Security Directory

M

Marathon-Photos.com Limited

marathonphotos.live

59

Marathon Photos Live is a globally recognized leader in mass participation event sports photography, operating in 70 countries and serving millions of athletes. The company specializes in capturing and delivering live race images, positioning itself as a key service provider in the sports media sector. Their website reflects a professional and consistent brand image with a focus on user experience and accessibility for athletes and event organizers worldwide. Technically, the site is built on modern frameworks such as Vue.js, with good mobile optimization and SEO practices, although some accessibility features could be enhanced. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and published security policies. The domain is privacy protected but consistent with the business profile, and no suspicious indicators were found. Overall, the website demonstrates a mature digital presence with room for security and compliance improvements.

M

MyEtherWallet Inc

myetherwallet.com

80

MyEtherWallet Inc operates one of the most reputable and longstanding Ethereum wallet platforms, offering a suite of products including a mobile app, browser extension wallet (Enkrypt), portfolio manager, and blockchain explorer (ethVM). The company targets crypto users and Web3 participants, emphasizing self-custody and security. Their market position is strong, trusted by millions since 2015, with a business model centered on open-source wallet services and blockchain interaction tools. Technically, the website leverages modern frameworks like Vue.js and Tailwind CSS, delivering a fast, mobile-optimized, and accessible user experience. Security posture is robust with HTTPS enforcement, multiple security headers, hardware wallet support, and an active bug bounty program. Privacy compliance is good, with a comprehensive privacy policy, though a visible cookie consent mechanism is lacking. Overall, the site is professional, trustworthy, and well-aligned with industry best practices.

A

Action Potential Venture Capital Ltd.

actionpotentialvc.com

75

Action Potential Venture Capital Ltd. (APVC) is a specialized venture capital firm founded in 2013 by GSK, focusing on investments in bioelectronic medicine and enabling medical technologies. The company supports innovators and entrepreneurs pioneering bioelectronic therapies, taking an active role in governance and strategic development of portfolio companies. Their market position is that of a leading niche investor in the healthcare technology sector, leveraging GSK's expertise and resources. Technically, the APVC website is built using modern JavaScript frameworks including Vue.js and Gridsome, indicating a static site generation approach optimized for performance and SEO. The site is hosted on infrastructure likely provided by Akamai, with good mobile optimization and a professional design. The use of Google reCAPTCHA v3 on the contact form enhances spam protection. However, DNSSEC is not enabled, and no explicit security headers were detected, suggesting room for improvement in security hardening. From a security perspective, the site enforces HTTPS with a strong SSL configuration and employs reCAPTCHA for form security. There are no visible vulnerabilities or exposed sensitive data. Privacy compliance is supported by the presence of privacy and cookie policies, though no explicit security or incident response policies are published. The WHOIS data is consistent with the business profile, showing a domain age appropriate for the company's founding date and no privacy protection, which supports legitimacy. Overall, APVC presents a trustworthy and professional online presence with a solid technical foundation and good business credibility. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing a security policy, and providing incident response contact details to further enhance trust and security posture.

K

Kolektyw „Rada Języka Neutralnego”

zaimki.pl

51

Zaimki.pl is a Polish-language, community-driven educational platform focused on non-binary, gender-neutral, and inclusive language. It is managed by the queer collective "Rada Języka Neutralnego" and offers comprehensive resources including a pronoun compendium, blogs, and personal pronoun cards. The website enjoys a strong position within its niche, serving the LGBTQ+ community and allies with educational content and social engagement. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, with good performance and mobile optimization. Security posture is solid with HTTPS and security headers, though DNSSEC is not enabled and formal security policies are not published. Privacy compliance is generally good, but the absence of a cookie consent mechanism is a notable gap. Overall, the site is trustworthy, professional, and well-maintained, with transparent WHOIS data and active community involvement.

L

Le collectif du « Conseil du Langage Neutre »

pronoms.fr

30

Pronoms.fr is a French-based, volunteer-driven, open-source project focused on promoting inclusive and non-binary language through examples of personal pronouns and neutral language usage. It offers users the ability to create and share personalized pronoun cards, supports multiple languages, and fosters community engagement through social media and a dedicated queer calendar. The project is positioned as a niche educational and social inclusion resource within the LGBTQ+ community and language activism space. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, with integration of Shopify for e-commerce functionalities. It leverages Cloudflare for DNS and possibly CDN services, uses Google Fonts and Font Awesome for UI, and employs Plausible Analytics for privacy-respecting visitor tracking. The site is well-optimized for mobile devices, accessible, and SEO-friendly, reflecting a mature digital infrastructure for a small community project. From a security perspective, Pronoms.fr enforces HTTPS, implements key security headers, and avoids exposing sensitive data. However, it lacks a visible cookie consent mechanism and formal security or incident response policies, which are recommended for compliance and transparency. No vulnerabilities or suspicious activities were detected, indicating a strong security posture for its scale. Overall, Pronoms.fr presents a trustworthy, professional, and community-oriented platform with excellent content quality and technical implementation. Strategic improvements in privacy compliance and formal security documentation would further enhance its credibility and user trust.

R

Ráðið fyri nevtralt mál

fornovn.fo

58

fornøvn.fo is a community-driven, open-source platform dedicated to providing resources and information about non-binary and gender-neutral pronouns and language, primarily targeting the Faroese-speaking community. The project is managed by the collective 'Ráðið fyri nevtralt mál' and offers multilingual support through related domains. It serves as an educational and advocacy tool promoting freedom, respect, and inclusion in language use. The website features personal pronoun cards, a gender-neutral dictionary, cultural text sources, and community engagement tools.

K

Konsilio pri Neŭtrala Lingvo

pronomejo.net

10

Pronomejo.net is a volunteer-driven, open-source project dedicated to promoting gender-neutral and non-binary language through multilingual pronoun resources and personal pronoun cards. The project is positioned as a niche leader in inclusive language tools, targeting individuals interested in gender inclusivity, linguists, and the LGBTQ+ community. The website offers community engagement, terminology resources, and a public API, supported by a small but active team. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, hosted with reputable DNS and registrar services, and integrates Shopify for merchandise. The site demonstrates good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and explicit security headers are not visible. Privacy compliance is generally good with a privacy policy and terms of service present, but lacks a cookie consent mechanism despite using analytics. Contact information is provided via multiple company emails and social media channels. Overall, the site is trustworthy, professional, and serves its community well.

C

Cooperativa “Consejo de Lenguaje Neutro”

pronombr.es

20

Pronombr.es is a community-driven cooperative project dedicated to promoting inclusive language and the correct use of personal pronouns. It offers educational resources, personalized pronoun cards, and fosters a supportive environment for the queer community and allies. The project is open source and supported by a small but active team, with a strong emphasis on respect, freedom, and inclusivity in language use. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, leveraging CDN services for performance and Shopify for merchandise sales. The site is well-optimized for mobile and accessibility, with good SEO practices. Security posture is strong with HTTPS and public key cryptography, though it lacks some formal policies like a security.txt and cookie consent mechanisms. Overall, the site is trustworthy, professional, and serves a niche but important community function.

D

Das „Rat für neutrale Sprache“ Kollektiv

pronomen.net

10

Pronomen.net is a community-driven, multilingual platform dedicated to providing information and resources about non-binary and gender-neutral language, focusing on pronouns and inclusive communication. The website serves a niche audience interested in gender inclusivity and offers tools such as pronoun cards, cultural examples, and a queer calendar. It operates as a non-profit public source project supported by volunteers and offers merchandising to support its activities. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, hosted with Cloudflare DNS and uses Shopify's Buy SDK for merchandising. The site is well-optimized for mobile and accessibility, with good SEO practices and fast performance. Security-wise, the site enforces HTTPS and has domain transfer protections but lacks DNSSEC and some security headers. Privacy compliance is good with a clear privacy policy and GDPR adherence, though no cookie consent mechanism is present despite using Plausible Analytics. Contact information is available via multiple company emails, and the project maintains an active presence on Mastodon, Bluesky, Discord, and GitLab. Overall, the site is trustworthy, professional, and serves its community well, though it could improve security headers and cookie consent to enhance compliance and security posture.

P

Pronouns.page

pronouns.page

65

Pronouns.page is a specialized educational platform providing usage examples of personal pronouns and promoting gender neutral language. It serves a general audience interested in linguistics and inclusivity, offering multilingual support through various language-specific subdomains. The website is positioned as a niche resource with a focus on accessibility and educational content rather than commercial services. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, hosted on Cloudflare infrastructure with CDN support, ensuring good performance and mobile optimization. The use of privacy-conscious analytics tools like Plausible and error monitoring via Sentry indicates a mature approach to technical operations. Security posture is strong with HTTPS enforcement and standard security headers, though the absence of explicit privacy and cookie policies suggests room for improvement in compliance. Overall, the site is trustworthy and professional but would benefit from enhanced transparency and formal policies to strengthen user trust and regulatory adherence.

The website 'ada.cat' serves as a personal homepage for an individual named Ada, also known as Pixel. It functions primarily as a personal portfolio and social hub linking to various social and gaming platforms. The site is built using modern frontend technologies including Vue.js, Nuxt.js, and Vuetify, indicating a good level of technical maturity for a personal project. Hosting and DNS are managed through OVH and Cloudflare respectively, though DNSSEC is not enabled, and no advanced security headers are detected. The domain is very recently registered in Poland, consistent with the website's new launch. Security posture is moderate but could be improved by implementing standard security headers and enabling DNSSEC. Privacy and cookie policies are absent, and no contact information is provided, which limits compliance and business credibility. Overall, the site is safe, well-designed, and targeted at a general audience with no adult content. The AI overall score is 66, reflecting good content and technical implementation but weaknesses in privacy and security compliance.

J

Jump24

jump24.co.uk

55

Jump24 is a UK-based software development agency specializing in bespoke software solutions, with expertise in PHP, Laravel, and Vue.js. The company positions itself as an official Laravel partner and Vue expert, targeting businesses across the UK, Europe, and the US. Their services include UX/UI design, tech consultancy, and team augmentation, emphasizing collaboration and client relationships. Technically, the website employs modern frameworks and libraries such as Laravel, Vue.js, Tailwind CSS, and Swiper.js, with tracking via Google Analytics and Tag Manager. The site is professionally designed, mobile-optimized, and SEO-friendly, though accessibility features are basic. Security posture is moderate with HTTPS likely enabled but lacks visible security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the domain registration data supports legitimacy and consistency with the business claims.

L

Home — Linus Groh

linus.dev

61

Linus Groh's personal website serves as a professional portfolio and hub for his open source projects and contributions to web standards. The site highlights his expertise in programming, particularly in JavaScript infrastructure and standards work, and showcases his active involvement in projects like Kiesel and SerenityOS. The website targets developers and technology enthusiasts, positioning Linus as a knowledgeable generalist in the tech community. Technically, the site is built using the Eleventy static site generator, leveraging modern web technologies such as Zig, Vue.js, and WebAssembly for project development. The website is performant, mobile-optimized, and accessible, with a clean and consistent design. Privacy-respecting analytics tools like Matomo and Shynet are used, reflecting a commitment to user privacy. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and published policies such as privacy, cookie, or vulnerability disclosure policies. No forms collect sensitive user data, reducing attack surface. The use of WHOIS privacy protection is justified given the personal nature of the site. Overall, the website is trustworthy and professional, with minor gaps in privacy and security policy documentation. Strategic improvements in these areas would enhance compliance and user trust.

S

Stichting IFCAT Foundation

why2025.org

63

WHY2025 is a nonprofit organization hosting an international hacker camp event in the Netherlands scheduled for August 2025. The event focuses on technology, cybersecurity, and community knowledge sharing, targeting hackers and technology enthusiasts. The business operates in the technology and nonprofit sectors with a small organizational size and a recent founding date in 2024. The website is professionally designed using modern JavaScript frameworks (Vue.js and Vuetify) and provides structured event data for clarity. The technical infrastructure is hosted by TransIP with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the domain registration is consistent and trustworthy, matching the business claims and event details.

P

Private by Design, LLC

snug.moe

58

Snugly Moe Moe is a small, niche federated social platform instance targeting general users interested in social networking within the 'snuggly beings' community. The website uses modern web technologies including Vue.js and Cloudflare DNS services, providing a moderate level of performance and basic mobile optimization. The domain is registered to Private by Design, LLC in the US, consistent with the website's content and target audience. Security posture is moderate with HTTPS enabled and domain status protections in place, but lacks DNSSEC and security headers which could improve resilience against attacks. Privacy and cookie policies are absent, and no contact or incident response information is provided, which limits compliance and transparency. Overall, the website is safe for general audiences and does not contain adult or explicit content.

A

Afterlogic Corp.

afterlogic.works

50

Afterlogic.Works is a technology company specializing in reliable outsource and team augmentation services for web and mobile development projects. The company emphasizes its Eastern European developer base operating under US jurisdiction, positioning itself as a trustworthy tech partner for small to mid-size businesses, managed service providers, design agencies, and startups. Their key services include web and mobile development, outstaffing, and rescuing troubled projects, supported by client testimonials and industry badges that enhance their market credibility. Technically, the website leverages modern frameworks such as Vue.js, Nuxt.js, React, Flutter, and Node.js, indicating a mature and contemporary technology stack. The site is moderately optimized for performance and mobile devices, with good SEO practices but basic accessibility features. Security-wise, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and visible security headers or explicit security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is professional and trustworthy but could improve transparency and security posture.

K

KPN

kpn.com

79

KPN is a leading telecommunications provider in the Netherlands offering a comprehensive range of services including internet, mobile, TV, and entertainment. The website targets both consumers and business customers, providing self-service options and detailed product information. The digital infrastructure is modern, leveraging Vue.js and Contentful CMS, with integrations for analytics and privacy compliance tools such as Google Tag Manager and OneTrust. Security posture is strong with HTTPS, CSP nonces, and secure session management, although explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS data is likely due to registry restrictions rather than suspicious activity, and the website demonstrates high professionalism and trustworthiness.

M

MyPrivacy.net

mangadex.org

65

MangaDex is a well-established online manga reading platform founded in 2018, operated under the organization MyPrivacy.net based in Canada. It offers free access to manga content with high-quality images and no advertisements, supporting scanlation groups and fostering a community through forums and user groups. The platform targets manga readers and fans of anime and manga, providing a rich catalog of titles with community engagement features. Technically, the site leverages modern web technologies including Vue.js and Nuxt.js frameworks, and integrates Google Analytics and Tag Manager for user behavior tracking. The website is mobile-optimized and provides a good user experience with clear navigation and professional design.

A

Ascend Fundraising Solutions, Inc.

sgh5050.ca

60

The website sgh5050.ca serves as an online fundraising platform for the Stratford General Hospital Foundation's 50/50 raffle. Operated by Ascend Fundraising Solutions, Inc., the site facilitates ticket sales to support the purchase of medical equipment at Stratford General Hospital in Ontario, Canada. The platform leverages Shopify's e-commerce infrastructure combined with modern web technologies such as Vue.js and integrates support and analytics tools including Zendesk and Google Analytics. The site is professionally designed with consistent branding and clear navigation, targeting community members interested in supporting local healthcare initiatives. Technically, the website is well-implemented with fast performance, mobile optimization, and modern JavaScript frameworks. It uses HTTPS with strong domain registration protections but lacks DNSSEC. Security measures include hCaptcha for form protection and domain status locks to prevent unauthorized changes. However, the absence of published privacy and cookie policies, as well as a formal security policy or incident response contact, represents compliance and transparency gaps. From a security perspective, the site demonstrates good practices in encryption and form protection but should enhance its security posture by implementing security headers and publishing relevant policies. The domain registration details align well with the business purpose and show no suspicious patterns, supporting the site's legitimacy. Overall, the website is a credible and functional fundraising platform with room for improvement in privacy compliance and security transparency to strengthen trust and regulatory adherence.

주

주식회사 모코플렉스

shockping.com

51

The website myshop.do represents a Korean e-commerce platform operated by 주식회사 모코플렉스, founded in 2022. It offers an online commerce solution that integrates SNS links for easy product registration and sales management, targeting small business owners, influencers, and franchise operators. The platform provides multiple services including mall creation, homepage building, business management, and agency services, positioning itself as a comprehensive online sales and marketing solution in the Korean market. Technically, the site is built on modern frameworks such as Vue.js and integrates popular analytics and marketing tools like Google Analytics, Facebook Pixel, and Naver Analytics. The site is hosted on Cloudns.net with HTTPS enabled, but lacks DNSSEC and security headers, which are recommended for enhanced security. Contact information and business registration details are clearly presented, enhancing business credibility. However, the absence of privacy and cookie policies and consent mechanisms indicates gaps in privacy compliance. Overall, the site is professionally designed with good user experience and moderate performance, but could improve in security and privacy practices.

주

주식회사 모코플렉스

myshop.do

51

Myshop.do is an e-commerce platform operated by 주식회사 모코플렉스, providing easy-to-use online commerce solutions primarily targeting Korean small businesses, influencers, and franchise operators. The platform emphasizes SNS integration for product registration and sales, offering multiple service packages including mall, home, business, and agency solutions. The website is professionally designed with a modern frontend stack based on Vue.js and integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, and Naver Analytics. The technical infrastructure is solid with HTTPS enabled and domain transfer protection, though DNSSEC is not enabled and security headers are missing. Privacy and cookie policies are absent, representing a compliance gap. Contact information is clearly provided, enhancing business credibility. Overall, the site is safe, accessible, and well-positioned in the Korean e-commerce market.

L

Lemmy

lemmy.ml

60

Lemmy.ml is a community-driven federated social platform focused on privacy and free/open source software enthusiasts. Founded in 2019, it serves a niche audience interested in privacy, FOSS, and decentralized social networking. The platform offers community discussions, content sharing, and federation capabilities with public key cryptography. Technically, it uses modern web technologies including TypeScript, Vue.js, and Electron for desktop clients, providing a responsive and accessible user experience. Security posture is strong with HTTPS enforcement, user registration screening, and moderation policies, though explicit privacy and cookie policies are missing. Overall, Lemmy.ml presents a trustworthy and professional platform with room for improvement in privacy compliance and security disclosures.

주

주식회사 모코플렉스

myshp.us

51

The website myshp.us represents '마이샵', an e-commerce platform operated by 주식회사 모코플렉스, founded in 2017 and based in Seoul, South Korea. The business offers a comprehensive online commerce solution enabling users to create personalized shopping malls easily via SNS links, integrating product registration, sales, and operations. The platform targets small to medium-sized online sellers, influencers, and franchise businesses, positioning itself as a specialized service provider in the Korean e-commerce market. The website content is professionally designed, primarily in Korean, and provides clear navigation to various service offerings and customer support resources. Technically, the site employs modern frontend technologies including Vue.js, jQuery, and integrates multiple analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and Naver Analytics. The hosting and domain registration are stable with Dynadot Inc as the registrar and cloudns.net for DNS services. Performance is moderate with basic mobile optimization and SEO practices in place. However, accessibility features are basic and could be improved. From a security perspective, the site uses HTTPS with a valid SSL configuration and has domain transfer protections enabled. However, DNSSEC is not enabled, and no security headers were detected in the provided data, indicating room for improvement. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms, which could pose regulatory risks. Contact information is clearly provided, but no incident response or security policy details are available. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy compliance, improved security headers, and explicit policies to strengthen user trust and regulatory adherence.

C

Chicken Farmers of Canada

chicken.ca

63

Chicken Farmers of Canada operates the website chicken.ca as a comprehensive resource hub providing cooking tips, recipes, nutrition information, and insights into Canadian chicken farming practices. The site targets general consumers interested in chicken as food and promotes safe and nutritious consumption. The website is well-branded and professionally designed, reflecting a medium-sized organization with a national presence in Canada. Technically, the site uses modern frameworks such as Nuxt.js and Vue.js, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforced, security headers present, and bot protection via reCAPTCHA. However, the absence of explicit privacy policy and contact information slightly reduces privacy compliance and business credibility scores. Overall, the site is trustworthy and serves as an authoritative informational platform for Canadian chicken farming and cooking.

The website www.apc-korea.com serves as the official Korean online store for the A.P.C. fashion brand, offering a variety of products including women's and men's denim, clothing, bags, and shoes. The site targets general consumers interested in fashion retail and operates primarily as an e-commerce platform. The website demonstrates a moderate level of digital maturity, utilizing modern JavaScript frameworks such as Vue.js and Bootstrap 4, along with analytics tools like Google Analytics, Firebase Analytics, and Naver Analytics. The technical infrastructure includes CDN usage and cloud storage, indicating a scalable hosting environment. Security-wise, the site employs HTTPS and RSA encryption scripts, but lacks visible security headers and published privacy or cookie policies, which are critical for compliance and user trust. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and branding suggest it is an official store. Overall, the site is functional and professionally designed but requires improvements in privacy compliance and security transparency.

IDLOOKMALL is a Korean e-commerce platform specializing in premium fashion brands such as Sandro, Maje, A.P.C., and Keith. The website serves as the official shopping mall for these brands, targeting Korean consumers interested in high-end fashion. The business model focuses on online retail with customer account management, order processing, and customer support services. The company behind the site is (주)아이디룩, a medium-sized retail entity based in Seoul, South Korea. Technically, the website employs modern web technologies including Vue.js, jQuery, Axios, and Bootstrap 4, alongside various marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Naver Analytics. The site is mobile-optimized with automatic redirection to a mobile version, and it uses HTTPS with RSA encryption libraries, indicating a good security baseline. However, some security headers are missing, and no explicit security or incident response policies are published. From a security perspective, the site demonstrates solid HTTPS usage and encryption practices but lacks cookie consent mechanisms and detailed privacy compliance features. The WHOIS data for the domain is unavailable or indicates the domain is not publicly registered, which is unusual and reduces trust from a domain registration standpoint. Despite this, the website content and business information appear professional and legitimate. Overall, the site presents a trustworthy and professional e-commerce platform with good technical implementation but could improve in privacy compliance and transparency regarding security policies. The lack of WHOIS data is a notable concern that should be addressed to enhance trustworthiness.

F

Ferryhopper

ferryhopper.com

61

Ferryhopper is an established online ferry ticket booking platform offering services to over 500 destinations worldwide. The website targets travelers seeking convenient ferry travel options, providing price comparisons and booking capabilities. The platform has a strong market presence with over 2 million users, indicating a solid position in the transportation sector. Technically, the website employs modern web technologies including Vue.js, integrates multiple analytics and marketing tools such as Google Analytics 4, Microsoft Clarity, Hotjar, and Braze, and implements a comprehensive cookie consent mechanism aligned with GDPR requirements. Security posture is good with HTTPS enforced and bot detection via reCAPTCHA, though explicit security headers and policies could be improved. The absence of WHOIS data reduces domain trustworthiness, but the professional website and branding mitigate concerns. Overall, the site is well-designed, performant, and privacy-conscious, serving a broad general audience safely.

I

investingLive

forexlive.com

10

investingLive is a well-established online financial news and analysis platform, originally founded in 2005 and formerly known as Forexlive. It provides daily market news, technical analysis, and insights focused on forex, stocks, cryptocurrencies, and commodities. The platform targets active traders and investors seeking timely and reliable market information to support smarter trading decisions. The website demonstrates a consistent brand presence and offers a professional user experience with good content quality and clear navigation. Technically, the site leverages modern JavaScript frameworks such as Vue.js and Nuxt.js, integrates Google Tag Manager for analytics, and employs OneTrust for cookie consent management. While the site is mobile-optimized and performs moderately well, there is room for improvement in accessibility and SEO enhancements. Security-wise, the website uses HTTPS and domain status locks but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. No privacy policy or terms of service were detected in the provided content, indicating a gap in privacy compliance. Overall, investingLive presents a credible and professional online presence with moderate security and privacy compliance maturity.

The U.S. Department of Defense website serves as the official digital presence of America's largest government agency responsible for national security and military forces. It provides comprehensive news, multimedia content, and resources targeted at the general public, military personnel, and government stakeholders. The site maintains a strong market position as a trusted source of defense-related information and services. Technically, the website employs a mature infrastructure using ASP.NET Web Forms with DNN CMS, leveraging modern JavaScript libraries such as jQuery and Vue.js, and integrates multimedia and social media effectively. The site is mobile optimized, accessible, and SEO-friendly, reflecting a high level of digital maturity. From a security perspective, the site enforces HTTPS, uses secure coding practices, and avoids exposing sensitive data. While explicit security headers are not fully documented in the HTML, the overall SSL configuration is excellent. Privacy compliance is moderate, with a comprehensive privacy policy but lacking a cookie consent mechanism. WHOIS data is restricted, typical for government domains, but the domain is highly legitimate. Overall, the website is professional, trustworthy, and secure, with minor areas for improvement in privacy compliance and security header implementation.

W

Webtasy, d.o.o.

stajerska.si

56

Štajerska.si is a professionally designed regional tourism website promoting the Štajerska region in Slovenia. It offers comprehensive information on cultural, natural, and wellness experiences, targeting tourists and visitors interested in urban and natural attractions. The website leverages modern technologies such as Nuxt.js, Vue.js, and DatoCMS, ensuring a fast, mobile-optimized, and accessible user experience. Social media integration and event promotion enhance its outreach. Security posture is strong with HTTPS and security headers, though the absence of a cookie consent banner and explicit security policies indicates room for compliance improvement. Overall, the site is trustworthy and well-positioned as a regional tourism marketing platform.

S

SPM SPORTPLATZ MEDIA GMBH

teamtip.net

49

Teamtip is a German-based online platform specializing in football prediction games, offering users the ability to create private prediction groups for major European leagues and international tournaments. The platform supports a free-to-use model with additional white label solutions for companies seeking marketing and user engagement tools. The business is positioned as a niche player in the sports media sector, targeting football fans, social groups, and corporate clients. Technically, the website employs modern web technologies including Vue.js and integrates a consent management platform to ensure GDPR compliance. The platform is accessible via web and mobile apps on iOS and Android, providing a good user experience with live score updates and customizable game rules. Security posture is solid with HTTPS enforced and domain transfer protections, though formal security policies and incident response contacts are not publicly documented. Overall, the website demonstrates good content quality, technical implementation, and privacy compliance, supporting a trustworthy and professional online presence.

M

MagentaCLOUD

magentacloud.de

54

MagentaCLOUD is a cloud storage service operated under the Magenta brand, associated with Deutsche Telekom, targeting general users seeking secure file storage and sharing solutions. The website is built on the Nextcloud platform, leveraging modern web technologies including Vue.js and hosted on the Open Telekom Cloud infrastructure. The platform integrates multiple security features such as two-factor authentication, password policies, and end-to-end encryption, reflecting a mature security posture. However, the absence of visible privacy and cookie policies, as well as contact information for security incidents, indicates areas for compliance and transparency improvement. Overall, the site demonstrates a professional and trustworthy presence aligned with a major telecommunications provider.

哔

哔哩哔哩游戏

biligame.com

57

The website www.biligame.com serves as a gaming platform branded under 哔哩哔哩游戏 (Bilibili Games), targeting gaming enthusiasts and creators within the Bilibili community. It offers game reservation and download services, leveraging Bilibili's unique gaming culture. The site is technically modern, utilizing Vue.js and other contemporary web technologies, and is optimized for both PC and mobile platforms. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the branding and content strongly associate with the reputable Bilibili company. Security posture is moderate with no HTTPS or security headers explicitly confirmed, and privacy compliance is low due to missing policies and contact information. Overall, the site is functional and professional but requires improvements in transparency and security to enhance trust.

P

phg Peter Hengstler GmbH + Co. KG

phg.de

52

phg Peter Hengstler GmbH + Co. KG is a medium-sized German company specializing in customized connection and data technology solutions, serving system integrators and manufacturers with a broad portfolio of OEM components and cable assemblies. The company emphasizes engineering competence and high manufacturing depth, supported by certifications such as UL, ISO 13485, and EHEDG. Their website is professionally designed, multilingual, and provides comprehensive product and service information. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and includes marketing and analytics tools like LinkedIn Insight and Google Analytics. Security posture is solid with HTTPS and cookie consent mechanisms, though security headers and explicit incident response policies are absent. Overall, the site reflects a trustworthy and professional business with good compliance and technical maturity.

A

Alchemy Pay

alchemypay.org

58

Alchemy Pay is a fintech company specializing in bridging fiat and cryptocurrency economies by providing payment solutions that enable users and businesses to transact seamlessly across both worlds. Their platform offers a suite of products including fiat-crypto on and off ramps, token listing services, branded Web3 cards, crypto payment acceptance, and NFT checkout capabilities. The company has established partnerships with major industry players such as Binance, Polygon, NEAR, and bitcoin.com, positioning itself as an important player in the crypto payment infrastructure market. The website content is professional and targeted towards businesses and platforms seeking to integrate fiat-crypto payment solutions.

I

Institut für Angewandte Trainingswissenschaft (IAT)

sport-iat.de

67

The Institut für Angewandte Trainingswissenschaft (IAT) is a German national competence center specializing in applied training science to support elite athletes and coaches. It provides research, development, scientific support, consulting, and knowledge transfer services aimed at achieving competitive advantages in sports. The website reflects a well-established institution with a clear focus on sports science and collaboration with Olympic and disability sports federations. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and libraries, offering a good user experience and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking explicit security policies and incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

A

AS "Latvijas valsts meži"

mammadaba.lv

61

AS "Latvijas valsts meži" operates the mammadaba.lv website as an official platform promoting nature tourism and environmental education in Latvian state forests. The site provides comprehensive information on destinations, routes, events, and educational programs targeting the general public interested in outdoor activities. The website is well-positioned as an authoritative source within the Latvian government sector, offering key services that support sustainable tourism and environmental awareness. Technically, the website is built on Joomla CMS with modern JavaScript libraries including Vue.js and jQuery. It integrates Matomo analytics for user tracking and employs HTTPS with CSRF protections, indicating a mature digital infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and multilingual support. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected, but security headers could be improved to enhance protection. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. Strategic recommendations include enhancing security headers, publishing security policies, and considering a vulnerability disclosure program to further strengthen trust and security culture.

L

Latvijas Valsts Meži

e-lvm.lv

53

Latvijas Valsts Meži operates a secure partner portal at www.e-lvm.lv, providing authenticated access to its cooperation partners. The portal supports multiple strong authentication methods including Smart-ID and bank IDs, reflecting a mature approach to user security. The website is professionally designed with good mobile optimization and clear navigation, targeting business partners in the forestry and energy sector in Latvia. Technical infrastructure is based on modern JavaScript frameworks such as Vue.js and PrimeVue, indicating a contemporary technology stack. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response information are absent. Privacy compliance is supported by accessible privacy and cookie policies with consent mechanisms. Overall, the website demonstrates a high level of business credibility and trustworthiness consistent with a large state-owned enterprise.

S

Sleekplan

sleekplan.com

69

Sleekplan is a technology company founded in 2020 that offers an all-in-one user feedback tool designed to help businesses collect, discuss, and prioritize customer feedback. Their platform integrates feedback boards, public roadmaps, changelogs, and satisfaction surveys (CSAT and NPS) to streamline product management and customer engagement. Positioned as a competitive SaaS solution, Sleekplan targets businesses and product teams seeking to enhance their feedback loops and product development transparency. The website demonstrates a professional and consistent brand presence with excellent content quality and user experience. Technically, Sleekplan employs a modern technology stack including Vue.js for frontend development, integrates analytics tools like Google Analytics and PostHog for user behavior tracking, and uses AWS for hosting infrastructure. The site is well-optimized for performance, mobile responsiveness, and SEO, with clear navigation and accessibility considerations. Cookie consent and privacy compliance mechanisms are implemented effectively, reflecting good digital maturity. From a security perspective, the website enforces HTTPS, uses clientTransferProhibited domain status, and anonymizes IP addresses in analytics. However, DNSSEC is not enabled, and explicit security headers are not evident, suggesting room for improvement. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the business claims, showing a consistent and legitimate domain registration. Overall, Sleekplan presents a low-risk profile with a strong security posture and compliance awareness. Strategic recommendations include enabling DNSSEC, publishing a vulnerability disclosure policy, enhancing security headers, and providing incident response contact details to further strengthen trust and security posture.

B

Brauerei C. & A. VELTINS GmbH & Co. KG

veltins-shop.de

64

The website www.veltins-shop.de serves as the official online retail platform for VELTINS branded merchandise, including glasses, clothing, and bar accessories. It targets consumers and fans of the VELTINS beer brand, offering a curated selection of products and special editions. The site is well-branded and consistent with the parent company Brauerei C. & A. VELTINS GmbH & Co. KG, operating primarily in the retail sector within Germany. Technically, the website leverages modern frameworks such as Vue.js and Vuetify, with hosting likely provided by DigitalOcean. It integrates Google Tag Manager and Google Analytics for marketing and analytics purposes. The site demonstrates good mobile optimization, SEO practices, and a moderate performance profile. From a security perspective, the site enforces HTTPS and includes standard security headers, reflecting a good security posture. However, it lacks explicit cookie consent mechanisms and does not publicly disclose a security policy or incident response procedures. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website presents a professional and trustworthy e-commerce platform for VELTINS merchandise. Strategic improvements include implementing cookie consent, publishing security and incident response information, and providing direct company contact details to enhance transparency and compliance.

A

Aberdeen Group

aberdeeninvestments.com

69

Aberdeen Group is a global investment company and asset manager focused on helping investors achieve their financial goals. The website targets both individual and professional investors, offering investment funds and solutions. The company positions itself as a large, established player in the finance sector with a global footprint, particularly serving the Finnish market in this instance. The website content is professional, well-structured, and provides comprehensive information about services and corporate details. Technically, the website leverages modern frameworks such as Vue.js and integrates consent management tools like OneTrust, alongside Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS, implements key security headers, and uses a cookie consent mechanism aligned with GDPR requirements. However, explicit security policies and incident response information are not publicly available, and no vulnerability disclosure or security.txt file is found, which are areas for improvement. Overall, the website presents a low risk with strong business credibility and privacy compliance. The main concern is the lack of WHOIS data, which reduces domain trustworthiness. Strategic recommendations include publishing detailed security policies, establishing a vulnerability disclosure program, and enhancing transparency around security certifications.

R

RBC Global Asset Management

rbcgam.com

65

RBC Global Asset Management (RBC GAM) is a leading investment management firm operating as a division of the Royal Bank of Canada. The website serves as a landing portal for various investor types including individual investors, investment professionals, and institutional investors across multiple global regions. RBC GAM offers a comprehensive range of investment solutions and is supported by several subsidiaries and affiliates worldwide. The site demonstrates a strong brand presence and clear business focus on asset management services. Technically, the website employs modern web technologies such as Vue.js, Bootstrap, and Google Tag Manager, indicating a mature digital infrastructure. The site is well-optimized for mobile devices and includes accessibility considerations, though some improvements could be made. Performance is moderate with CDN usage for assets. From a security perspective, the site enforces HTTPS and uses secure cookies, but could enhance security headers and server-side HTTPS enforcement. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms. However, no explicit security incident response or vulnerability disclosure information is provided. Overall, the website is professional, trustworthy, and aligned with the business goals of RBC GAM. The lack of WHOIS data for the domain is likely due to it being a subdomain or privacy-protected, but the strong brand and content quality support legitimacy. Strategic recommendations include improving security headers, adding explicit security contact information, and enhancing accessibility features.

I

ITM Power

itm-power.com

56

ITM Power is a UK-based company specializing in the manufacture of PEM electrolysers, a pioneering technology for generating green hydrogen to support decarbonisation efforts. The company has a well-established market presence since 2002 and targets industrial and commercial customers interested in sustainable energy solutions. Their website reflects a professional and consistent brand image, focusing on their core technology and services. Technically, the website leverages modern JavaScript frameworks such as Vue.js and Nuxt.js, with integrations for analytics and user behavior tracking via Google Analytics and Hotjar. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Security-wise, the website uses HTTPS and includes a cookie consent mechanism, but lacks some advanced security headers and explicit security policies. The domain registration data aligns well with the company's history, indicating legitimacy and trustworthiness. Overall, the website is professional and credible but could enhance privacy compliance and security transparency.

ViaBTC operates as a global cryptocurrency mining pool offering services such as BTC accelerator and mining support for multiple cryptocurrencies including Bitcoin, Litecoin, Bitcoin Cash, and Kaspa. The company targets cryptocurrency miners and investors, positioning itself as a significant player in the mining pool market with a focus on providing efficient and comprehensive mining solutions. The website reflects a professional and consistent brand image with clear service descriptions and a user-friendly interface. Technically, the website leverages modern frontend technologies including Vue.js, Tailwind CSS, and Element UI, ensuring a responsive and moderately performant user experience. SEO practices and mobile optimization are well implemented, though accessibility features could be enhanced. The site is hosted securely with HTTPS and includes essential security headers, contributing to a solid security posture. Security-wise, the site demonstrates good practices such as enforcing HTTPS and implementing security headers, with no obvious vulnerabilities or exposed sensitive data. However, the absence of a public security policy, incident response contacts, and vulnerability disclosure mechanisms indicates room for improvement in transparency and readiness. Privacy compliance is strong with comprehensive privacy and cookie policies and consent mechanisms in place. Overall, the website is trustworthy and professional, though the lack of WHOIS data and registrant information introduces some uncertainty regarding domain legitimacy. Strategic recommendations include publishing detailed security policies, establishing incident response contacts, and enhancing accessibility to further strengthen the site's security and compliance posture.

M

MMCAGENTUR Digitale Lead Agentur #respectinside

mmcagentur.at

66

MMCAGENTUR is a well-established digital full-service agency based in Austria, specializing in web design, online campaigns, social media marketing, content creation, and digital strategy. Founded in 1997, the company serves both B2B and B2C clients with a strong emphasis on respect and digital engagement. Their market position is solid, supported by a professional website showcasing client references and a consistent brand message. Technically, the website is built using modern frameworks such as Vue.js and Nuxt.js, optimized for performance and mobile responsiveness. The use of WebP images and responsive design indicates a mature digital infrastructure. However, no explicit CMS is detected, though the agency references popular CMS platforms in their content. From a security perspective, the site enforces HTTPS and shows no exposed sensitive data or vulnerabilities in the analyzed content. However, it lacks explicit security headers, privacy policies, cookie consent mechanisms, and incident response information, which are important for compliance and trust. Overall, the website is professional and trustworthy with excellent content quality and business credibility. The main gaps lie in privacy compliance and security transparency, which should be addressed to enhance user trust and regulatory adherence.

P

PSI Polska

psi.pl

62

PSI Polska is a well-established provider of innovative software solutions focused on managing supply chains for energy and goods, serving industries such as manufacturing, logistics, energy, and public transport. As part of the international PSI Software SE group, it benefits from a strong European presence and decades of experience. The website is professionally designed, content-rich, and targets business clients seeking advanced industrial software solutions. Technically, the site uses TYPO3 CMS with modern JavaScript frameworks, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and published security policies are absent. Privacy compliance is well addressed with a comprehensive privacy policy and GDPR-aligned cookie consent. Overall, the site reflects a credible and trustworthy business with a strong market position in the technology sector.

A

Alokai

vuestorefront.io

66

Alokai is an enterprise-grade Frontend as a Service (FaaS) provider specializing in composable commerce solutions. The company offers a suite of products including Alokai Storefront, Connect, Cloud, and Console, designed to accelerate ecommerce storefront development, deployment, and management. Positioned as a truly headless and agnostic frontend solution, Alokai integrates with leading ecommerce platforms such as SAP Commerce Cloud, commercetools, Salesforce Commerce Cloud, BigCommerce, Contentful, and Magento. The website demonstrates a strong market presence with extensive partner networks, client testimonials, and a focus on developer enablement through documentation and community programs.

P

PSI Software SE

psi.de

66

PSI Software SE is a well-established German company specializing in intelligent software solutions for sustainable energy supply, production, and logistics. Their offerings include ERP, MES, and logistics software tailored to various industrial sectors such as automotive, energy trading, gas networks, and manufacturing. The company maintains a strong market position with a global reach and a focus on environmentally friendly and efficient processes. The website reflects a professional and comprehensive digital presence, supporting their business model and target audience effectively. Technically, the website is built on TYPO3 CMS and leverages modern JavaScript libraries such as Vue.js and Axios, ensuring a responsive and accessible user experience. The site is well-structured with clear navigation, multilingual support, and optimized for SEO and mobile devices. Privacy and cookie policies are present and GDPR compliant, indicating attention to regulatory requirements. From a security perspective, the site uses HTTPS with good SSL configuration and employs nonce attributes in scripts to mitigate injection risks. However, explicit security headers and a published security policy or incident response contacts are absent, representing areas for improvement. No vulnerabilities or suspicious content were detected, and the domain registration aligns with the company's branding and operational footprint. Overall, PSI Software SE's website demonstrates a mature digital infrastructure and a strong business credibility, with minor recommendations to enhance security transparency and incident readiness. The risk profile is low, supporting trust and confidence for customers and partners.

BitLab d.o.o. is a medium-sized IT company based in Bosnia and Herzegovina, specializing in a broad range of technology services including web development, mobile applications, 3D visualization, hosting, education, and e-commerce. Established in 2015, the company has completed over 500 projects and serves a diverse clientele including government agencies and educational institutions. Their business model focuses on providing comprehensive IT solutions and digital services tailored to client needs, supported by a strong local presence and multilingual website content. Technically, BitLab employs a modern technology stack with popular frameworks and platforms, ensuring good mobile optimization and user experience. However, some areas such as accessibility and SEO could be improved further. Security-wise, the website uses HTTPS and avoids exposing sensitive data but lacks advanced security headers and published security policies, which are recommended for enhanced trust and compliance. Overall, BitLab presents a professional and trustworthy digital presence with room for improvement in privacy compliance and security transparency.

O

Ordera - dostava - hrana za ponijeti - rucak u restoranu

ordera.app

44

The website 'ordera.app' is an online platform focused on food and drink ordering, offering services such as delivery, pick-up, restaurant lunch reservations, catering, and employee meals. The business model centers on e-commerce within the hospitality sector, targeting general consumers who want convenient food ordering from home or work. The site uses modern frontend technologies including Vue.js and Vuetify, and integrates Google Tag Manager for analytics, indicating a moderate level of digital maturity. However, the website lacks visible privacy and cookie policies, terms of service, and contact information, which are critical for compliance and user trust. Security posture appears weak due to absence of security headers and unclear SSL configuration. Overall, the site is functional but requires improvements in privacy compliance, security best practices, and transparency to enhance trust and regulatory adherence.