitable for its business model and target market.

S

Stadtwerke Bochum

stadtwerke-bochum.de

69

Stadtwerke Bochum is a well-established regional energy provider based in Bochum, Germany, with a history spanning approximately 170 years. The company offers a broad range of energy-related services including electricity (with green energy options), natural gas, district heating, water supply, solar energy solutions, heat pumps, and e-mobility services. Their target audience includes both private and business customers within the Bochum region. The website reflects a mature digital presence with comprehensive service information, customer support channels, and active social media engagement. Technically, the website is built on TYPO3 CMS and leverages modern web technologies such as jQuery, Bootstrap, and various UI libraries. It employs a consent management platform (Usercentrics) and integrates Google Tag Manager for analytics, indicating a focus on privacy compliance and user experience. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site uses HTTPS with good SSL configuration and incorporates consent-based script loading. It holds ISO 27001 certification and displays multiple trust badges, reinforcing its commitment to security and sustainability. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security headers could be more visible, and an incident response contact or security.txt file is absent. Overall, Stadtwerke Bochum's website demonstrates a strong security posture, excellent content quality, and robust privacy compliance. It serves as a trustworthy digital front for a major regional utility provider. Strategic recommendations include enhancing security header implementation, publishing incident response information, and maintaining regular audits of third-party scripts.

A

ASEAG

aseag.de

49

ASEAG is the largest mobility service provider in Aachen and the surrounding StädteRegion Aachen, Germany. The company offers comprehensive public transportation services including timetable information, ticket sales, and customer support. The website reflects a well-established public transport business with a clear focus on serving local residents and visitors. ASEAG maintains a strong digital presence with integrated journey planners and departure monitors, leveraging partner services such as auskunft.avv.de. The site is built on TYPO3 CMS and incorporates modern web technologies and analytics tools such as Matomo and Google Tag Manager, ensuring a robust technical infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and incident response contacts are not publicly disclosed. Overall, ASEAG's website demonstrates professionalism, good user experience, and compliance with privacy regulations, positioning it as a trustworthy and credible transportation service provider.

G

GELSEN-NET Kommunikationsgesellschaft mbH

gelsen-net.de

64

GELSEN-NET Kommunikationsgesellschaft mbH is a regional telecommunications provider based in Gelsenkirchen, Germany, with over 40 years of experience. The company specializes in delivering fiber optic internet, telephony, TV, and tailored IT solutions to private customers, businesses, and the housing industry within the Emscher-Lippe region. Their market position is strong regionally, supported by personalized service and a comprehensive product portfolio. Technically, the website is built on TYPO3 CMS, integrates modern tracking and marketing tools like Google Tag Manager and Ads, and implements GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and secure form handling, though explicit security policies and incident response contacts are not published. Overall, the website is professional, accessible, and trustworthy, reflecting a mature digital presence aligned with business goals.

M

Meteored

meteored.com

69

Meteored is a weather forecasting service providing worldwide animated weather maps, satellite imagery, radar data, air quality, pollution, and hurricane tracking. The platform targets meteorology enthusiasts and the general public seeking detailed weather information. It offers multi-language support and mobile applications across major platforms, enhancing accessibility and user engagement. The website demonstrates a good level of professionalism with consistent branding and quality content focused on weather services. Technically, the site employs modern web technologies including JavaScript, WebGL, and integrates Google Tag Manager and advertising services. The site is mobile optimized and provides a moderate performance experience. SEO practices are well implemented with appropriate meta tags and structured navigation. From a security perspective, the website enforces HTTPS and uses a consent management platform for privacy compliance. However, it lacks explicit security policies and incident response information. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data for the domain is a concern, potentially indicating privacy protection or registration inconsistencies, which slightly lowers the trust score. Overall, Meteored presents a reliable and professional weather information service with good technical and privacy compliance. Strategic improvements in domain registration transparency and security policy disclosures would enhance trust and security posture.

T

TFGpl sp. z o.o.

ebutik.pl

70

eButik.pl is a well-established Polish online boutique specializing in women's fashion, offering a broad range of clothing categories including plus size and seasonal collections. The company, TFGpl sp. z o.o., has been operating since 2003, positioning itself as a trusted retailer with a focus on quality, style, and affordability. The website demonstrates strong digital maturity with a modern e-commerce platform (IdoSell Shop), comprehensive privacy and cookie policies, and integration of advanced marketing and analytics tools such as Google Analytics, Facebook Pixel, and TrustMate reviews. Security posture is robust with HTTPS enforced and privacy compliance evident, though some security headers could be improved. Overall, the site provides an excellent user experience with mobile optimization and clear navigation, supported by credible business information and positive customer feedback.

W

Westdeutsche Zeitung

wz.de

64

Westdeutsche Zeitung is a German regional news media company providing digital news content through a website that offers both advertising-supported free content and a paid subscription model called WZ+. The website targets a general audience interested in regional and current news. The technical infrastructure includes modern web technologies such as custom web components, web fonts, and Cloudflare for DNS and hosting services. Google Tag Manager is used for analytics and tracking, with a clear consent mechanism for GDPR compliance. Security posture is moderate with HTTPS implied but lacks explicit security headers and published security policies. Overall, the site is functional and compliant but could improve in security transparency and technical SEO. The domain WHOIS data shows Cloudflare nameservers but lacks detailed registrant information, which is common but limits full trust assessment. No adult or explicit content is present, making the site safe for general audiences.

D

Decathlon spółka z ograniczoną odpowiedzialnością

decathlonkariera.pl

58

Decathlonkariera.pl is the official career website for Decathlon Poland, a large retail company specializing in sports equipment and apparel. The site targets job seekers passionate about sports, offering information about current job openings, company values, and employee benefits. The business is well-established with a domain age consistent with its market presence since 2013. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its audience. Technically, the site is built on WordPress and uses common analytics and marketing tools such as Google Analytics, Google Tag Manager, and Facebook SDK. Hosting is provided by OVH SAS, a reputable provider. Performance is moderate with good mobile optimization. However, some security best practices like DNSSEC and security headers are missing, and there is no visible cookie consent mechanism, which could impact privacy compliance. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries in the provided content. The absence of security headers and incident response information suggests room for improvement. Privacy compliance is partially met with a privacy policy linked on the main Decathlon domain, but cookie consent and GDPR explicit indicators are lacking. Overall, the website is trustworthy and professional, serving its business purpose effectively. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance its security posture and compliance standing.

S

Sinsay

sinsay.com

70

Sinsay operates as an international online fashion retailer targeting women, men, and children across 19 countries. The website serves as a country selector landing page, directing users to localized stores. The business model is e-commerce retail with a focus on affordable fashion. The site demonstrates consistent branding and a professional presentation, indicating a mature market presence. Technically, the website employs modern JavaScript frameworks and third-party services such as Cookiebot for consent management, New Relic for monitoring, and Google Tag Manager for analytics. Hosting is provided via Akamai, suggesting a robust content delivery infrastructure. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. From a security perspective, HTTPS is enforced, and a comprehensive cookie consent mechanism is in place, supporting GDPR compliance. However, no explicit security headers were detected in the HTML content, and no direct contact information for security or incident response was found. The WHOIS data for the domain is unavailable, which slightly reduces trustworthiness but does not negate the professional appearance and functionality of the site. Overall, the website presents a low-risk profile with good privacy compliance and a solid technical foundation. Strategic improvements in security headers, transparency of contact information, and WHOIS data availability would enhance trust and security posture.

W

WSW Wuppertaler Stadtwerke GmbH

wsw-online.de

55

WSW Wuppertaler Stadtwerke GmbH is a regional utility company based in Germany, providing reliable energy supply and innovative mobility solutions primarily to private customers, businesses, and young people. The company holds a strong market position in the Wuppertal region, offering electricity, gas, district heating, public transport services, and e-mobility solutions. Their digital presence is built on the TYPO3 CMS platform, integrating modern technologies such as Google Tag Manager, Usercentrics for consent management, and Mouseflow for analytics, reflecting a mature digital infrastructure. Security posture is robust with HTTPS enforcement, security headers, and no visible vulnerabilities, although explicit security policies and incident response contacts are not published. Overall, the website is professional, well-structured, and compliant with GDPR, supporting a high level of trust and user experience.

I

InPost sp. z o.o.

inpost.pl

71

InPost sp. z o.o. operates a comprehensive parcel delivery and logistics platform primarily serving individual customers and businesses in Poland. The company is a market leader in parcel lockers (Paczkomat®) and courier services, offering a wide range of shipping options including international shipments and fulfillment services. The website reflects a mature digital presence with a professional design, clear navigation, and mobile optimization. Technically, the site uses Drupal CMS, integrates Google Tag Manager and Didomi for consent management, and employs modern JavaScript frameworks. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The WHOIS data confirms domain legitimacy and long-term operation since 2006. Overall, the website is trustworthy, compliant with GDPR, and provides a positive user experience.

C

Ceneo - porównaj ceny i opinie - RTV, AGD, smartfony, laptopy

ceneo.pl

67

Ceneo.pl is a leading Polish price comparison and product review platform specializing in consumer electronics, home appliances, and various retail categories. The website offers users the ability to find products, compare prices across multiple online shops, and read reviews to make informed purchasing decisions. It targets Polish consumers and operates as a large-scale e-commerce service provider in Poland. Technically, the site employs modern JavaScript frameworks such as RequireJS and Preact, integrates with Google Analytics and Microsoft Application Insights for tracking and performance monitoring, and uses Google Tag Manager for marketing and analytics management. The site is well-structured with good SEO practices and mobile optimization. Security-wise, the site enforces HTTPS and uses anti-forgery tokens and CAPTCHA v3 for form protection, though explicit security headers are not evident in the HTML content. Privacy and cookie policies are not clearly found in the provided content, indicating room for improvement in compliance transparency. WHOIS data for the domain is not publicly available, which is typical for commercial Polish domains but limits direct verification of registrant details. Overall, Ceneo.pl presents a professional, trustworthy, and technically mature e-commerce platform with moderate privacy compliance and good security posture.

G

Garden SPA s. r. o.

gardenspa.sk

60

Garden SPA s.r.o. operates a professional e-commerce website specializing in garden furniture, whirlpools, saunas, wooden flooring, and related accessories primarily targeting Slovak consumers and businesses. The company maintains a showroom in Bratislava and offers a broad product catalog with a focus on quality and design. The website is built on the PrestaShop platform, utilizing common web technologies such as jQuery and Google Tag Manager, and includes cookie consent mechanisms compliant with GDPR. Security posture is generally good with HTTPS enforced and no visible critical vulnerabilities, though some improvements are possible in updating libraries and adding security headers. Overall, the site presents a trustworthy and professional retail presence with clear contact information and partner affiliations.

E

What to do today - Eventland

eventland.eu

57

Eventland.eu is a European event discovery platform that provides users with up-to-date information on concerts, festivals, parties, sporting events, and other activities across multiple European cities. The website is built on WordPress and leverages modern web technologies such as Bootstrap, jQuery, and various JavaScript libraries to deliver a responsive and user-friendly experience. SEO optimization is evident through the use of the Yoast SEO plugin and comprehensive meta tags. Security posture is adequate with HTTPS enabled and a cookie consent mechanism in place, though the absence of explicit privacy policies and terms of service indicates room for improvement in compliance and transparency. No blocking or WAF mechanisms were detected, allowing full content accessibility.

Č

Čtyři dny, z.s.

ctyridny.cz

46

Čtyři dny, z.s. operates a well-established international contemporary art festival in Prague, focusing on theater, dance, and exhibitions. The organization targets a broad audience interested in cultural and artistic events, maintaining a strong presence in the Czech cultural scene with over two decades of history. The website reflects a professional and consistent brand image, with comprehensive content and active event promotion. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates advanced plugins for GDPR compliance and cryptographic security. The security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site demonstrates good digital maturity and compliance with privacy regulations. No critical vulnerabilities or suspicious activities were detected, and the domain registration data aligns well with the organization's profile, indicating high legitimacy.

Palác Akropolis is a well-established cultural venue and club based in Prague, Czech Republic, with a domain age dating back to 1999. The website serves as a platform to showcase a diverse range of cultural events including music concerts, theater performances, jazz sessions, and other artistic projects. It targets a broad audience interested in cultural and nightlife activities. The business model revolves around event hosting, ticket sales, and cultural programming, positioning itself as a key player in the local cultural scene. Technically, the website employs a modern tech stack including jQuery, Google Tag Manager, Google Analytics, and a cookie consent management tool, ensuring compliance with privacy regulations such as GDPR. The site is mobile optimized and offers a good user experience with clear navigation and professional design. While no major CMS is detected, the site appears to be custom-built or uses a proprietary system. From a security perspective, the site enforces HTTPS and implements a comprehensive cookie consent mechanism with granular categories. However, some security headers like X-Frame-Options and Content Security Policy are not explicitly present, which could be improved. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with a detailed privacy policy and cookie consent banner. Overall, the website is trustworthy, professional, and compliant with relevant privacy laws. It effectively supports the business goals of Palác Akropolis by providing event information, ticketing options, and engaging content. Strategic recommendations include enhancing security headers, continuing to monitor third-party scripts, and possibly adding explicit contact emails and phone numbers for improved user trust and support.

The U.S. Securities and Exchange Commission (SEC) operates the website www.sec.gov as the official federal government portal for securities regulation, investor protection, and market oversight. The site provides comprehensive resources including filings search, rulemaking activities, enforcement news, and educational materials targeted at investors, businesses, and market participants. The SEC is a large, enterprise-level government agency with a long-standing history dating back to 1934, reflected in the authoritative and professional content presented on the site. Technically, the website is built on the Drupal CMS platform, leveraging the U.S. Web Design System (USWDS) for accessibility and responsive design. It integrates modern analytics and tracking tools such as Google Tag Manager and YouTube APIs, ensuring a rich user experience with fast performance and excellent mobile optimization. The site is hosted likely on government infrastructure or via Akamai CDN, ensuring reliability and security. From a security perspective, the site enforces HTTPS and demonstrates good security practices including secure forms and no visible vulnerabilities. While explicit security headers were not fully confirmed in the provided content, the overall posture is strong, consistent with a government entity. Privacy and cookie policies were not explicitly found in the provided HTML snippet, which slightly impacts privacy compliance scoring. Overall, the SEC website is a highly credible, trustworthy, and professionally maintained government resource. It effectively serves its mission to protect investors and maintain market integrity. Strategic recommendations include publishing explicit privacy and cookie policies prominently, ensuring all security headers are set, and maintaining vigilance on third-party scripts to uphold security standards.

Homerun is a Netherlands-based technology company specializing in applicant tracking and human resource management software designed for modern teams. Their SaaS platform offers a user-friendly and visually appealing ATS and HR toolset that streamlines hiring, leave tracking, employee data management, and team insights. The company targets growing teams and HR professionals seeking an efficient and personal approach to recruitment and team management. Homerun positions itself as a niche provider with a strong emphasis on user experience and brand culture, supported by positive customer testimonials and high ratings on independent review platforms.

D

Deník N

novydenik.com

62

Deník N is an independent Czech daily news media outlet established in 2015, offering subscription-based and advertising-supported news content primarily targeting the Czech-speaking general public. The website demonstrates a solid market position as a trusted independent news source with a consistent brand presence and good content quality. Technically, the site is built on WordPress with modern integrations such as Google Tag Manager, Google Analytics, OneSignal for notifications, and Didomi for consent management, reflecting a mature digital infrastructure with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and consent mechanisms in place, though explicit security headers and a published security policy are absent, indicating room for improvement. Overall, the site is trustworthy, privacy-conscious, and professionally maintained, with no signs of malicious activity or content safety concerns.

V

Visicod

visicod.com

60

Visicod is a French digital communication agency specializing in bespoke website creation, SEO and SEA services, and personalized client support. Established since 2008, it serves artisans, small and medium enterprises across France with a focus on clear, effective digital solutions. The website demonstrates a professional and modern digital presence with strong client testimonials and transparent service offerings. Technically, the site uses modern web technologies, includes cookie consent mechanisms, and integrates Google Analytics for performance tracking. Security posture is good with HTTPS and privacy compliance, though some security headers could be improved. WHOIS data is unavailable, likely due to privacy protection or recent registration, but the website content and structure indicate a legitimate and trustworthy business. Overall, Visicod presents a credible and professional digital agency profile with room for minor technical security enhancements.

I

Instituto de Estudios Cajasol

institutocajasol.com

56

Instituto de Estudios Cajasol is a well-established business school based in Sevilla, Spain, offering professional master’s degrees, postgraduate courses, and corporate training primarily targeting professionals and students in Andalucía. The institution has a strong regional presence with a domain registered since 2006, reflecting its longevity and market position. The website is professionally designed, mobile-optimized, and rich in relevant content, supporting a positive user experience and strong SEO performance. Technically, the site leverages WordPress with popular plugins and integrates multiple marketing and analytics tools, including Google Tag Manager and Outbrain, indicating a mature digital marketing strategy. Security posture is good with HTTPS enforced and domain transfer protection, though DNSSEC is not enabled and some security headers are not explicitly detected. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms in place. Overall, the website demonstrates high business credibility and trustworthiness with clear contact information and consistent branding.

P

Pilsner Urquell

pilsner-urquell.cz

46

Pilsner Urquell is a historic and well-established beer brand originating from the Czech Republic, with a founding year of 1842. The website serves as a marketing and informational platform targeting adult consumers, enforcing strict age verification to comply with legal requirements for alcohol promotion. The brand maintains a consistent and professional online presence with clear branding and user engagement features such as cookie consent and analytics tracking. Technically, the site employs modern web technologies including Google Tag Manager, Google Analytics, and Facebook Pixel, ensuring effective marketing and user behavior analysis. The website is secured with HTTPS and includes mechanisms to protect underage users from accessing restricted content. However, the absence of WHOIS data and lack of explicit security and incident response policies represent gaps in transparency and security posture. Overall, the site is professionally designed and functional, but could improve in areas of security documentation and contact availability.

V

VERMONT Services Slovakia s. r. o.

vermont.cz

63

Vermont.cz is a professional e-commerce website representing a premium international fashion brand offering clothing and accessories for men, women, and children. The site features multiple well-known trademarks and brands, providing a comprehensive online shopping experience supported by physical stores in the Czech Republic. The business model focuses on retail sales with value-added services such as free shipping over a threshold and gift vouchers. Technically, the website employs modern JavaScript frameworks like Vue.js and Inertia.js, integrates multiple marketing and analytics tools including Google Tag Manager and Facebook Pixel, and maintains good SEO and mobile optimization standards. Security-wise, the site enforces HTTPS, implements key security headers, and uses cookie consent mechanisms, though it lacks explicit security policy and incident response disclosures. The absence of WHOIS data for the domain is a notable gap in trust assessment but does not detract from the professional presentation and operational maturity of the business. Overall, Vermont.cz presents a secure, user-friendly, and content-rich platform suitable for its retail audience.

S

Selectra

comparaiso.cl

62

Comparaiso.cl is a Chile-based online platform specializing in comparing telecommunications services including internet, mobile, fixed phone, and television plans. It operates under the parent company Selectra, providing consumers with comprehensive options to select the best plans suited to their needs. The website is well-positioned in the Chilean market, partnering with major telecom providers and offering additional services such as speed tests and streaming platform information. Technically, the site is built on Drupal 10, integrates Google Tag Manager for analytics, and uses Cloudflare DNS, reflecting a modern and maintainable infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is good, with clear privacy and cookie policies linked to the parent domain. Overall, the site presents a professional and trustworthy front to users, with clear contact channels and consistent branding.