Security Directory

A

Agencia Estatal Boletín Oficial del Estado

boe.es

62

The Agencia Estatal Boletín Oficial del Estado (BOE) operates as the official Spanish government agency responsible for publishing the Boletín Oficial del Estado and other official journals. It serves a broad audience including legal professionals, government officials, businesses, and the general public requiring access to official legal publications. The agency holds a primary market position as the authoritative source for Spanish legal and governmental publications, offering key services such as the BOE, BORME, legal information libraries, notifications, judicial edicts, and open data services. Technically, the website employs standard web technologies including HTML5, CSS, and JavaScript, with a well-structured, accessible, and mobile-optimized design. The site demonstrates good SEO practices and clear navigation, although no advanced frameworks or CMS were detected. Performance is moderate, suitable for the content and audience served. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is restricted by Red.es policies typical for .es domains, which is standard and justified for government domains. Privacy and cookie policies are present but lack an explicit consent mechanism. No incident response or vulnerability disclosure policies are publicly available. Overall, the website is trustworthy, professional, and serves its governmental function effectively. Strategic improvements in security headers, cookie consent, and public security policies would enhance its security posture and compliance.

E

Ecom20

veikaliem.lv

34

VEIKALIEM.LV is a Latvian e-commerce platform primarily serving as a supplier login portal for retail businesses. The platform facilitates supplier account management and product listings, targeting B2B customers within the regional market. The website is basic in design and content, focusing on functionality over marketing or public information. Technically, it uses a custom UI framework named Elephant, Google Fonts, and PHP backend scripts, but lacks modern CMS or advanced platform integrations. Security posture is minimal with no visible HTTPS enforcement or security headers, and no privacy or cookie policies are present. Contact information is clearly provided, indicating some level of business credibility. Overall, the site is functional but requires significant improvements in security, privacy compliance, and content richness to enhance trust and professionalism.

A

Airbnb, Inc.

airbnb.mx

61

Airbnb.mx is the Mexican localized website of Airbnb, Inc., a leading global online marketplace for vacation rentals and travel experiences. The platform connects travelers with hosts offering a wide range of accommodations and experiences worldwide. The website demonstrates a mature digital infrastructure with modern technologies such as React and integration with mapping services like Google Maps and Mapbox. It is optimized for performance, mobile responsiveness, and accessibility, providing a seamless user experience. Security measures are robust, including HTTPS enforcement, security headers, and CSRF protections, reflecting a strong security posture. Privacy and cookie policies are comprehensive and GDPR compliant, although direct contact information for security or incident response is not prominently displayed. Overall, the site reflects a high level of professionalism, trustworthiness, and compliance suitable for a large enterprise in the hospitality sector.

A

Airbnb, Inc.

airbnb.fi

58

Airbnb, Inc. operates a leading global online marketplace for vacation rentals, experiences, and related services, targeting travelers and hosts worldwide. The website is localized for Finland, offering millions of listings across over 220 countries. The platform's business model centers on connecting hosts with guests, facilitating bookings and experiences. Technically, the site employs modern web technologies including React, Google Tag Manager, and map APIs, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS, script isolation via Partytown, and consent management for analytics, though explicit privacy and cookie policies were not found in the analyzed content. Overall, the site demonstrates high professionalism and trustworthiness, with room for improvement in transparency around privacy and incident response.

A

Airbnb, Inc.

airbnb.ch

69

Airbnb.ch is the Swiss localized version of Airbnb, a leading global online marketplace for vacation rentals, experiences, and hosting services. The platform connects travelers with hosts offering a wide range of accommodations worldwide, supporting over 220 countries and regions. The website is professionally designed, highly accessible, and optimized for mobile devices, providing a seamless user experience. It leverages modern web technologies including React and integrates mapping services such as Google Maps and Mapbox for enhanced functionality. Security is robust with HTTPS enforcement, CSRF protections, and standard security headers, although explicit security policy and incident response information are not publicly detailed. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting strong adherence to data protection regulations. Overall, the site demonstrates a mature digital infrastructure and a trustworthy business presence in the hospitality sector.

A

Airbnb

airbnb.com.tw

60

Airbnb is a globally recognized online marketplace specializing in vacation home rentals, unique stays, and travel experiences. The website targets travelers and hosts primarily in Taiwan, as indicated by the Traditional Chinese language and localized domain. The platform offers millions of listings worldwide, positioning itself as a leader in the hospitality and real estate sectors. Technically, the site leverages modern web technologies including React and integrates mapping services such as Google Maps and Mapbox, reflecting a mature digital infrastructure. Performance and mobile optimization are good, though accessibility features are basic. Security posture is strong with HTTPS enforced and some security best practices observed, but lacks explicit security headers and visible privacy or cookie policies. The domain registration is consistent with Airbnb's corporate standards, registered via a reputable registrar with protective domain status flags. Overall, the site is professional, trustworthy, and safe for general audiences, but could improve transparency around privacy and cookie compliance to enhance user trust and regulatory adherence.

A

Airbnb, Inc.

airbnb.gr

68

Airbnb.gr is the Greek localized website of Airbnb, Inc., a global leader in the hospitality industry offering a peer-to-peer online marketplace for vacation rentals, unique homes, and travel experiences. The site targets travelers and hosts in Greece and worldwide, providing access to millions of listings across 220+ countries. The business model is based on facilitating short-term lodging and experiences through an easy-to-use digital platform. The website reflects Airbnb's strong market position and brand recognition with professional design and comprehensive content.

A

Airbnb, Inc.

airbnb.pt

66

Airbnb, Inc. operates a leading global online marketplace for short-term vacation rentals and experiences, connecting travelers with hosts worldwide. The www.airbnb.pt website serves the Portuguese market, offering localized content and services consistent with Airbnb's global brand. The platform supports millions of listings and provides a seamless user experience for booking accommodations and activities. Technically, the site employs modern web technologies including React and advanced performance optimizations, ensuring fast load times and mobile responsiveness. Security measures such as HTTPS, comprehensive security headers, and error monitoring via Bugsnag demonstrate a mature security posture. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting strong regulatory adherence. Overall, the website is professional, trustworthy, and well-aligned with Airbnb's enterprise stature.

A

Airbnb, Inc.

airbnb.com.br

61

Airbnb, Inc. operates a leading global online marketplace for short-term vacation rentals and experiences, serving millions of travelers and hosts worldwide. The Brazilian localized website offers access to millions of listings across more than 220 countries and regions, targeting travelers seeking diverse accommodation options and unique experiences. The business model centers on connecting hosts and guests through a digital platform, generating revenue via service fees and commissions. Airbnb holds a strong market position as a pioneer and leader in the hospitality sharing economy.

A

Airbnb

airbnb.fr

66

Airbnb is a leading global online marketplace specializing in vacation rentals, unique accommodations, and travel experiences. The company operates a large-scale platform connecting travelers with hosts worldwide, offering millions of listings across more than 220 countries. The website is professionally designed, multilingual, and optimized for mobile devices, reflecting a mature digital infrastructure. Technically, Airbnb employs modern web technologies such as React and integrates analytics and error tracking tools like Google Tag Manager and Bugsnag, ensuring robust performance and monitoring capabilities. Security posture is strong with HTTPS enforcement, CSRF protection, and security headers, although explicit security policies and incident response contacts are not publicly detailed. Overall, Airbnb's website demonstrates high trustworthiness, excellent user experience, and compliance with privacy regulations including GDPR. The absence of WHOIS data is likely due to privacy protection, which is justified for a company of this scale. Strategic recommendations include publishing detailed security and incident response policies to enhance transparency and trust.

The analyzed URL is a Google Accounts sign-in page, part of Google's authentication infrastructure. It serves as an OAuth 2.0 authorization endpoint for users to authenticate with Google services, including enterprise and consumer applications. The page is professionally designed, mobile-optimized, and uses modern web technologies and security best practices. It is hosted on Google Cloud Platform and integrates with Google's identity management systems. Security posture is strong with HTTPS enforced, security headers present, and use of PKCE for OAuth flows. No vulnerabilities or suspicious content were detected. Privacy compliance is moderate given the lack of direct privacy policy links on this specific page, but Google overall maintains comprehensive policies. The domain is a subdomain of google.com, a well-established and trusted domain. Overall, this page is a critical component of Google's identity services and is highly trustworthy.

R

Riddle

riddle.com

77

Riddle is a well-established SaaS platform founded in 2014, specializing in interactive content creation such as quizzes, polls, surveys, and minigames. It serves a diverse clientele including publishers, brands, sports teams, and marketers, positioning itself as a leader in engagement and lead generation tools. The platform offers extensive customization, team collaboration, and monetization options, supported by a strong brand presence and trusted by major organizations worldwide. Technically, the website demonstrates modern web development practices with a responsive design, accessibility compliance (WCAG 2.1), and integration of marketing and analytics tools like Google Tag Manager and CookieHub. The use of JSON-LD structured data enhances SEO and content discoverability. The platform emphasizes privacy and security, hosting data securely in the EU and maintaining ISO 27001 certification. Security posture is robust with HTTPS enforced, GDPR compliance, and no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS transparency slightly impacts trust but is understandable given privacy regulations. Overall, the site is professional, secure, and user-friendly, with comprehensive support and clear business information.

D

Dr. BABOR GmbH & Co. KG

babor.com

68

Dr. BABOR GmbH & Co. KG operates a professional and well-established online shop specializing in luxury skincare and beauty products targeted primarily at the German market. The website offers a broad range of products including face care, body care, men's care, and makeup, supported by personalized skin analysis and expert advice services. The company positions itself as a premium brand with a strong digital presence and customer engagement through loyalty programs and newsletters. Technically, the website employs modern JavaScript frameworks, integrates multiple marketing and analytics tools, and provides a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and secure consent management, though some security headers could be improved. The WHOIS data for the subdomain is missing, which is typical for subdomains, but the main domain and company information confirm legitimacy. Overall, the website demonstrates a mature digital infrastructure and a strong business model in the retail skincare sector.

J

Jaguar

jaguar.at

60

Jaguar is a premium automotive brand with a long heritage dating back to 1935, focusing on innovation and breaking conventions. The website targets customers in Austria and German-speaking markets, offering a comprehensive range of vehicles including electric, hybrid, and performance models, alongside services such as leasing, approved used cars, rentals, and accessories. The site is professionally designed with consistent branding and high-quality content, reflecting Jaguar's market position as a luxury car manufacturer. Technically, the website leverages modern technologies including Adobe Experience Manager CMS, Adobe Target for marketing personalization, Google Tag Manager for analytics, and performance monitoring tools like Boomerang and Helix RUM. The site is well optimized for performance, mobile responsiveness, accessibility, and SEO, ensuring a smooth user experience. From a security perspective, the site enforces HTTPS, employs consent management for GDPR compliance, and avoids exposing sensitive data. While some advanced security headers could be added, the overall security posture is strong with no visible vulnerabilities. The WHOIS data is privacy protected, which is typical for large brands, and no suspicious patterns are detected. Overall, the website presents a trustworthy, professional, and secure digital presence for Jaguar in Austria, supporting its business goals and customer engagement effectively.

O

Outletcity Metzingen

outletcity.com

64

Outletcity Metzingen is a prominent designer outlet shopping center located in Germany, offering customers discounts up to 80% on a wide range of fashion and lifestyle brands. The website serves as a digital storefront and information portal for visitors, emphasizing its retail offerings and visitor services. The company positions itself as a leading retail destination in the German market with a focus on designer brands and discount shopping. Technically, the website employs modern front-end technologies such as Tailwind CSS and asynchronous JavaScript loading, ensuring a responsive and user-friendly experience across devices. Privacy and cookie policies are well implemented, reflecting GDPR compliance. Security posture is solid with HTTPS and security headers in place, though the absence of a public security policy and vulnerability disclosure reduces transparency. The WHOIS data for the domain is missing, which is unusual and slightly impacts trust, but the professional presentation and consistent branding mitigate concerns. Overall, the website is well designed, secure, and compliant, serving its retail audience effectively.

D

DEPO DIY LT UAB

depo-diy.lt

51

DEPO DIY LT UAB is a medium-sized retail company operating primarily in Lithuania and the Baltic region, specializing in home improvement, gardening, food products, pet supplies, and construction materials. The company maintains multiple physical store locations and an online presence, targeting general consumers interested in DIY and home-related products. The website is built on WordPress with multilingual support, leveraging common plugins such as WPBakery Page Builder and Yoast SEO to enhance user experience and search engine visibility. The technical infrastructure is modern and moderately optimized for performance and mobile devices. Security posture is adequate with HTTPS enforced and cookie consent implemented, though additional security headers and explicit security policies could improve resilience. The domain registration is consistent with the business age and shows no suspicious patterns, though the registrar being an academic institution is unusual but not necessarily problematic. Overall, the website is professional, trustworthy, and compliant with basic privacy regulations, making it a reliable digital asset for the company.

I

International Business Machines Corporation

instana.io

67

Instana is a technology product under the umbrella of International Business Machines Corporation (IBM), specializing in application performance monitoring and observability solutions targeted at enterprise IT and DevOps teams. The website analyzed is a login page for Instana, featuring IBM branding and links to IBM's privacy and terms of use pages, indicating strong corporate integration and trustworthiness. The business model is primarily enterprise SaaS and software licensing, with a market position as a leading APM provider within IBM's portfolio. Technically, the website employs modern web standards including HTML5, CSS, and JavaScript, leveraging IBM's Carbon Design System for UI consistency. Hosting is inferred to be on Amazon AWS based on DNS servers. The site demonstrates moderate performance and basic mobile optimization. Accessibility and SEO features are present but could be enhanced. No CMS or analytics tools were detected in the provided content. From a security perspective, the site uses HTTPS and secure form inputs for login, with domain registration status clientTransferProhibited adding protection against unauthorized transfers. However, DNSSEC is not enabled, and no explicit security headers or vulnerability disclosure mechanisms were found. Privacy compliance is supported by links to IBM's comprehensive privacy policy, though no cookie consent mechanism is present on this page. Overall, the website presents a professional, secure, and trustworthy interface consistent with an enterprise-grade technology product. Recommendations include implementing DNSSEC, adding security headers, publishing a security policy and incident response contacts, and introducing a cookie consent mechanism to enhance privacy compliance and security posture.

The website cdn-fileserver.com currently serves as a placeholder with no substantive content or business information. It appears to be a content delivery or file server platform but displays a message indicating content is unavailable. The technical infrastructure includes Cloudflare DNS, Akamai CDN, Media.net advertising, and ConsentManager for cookie consent, reflecting a moderate level of digital maturity. However, the absence of privacy policies, terms of service, and contact information limits its professionalism and trustworthiness. Security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers, and WHOIS data shows inconsistencies such as a future domain creation date, raising legitimacy concerns. Overall, the site is safe content-wise but lacks business credibility and comprehensive compliance documentation.

E

Europcar

europcar.ch

69

Europcar Switzerland operates a leading car rental service with a large fleet and extensive station network across Switzerland and worldwide. The company targets both leisure and business customers, offering a wide range of vehicles including eco-friendly and commercial options. The website is built on modern web technologies such as Nuxt.js and Vue.js, with good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though a dedicated security policy page is absent. Overall, the site reflects a mature digital presence aligned with a reputable global brand.

S

Switzerland Cheese Marketing AG

switzerlandcheesemarketing.ch

66

Switzerland Cheese Marketing AG is the central organization representing the Swiss cheese industry, dedicated to promoting Swiss cheese both domestically and internationally. The website serves as a comprehensive platform for industry stakeholders, media professionals, and consumers interested in Swiss cheese, offering educational resources, marketing information, and event details. The organization holds a strong market position as the leading promoter of Swiss cheese, supported by a professional and consistent brand presence. Technically, the website is built on the TYPO3 CMS platform, utilizing modern web technologies including JavaScript, CSS, and integrations with Google Tag Manager and Sentry for analytics and error monitoring. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS, employs multiple security headers, and uses a consent management platform to comply with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit security policy and incident response information, which could enhance its security posture. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance, making it a reliable source for Swiss cheese marketing and industry information. Strategic recommendations include publishing a dedicated security policy, incident response contacts, and vulnerability disclosure information to further strengthen trust and security readiness.

H

HETS Fribourg

hets-fr.ch

63

HETS Fribourg is a Swiss higher education institution specializing in social work education, research, and continuing education. The website clearly targets students, professionals, and researchers interested in social work, offering bachelor and master programs, research projects, and service prestations. The institution holds a solid regional market position in Fribourg, Switzerland, with a professional and well-branded online presence. Technically, the website uses modern technologies including Umbraco CMS, Bootstrap, and integrates analytics and consent management tools such as Microsoft Clarity and Axeptio. The site is mobile-optimized and accessible with good SEO practices. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers and policies are absent. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and professionally maintained.

F

Företagande.se

foretagande.se

52

Företagande.se is a well-established Swedish digital media platform focused on serving entrepreneurs and small business owners. Founded in 2005, it offers a comprehensive range of services including news articles, business templates, forums, online courses, and newsletters. The platform positions itself as Sweden's largest digital meeting place for entrepreneurs, leveraging a membership model combined with advertising and sponsored content revenue streams. Its target audience is primarily Swedish-speaking entrepreneurs seeking business guidance and community engagement. Technically, the website employs a modern tech stack including JavaScript frameworks, Google Tag Manager, reCAPTCHA, and Cloudflare DNS services. The site is built likely on a Laravel-based CMS with responsive design and good SEO practices. Performance is moderate with good mobile optimization, though accessibility features could be enhanced. The hosting and domain registration are consistent with the business's Swedish identity. From a security perspective, the site uses HTTPS with good SSL configuration and includes CSRF protection and CAPTCHA on forms. However, DNSSEC is not enabled, and explicit security headers like Content-Security-Policy are not detected, representing areas for improvement. No vulnerability disclosure or incident response policies are publicly available. Privacy and cookie policies are present with consent mechanisms, indicating basic GDPR compliance. Overall, Företagande.se presents a trustworthy and professional online presence with solid business credibility and moderate security posture. Strategic improvements in DNS security, security headers, and transparency around incident response would enhance its security maturity and compliance standing.

J

JP/Politikens Hus A/S

politiken.dk

66

Politiken.dk is a well-established Danish news media website operated by JP/Politikens Hus A/S, offering a wide range of news content, podcasts, and subscription services. The site demonstrates a mature digital presence with modern technologies such as Cookiebot for consent management and video.js for media playback. The business model is primarily subscription and advertising-based, targeting a general audience interested in news and current affairs. Technically, the site is well-structured with good SEO and accessibility features, though some security best practices like DNSSEC and security headers could be improved. Privacy compliance is partially addressed via cookie consent, but explicit privacy and terms policies are not clearly linked in the provided content. Overall, the security posture is solid but could benefit from enhanced transparency and policy disclosures. The domain registration data aligns well with the business claims, indicating high legitimacy and trustworthiness.

Tableau is a leading business intelligence and analytics software company, offering a comprehensive platform that enables users to connect to diverse data sources, create visualizations, and share insights easily. As part of Salesforce, Tableau holds a strong market position in the enterprise analytics space, targeting business users, analysts, IT leaders, and developers. The website reflects a mature digital presence with professional design, clear navigation, and extensive content tailored to various audience segments. Technically, the site leverages modern JavaScript frameworks, Salesforce Experience Cloud infrastructure, and integrates advanced marketing and analytics tools such as Google Tag Manager, Optimizely, and OneTrust for privacy compliance. The site is well-optimized for performance, mobile responsiveness, and accessibility, indicating a high level of digital maturity. From a security perspective, the website enforces HTTPS, employs multiple security headers, and integrates cookie consent mechanisms, demonstrating adherence to best practices. However, explicit security policies, incident response contacts, and vulnerability disclosure information are not publicly available, representing areas for improvement. Overall, the website is trustworthy, professional, and compliant with privacy regulations, though WHOIS data is not publicly available, likely due to privacy protection. This is typical for enterprise domains and does not detract from the site's legitimacy. Strategic recommendations include publishing detailed security policies and enhancing transparency around incident response and vulnerability reporting.

F

FactSet

factset.com

77

FactSet is a leading enterprise provider of financial data, market insights, and analytics solutions, serving over 9,000 firms globally. The company offers advanced AI-powered tools designed to enhance productivity and decision-making for financial professionals, including portfolio managers and investment researchers. Their business model is subscription-based, focusing on delivering comprehensive financial data and analytics to institutional clients. The website reflects a mature digital presence with professional design, clear navigation, and strong branding consistency. Technically, the website employs modern JavaScript frameworks (likely Vue.js), integrates multiple analytics and marketing tools such as Google Tag Manager, Microsoft Clarity, Drift chat, and Pardot, and implements robust cookie consent mechanisms via OneTrust. The site is optimized for performance and mobile responsiveness, with good accessibility and SEO practices. From a security perspective, the site enforces HTTPS, uses security headers like Content Security Policy and Strict-Transport-Security, and avoids exposing sensitive data. However, explicit security policies and incident response contacts are not published, which could be improved. The absence of WHOIS data is unusual but likely due to registry query limitations rather than malicious intent. Overall, FactSet's website demonstrates a strong security posture, excellent content quality, and good privacy compliance, supporting its position as a trusted financial data provider.

The website rnatrk.com is a newly registered domain with minimal original content. The main page consists primarily of an iframe loading content from an external, non-secure domain, accompanied by multiple third-party tracking and advertising scripts. There is no visible business information, contact details, or privacy and security policies, which significantly limits the ability to assess the site's legitimacy or business purpose. The technical infrastructure relies on basic JavaScript and iframe embedding, with no modern CMS or frameworks detected. Security posture is weak, with no HTTPS on iframe content, no security headers, and no DNSSEC enabled. The domain's recent registration date and lack of business identity raise concerns about trustworthiness. Overall, the site appears to function as an advertising or redirect landing page rather than a fully developed business website.

T

The European Quality Assurance Register for Higher Education (EQAR)

eqar.eu

57

The European Quality Assurance Register for Higher Education (EQAR) operates as a non-profit organization providing a trusted register of quality assurance agencies within the European Higher Education Area. The website serves as a comprehensive resource for higher education institutions, governmental bodies, and stakeholders seeking transparency and reliable information on quality assurance processes. It maintains a strong market position as an authoritative source in European higher education quality assurance. Technically, the website is built on WordPress with modern SEO and analytics tools such as Yoast SEO and Matomo, ensuring good performance, mobile optimization, and privacy-conscious data collection. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. The domain WHOIS data is privacy protected by EURid, which is typical and justified for this type of organization. Overall, the website is professional, trustworthy, and well-maintained, with no critical security or compliance issues detected.

A

Adoric Technologies LTD

adoric.com

67

Adoric Technologies LTD operates a sophisticated SaaS platform focused on personalized website engagement and conversion rate optimization (CRO). Their platform offers a comprehensive suite of marketing tools including upsells, cross-sells, email list growth, cart abandonment reduction, gamification, and advanced product recommendations. Positioned strongly in the e-commerce sector, Adoric targets business owners seeking to boost sales and customer engagement through data-driven personalization and automation. The company has a mature digital presence with a domain registered since 2013 and a professional, content-rich website that integrates well with popular platforms like Shopify. Technically, the website is built on modern web standards using HTML5, CSS3, JavaScript, and Bootstrap, with Cloudflare DNS and HTTPS security. The site is optimized for mobile and accessibility, employs structured data for SEO, and integrates Google Tag Manager and YouTube for analytics and media. While security headers are not explicitly detected in the HTML content, the domain status and HTTPS usage indicate a solid baseline security posture. Privacy and cookie policies are comprehensive and GDPR compliant, supporting strong privacy practices. Security-wise, no critical vulnerabilities or exposed sensitive data were found. However, the absence of a published security policy, incident response plan, or vulnerability disclosure program suggests areas for improvement. The WHOIS data aligns well with the website's claims, reinforcing legitimacy and trustworthiness. Overall, the site demonstrates a high level of professionalism, technical maturity, and business credibility, with minor recommendations to enhance security transparency and DNS security. Strategically, Adoric is well-positioned to serve e-commerce and related industries with a scalable, user-friendly platform that integrates marketing automation and analytics. Their strong branding, customer testimonials, and partnerships with known brands further solidify their market presence.

S

SIA DEPO DIY

depo.lv

53

DEPO.lv is the official website of SIA DEPO DIY, a large retail chain operating primarily in Latvia and the Baltic region. The company offers a wide range of products for home improvement, gardening, food, flowers, pets, construction, and leisure. The website provides detailed store location information, contact details, and online shopping options, targeting general retail customers. The business is well-established with a consistent brand presence and multiple physical stores. Technically, the website is built on WordPress using modern plugins such as Yoast SEO and WPBakery Page Builder, integrating Google Maps and Google Tag Manager for enhanced user experience and analytics. The site is mobile optimized and SEO friendly, with structured data implemented for better search engine understanding. Security posture is adequate with HTTPS enforced and cookie consent implemented, though it lacks explicit security policies and incident response information. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

S

Stockmann

stockmann.lv

57

Stockmann is a well-established retail and e-commerce company operating in Latvia and the Baltic region, offering fashion, home goods, and cosmetics for women, men, and children. The website demonstrates a mature digital presence leveraging Salesforce Commerce Cloud as its platform, integrating multiple marketing and analytics tools such as Google Tag Manager, New Relic, and PowerReviews. The site is professionally designed with good navigation, mobile optimization, and comprehensive privacy and cookie policies, reflecting compliance with GDPR requirements. Security measures include HTTPS enforcement and standard security headers, contributing to a strong security posture. No blocking or WAF interference was detected, allowing full content access and analysis.

V

Valsts digitālās attīstības aģentūra

latvija.lv

57

Latvija.gov.lv is the official Latvian government portal providing a wide range of public administration services digitally to citizens and businesses. It serves as a centralized platform for accessing government services such as residence registration, social benefits applications, administrative fine payments, e-address communication, and pension information. The portal targets Latvian residents and enterprises, positioning itself as a key digital government service provider in Latvia. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript frameworks, and a custom government SDK, ensuring fast performance, mobile responsiveness, and strong accessibility compliance. Security-wise, the site enforces HTTPS, includes session management features, and provides cookie consent mechanisms, though it lacks explicit security policies and incident response contacts. Overall, the site demonstrates a mature digital infrastructure with high trustworthiness and professional design, supporting the Latvian government's digital transformation goals.

O

Ostmann Stiftung

ostmann-stiftung.de

57

Ostmann Stiftung is a small non-profit foundation focused on providing unbureaucratic support to people in need within the Nordhessen region of Germany. The foundation primarily offers financial assistance for ambulatory and stationary care services, supporting elderly individuals, people with disabilities, and employees of the Ostmann automotive group in distress. The website presents a professional and regionally focused image with clear descriptions of its mission and recent activities. Technically, the site uses modern web technologies including Bootstrap and Usercentrics for GDPR-compliant cookie management, hosted on netcup infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security policies and incident response information are absent. Overall, the site is trustworthy, well-structured, and compliant with privacy regulations.

B

Bürgerliche Allianz Riehen

allianz-riehen.ch

59

The website www.allianz-riehen.ch represents the Bürgerliche Allianz Riehen, a local political alliance focused on the municipal council elections in Riehen, Switzerland. The site primarily serves as an informational platform for the upcoming Gemeinderatswahlen scheduled for October 19, 2025. The business model is centered on political engagement and voter information dissemination within the local government sector. The website is built on the Wix platform, utilizing Wix Thunderbolt technology, and is hosted by Wix.com. The technical infrastructure is modern and mobile-optimized, though performance is moderate and accessibility features are basic. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is professional and trustworthy for its intended local audience but would benefit from enhanced compliance and security measures.

H

Helsana Versicherungen AG

helsana.ch

73

Helsana Versicherungen AG is Switzerland's leading health insurance provider, serving over two million policyholders. The company offers a comprehensive range of insurance products including basic and supplementary health insurance, tailored solutions for special life situations such as cross-border commuters and newborns, and digital services like the myHelsana portal and online premium calculators. The website reflects a mature digital presence with modern technologies such as React and Adobe Helix, combined with strong privacy and consent management via OneTrust. Security posture is robust, with HTTPS enforcement, security headers, and no detected vulnerabilities. Privacy compliance is well addressed with clear policies and GDPR adherence. Overall, Helsana presents a trustworthy, professional, and user-friendly platform aligned with its market leadership in the Swiss healthcare insurance sector.

The website rent-swiss.com appears to be a parked or placeholder domain with minimal original content. The main visible content is an iframe loading HTTP content from an unrelated and suspicious external domain. There is no privacy policy, cookie policy, terms of service, or contact information available on the site. The domain is registered since 2007 with Network Solutions, indicating a legitimate registration history, but the website itself lacks substantive business information or branding. Technically, the site uses basic JavaScript and external tracking scripts from questionable sources, with no HTTPS on the iframe content and no security headers, which poses security risks. Overall, the website's security posture is weak, privacy compliance is absent, and business credibility is low. The site is likely monetized through advertising and tracking rather than providing genuine services.

F

Q8 FMP

fmp-formation.com

56

The website fmp-formation.com appears to be a newly registered domain (January 2024) hosting a login page for a service titled 'Q8 FMP'. The site content is minimal, focusing solely on user authentication with no public business descriptions, contact information, or policy documents. The domain uses Cloudflare DNS but lacks DNSSEC and security headers, indicating moderate technical maturity. The absence of privacy and cookie policies, as well as contact details, limits compliance and trustworthiness. Security practices include HTTPS and a CSRF token in the login form, but further improvements are needed. Overall, the site is functional but lacks comprehensive business and security transparency, resulting in a moderate risk profile.

The website changenligne.com/lander appears to be a minimal placeholder or parking page with very limited content and no visible business information. The domain is registered with GoDaddy.com, LLC since November 2022 and is currently active with standard domain status locks but lacks DNSSEC. The site uses basic JavaScript and a proprietary framework labeled 'PW' with Google AdSense for advertising. There are no privacy, cookie, or terms of service policies present, nor any contact or security-related information. The technical infrastructure is basic, with moderate performance and minimal mobile optimization. Security posture is weak due to lack of security headers and DNSSEC, and privacy compliance is absent. Overall, the site lacks professionalism and trust indicators, suggesting it is either under development or not actively maintained.

S

SGV Schweizer Grafiker:innen Verband

sgv.ch

50

SGV Schweizer Grafiker:innen Verband is a professional association representing graphic designers active in Switzerland. The organization focuses on promoting and strengthening vocational education and quality standards within the graphic design profession. Their website provides information about the association, member listings, educational programs, and current events, targeting Swiss graphic design professionals. The business model centers on serving as a strategic body for the graphic design profession, fostering education and professional development. Technically, the website employs modern web technologies including HTML5, CSS3, and JavaScript, with integration of the Plyr video player library. The site is well-structured, mobile-optimized, and provides a good user experience with clear navigation and relevant content. However, no CMS or hosting provider information was detected. Performance is moderate with basic accessibility features. From a security perspective, the site uses HTTPS but lacks visible security headers and published security policies. No privacy or cookie policies were found, indicating gaps in GDPR compliance. Contact information is clearly presented, but no incident response or vulnerability disclosure mechanisms are evident. The WHOIS data aligns well with the website content, supporting legitimacy and trustworthiness. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices to improve its security posture and regulatory adherence.

M

MG Motor Europe

mgmotor.de

68

MG Motor Europe operates a professional website targeting Finnish customers interested in electric and hybrid vehicles. The site offers detailed product information, configurators, test drive requests, and dealer locators, positioning itself as a key player in the European electric automotive market. The technical infrastructure is modern, leveraging popular JavaScript libraries, Google Analytics, and Imgix CDN for images, hosted likely on cloud.ccm19.de. Security posture is solid with HTTPS and domain verification meta tags, but lacks explicit privacy and cookie policies in the analyzed content. WHOIS data is unavailable due to EURid privacy policies, which is common for EU domains. Overall, the website is trustworthy and professionally maintained, though improvements in privacy compliance and security headers are recommended.

B

Brucy.se

brucy.se

59

Brucy.se is a Swedish technology company offering a subscription-based website service tailored for small to medium-sized businesses and larger organizations. Their service includes website design, hosting, SEO, and ongoing support, all bundled into fixed monthly fees. The company positions itself as a cost-effective and comprehensive solution for businesses seeking professional online presence without the hassle of managing technical details. The website demonstrates a modern technical infrastructure using Nuxt.js and integrates Google Tag Manager and cookie consent mechanisms, reflecting a mature digital presence. Security posture is generally good with HTTPS enforced, though explicit security headers and privacy policies are lacking. The absence of WHOIS data for the domain reduces trustworthiness slightly, but the presence of client logos, Google reviews, and structured data enhance credibility. Overall, Brucy.se presents a professional and trustworthy business with room for improvement in privacy and security transparency.

F

Fritz Reuter und Sohn

reuterundsohn.de

56

Fritz Reuter und Sohn is a well-established local painting and renovation company based in Kassel, Germany, with a history spanning over 100 years. The company offers a wide range of interior and exterior painting services, including specialized offerings such as Feng Shui color consulting and mold remediation. Their target audience includes both residential and commercial customers in Kassel and surrounding areas. The website reflects a professional and consistent brand image, supported by active social media channels and modern web technologies.

L

Home

loth-online.de

45

The website loth-online.de is currently under construction and provides minimal content, primarily placeholder images and basic navigation links. There is no detailed business description, contact information, or service offerings visible. The site is hosted on German servers (rzone.de) and uses basic web technologies including HTML, CSS, JavaScript, and jQuery. A cookie consent banner is implemented, indicating some attention to privacy compliance. However, no privacy policy content beyond a linked page is visible, and no terms of service or security policies are present. The WHOIS data is limited, showing only domain status and nameservers, with no registrant details, which reduces trustworthiness. No WAF or blocking mechanisms are detected, and the site is fully accessible.

Masin Idriss is a small German-based interior design and furniture company specializing in creating functional and individual design concepts for various types of spaces including homes, lofts, and commercial premises. The company emphasizes craftsmanship and professional planning, supported by a partner network (GOETHE 64) and a commitment to fostering young talent through internships and coaching. The website reflects a niche market position with a focus on quality and personalized service. Technically, the website uses modern web technologies such as HTML5, CSS3, JavaScript, and Swiper.js for interactive galleries. It is hosted by IONOS SE, a reputable provider, and shows moderate performance with good mobile optimization. However, the site lacks advanced security headers and DNSSEC, which are recommended for improved security posture. From a security perspective, the site uses HTTPS but does not implement additional security policies or incident response contacts. Privacy compliance is minimal, with a basic privacy policy linked in the imprint but no cookie consent mechanism or GDPR explicit indicators. No forms or tracking scripts are present, reducing data collection risks but also limiting marketing insights. Overall, the website is professional and trustworthy for its business domain but would benefit from enhanced security measures and privacy compliance improvements to align with best practices and regulatory requirements.

B

Baum & Söhne Möbelwerkstätten

baum-moebel.de

28

Baum & Söhne Möbelwerkstätten is a small regional manufacturing business specializing in modern woodworking and custom furniture production based in Kassel, Germany. The company combines traditional craftsmanship with modern production techniques, positioning itself as a leading local furniture workshop. The website reflects this focus with clear business descriptions and service offerings related to furniture and interior design. Technically, the website uses modern HTML5, CSS3, and JavaScript assets hosted on kasserver.com, indicating a moderate level of digital maturity. The site is mobile optimized and has good navigation and content quality, though it lacks advanced CMS or frameworks and does not use structured data markup. Security posture is moderate; while no critical vulnerabilities or exposed data are evident, the absence of security headers and cookie consent mechanisms reduces compliance and security scores. WHOIS data is minimal but consistent with a small business hosting provider. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security hardening.

The website milanocortina2026.org is currently inaccessible beyond a security CAPTCHA challenge page implemented via AWS WAF. This prevents access to any substantive content, including business information, policies, or services. The domain is registered with Key-Systems GmbH since 2018, consistent with the event timeline for the 2026 Winter Olympics. The technical infrastructure leverages AWS WAF and CAPTCHA services to protect against bots and spam. Due to the content being blocked, no privacy, cookie, or terms of service policies are detectable, nor is any contact information or business description available. The security posture is limited to the presence of WAF protections but lacks visible security headers or metadata. Overall, the site cannot be fully analyzed until the CAPTCHA challenge is passed or removed.

A

Airbnb, Inc.

airbnb.com

61

Airbnb, Inc. operates a leading global online marketplace for vacation rentals and travel experiences, serving millions of users worldwide. The platform connects hosts offering diverse lodging options with travelers seeking unique accommodations, supporting over 8 million listings across more than 220 countries. Airbnb's market position is strong, leveraging a scalable digital platform with extensive localization and a trusted brand. Technically, the website employs modern web technologies including React, advanced performance monitoring, and robust SEO and accessibility features, ensuring a fast and user-friendly experience across devices. Security posture is solid with HTTPS enforcement, comprehensive security headers, and active error monitoring, though explicit public security policies and incident response contacts are not prominently published. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, reflecting adherence to GDPR and other regulations. Overall, Airbnb demonstrates a mature digital presence with high trustworthiness and professionalism, suitable for its enterprise scale and global audience.

R

Refokus

refokus.com

65

Refokus is a boutique digital agency specializing in high-end branding, web design, and Webflow development services targeted at B2B startups, venture capital firms, and large innovative organizations. The company positions itself as a fast, quality-focused agency leveraging Webflow, AI, and proprietary frameworks to deliver conversion-focused websites. Technically, the website is built on Webflow CMS with modern JavaScript libraries such as GSAP and ThreeJS, ensuring a visually engaging and performant user experience. Analytics and marketing tools like Google Analytics, Ahrefs, and Intellimize are integrated with consent mechanisms. Security posture is strong with HTTPS and some security headers, though explicit privacy and cookie policies are missing, and no contact information or security incident channels are visible. WHOIS data is unavailable, which reduces trust slightly but the professional presentation and technology use indicate a legitimate business. Overall, the site scores well on content quality, technical implementation, and security, but privacy compliance and business credibility could be improved.

The website www.myvaud.ch serves as the official tourism portal for the Canton of Vaud in Switzerland, offering comprehensive information on destinations, activities, practical advice, business events, and inspirational content for visitors. It targets tourists, event planners, and local businesses, positioning itself as a key regional tourism authority. The site is built on the MyCity Tourism Information System CMS and employs modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager. The technical infrastructure supports good mobile optimization and moderate performance, with HTTPS enabled and cookie consent mechanisms in place. However, explicit privacy policies, terms of service, and direct contact information are not clearly found in the provided content, which slightly impacts privacy compliance and user trust. Security posture is adequate with HTTPS and consent-based tracking, but lacks visible security headers and incident response details. Overall, the site is professional, trustworthy, and well-branded, but could improve transparency and security best practices.

S

SIX

ebill.ch

77

eBill is a digital invoicing platform operated by SIX Group AG, serving primarily the Swiss market. It enables over 3.7 million registered users to receive and pay invoices securely and conveniently within their online banking environment. The service is well integrated with 95% of Swiss financial institutions, positioning it as a market leader in digital invoicing in Switzerland. The website provides comprehensive information about eBill's features, benefits, and usage, targeting both private and business customers. The business model focuses on streamlining invoice processing and payments digitally, enhancing user convenience and security.

Strapi Solutions operates the website strapi.io, offering a leading open-source Node.js headless CMS platform. The company provides a comprehensive content management system that enables developers and content managers to create, manage, and deliver content across digital devices. Their business model includes open-source software, an enterprise edition, and cloud hosting services, positioning them strongly in the technology sector with a focus on developer and business teams. The website reflects a mature digital presence with extensive marketing and analytics integrations, modern web technologies, and a professional design that supports excellent user experience and SEO. Technically, the site leverages Next.js, Node.js, and various analytics and marketing tools such as Google Tag Manager, HubSpot, Amplitude, and Hotjar. Hosting is inferred to be on AWS infrastructure, ensuring robust performance and scalability. The site is mobile-optimized and accessible, with fast loading times and proper meta tags. From a security perspective, the site enforces HTTPS, uses reCAPTCHA Enterprise, and implements cookie consent via Cookiebot. However, there is room for improvement in publishing explicit privacy policies, terms of service, incident response contacts, and vulnerability disclosure mechanisms. DNSSEC is not enabled, which could enhance domain security. Overall, the security posture is strong but could benefit from enhanced transparency and formal documentation. The overall risk assessment is low, with no signs of blocking, malware, or phishing. The domain registration is consistent with the business identity and history, supporting legitimacy. Strategic recommendations include adding privacy and terms pages, publishing security contact information, enabling DNSSEC, and maintaining transparency to enhance trust and compliance.