Security Directory

W

WhiteWind

whtwnd.com

58

WhiteWind is a small technology-focused blog platform launched in 2024 that enables users with Bluesky social accounts to publish blogs using Markdown syntax. The service positions itself as a free, privacy-conscious blogging solution within the decentralized social media ecosystem. Technically, the website is built using modern frameworks such as React and Next.js, hosted on AWS infrastructure, and integrates Google Analytics for basic user tracking. The site is mobile optimized and offers a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS enforced and domain registration consistent with the business timeline; however, improvements such as enabling DNSSEC, adding security headers, and publishing incident response policies are recommended. Privacy compliance is basic, with privacy and terms policies available but lacking cookie consent mechanisms. Overall, the website is trustworthy and safe for general audiences, with no adult or questionable content detected.

L

Liberty Specialty Markets

libertyspecialtymarkets.com

71

Liberty Specialty Markets is a global specialty and commercial insurance and reinsurance provider operating across multiple key markets including the UK, Europe, Middle East, US, Bermuda, Asia Pacific, and Latin America. The company is part of the Liberty Mutual Insurance Group, a well-established insurance conglomerate. Their website reflects a professional and consistent brand image, targeting insurance brokers, corporate clients, and reinsurance partners. The business model focuses on underwriting specialty insurance products and reinsurance solutions, positioning itself as a significant player in the finance and insurance sectors. Technically, the website leverages modern web technologies such as React and Next.js, hosted on Akamai's CDN infrastructure, ensuring moderate to good performance and mobile optimization. The presence of multiple analytics and tracking tools like Google Tag Manager, Microsoft Clarity, and LinkedIn Insight indicates a mature digital marketing and analytics strategy. Accessibility and SEO are implemented at a basic to good level, with room for improvement. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements key security headers, reflecting good security hygiene. The cookie consent mechanism demonstrates GDPR compliance awareness. However, the absence of explicit privacy policy, terms of service, security policy, and incident response contact information represents gaps in transparency and compliance documentation. Overall, the website is trustworthy and professional, with a strong business credibility score. The main risks relate to incomplete privacy and security policy disclosures, which should be addressed to enhance compliance and user trust.

Diligent Corporation is a leading enterprise software provider specializing in governance, risk management, and compliance (GRC) solutions. Positioned as a leader in the 2025 GRC MarketScape by IDC, Diligent offers a comprehensive AI-powered platform that centralizes board management, risk, audit, and compliance reporting. Their target audience includes corporate boards, governance professionals, and enterprise leaders seeking to elevate governance and clarify risk through modern technology. The company operates a sophisticated SaaS business model with a strong emphasis on security, privacy, and customer trust. Technically, the website is built on a modern stack including React, Next.js, and Material UI, hosted on Netlify. It integrates multiple analytics and marketing tools such as Google Tag Manager, Facebook Pixel, RudderStack, and Marketo, reflecting a mature digital marketing and data collection strategy. The site is well-optimized for performance, mobile responsiveness, accessibility, and SEO, providing an excellent user experience. From a security perspective, the site enforces HTTPS and maintains dedicated trust and security pages, including a vulnerability disclosure program. However, explicit security headers and a security.txt file are not detected, representing areas for improvement. The absence of WHOIS data is unusual but does not detract from the overall legitimacy given the professional presentation and trust signals. Overall, Diligent demonstrates a strong security posture and business credibility with comprehensive privacy compliance. The risk assessment indicates a low risk profile with recommendations to enhance transparency and security best practices further.

UseTheNews is a German initiative focused on enhancing news literacy among young people, teachers, and media professionals. The project conducts research on news consumption and literacy, develops educational resources, and fosters collaboration between journalists and youth to strengthen fact-based public discourse. The website reflects a small, specialized non-profit organization with a clear educational mission and a strong focus on trustworthy journalism. Technically, the website is built on a modern React and Next.js stack, hosted on Colt's infrastructure, and uses Matomo analytics with cookies disabled to respect user privacy. The site is well-designed, mobile-optimized, and accessible, providing a professional user experience. Security-wise, HTTPS is enforced, and no critical vulnerabilities or exposed sensitive data were found, though security headers and explicit incident response policies are absent. Overall, the site demonstrates a good security posture and privacy compliance but could improve transparency around security policies and cookie consent mechanisms.

dpa GmbH is Germany's leading press agency, providing trusted, accurate, and independent news along with digital and multimedia content to media outlets domestically and internationally. The company maintains a strong market position with a broad portfolio of editorial and communication services, including photo coverage, video and podcast studio rentals, and corporate communication solutions. Their website reflects a mature digital presence with modern technologies such as React, Next.js, and Storyblok CMS, supported by AWS Cloudfront CDN for performance and global reach. Security posture is strong with HTTPS enforcement and comprehensive security headers, though the absence of a visible cookie consent mechanism and explicit security policies suggests room for improvement. WHOIS data is unavailable, likely due to privacy protection, but the website's professional content and external references support its legitimacy. Overall, dpa GmbH demonstrates a high level of professionalism, technical maturity, and trustworthiness suitable for its role as a major media entity.

Groupon operates as a leading global e-commerce marketplace specializing in local deals, discounts, and goods. The platform targets consumers seeking savings on restaurants, shopping, events, travel, and more. With a strong market position and enterprise scale, Groupon offers a comprehensive service portfolio accessible via web and mobile applications. The website demonstrates a high level of digital maturity, leveraging modern frameworks such as Next.js and React, optimized for performance and mobile responsiveness. Security posture is robust with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not prominently disclosed. Privacy compliance is evident with accessible privacy and cookie policies, including consent mechanisms. Overall, the site presents a professional, trustworthy, and user-friendly experience aligned with its business objectives.

Lieferando is a leading online marketplace for food and grocery delivery operating primarily in Germany and Austria. Founded in 2009 and owned by Just Eat Takeaway.com, it offers a comprehensive platform connecting consumers with over 35,000 restaurants and stores. The company provides not only ordering infrastructure but also logistics services with employed couriers, catering to partners without their own delivery capabilities. The website is professionally designed, mobile-optimized, and rich in content, targeting consumers seeking convenient food and grocery delivery solutions. Technically, Lieferando employs modern web technologies including React and Next.js, hosted on AWS infrastructure, with integrations for analytics, marketing, and real-time notifications. Security posture is strong with HTTPS, security headers, and a bug bounty program, although explicit security policy documentation could be improved. Privacy compliance is robust with clear privacy and cookie policies and GDPR adherence. Overall, Lieferando presents a mature, trustworthy, and technically advanced digital presence aligned with its market leadership in the food delivery sector.

PROCNE S.r.l. is an Italian technology company specializing in custom software development to optimize business processes. Established in 2003, the company serves over 160 Italian clients across product manufacturing, service sectors, and public administration. Their key offerings include facility management solutions, event management platforms, digital workspaces, sales force automation, MES software for the food industry, e-commerce, and big data analytics. The company positions itself as a trusted partner for digital transformation and business process optimization. Technically, the website is built using modern frameworks such as Next.js and React, with integrations for Google Analytics, Google Tag Manager, and Cookiebot for privacy compliance. The site is mobile-optimized and demonstrates good SEO practices. Performance is moderate, with room for improvement in accessibility and security headers. Security posture is solid with HTTPS enforced and privacy mechanisms in place, including cookie consent denying ad personalization. However, the site lacks explicit security policies and incident response contacts, which are recommended for enhanced trust and compliance. No vulnerabilities or suspicious indicators were detected. Overall, PROCNE presents a credible, professional digital presence aligned with its business claims. The domain age and WHOIS data support legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and adding incident response contact details to improve security posture and customer trust.

T

Themeco

theme.co

52

Themeco is a technology company specializing in WordPress themes and website building tools, targeting creators, influencers, and businesses. Their market position is strong with popular products like X and Pro, supported by a professional website that showcases their offerings and customer testimonials. The company leverages modern web technologies such as React and Next.js to deliver a fast, mobile-optimized, and accessible user experience. Security posture is robust with HTTPS enforcement and security headers, though privacy compliance could be improved by implementing cookie consent mechanisms and publishing security policies. Overall, Themeco presents a trustworthy and professional digital presence with room for enhanced transparency in security and privacy practices.

S

Shoptet.cz

myshoptet.com

78

Shoptet.cz is a prominent Czech e-commerce platform offering SaaS solutions for entrepreneurs and businesses to create and manage online shops. The website presents a professional and modern digital presence, leveraging advanced web technologies such as React and Next.js, and integrates essential tools like Google Tag Manager and Cookiebot for analytics and privacy compliance. The platform targets small to medium-sized businesses seeking to establish or grow their online retail operations, providing a 30-day free trial to attract new users. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response information are not publicly visible. The absence of WHOIS data limits domain registration trust analysis, but the overall site professionalism and content quality indicate a legitimate and well-established business. Strategic recommendations include publishing comprehensive privacy and security policies and improving transparency around incident response and vulnerability disclosures.

Rakuten Kobo operates a comprehensive e-commerce platform specializing in digital reading content including eBooks, audiobooks, and related hardware such as eReaders. The company holds a strong market position as a global leader in digital reading, supported by its parent company Rakuten. The website targets general consumers interested in digital reading solutions, offering a wide catalog of over 6 million titles and multiple device options. Technically, the site is built on modern frameworks such as React and Next.js, ensuring fast performance, mobile optimization, and good accessibility. Security posture is strong with HTTPS enforced, security headers present, and no visible vulnerabilities. Privacy compliance is robust with clear privacy and cookie policies and GDPR adherence. However, WHOIS data is unavailable, which slightly impacts domain trust analysis but does not detract from the overall legitimacy given the brand recognition and secure infrastructure.

dpa GmbH is Germany's leading press agency providing trusted, accurate, and independent news along with digital and multimedia content to support media outlets domestically and internationally. The company maintains a strong market position with key subsidiaries such as news aktuell, picture alliance, and dpa-infocom, offering a broad range of editorial and corporate communication services. The website reflects a mature digital infrastructure leveraging modern technologies like React, Next.js, and Storyblok CMS, supported by AWS Cloudfront CDN for performance and scalability. Security posture is robust with HTTPS enforcement and comprehensive security headers, although visible cookie consent mechanisms are absent. The WHOIS data is unavailable, which is unusual but does not detract significantly from the site's legitimacy given the professional content and external trust signals. Overall, dpa GmbH demonstrates a high level of digital maturity and business credibility.

I

IONOS SE

ionos.at

73

IONOS SE is a well-established European technology company specializing in web hosting, domain registration, cloud services, and online shop solutions. With over 30 years of experience, it serves a broad audience including businesses and individuals seeking reliable and scalable digital infrastructure. The company maintains a strong market position in Europe, supported by a comprehensive portfolio of services and a professional online presence. Technically, the website leverages modern frameworks such as Next.js and React, ensuring fast performance, mobile optimization, and good SEO practices. Security posture is robust with HTTPS enforcement, multiple security headers, and monitoring tools like Sentry. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site reflects a mature digital infrastructure and business credibility.

I

IONOS Cloud S.L.U.

ionos.es

74

IONOS Cloud S.L.U. operates the website www.ionos.es, positioning itself as the largest hosting provider in Europe and a specialist in cloud solutions. The company offers a broad range of services including domain registration, web hosting, cloud infrastructure, email and office solutions, and e-commerce platforms. The website targets businesses and individuals seeking reliable and scalable web services. The business is well-established, founded in 2001, and operates primarily in Spain with enterprise scale. The website content is professionally presented, with clear navigation and consistent branding, supporting its market position as a trusted technology provider. From a technical perspective, the website leverages modern web technologies such as Next.js and React, ensuring a responsive and performant user experience. The site is mobile-optimized and includes SEO best practices, although accessibility features are basic. Security is well-handled with HTTPS and asynchronous script loading, but explicit security headers and policies are not disclosed. Marketing tools like Kameleoon and Adobe Target are used for A/B testing and user engagement, with moderate user tracking observed. Security posture is solid but could be improved by publishing explicit security policies, incident response contacts, and vulnerability disclosure programs. Privacy compliance is currently weak due to the absence of visible privacy and cookie policies or consent mechanisms, which is a critical area for improvement given GDPR requirements. Contact information is clearly provided, enhancing business credibility. Overall, the website is a professional, trustworthy platform with strong business credibility and technical implementation. Strategic improvements in privacy compliance and security transparency would enhance its security posture and regulatory adherence.

N

NetCologne

netcologne.de

64

NetCologne is a regional telecommunications provider offering high-speed fiber internet, telephone, TV, and mobile services primarily targeting private customers in Cologne and the surrounding region. The website presents a professional and consistent brand image with clear service offerings and localized focus. The technical infrastructure is modern, leveraging React and Next.js frameworks, with performance optimizations such as Baqend SpeedKit and cookie consent management via Cookiebot. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and incident response transparency. Overall, the website is accessible, well-structured, and compliant with GDPR requirements, reflecting a mature digital presence for a large regional telecom operator.

D

Dock

dock.codes

45

Dock is a technology service provider specializing in creating unique websites, online shops, ERP systems, and mobile applications. Established since 2013, the company has built a strong market position with a portfolio including notable clients such as Samsung and Saint-Gobain Glass. Their business model focuses on delivering end-to-end digital solutions that combine design and functionality to help clients stand out in their markets. Technically, the website leverages modern frameworks like React and Next.js, supported by AWS Cloudfront for hosting and CDN services, ensuring fast and responsive user experiences across devices. Security posture is strong with HTTPS enforcement, security headers, and integration of Google reCAPTCHA to protect forms. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. Overall, Dock presents a professional and trustworthy digital presence with clear contact information and client testimonials, reflecting a mature and credible business.

G

Games Workshop Limited

warhammerplus.com

59

Warhammer+ is the official subscription platform operated by Games Workshop Limited, providing Warhammer fans with exclusive digital content including original animations, apps, a digital lore vault, and subscriber-only miniatures. The service is positioned as a premium offering in the gaming and hobbyist media sector, targeting enthusiasts of the Warhammer franchise worldwide. The website is professionally designed, mobile-optimized, and offers clear navigation and subscription management features. Technically, the site leverages modern frameworks such as Next.js and React, hosted with Cloudflare DNS services, ensuring fast performance and good accessibility. Security posture is strong with HTTPS enforced and appropriate security headers, though DNSSEC is not enabled. Privacy and cookie policies are present and comprehensive, with GDPR compliance evident. The domain registration is consistent with the business timeline and uses a reputable registrar, supporting legitimacy. Overall, the site presents a trustworthy and professional digital presence for Warhammer's subscription service.

G

Games Workshop

warhammer-community.com

61

Warhammer Community is the official content and news platform for Games Workshop's Warhammer tabletop games, including Warhammer 40,000 and Age of Sigmar. The site provides the latest news, game updates, downloads, and community features targeted at hobbyists and players worldwide. It serves as a key engagement channel supporting the broader Warhammer ecosystem and brand. Technically, the website leverages modern web technologies such as React and Next.js, ensuring fast performance and excellent mobile optimization. The use of Google Tag Manager and CookiePro indicates a mature approach to analytics and privacy compliance. The site is well-structured with clear navigation and SEO-friendly metadata. From a security perspective, the site enforces HTTPS, implements strong security headers, and provides cookie consent mechanisms, reflecting good security hygiene. However, explicit security policies and incident response contacts are not publicly available, representing areas for improvement. Overall, the website is professional, trustworthy, and well-maintained, with a strong brand presence. The lack of WHOIS data is noted but does not detract significantly from the site's legitimacy given the brand association and content quality. Strategic recommendations include enhancing transparency around security policies and incident response to further build user trust.

M

Matt Morris

mmatt.net

56

mmatt.net is the personal website and blog of Matt Morris, a technologist, student, and open source contributor. The site serves as a portfolio and content hub for his projects, thoughts on technology, gaming, and social media. It targets technology enthusiasts and community members interested in his work and insights. The website is built using modern web technologies including Next.js and React, hosted with Cloudflare DNS, and optimized for mobile and desktop users. The content is well structured and regularly updated, reflecting a good level of digital maturity for a personal brand site. From a security perspective, the site uses HTTPS with domain registration protections such as clientDeleteProhibited and clientTransferProhibited status. However, DNSSEC is not enabled, and no explicit security or incident response policies are published. Privacy and cookie policies are absent, which is a compliance gap. Analytics are implemented via Plausible with minimal tracking, indicating a privacy-conscious approach. The site does not use advertising networks or retargeting services, focusing on content and community engagement. Overall, the website presents a trustworthy and professional personal brand with good technical implementation and content quality. The main areas for improvement include publishing privacy and cookie policies, enabling DNSSEC, and adding security and vulnerability disclosure information to enhance trust and compliance.

B

beehiiv

beehiiv.com

71

beehiiv is a technology company providing an all-in-one newsletter platform designed to help digital content publishers launch, engage, and monetize their newsletters effectively. Positioned as a growth system, beehiiv offers a comprehensive suite of services including newsletter creation, web building, ad network integration, analytics, and subscription management. The platform targets a broad audience ranging from independent journalists and startups to established media brands and businesses. Technically, the website is built on modern frameworks such as React and Next.js, hosted on Vercel, and integrates multiple marketing and analytics tools like HubSpot and Google Tag Manager. The site demonstrates excellent design quality, mobile optimization, and SEO practices, contributing to a positive user experience. Security-wise, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data, though it lacks explicit security policies or incident response contacts. Overall, the platform appears legitimate and professional, though the absence of WHOIS data introduces some uncertainty about domain registration details.

T

Themeco

carringtontheme.com

54

Themeco is a technology company specializing in WordPress themes and website building tools, targeting creators, influencers, and businesses. Their market position is strong, with popular products like Pro and X themes, supported by a consistent brand and professional web presence. The company has been active since 2014 and offers a range of digital products including plugins, courses, and templates. Technically, the website is built on modern frameworks such as Next.js and React, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit policies could be improved. Privacy compliance is moderate, with privacy and terms pages present but lacking explicit cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-optimized for its audience.

B

Buena GmbH

home.ht

10

Buena GmbH operates a modern property management platform focused on the German real estate market. The company offers digital-first property management services including condominium and rental management, supported by proprietary AI-driven software. With over 65,000 managed units and a strategy of acquiring existing property management firms, Buena positions itself as a consolidator in a fragmented market. The website is professionally designed, mobile-optimized, and provides comprehensive service information and customer testimonials, enhancing trust and user experience. Technically, the site uses modern frameworks such as Next.js and React, hosted on Vercel, with Google Tag Manager for analytics. Security posture is generally good with HTTPS enforced, but lacks some security headers and cookie consent mechanisms. WHOIS data is missing, which raises concerns about domain registration transparency and reduces trustworthiness. Overall, the site is credible and professional but would benefit from improved transparency and security practices.

L

Leaflet

leaflet.pub

56

Leaflet is a technology platform focused on enabling users to write and share interconnected social documents. The website positions itself as a niche content creation and publishing platform, targeting general audiences interested in blogging and publication exploration. The platform leverages modern web technologies such as React and Next.js, indicating a contemporary technical infrastructure. The site design is professional and mobile-optimized, providing a good user experience with clear navigation and relevant content. However, the absence of privacy, cookie, and terms of service policies suggests room for improvement in compliance and transparency. Security posture is moderate with no explicit security headers detected and unknown SSL configuration, which should be addressed to enhance trust and protection. Overall, the domain uses privacy protection for WHOIS data, which is common for small tech platforms but slightly reduces transparency. Strategic recommendations include implementing security headers, publishing privacy and cookie policies, and providing clear contact and incident response information to improve compliance and user trust.

AT Protocol is an open, decentralized network designed for building social applications, targeting developers and organizations interested in decentralized social networking. The website provides comprehensive technical documentation, SDKs, and guides to facilitate development on the protocol. The project is relatively new, founded in 2022, and positions itself as a technically sophisticated alternative in the social networking space. The digital infrastructure is modern, leveraging React and Next.js frameworks, with DNS managed via Cloudflare, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and domain protections in place, though improvements such as enabling DNSSEC and publishing security policies are recommended. Privacy compliance is currently minimal, with no visible privacy or cookie policies, which should be addressed to meet regulatory standards. Overall, the website is professional, trustworthy, and well-suited for its technical audience, but could enhance user trust and compliance by adding explicit privacy and security disclosures.

Start-warhammer.com is a professionally developed website dedicated to introducing newcomers to the Warhammer hobby, a leading tabletop miniature gaming brand managed by Games Workshop Limited. The site provides educational content, interactive quizzes, and links to official stores and products, supporting the broader Warhammer ecosystem. It targets hobbyists interested in collecting, painting, playing, and reading Warhammer-related content. Technically, the site leverages modern web technologies including React and Next.js, hosted behind Cloudflare DNS, with strong mobile optimization and good SEO practices. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though it lacks explicit vulnerability disclosure and incident response contact details. The domain registration is consistent and legitimate, registered recently by a reputable registrar, aligning with the brand's expansion strategy. Overall, the site is trustworthy, well-branded, and provides a safe, engaging experience for its audience.

A

Asmodee Deutschland

asmodee.de

64

Asmodee Deutschland operates as a prominent retailer and distributor of board games in Germany, offering a wide range of products that immerse customers in fantastic worlds. The website is professionally designed using modern web technologies such as React and Next.js, with good mobile optimization and user experience. The company leverages Google Tag Manager and privacy consent management tools like Didomi and Privacy Center SDK to handle user tracking and compliance. However, explicit privacy and cookie policies are not directly found, which may impact GDPR compliance. Security posture is generally good with HTTPS enforced, but lacks visible security headers and formal security policies. Overall, the domain and website appear legitimate and consistent with the business's market presence in Germany.

ARTE is a prominent European public media broadcaster offering a wide range of cultural, educational, and entertainment content including documentaries, films, series, and concerts. The platform is well-established with a strong market position in Germany and Europe, targeting a general audience with free, ad-free streaming services. The website demonstrates a mature digital infrastructure using modern technologies such as React and Next.js, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and incident response information are not publicly detailed. Privacy compliance is robust, with comprehensive GDPR-aligned privacy and cookie policies and a designated data protection contact. Overall, ARTE's website reflects a professional, trustworthy, and user-friendly platform with high content quality and strong business credibility.

TomTom is a globally recognized leader in navigation and mapping technology, offering a wide range of GPS devices, mapping software, and location-based services. The company serves both consumer markets and business sectors including automotive manufacturers, logistics, and public sector organizations. Their market position is strong, supported by partnerships with major automotive and technology companies. The website reflects a mature digital presence with modern technologies such as React and Next.js, ensuring fast performance and excellent mobile optimization. Security posture is robust with HTTPS enforcement and comprehensive security headers, though public security policies and incident response information could be enhanced. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, TomTom presents a professional, trustworthy, and technically sound online presence.

G

Gusto

gusto.com

66

Gusto is a well-established technology company specializing in online payroll and HR solutions targeted primarily at small and medium-sized businesses. The company offers a comprehensive people platform that facilitates employee onboarding, payroll processing, benefits administration, and insurance management. Positioned as a leader in customer satisfaction, Gusto leverages modern SaaS delivery models to serve a large customer base with a focus on ease of use and compliance support. The website reflects a mature digital presence with professional design, clear navigation, and extensive content relevant to its business domain. Technically, the website is built on a modern stack including Next.js and React, hosted with Cloudflare DNS and CDN services. It employs advanced analytics and tracking tools such as Snowplow, FullStory, and Tealium, alongside a robust cookie consent mechanism powered by OneTrust. The site demonstrates excellent performance, mobile optimization, and accessibility features, indicating a high level of digital maturity. From a security perspective, Gusto enforces HTTPS with strong SSL configurations and implements key security headers to protect users. The presence of SOC 2 Type II and ISO 27001 certifications further underscores its commitment to security and compliance. However, there is room for improvement in publishing explicit security policies, incident response procedures, and vulnerability disclosure mechanisms to enhance transparency and trust. Overall, Gusto presents a low-risk profile with strong business credibility, technical sophistication, and privacy compliance. Strategic recommendations include enabling DNSSEC, publishing dedicated security and incident response pages, and providing clear contact information for data protection officers to further strengthen its security posture and regulatory compliance.

C

Ceros

ceros.com

72

Ceros is a technology company offering a no-code interactive content creation platform targeted primarily at marketers and designers. The platform enables users to build immersive digital experiences that drive engagement and conversions without requiring coding skills. Positioned as a leading SaaS solution in the interactive content space, Ceros serves a medium-sized business audience with a focus on digital marketing and content innovation. The website reflects a mature digital infrastructure leveraging modern web frameworks such as Next.js and React, hosted likely on AWS, and integrates multiple marketing and analytics tools including HubSpot, Google Tag Manager, and Facebook Pixel. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not published. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. However, the absence of WHOIS domain registration data raises concerns about domain registration transparency. Overall, the website is professional, secure, and user-friendly, but domain legitimacy verification and enhanced security transparency are recommended.

C

COMBITHERM GmbH

combitherm.de

60

COMBITHERM GmbH is a medium-sized German manufacturer specializing in industrial refrigeration systems, heat pumps, and high-temperature heat pumps, primarily serving building air conditioning and production cooling sectors. With over 50 years of experience, the company has established a strong market presence supported by a worldwide customer network and a family-based business model. Their product offerings include customized refrigeration and heat pump solutions, complemented by commissioning and maintenance services. The website reflects a professional and comprehensive digital presence, leveraging modern technologies such as Next.js and React, hosted on Google Cloud infrastructure. The site is well-optimized for SEO and mobile devices, providing clear navigation and rich content including downloadable brochures and articles. Security posture is solid with HTTPS enforcement and secure forms, although some improvements are recommended such as implementing cookie consent mechanisms and publishing explicit security policies. The privacy policy is detailed and GDPR compliant, reinforcing trust and compliance. WHOIS data is minimal but consistent with the company's German location and business claims. Overall, the website demonstrates a mature digital infrastructure and a trustworthy business profile.

L

Lekmer - Leksaker, Barnkläder & Babykläder på nätet

lekmer.se

64

Lekmer is an established Swedish e-commerce retailer specializing in toys, children's clothing, baby products, and travel accessories. The website targets families and parents seeking a wide range of products for their growing children. The platform demonstrates a professional and consistent brand presence with a user-friendly interface optimized for mobile and desktop users. Technically, the site leverages modern frameworks such as Next.js and Storyblok CMS, hosted on Vercel, ensuring fast performance and scalability. The integration of payment services like Klarna indicates a mature e-commerce infrastructure. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure; however, the absence of explicit security headers and privacy policies in the provided content suggests room for improvement in compliance and security transparency. The lack of WHOIS domain registration data is a notable concern, potentially impacting trust from a domain legitimacy perspective. Overall, Lekmer presents a reliable and professional online retail experience with moderate risk factors primarily related to domain transparency and privacy disclosures.

NLYMAN.COM is a well-established Finnish e-commerce platform specializing in men's fashion, offering a wide range of clothing, shoes, and accessories from over 80 recognized brands. The company operates under the parent company Nelly Group and targets young men interested in trendy and affordable fashion. The website demonstrates a high level of professionalism with excellent design, clear navigation, and mobile optimization, supporting a seamless shopping experience. Technically, the site leverages modern frameworks such as Next.js and integrates multiple third-party services for analytics, marketing, and payment processing, ensuring robust performance and user engagement. Security-wise, the platform enforces HTTPS, employs recognized certifications like Trygg E-handel, and implements cookie consent mechanisms, although it could enhance DNS security by enabling DNSSEC and publishing explicit security policies. Overall, the website presents a trustworthy and compliant online retail environment with strong business credibility and user trust.

B

Babyshop

babyshop.se

64

Babyshop is a professional e-commerce retailer specializing in premium baby and children's clothing and equipment, targeting parents and caregivers in Sweden. The website showcases a wide range of products from well-known brands, emphasizing quality and style for children aged 0-10 years. The business operates in the retail sector with a focus on online sales, offering promotions and a user-friendly shopping experience. Technically, the website is built using modern web technologies including React and Next.js, with Storyblok as the CMS and Klarna integrated for payment processing. The site demonstrates good mobile optimization and SEO practices, although some accessibility features could be enhanced. Performance is moderate, with efficient use of image assets and asynchronous script loading. From a security perspective, the site enforces HTTPS and uses Sentry for error monitoring, indicating a proactive approach to stability and security. However, the absence of visible security headers and lack of published privacy or cookie policies suggest areas for improvement in compliance and user trust. The WHOIS data is unavailable, limiting domain legitimacy verification, but the professional presentation and content quality support a positive trust assessment. Overall, Babyshop presents a solid online retail platform with room to enhance privacy compliance and security transparency. Strategic improvements in these areas would strengthen customer trust and regulatory adherence.

Å

Åhléns

ahlens.se

67

Åhléns is a well-established Swedish retail company specializing in fashion, beauty, and home furnishing products. Their website offers a comprehensive e-commerce platform complemented by physical department stores, targeting general consumers in Sweden. The site is professionally designed with excellent content quality, clear navigation, and strong branding consistency. Technically, the website leverages modern frameworks such as Next.js and React, integrates advanced marketing and analytics tools, and demonstrates good performance and mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and GDPR-compliant consent management, although there is room for improvement in publishing explicit security policies and incident response contacts. The absence of WHOIS data for the queried domain reduces trust slightly but does not detract from the overall legitimacy of the business presence online.

Q

Quin Within

quinwithin.com

59

Quin Within is a technology company specializing in intelligent safety technology, focusing on rapid emergency response and digital medical ID storage solutions. Their platform integrates with emergency services across multiple countries, aiming to provide critical information quickly during emergencies. The website is built using modern web technologies such as Next.js and React, hosted on Amazon Cloudfront, and employs Google Tag Manager for analytics. However, the absence of WHOIS registration data raises concerns about the domain's legitimacy and registration status. Security posture is moderate but lacks visible security headers and formal privacy or cookie policies. Contact information and compliance documentation are missing, which impacts trust and privacy compliance scores. Overall, the site presents a professional front but requires improvements in transparency, security, and compliance to enhance credibility and user trust.

F

Freepik Company, S.L.

freepikcompany.com

68

Freepik Company, S.L. operates a comprehensive AI-powered creative suite website offering a wide range of tools including AI image and video generators, editors, and a vast library of stock assets such as images, vectors, photos, videos, audio, icons, PSDs, templates, and mockups. The platform targets designers, marketers, content creators, and businesses seeking creative resources and AI-assisted design capabilities. It employs a subscription and credit-based business model with commercial licensing options, positioning itself as a leading player in the creative technology sector. Technically, the website is built on modern frameworks such as Next.js and React, leveraging CDN hosting and integrating advanced consent management via OneTrust and tracking through Google Tag Manager and Apollo Tracker. The site demonstrates excellent performance, mobile optimization, accessibility, and SEO practices, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, implements multiple security headers, and manages user consent effectively. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly evident, representing areas for improvement. The absence of WHOIS data limits domain registration transparency but does not detract significantly from the site's trustworthiness given its professional presentation and external trust signals. Overall, Freepik's website is a high-quality, secure, and privacy-conscious platform with strong business credibility. Strategic enhancements in security transparency and contact information could further strengthen its security posture and user trust.

I

Instabee Group AB

instabox.io

51

Instabox is a Swedish parcel delivery service operated by Instabee Group AB, specializing in delivering parcels to smart boxes with same-day delivery options. The company partners with numerous reputable online retailers, positioning itself as a convenient logistics solution for e-commerce customers in Sweden. The website is built using modern web technologies such as React and Next.js, hosted likely behind Cloudflare services, providing a responsive and user-friendly experience. Security posture is generally good with HTTPS enforced and domain registration consistent with business claims; however, the absence of DNSSEC and explicit security headers suggests room for improvement. Privacy compliance is weak due to missing privacy and cookie policies, which could expose the company to regulatory risks. Overall, the website is professional and trustworthy but should enhance privacy and security disclosures to align with best practices.

Porterbuddy is a Norwegian technology-driven logistics company specializing in last-mile delivery services tailored to consumer and business needs. Owned by Instabee Group AB, the company emphasizes flexible delivery times, real-time tracking, and sustainable practices such as prioritizing electric vehicles. The website is professionally designed, mobile-optimized, and provides clear information about services and contact details. Technically, the site uses modern frameworks like Next.js and React, hosted with Cloudflare DNS, ensuring good performance and SEO. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is strong with comprehensive policies and cookie consent mechanisms. Overall, Porterbuddy presents a trustworthy and credible digital presence aligned with its business goals.

N

networkteam GmbH

networkteam.com

67

networkteam GmbH is a well-established German digital agency specializing in custom web and mobile application development, content management systems, e-commerce, and digital transformation services. Founded in 1997, the company has a strong market presence with a diverse client portfolio and a focus on sustainable, future-proof digital solutions. Their website reflects a professional and modern digital maturity with a robust technical infrastructure leveraging React, Next.js, Kubernetes, and other contemporary technologies. Security posture is solid with HTTPS enforcement and security headers, though there is room for improvement in DNS security and explicit security policy disclosures. Privacy compliance is good with comprehensive privacy and cookie policies and consent mechanisms in place. Overall, networkteam GmbH demonstrates high business credibility and trustworthiness.

P

Podme

podme.com

66

Podme is a Finnish digital media company specializing in premium podcasts and audiobooks, offering ad-free content through subscription plans. The service targets Finnish-speaking users, including students who benefit from discounts. The website is professionally designed, mobile-optimized, and uses modern web technologies such as Next.js and React, hosted likely on Microsoft Azure. The business is part of the Schibsted group, a reputable media conglomerate, which enhances its market credibility. The domain is well-established since 2009, supporting the company's maturity and legitimacy. Security posture is strong with HTTPS, clientTransferProhibited domain status, and no evident vulnerabilities, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, Podme presents a trustworthy and professional digital media platform with a solid technical foundation and clear business model.

A

AvD

avd-histo-tour.de

67

AvD (Automobilclub von Deutschland) is a well-established automotive club in Germany focusing on motorsport events, particularly oldtimer rallies such as the AvD-Histo-Tour. The website showcases their event information and services targeting automobile enthusiasts and motorsport fans. The digital infrastructure is modern, built on Next.js and React, with integration of advanced cookie consent management via Cookiebot and marketing/analytics tools from major providers like Google and Meta. Security posture is solid with HTTPS and consent mechanisms, though some security headers and incident response details are missing. Overall, the site is professional, trustworthy, and compliant with GDPR requirements. Strategic improvements could include publishing explicit security policies and enhancing accessibility.

W

Webikeo

webikeo.fr

61

Webikeo is a French webinar platform established in 2014, offering free access to over 5,000 webinars focused on professional training and solutions. The platform targets professionals seeking knowledge and training resources through webinars. The website is built on modern web technologies including Next.js and React, with integrations such as Algolia for search and Didomi for consent management, indicating a mature digital infrastructure. Security monitoring is implemented via New Relic, and HTTPS is enforced, contributing to a strong security posture. However, explicit privacy policies and terms of service pages were not found in the provided content, which could be improved to enhance compliance and user trust. Overall, the website is professional, well-branded, and trustworthy with a solid domain registration history.

P

Publicare AG

publicare.ch

68

Publicare AG is a Swiss market-leading company specializing in the supply and consultation of medical aids, including incontinence, stoma, tracheostomy care, and wound treatment. The company targets both private individuals and business customers, offering high-quality advice and fast delivery services. Their business model combines e-commerce with direct billing to health insurers, positioning them as a trusted healthcare supplier in Switzerland. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their audience. Technically, the website is built on modern frameworks such as Next.js and React, leveraging Cloudflare for hosting and security. It employs Cookiebot for comprehensive cookie consent management and Google reCAPTCHA for form protection. The site demonstrates good mobile optimization and moderate performance, with SEO and accessibility features implemented at a basic to good level. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes essential security headers. The use of consent management and bot detection cookies indicates a mature approach to privacy and security. However, the absence of a dedicated security policy or incident response information suggests room for improvement in transparency and readiness. Overall, Publicare AG's website presents a trustworthy and professional digital presence with strong compliance to privacy regulations and a solid technical foundation. Strategic enhancements in security policy disclosure and accessibility could further strengthen their security posture and user trust.

F

Freepik Company, S.L.

freepik.com

67

Freepik Company, S.L. operates a comprehensive AI-powered creative suite and stock asset platform, targeting designers, marketers, and content creators globally. The website offers a wide range of AI tools including image, video, and audio generators, alongside traditional stock assets such as photos, vectors, and icons. The business model is subscription and credit-based, supporting professional and personal creative projects. Freepik holds a strong market position as a leading provider in the creative technology space with a consistent brand presence and extensive social media engagement. Technically, the website is built on modern frameworks like Next.js and React, leveraging CDN hosting and advanced consent management tools such as OneTrust. The site demonstrates excellent performance, mobile optimization, and SEO practices, ensuring a high-quality user experience. Analytics and tracking are implemented moderately with Google Tag Manager and Apollo Tracker, balanced with privacy compliance mechanisms. From a security perspective, Freepik enforces HTTPS, employs standard security headers, and integrates cookie consent management. However, explicit security policies and incident response information are not publicly available, which could be improved to enhance transparency and trust. The absence of WHOIS data reduces domain registration transparency but does not significantly detract from the overall legitimacy given the brand's maturity and external trust signals. Overall, Freepik presents a secure, professional, and privacy-conscious platform with strong business credibility. Strategic recommendations include publishing detailed security policies, establishing a vulnerability disclosure program, and improving WHOIS transparency to further strengthen trust and compliance.

P

PubNub Inc.

pubnub.com

79

PubNub Inc. operates a leading real-time developer platform that enables businesses and developers to build, manage, and optimize interactive applications at scale. The company offers a comprehensive suite of real-time APIs and services, including messaging, presence, chat, analytics, and push notifications, serving a broad range of industries and use cases. With a market position as a top provider in the real-time communication space, PubNub targets enterprises and developers requiring scalable, low-latency infrastructure. Technically, the website leverages modern web technologies such as Next.js and React, supported by a robust CMS (Builder.io) and integrates industry-standard tools for cookie consent and analytics. The platform demonstrates excellent performance, mobile optimization, and SEO practices, reflecting a mature digital infrastructure. From a security perspective, PubNub maintains a strong posture with HTTPS enforcement, multiple security headers, and compliance with major frameworks including SOC2, HIPAA, GDPR, CCPA, and ISO 27001. The presence of a bug bounty program and comprehensive privacy and cookie policies further reinforce their commitment to security and privacy. No critical vulnerabilities or suspicious patterns were detected. Overall, PubNub presents a low-risk profile with a professional, trustworthy online presence. Recommendations include publishing explicit incident response contacts and adopting a security.txt file to enhance vulnerability disclosure transparency.

D

Delius Klasing Verlag GmbH

modellfahrzeug.de

56

The website www.modell-fahrzeug.com is a professionally designed media publishing platform operated by Delius Klasing Verlag GmbH, focusing on model vehicles, model cars, and related hobbies. It offers rich editorial content, news, interviews, and integrates e-commerce services for subscriptions and product sales. The target audience includes hobbyists, collectors, and enthusiasts of model vehicles. The site demonstrates a mature digital infrastructure using modern web technologies such as React, Next.js, and Shopify for commerce integration. It is mobile-optimized and provides a good user experience with clear navigation and professional branding. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security headers and a vulnerability disclosure page suggests room for improvement in security posture. The WHOIS data for the domain is unavailable, indicating the domain may be unregistered or there is an issue with WHOIS data retrieval, which raises concerns about domain legitimacy that should be verified. Overall, the website is a credible and trustworthy media platform with strong content quality and technical implementation. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and clarifying domain registration status to strengthen trust and compliance.

A

Automobilclub von Deutschland (AvD)

avd.de

69

AvD (Automobilclub von Deutschland) is a historic and established automobile club in Germany, founded in 1899. The organization offers a broad range of services including roadside assistance, towing, insurance products, and membership benefits targeted at automobile owners and drivers. The website reflects a mature digital presence with modern technologies such as Next.js and React, and implements comprehensive privacy and cookie consent mechanisms compliant with GDPR. The brand maintains consistent messaging and trust indicators aligned with its long-standing market position. Security posture is strong with HTTPS, security headers, and no evident vulnerabilities, though explicit security policies and incident response contacts are not published. Overall, AvD demonstrates a solid business and technical foundation with room for enhanced transparency in security and contact information.

B

Bredbandsval.se – Jämför och beställ bredband på din adress

bredbandsval.se

65

Bredbandsval.se is a Swedish broadband comparison and ordering platform that helps residential consumers quickly and freely identify the best internet options available at their address. The website positions itself as an independent service, providing unbiased broadband comparisons to facilitate consumer choice in Sweden's telecommunications market. Technically, the site leverages modern web technologies such as Next.js and React, integrating Cookiebot for cookie consent management and Google Tag Manager for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms, though explicit security headers and policies could be improved. The absence of WHOIS data for the exact domain queried suggests the domain may be a subdomain or alias, which slightly reduces trustworthiness. Overall, the site is professional, safe, and functional, but could benefit from publishing clear privacy and terms of service documents and improving transparency around security and incident response.

P

Startsidan - Presentjakt.se

presentjakt.se

52

Presentjakt.se is a Swedish gift recommendation website that provides curated gift ideas across various categories such as fun gadgets, experiences, summer gifts, and personalized presents. The platform primarily operates as an affiliate marketing site, linking users to partner retailers like coolstuff.se. The site targets Swedish consumers seeking gift inspiration and aims to offer a user-friendly browsing experience with categorized suggestions. Technically, the website is built using modern web technologies including React and Next.js, ensuring a responsive and interactive user interface. However, the site currently lacks visible privacy, cookie, or terms of service policies, which are important for compliance and user trust. Security headers and SSL configuration details are not evident from the provided data, indicating potential areas for improvement in security posture. The WHOIS data for the domain is unavailable or the domain is not registered as queried, which raises some concerns about domain legitimacy from a registration standpoint. Overall, the website presents a professional and clean interface with good content quality but requires enhancements in privacy compliance, security practices, and transparency to improve trust and regulatory adherence.