Security Directory

Q

QVC

qvc.com

72

QVC is a leading enterprise-level e-commerce and televised shopping platform offering a wide range of consumer products including beauty, electronics, fashion, and home goods. The website demonstrates a strong market position with extensive live streaming shopping events and a comprehensive online retail presence targeting general consumers. Technically, the site leverages a modern technology stack including Adobe Experience Manager, various analytics and marketing tools, and live shopping integrations, delivering excellent performance and mobile optimization. Security posture is robust with HTTPS enforcement, security headers, and secure cookie practices, although explicit security policy and incident response information are not publicly available. Overall, the site is highly professional, trustworthy, and compliant with privacy regulations, making it a reliable platform for consumers.

J

Jaguar Uruguay

jaguar.uy

65

Jaguar Uruguay operates as the official Jaguar brand presence in Uruguay, focusing on showcasing and selling Jaguar vehicles including SUVs, electric cars, sedans, and sports cars. The website is professionally designed using modern web technologies such as Nuxt.js and Vue.js, hosted on Jaguar's CDN infrastructure, and optimized for mobile devices. The site demonstrates consistent branding and good content quality, targeting automotive consumers in Uruguay. Security posture is solid with HTTPS enforced, though some security headers and privacy policies are missing. No signs of blocking or WAF interference were detected, allowing full content access. Overall, the site is trustworthy and credible but could improve privacy compliance and security best practices.

J

Jaguar

jaguar.mx

53

Jaguar Mexico operates as the official regional website for Jaguar luxury vehicles, targeting affluent customers in Mexico. The site provides information on vehicle models, specifications, and dealership locations, supporting the brand's premium market positioning. The technical infrastructure is based on the Wix platform, leveraging Wix Thunderbolt framework and standard web technologies, which offers a moderate performance and good mobile optimization. Security posture is solid with HTTPS and security headers implemented, but lacks visible privacy and cookie policies, which are critical for compliance and user trust. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and contact transparency.

W

Wine & Spirit Education Trust

wsetglobal.com

68

Wine & Spirit Education Trust (WSET) is a well-established global leader in drinks education, offering qualifications in wine, spirits, beer, and sake. Founded in 2006, it operates as a registered charity based in the UK, serving a mature audience of drinks professionals and enthusiasts worldwide. The organization maintains a strong market position as the largest provider in its niche, with a broad network of course providers in over 70 countries and multiple language offerings. Key services include progressive qualification levels, online learning, and custom courses tailored for business clients.

The website swisscheese.ch is currently a parked domain offered for sale at 7500 EUR through Sedo, a domain parking and resale service. The site contains minimal content primarily focused on advertising and domain sale information, with no active business operations or services presented. The technical infrastructure relies heavily on Sedo's domain parking platform and Google Ads for monetization. The site lacks HTTPS/SSL indications and does not provide any contact or security-related information, which limits its trustworthiness and professional appearance. Privacy policy and cookie consent mechanisms are present but basic, reflecting standard Sedo parking templates. Overall, the site functions solely as a domain sales landing page without active business presence.

C

Connect Com AG

ccm.ch

62

Connect Com AG is a Swiss-based company specializing in fiber optic communication infrastructure solutions, serving sectors such as energy, transport, industry, and data centers. Established in 1993, the company offers a comprehensive range of products and services including fiber optic cables, building cabling, data center solutions, and installation services. Their market position is strong within Switzerland and Germany, supported by local manufacturing and logistics capabilities. The website reflects a professional B2B focus with clear product and service descriptions, customer testimonials, and a consistent brand image. Technically, the website employs modern web technologies including JavaScript frameworks, Google Tag Manager, Microsoft Clarity for analytics, and a cookie consent mechanism via Cookiefirst. The site is mobile-optimized and SEO-friendly, though it appears to use a custom or proprietary CMS. Performance is moderate with good mobile responsiveness and basic accessibility features. From a security perspective, the site uses HTTPS with a CSRF token present, indicating attention to secure form handling. However, explicit security headers like CSP or HSTS are not confirmed in the HTML content. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a cookie consent banner but no visible privacy policy or terms of service on the main page. WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, the website presents a low risk profile with good business credibility and technical implementation. Strategic improvements include publishing comprehensive privacy and security policies, implementing recommended security headers, and adding a vulnerability disclosure or security.txt file to enhance trust and compliance.

R

Romberg

romberg.de

51

Romberg operates a professional e-commerce platform specializing in gardening and cultivation products, targeting hobbyists and small-scale gardeners primarily in Germany. The website offers a broad product range including greenhouses, seedling pots, substrates, and sustainable gardening accessories, with a dedicated B2B dealer area indicating a dual business model. The company positions itself as a niche retailer focusing on sustainable and innovative gardening solutions. Technically, the website uses modern JavaScript, SVG icons, and integrates PayPal for payments, likely built on the Shopware CMS platform. The site is mobile-optimized with moderate performance and basic accessibility features. Security posture is good with HTTPS enforced and IP anonymization in Google Analytics, but lacks explicit security headers and published security policies. Privacy compliance is basic, with a cookie consent mechanism but no visible privacy or cookie policies. Contact information and incident response details are not clearly provided, which could impact user trust. Overall, the website is safe, professional, and trustworthy for general audiences.

Q

quedlinburger.de

quedlinburger.de

47

The website quedlinburger.de is currently a parked domain hosted on Bodis name servers, displaying placeholder content and advertisements with an offer to sell the domain. There is no active business presence, no contact information, and no meaningful content beyond ads. The technical infrastructure relies on basic HTML, CSS, JavaScript, and Google Adsense/Bodis scripts. Security posture is minimal with no advanced headers or policies implemented, and privacy compliance is lacking. Overall, the site serves as a domain parking page rather than a functional business website.

N

Neudorff

neudorff.de

62

Neudorff is a German company specializing in natural gardening products and advice, targeting environmentally conscious gardeners. The website presents a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern JavaScript frameworks such as Nuxt.js and employs Cloudflare for DNS and likely CDN services, ensuring good performance and security. Advertising is managed through Taboola, and cookie consent is implemented via Cookiebot, indicating some level of privacy compliance. However, explicit privacy policies, terms of service, and direct contact information are not found in the provided content, which limits full compliance and transparency. Security posture is generally good with HTTPS enabled, but additional security headers and incident response information would strengthen it. Overall, the site appears trustworthy and well-maintained but could improve in privacy and security documentation.

L

LECHUZA

lechuza.de

57

LECHUZA is a well-established German brand specializing in high-quality plant containers with intelligent watering systems, substrates, and care products. The company operates a professional e-commerce platform targeting gardening enthusiasts and consumers seeking premium plant care solutions. The website demonstrates a mature digital infrastructure leveraging Salesforce Commerce Cloud, modern tracking and analytics tools, and internationalization with multiple country and language versions. Security posture is strong with HTTPS and secure payment methods, though visible security headers and formal security policies are absent. Privacy compliance is limited due to missing explicit privacy and cookie policies in the analyzed content. Overall, the site is professional, trustworthy, and well-positioned in the retail gardening market.

K

Kiepenkerl

kiepenkerl.de

52

Kiepenkerl operates a professional e-commerce platform specializing in seeds, flower bulbs, plants, and related gardening products. The website targets both retail consumers and B2B customers, positioning itself as a premium brand within the German gardening market. The platform offers a broad range of product categories and supports customer engagement through structured navigation and search capabilities. Technically, the website is built on a modern e-commerce framework (Shopware 6) and integrates multiple analytics and marketing tools such as Matomo, Google Tag Manager, and Facebook Pixel. The site is hosted on servers associated with kasserver.com and uses HTTPS with a good SSL configuration. Security measures include the use of Friendly Captcha to mitigate bot activity and a cookie consent mechanism to comply with basic privacy requirements. However, explicit privacy policies, terms of service, and contact information are not found in the provided content, which limits full compliance and trust transparency. Overall, the website demonstrates a solid technical foundation and business credibility but would benefit from enhanced privacy disclosures and security header implementations.

J

Jaguar

jaguar-pre-owned.co.za

59

The website www.jaguar-pre-owned.co.za serves as an official platform for Jaguar approved pre-owned vehicles in South Africa. It targets Jaguar vehicle buyers in the region, offering a curated selection of certified used Jaguar cars. The site is professionally branded with Jaguar assets and uses modern web technologies such as Nuxt.js and Vue.js, indicating a moderate level of digital maturity. However, the absence of visible privacy and cookie policies, as well as contact information, suggests gaps in compliance and user trust facilitation. Security posture is moderate with no explicit security headers or SSL details provided, and the WHOIS data is privacy protected, limiting transparency. Overall, the site is functional and credible for its business purpose but would benefit from enhanced privacy compliance and security best practices.

J

Jaguar Nigeria

jaguar.ng

69

Jaguar Nigeria operates as the official Jaguar brand presence in Nigeria, offering luxury saloons, performance SUVs, and sports cars. The website serves as a digital showroom and information portal for Jaguar's vehicle range, targeting affluent customers and automotive enthusiasts within Nigeria. The business model focuses on automotive retail and brand representation, positioning Jaguar as a premium automotive brand in the Nigerian market. Technically, the website is built using modern web technologies including Nuxt.js and Vue.js, leveraging Jaguar Land Rover's CDN infrastructure for media and fonts. The site is mobile optimized and provides a good user experience with professional design and clear navigation. Security posture is solid with HTTPS enforced and some best practices observed, though there is room for improvement in security headers and visible privacy compliance. No forms or direct contact information were found in the provided content, indicating potential areas for enhancement in user engagement and compliance transparency. Overall, the domain registration and WHOIS data align well with the business claims, supporting the legitimacy of the site. Strategic recommendations include adding comprehensive privacy and cookie policies, security.txt for vulnerability disclosure, and explicit contact information for incident response to strengthen trust and compliance.

E

Europäischer Fonds für regionale Entwicklung Bremen

efre-bremen.de

60

The website www.efre-bremen.de serves as the official platform for the European Regional Development Fund (EFRE) in Bremen, Germany. It provides comprehensive information about funding programs for the periods 2014-2020 and 2021-2027, project examples, news, and contact options. The site targets entrepreneurs, startups, research institutions, and public sector entities interested in regional development funding. It acts as a government-funded informational and support portal, positioning itself as an authoritative source for EFRE-related activities in the Bremen region. Technically, the website is built on the SixCMS content management system, hosted by hosting.de, and uses modern web technologies including HTML5, CSS3, and JavaScript. It integrates Matomo analytics configured to respect user privacy by disabling cookies and honoring DoNotTrack. The site is mobile-optimized and accessible, with good SEO practices and clear navigation. However, some security headers are missing, and no cookie consent mechanism is present despite the use of analytics. From a security perspective, the site enforces HTTPS and uses secure login forms with CSRF tokens. No vulnerabilities or exposed sensitive data were detected. The absence of security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in security transparency and compliance. The WHOIS data aligns with the hosting provider and website content, indicating a legitimate and consistent domain registration. Overall, the website demonstrates a solid business credibility and technical foundation with good content quality and user experience. Strategic recommendations include implementing additional security headers, publishing security and incident response policies, and adding cookie consent mechanisms to enhance privacy compliance and user trust.

J

Jaguar Angola

jaguar-sub-sahara.com

59

Jaguar Angola operates as the official regional website for Jaguar vehicles in Angola and the broader Sub-Saharan Africa region. The site showcases Jaguar's luxury saloons, performance SUVs, and sports cars, targeting affluent customers interested in premium automotive brands. The business model focuses on brand representation and vehicle sales within this geographic market. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, leveraging Jaguar Land Rover's CDN for assets and fonts, ensuring consistent branding and good mobile optimization. However, the site lacks visible privacy and cookie policies, which are critical for compliance with GDPR and regional data protection laws. Security headers and incident response contacts are also absent, indicating areas for improvement in security posture. Overall, the website presents a professional and trustworthy brand image but requires enhancements in privacy compliance and security best practices to reduce risk and improve user trust.

J

Jaguar Kenya

jaguar-kenya.com

69

Jaguar Kenya operates as the official regional website for Jaguar vehicles in Kenya, showcasing luxury saloons, performance SUVs, and sports cars. The site serves as a digital showroom and brand information portal targeting luxury vehicle buyers within Kenya. It is part of the broader Jaguar Land Rover brand ecosystem, reflecting a medium-sized regional presence with consistent branding and professional content. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, leveraging asynchronous loading of analytics and advertising scripts to optimize performance. The site is mobile-optimized and includes SEO best practices such as hreflang tags for international targeting. Security-wise, the website enforces HTTPS and uses standard tracking technologies but lacks explicit security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures.

А

Атлант-М

atlantm.by

58

Atlant-M is a prominent Belarusian automotive dealership and service provider offering a comprehensive online platform for purchasing new and used vehicles, including electric and hybrid models. The company provides additional services such as car servicing, repair, financial products like credit and insurance, and vehicle evaluation and buyout. Their market position is strong within Belarus, targeting local consumers seeking convenient online automotive solutions. The website is built on modern technologies including React and Next.js, delivering a responsive and user-friendly experience with good SEO and mobile optimization. Security posture is solid with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not publicly available. Privacy compliance is well addressed with clear cookie consent and privacy policy pages. Overall, the site demonstrates a professional and trustworthy digital presence aligned with its business objectives.

A

Augsburger Allgemeine

augsburger-allgemeine.de

63

Augsburger Allgemeine is a prominent regional news media company based in Augsburg, Germany, providing comprehensive news coverage across politics, economy, sports, culture, and local events. The website serves as a digital platform for news dissemination, subscription services, classifieds, and event ticketing, positioning itself as a leading regional information source with a broad audience. The business model combines advertising revenue with digital subscriptions and ancillary services such as online shops and specialized portals.

G

Government Offices of Sweden

government.se

69

The Government Offices of Sweden operates the official government.se website, serving as the primary digital portal for disseminating government policies, news, and public administration information. The site targets a broad audience including citizens, media, and international stakeholders, providing structured content about ministries, government priorities, and legal documents. The domain is well-established since 2003, reinforcing its legitimacy as a government entity. Technically, the website employs modern JavaScript libraries, Matomo analytics for privacy-conscious tracking, and a cookie consent mechanism, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and no exposed sensitive data, though improvements such as enabling DNSSEC and adding advanced security headers are recommended. Privacy compliance is moderate due to the absence of explicit privacy and terms of service pages in the provided content. Overall, the website is professional, trustworthy, and safe for general audiences.

I

Intersim AG

intersim.ch

65

Intersim AG is a Swiss digital agency specializing in innovative and customized web solutions using technologies such as PHP, .NET, and .NET Core. The company serves a diverse clientele including public sector entities and private organizations, positioning itself as a reliable partner for digital transformation projects. Their offerings span consulting, development, operation, and support, with a focus on quality and user experience. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the website employs modern frameworks and technologies, including TYPO3 CMS, nopCommerce for digital commerce, and integrates AI capabilities through their Intersim AI product. The site is mobile-optimized, uses Vimeo for video content, and incorporates Google Tag Manager and Usercentrics for analytics and consent management, indicating a well-rounded digital infrastructure. From a security perspective, the site enforces HTTPS, implements standard security headers, and uses Google reCAPTCHA to protect forms. Consent management is handled professionally, supporting GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a dedicated security policy or incident response contact suggests room for improvement in transparency and readiness. Overall, Intersim AG's website demonstrates a high level of professionalism, security, and compliance, making it a trustworthy digital platform. Strategic recommendations include publishing explicit security policies, enhancing incident response visibility, and maintaining vigilance on third-party scripts to sustain security posture.

Facebook Video is a key component of Facebook's social media platform, offering users a place to watch videos, reels, and original shows. As part of Meta Platforms, Inc., it holds a leading position in the global technology and media industry, leveraging a robust advertising-based business model. The platform targets a broad general audience with a focus on video content consumption and social engagement. Technically, the site employs modern web technologies including React and advanced JavaScript frameworks, ensuring fast performance, excellent mobile optimization, and good accessibility. Security measures are strong, with HTTPS enforcement and comprehensive security headers, reflecting a mature security posture. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, the site demonstrates high professionalism, trustworthiness, and technical maturity, with extensive user tracking aligned with its advertising business model.

I

Internet Invest, Ltd. dba Imena.ua

leafletjs.com

53

Leaflet is a well-established open-source JavaScript library specializing in mobile-friendly interactive maps. It holds a leading position in the mapping technology sector, serving developers and organizations requiring lightweight, extensible mapping solutions. The project is community-driven with a strong presence on GitHub and trusted by major technology companies. The website reflects a professional, well-maintained digital presence with excellent content quality and user experience. Technically, the site leverages modern web technologies including JavaScript, CSS, and HTML5, integrating third-party services such as OpenStreetMap and Mapbox for map tiles. The infrastructure is performant and optimized for both desktop and mobile platforms. However, there is room for improvement in security practices, particularly in enabling DNSSEC, adding security headers, and publishing privacy and cookie policies. From a security perspective, the website uses HTTPS and has domain transfer protections but lacks DNSSEC and explicit security headers. No contact information or incident response channels are provided, which limits transparency in security governance. The absence of privacy and cookie policies also indicates gaps in compliance with data protection regulations. Overall, the website is trustworthy and professionally managed but would benefit from enhanced security and privacy compliance measures to reduce risk and improve user trust.

B

Bundesministerium für Forschung, Technologie und Raumfahrt

forschung-fachhochschulen.de

64

The website 'Forschung an Fachhochschulen' is an official German government platform managed by the Bundesministerium für Bildung und Forschung (BMBF). It serves as an information hub for research activities at universities of applied sciences (HAW) in Germany, providing news, funding opportunities, project details, and service information. The site targets researchers, academic institutions, and policymakers interested in applied research. The business model is government-funded dissemination and promotion of research programs. The site maintains a good level of content quality, professional design, and consistent branding, reinforcing its authoritative position in the government research sector. Technically, the website is built using the Government Site Builder CMS, with a modern tech stack including HTML5, CSS3, and JavaScript. It is hosted likely by ITZBund, a federal IT service provider, and shows good mobile optimization, accessibility, and SEO practices. Performance is moderate, with no major issues detected. The site uses Matomo analytics with anonymized data collection and a clear cookie consent mechanism, demonstrating good privacy compliance. From a security perspective, the site enforces HTTPS and employs cookie consent for tracking. However, it lacks explicit security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data shows partial consistency with the government affiliation, with no suspicious patterns. Overall, the security posture is solid but could be improved by adding security headers and formal incident response information. The overall risk assessment is low, with the site being trustworthy and professionally maintained. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and providing clearer incident response contacts to further strengthen trust and compliance.

N

nordmedia - Film- und Mediengesellschaft Niedersachsen/Bremen mbH

nordmedia.de

54

nordmedia is a regional media funding organization serving the German states of Niedersachsen and Bremen. Established in 2001, it plays a central role in supporting and developing the local film and media industry through funding programs, events, and advisory services. The website reflects a mature and professional digital presence with comprehensive content tailored to its target audience of media professionals and filmmakers. Technically, the site uses modern web standards and privacy-respecting analytics (Matomo), with good mobile optimization and clear navigation. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit incident response policies are absent. Overall, the site is trustworthy and well-aligned with its business purpose.

R

Reishunger

reishunger.de

66

Reishunger is a German-based e-commerce company specializing in rice products, digital rice cookers, kitchen accessories, and related cooking ingredients. The website targets consumers interested in diverse rice varieties and cooking solutions, offering a broad product catalog and recipe content. The company positions itself as a premium provider with over 10 years of expertise and a strong customer base, supported by high Trusted Shops ratings. Technically, the website employs modern JavaScript frameworks like Alpine.js, uses Cloudflare for DNS and CDN services, and integrates YouTube APIs and Swiper.js for enhanced user experience. The site is mobile-optimized and performs well with fast loading times. Security-wise, HTTPS is enforced, and basic security best practices are observed, though explicit security headers like Content-Security-Policy are not clearly present. Privacy compliance is moderate, with cookie consent mechanisms but no explicit privacy or terms of service pages found in the provided content. Overall, the website is professional, trustworthy, and safe for general audiences.

U

Universität Bremen

uni-bremen.de

64

The Universität Bremen website serves as the official digital presence of a medium-sized German university with approximately 20,000 students. It offers a broad range of academic programs including bachelor, master, and legal state examinations, and is recognized as an Excellence University since 2012. The site targets students, researchers, international visitors, and partners, providing comprehensive information on study programs, research, and university services. Technically, the site is built on TYPO3 CMS, employs Matomo for privacy-conscious analytics, and demonstrates good mobile optimization and accessibility. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms. No critical vulnerabilities or suspicious content were detected, and the domain registration aligns with the university's identity and history.

F

Fastly

polyfill-fastly.net

63

Fastly Polyfill is a specialized web service provided by Fastly, designed to deliver only the necessary polyfills required by a user's web browser, enhancing web compatibility and performance. The service targets web developers and technology professionals who need efficient browser feature support. The website is well-branded and consistent with Fastly's corporate identity, linking to official privacy and terms pages and providing a GitHub repository for transparency and community engagement. Technically, the site uses modern web technologies including JavaScript and Pico CSS for a responsive and accessible user experience. Hosting and domain registration align with Fastly's infrastructure, indicating a legitimate and professionally managed service. Security posture is good with HTTPS enforced, though explicit security headers and policies are not visible on this page. Privacy compliance is supported by links to comprehensive Fastly privacy policies, though no cookie consent mechanism is present on this specific service page. Overall, the site is professional, trustworthy, and safe for general audiences.

G

Gourmet Berner

gourmetberner.de

74

Gourmet Berner is a German e-commerce business specializing in gourmet food products such as spices, antipasti, liqueurs, and gift baskets. The website positions itself as a strong brand for fine gourmet items, targeting general consumers interested in high-quality culinary products. The business operates on the Shopify platform, leveraging its robust e-commerce infrastructure and integrations with trusted third-party services like Trusted Shops and Complianz for compliance and marketing. Technically, the site uses modern web technologies and Shopify's Alchemy theme, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and a formal security policy are absent. Privacy compliance is partially addressed with cookie consent but lacks a visible privacy policy or terms of service. Overall, the domain registration data aligns well with the website's business claims, indicating legitimacy and trustworthiness.

P

Prezi

prezi.com

76

Prezi is a well-established technology company specializing in AI-enhanced presentation software designed to engage audiences effectively. Founded in 2000, Prezi offers a SaaS platform targeting business professionals, educators, and students, providing key services such as video presentations, interactive presentations, and infographic design tools. The company holds a strong market position as a leader in interactive presentation technology with a large user base and major corporate customers. Technically, Prezi's website demonstrates a mature digital infrastructure hosted on AWS, built with modern web technologies including Webflow CMS, JavaScript frameworks, and integrated marketing and analytics tools such as Google Tag Manager, Hotjar, and Optimizely. The site is fast, mobile-optimized, accessible, and SEO-friendly, reflecting a high level of digital maturity. From a security perspective, Prezi maintains a robust posture with HTTPS enforcement, SOC 2 compliance, and comprehensive privacy and cookie policies with consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. However, minor improvements such as enabling DNSSEC and publishing a security.txt file could enhance security transparency and DNS security. Overall, Prezi presents a low-risk profile with strong business credibility, technical sophistication, and compliance adherence. Strategic recommendations include enhancing incident response visibility, publishing vulnerability disclosure information, and enabling DNSSEC to further strengthen trust and security posture.

H

Humblytics

humblytics.com

60

Humblytics is a technology company founded in 2021 that provides privacy-first, cookie-free web analytics, heatmaps, funnel visualization, and A/B testing services. Positioned as a SaaS provider, it targets website owners and digital marketers seeking actionable insights without compromising user privacy. The website is built using Framer and hosted on Cloudflare, indicating a modern and streamlined technical infrastructure. The presence of LinkedIn Insight scripts suggests integration with marketing analytics tools. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the website is professional and functional but would benefit from improved transparency and security practices to increase trust and compliance.

S

Starthaus Bremen

starthaus-bremen.de

58

Starthaus Bremen is a regional consulting and support organization focused on assisting startups and entrepreneurs in Bremen and Bremerhaven. The website provides comprehensive information about consulting services, financing options, mentoring programs, and a rich calendar of events designed to support business founders and growing companies. The platform positions itself as a central hub for startup support in the region, emphasizing free consultations and a strong network of partners. Technically, the website uses a modern tech stack including jQuery, Bootstrap, and FontAwesome, built on the SixCMS content management system. Accessibility features such as text zoom and high contrast modes are implemented, enhancing usability. However, explicit privacy and cookie policies are not found, and no security headers or incident response information are present, indicating areas for improvement in security and compliance. Overall, the website is professional and content-rich, but could benefit from enhanced security posture and privacy compliance to strengthen trust and regulatory adherence.

L

Land Rheinland-Pfalz

rlp.de

65

The website www.rlp.de serves as the official internet portal for the state government of Rheinland-Pfalz, Germany. It provides comprehensive information about the state, its government, current news, thematic focuses, and public services. The portal targets citizens, businesses, and other stakeholders interested in the region. It is positioned as a trusted government source with a broad range of services including news dissemination, social media engagement, and access to government departments. Technically, the site is built on TYPO3 CMS with Bootstrap framework, ensuring a modern, responsive, and accessible user experience. Hosting is managed via Versatel, a reputable German ISP. The site demonstrates good performance and SEO practices, with multilingual support and clear navigation. From a security perspective, the site enforces HTTPS and employs secure forms, with no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security headers and a published security or incident response policy. Privacy compliance is strong with a comprehensive privacy policy, though no cookie consent mechanism was detected. Overall, the site is a professional, secure, and trustworthy government portal with minor areas for improvement in security transparency and cookie management.

The website sbf-fragen.de is an educational platform offering a mobile app to support users preparing for boating license theoretical exams in Germany. It is operated by Delius Klasing Verlag, a known publishing company. The site provides official exam questions, learning aids, and exam simulations via a freemium app model with in-app purchases. The target audience is individuals seeking boating licenses and related certifications. Technically, the site uses modern web technologies such as React and Next.js, ensuring a responsive and user-friendly experience across devices. The site is well-branded and professionally designed, with clear navigation and relevant content in German. Security posture is moderate with HTTPS assumed but lacking explicit security headers and incident response information. Privacy compliance is partial, with a clear privacy policy linked but no cookie consent mechanism detected. Overall, the site is trustworthy and serves a niche educational market effectively.

B

Bremer Bonbon Manufaktur

bremer-bonbon-manufaktur.de

60

Bremer Bonbon Manufaktur is a small artisanal confectionery business based in Bremen, Germany, specializing in handmade sweets such as bonbons, lollipops, fudge, and nougat. The company operates both a physical retail presence with two locations and an online shop, complemented by workshops and events targeting a broad audience including families and corporate clients. Their market position is that of a local specialty retailer with a focus on quality and craftsmanship. Technically, the website is built on the Shopware 6 e-commerce platform, leveraging modern web technologies including Google reCAPTCHA v3 for bot protection and PayPal for payment processing. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. The presence of cookie consent and privacy policies indicates a good level of digital maturity and GDPR compliance. From a security perspective, the site enforces HTTPS and integrates reCAPTCHA to protect forms, but lacks explicit mention of security headers such as X-Frame-Options or Content-Security-Policy in the HTML source. No vulnerabilities or exposed sensitive data were detected. The absence of a public security policy or incident response page suggests room for improvement in transparency and preparedness. Overall, the website presents a trustworthy and professional front for the business, with strong privacy compliance and a secure shopping experience. Strategic enhancements in security headers and incident response documentation would further strengthen their security posture and customer trust.

H

Heldenschmiede Bremen GbR

heldenschmiede-bremen.de

57

Heldenschmiede Bremen GbR is a small education and coaching business based in Bremen, Germany, specializing in workshops, seminars, and coaching services aimed at personal and professional development. The company positions itself as a niche provider focused on empowering individuals and teams to unlock their potential and achieve meaningful change. Their offerings include business coaching, life school programs, speaker training, and events with keynote speakers. The website reflects a professional and consistent brand image with clear service descriptions and event schedules. Technically, the site is built on modern web technologies including React and Next.js, hosted on a custom CMS platform, and optimized for performance and mobile devices. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and formal policies are missing. Privacy compliance is strong with a comprehensive privacy policy and cookie banner. Contact information is clearly presented with multiple channels. Overall, the website is trustworthy, well-maintained, and suitable for its target audience.

M

Microsoft Corporation

office365.com

73

Microsoft Corporation operates the website www.microsoft.com, specifically the Finnish localized Microsoft 365 product page. The company is a global leader in technology, providing subscription-based productivity software and cloud services under the Microsoft 365 brand. The website targets a broad audience including home users, businesses, enterprises, and educational institutions, offering a comprehensive suite of applications, intelligent cloud services, and AI-powered features such as Copilot. The site is professionally designed, well-structured, and optimized for mobile devices, reflecting Microsoft's strong digital maturity and global market presence. Technically, the website leverages modern web technologies including Adobe Experience Manager CMS, JavaScript frameworks, and Microsoft Azure hosting. Performance is fast with good SEO and accessibility features. Security is robust with HTTPS, strong security headers, and no detected vulnerabilities. Privacy compliance is well addressed with clear policies and consent mechanisms aligned with GDPR requirements. The security posture is strong, supported by certifications such as ISO 27001 and SOC reports. Incident response and vulnerability disclosure processes are publicly available, enhancing trust. The domain is highly legitimate despite the absence of raw WHOIS data due to privacy protection, as it aligns with Microsoft's branding and global reputation. Overall, the website represents a secure, professional, and trustworthy digital presence for Microsoft 365 in Finland, supporting Microsoft's business objectives and customer engagement effectively.

C

CookieTractor

cookietractor.com

69

CookieTractor is a specialized European technology company providing a user-friendly, accessible cookie consent solution designed to help websites comply with GDPR and the ePrivacy Directive. The company emphasizes accessibility, supporting WCAG 2.2 AAA standards and the European Accessibility Act, and offers a customizable cookie banner with multi-language support. Their business model is SaaS-based with tiered pricing according to website size. The website content is professional and well-structured, targeting website owners needing compliant cookie management solutions. Technically, the site uses modern JavaScript libraries, integrates Matomo and Google Analytics for tracking, and is hosted behind Cloudflare, ensuring good performance and security. Security posture is strong with HTTPS and secure form handling, although explicit security headers and a public security policy are absent. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms. However, the lack of WHOIS registration data reduces trustworthiness and business credibility, suggesting the domain may be unregistered or privacy protected. Overall, CookieTractor presents a mature, compliant, and accessible solution with room for improvement in transparency and security documentation.

T

TriIncom, Ltd

call-tracking.by

65

Call-tracking.by is a Belarus-based technology company specializing in call tracking and telephony analytics services. Established in 2013 and operated by TriIncom, Ltd, the company offers dynamic and static call tracking solutions, virtual PBX functionalities, and CRM integrations. Their platform targets businesses and marketers seeking to optimize advertising effectiveness through detailed call analytics. The website is professionally designed using the Tilda CMS platform, featuring clear navigation, mobile optimization, and integrated marketing and analytics tools such as Google Tag Manager, Yandex Metrika, and Facebook Pixel. Security posture is adequate with HTTPS enforced and cookie consent mechanisms implemented; however, there is room for improvement in publishing explicit security policies and headers. WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the site demonstrates a mature digital presence with moderate to good technical and security implementations.

А

Атлант-М

atlantm.com

58

Atlant-M is a well-established Belarusian automotive dealership offering a comprehensive online platform for buying new and used cars, including electric and hybrid vehicles. The company provides additional services such as vehicle selection assistance, auctions, financing, insurance, and after-sales service. The website is professionally designed, mobile-optimized, and provides clear navigation and contact options, targeting Belarusian customers. Technically, the site leverages modern frameworks like Next.js and React, hosted on Yandex Cloud, ensuring fast performance and good SEO. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although dedicated security policies and incident response contacts are not publicly available. Overall, the domain registration and business information are consistent and trustworthy, supporting a high legitimacy score.

J

Jaguar Armenia

jaguar-armenia.com

64

Jaguar Armenia is the official regional representation of the Jaguar automotive brand in Armenia, offering luxury vehicles and brand information primarily targeted at Armenian consumers. The website is professionally designed with a modern technical infrastructure based on Vue.js and Nuxt.js frameworks, incorporating Google Tag Manager for analytics. The site is mobile-optimized and provides a good user experience with clear navigation and branding consistency. Security posture is adequate with HTTPS enabled, but lacks some security headers and explicit privacy and cookie policies. No contact information or incident response details are present, which limits user trust and compliance. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

J

Jaguar UAE

jaguar-uae.com

60

Jaguar UAE operates as a regional representation of the Jaguar automotive brand, focusing on luxury vehicle sales and brand promotion within the United Arab Emirates. The website presents a professional and modern digital presence, leveraging advanced JavaScript frameworks and multiple marketing and analytics tools to engage its target audience effectively. Despite the strong branding and content quality, the absence of WHOIS registration data raises questions about domain legitimacy, although this may be due to privacy protections or data source limitations. Security posture is generally good with HTTPS enforced, but lacks visible security headers and formal privacy or cookie policies, which are important for compliance and user trust. Overall, the site is well-positioned in the premium automotive market but should improve transparency and security practices.

J

Jaguar Tunisie

jaguar-tunisie.com

60

Jaguar Tunisie is a localized website representing the Jaguar automotive brand in Tunisia, offering vehicle information and brand promotion primarily in French. The site uses modern web technologies including Nuxt.js and integrates multiple tracking and analytics services such as Google Tag Manager and Facebook Pixel. The website presents a professional and consistent brand image aligned with Jaguar's global presence. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the site content and branding suggest it is an official regional site. Security posture is moderate with HTTPS enabled but lacks visible security headers and formal privacy or cookie policies. Contact information is not explicitly provided on the site, which may impact user trust and compliance. Overall, the site is functional and well-designed but would benefit from enhanced transparency and security practices.

J

Jaguar Polska

jaguar.pl

66

Jaguar Polska operates as the official Polish website for the Jaguar automotive brand, a premium vehicle manufacturer with a heritage dating back to 1935. The site serves as a marketing and sales platform, offering vehicle information, configuration tools, and after-sales services targeted at Polish consumers. The website is professionally designed, mobile-optimized, and localized for the Polish market, reflecting a mature digital presence aligned with a global luxury automotive brand. Technically, the site leverages modern JavaScript frameworks (Nuxt.js/Vue.js), CDN hosting, and integrates multiple Google Tag Manager containers alongside a consent management platform (Usercentrics) to ensure compliance with privacy regulations and enable marketing analytics. Security posture is strong with HTTPS enforced and appropriate security headers present, though explicit security policies and incident response contacts are not published. The absence of WHOIS data is consistent with .pl domain registry practices and privacy protection, not detracting from the site's legitimacy. Overall, Jaguar Polska presents a trustworthy, high-quality digital experience with minor recommendations to enhance transparency around security and incident response.

J

Jaguar Slovenija

jaguarslovenija.si

64

Jaguar Slovenija operates as the official regional website for the Jaguar automotive brand in Slovenia, providing brand information and vehicle sales services. The website reflects a consistent and professional brand presence aligned with Jaguar Land Rover's global identity. The technical infrastructure is modern, leveraging Nuxt.js and CDN services for optimized performance and mobile responsiveness. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies are absent. Privacy compliance is partial, with a cookie consent mechanism present but lacking dedicated privacy and terms of service pages. Overall, the website is trustworthy and well-positioned for its market, but could improve compliance and security transparency.

J

Jaguar Moldova

jaguarcars.md

61

Jaguar Moldova operates as a regional representation of the Jaguar luxury automotive brand, targeting customers interested in premium vehicles including limousines, SUVs, and sports models. The website demonstrates a consistent brand presence with professional design and localized content in Romanian, serving the Moldovan market. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, leveraging Jaguar Land Rover's CDN infrastructure for media and fonts, indicating a mature digital infrastructure. However, the security posture is moderate due to the absence of explicit security headers and privacy policies, and no visible contact information for security or general inquiries. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security best practices to improve trust and regulatory adherence.

J

Jaguar Qatar

jaguar-qatar.com

61

Jaguar Qatar operates as a luxury automotive brand presence in Qatar, representing Jaguar vehicles and providing brand experience and vehicle configuration services. The website reflects a premium brand image consistent with Jaguar's global positioning, targeting affluent customers interested in luxury vehicles. Technically, the site uses modern frameworks such as Nuxt.js and integrates marketing and analytics tools like Google Tag Manager and social media tracking pixels. Security posture is generally good with HTTPS enforced, but lacks some security headers and explicit privacy and cookie policies. The absence of WHOIS data for the domain raises concerns about domain registration transparency, although the website content and branding appear professional and trustworthy. Overall, the site is functional and well-designed but would benefit from enhanced privacy compliance and clearer contact information for security and business inquiries.

J

Jaguar Palestine

jaguar-palestine.com

61

Jaguar Palestine is a regional website representing the Jaguar automotive brand in Palestine, providing brand information and vehicle-related services. The site reflects Jaguar's global brand identity and targets car buyers and enthusiasts in the Palestinian market. Technically, the website is built using modern JavaScript frameworks, specifically Nuxt.js, and employs Google Tag Manager for analytics, indicating a moderate level of digital maturity. The site is mobile-optimized and has good SEO practices but lacks some accessibility features. Security-wise, the website uses HTTPS and standard analytics tools but lacks visible security headers and explicit privacy or cookie policies, which are important for compliance and user trust. The absence of WHOIS registration data for the domain raises concerns about domain legitimacy, although the site content aligns with Jaguar's branding. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security practices.

J

Jaguar Oman

jaguar-oman.com

61

Jaguar Oman represents the premium automotive brand Jaguar in the Oman market, offering vehicle sales and brand information. The website is professionally designed using modern web technologies such as Nuxt.js and integrates multiple marketing and analytics tools including Google Tag Manager, Facebook Pixel, and Microsoft Clarity. The site is fully accessible with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced, though security headers and explicit privacy policies are missing. The absence of WHOIS data for the domain is a notable anomaly that impacts trustworthiness. Overall, the website serves its business purpose effectively but would benefit from enhanced transparency and compliance features.

J

Jaguar Maroc

jaguar-maroc.com

59

Jaguar Maroc is a localized website representing the Jaguar automotive brand in Morocco, offering brand information and vehicle sales services. The site reflects the premium positioning of Jaguar within the automotive transportation sector and is part of the larger Jaguar Land Rover group. Technically, the website is built using modern JavaScript frameworks such as Nuxt.js, with assets served from Jaguar Land Rover's official CDN domains, indicating a mature digital infrastructure. However, the absence of WHOIS registration data and lack of visible privacy and cookie policies present compliance and trust concerns. Security posture is moderate but could be improved by implementing standard security headers and clearly publishing privacy and incident response information. Overall, the website is professional and safe for general audiences but requires enhancements in privacy compliance and domain registration transparency.

J

Jaguar Lebanon

jaguar-lebanon.com

62

Jaguar Lebanon operates as the regional representation of the Jaguar automotive brand in Lebanon, providing vehicle information, sales, and brand experience. The website reflects a professional brand presence consistent with Jaguar's global identity, targeting general consumers interested in luxury vehicles. Technically, the site is built using modern JavaScript frameworks (Nuxt.js) and integrates multiple analytics and advertising tools, indicating a mature digital infrastructure. Security posture is generally good with HTTPS enforced, but lacks some security headers and formal vulnerability disclosure mechanisms. Privacy compliance is weak due to missing explicit privacy and cookie policies. Overall, the domain WHOIS data is unavailable, which raises some concerns about registration transparency but does not necessarily indicate illegitimacy given the professional site content. Strategic recommendations include improving privacy compliance, adding security headers, and publishing security contact information to enhance trust and compliance.