Security Directory

G

Ghostery

whotracks.me

67

Ghostery operates WhoTracks.Me, a privacy-focused platform providing detailed insights into online trackers through an open-source database. The company positions itself as a trusted provider of privacy tools and data transparency, targeting privacy-conscious users and researchers. The website is professionally designed, mobile-optimized, and offers comprehensive content about tracking technologies and privacy protection. Technically, the site uses modern web technologies including Plotly.js for data visualization, and implements strong security measures such as HTTPS and security headers. However, the WHOIS data for the domain is missing, which is unusual but does not detract significantly from the site's legitimacy given its strong brand presence and open-source contributions. Overall, the security posture is strong with no evident vulnerabilities, and privacy compliance is well addressed with clear policies and consent mechanisms.

F

FormBeat

formbeat.com

63

FormBeat is a specialized AI-powered cycling analytics platform designed to help cyclists of all fitness levels improve their training and performance. The company offers a subscription-based SaaS model with monthly and yearly plans, integrating with popular cycling platforms such as Strava, Garmin, and Zwift. The website demonstrates a high level of professionalism, excellent content quality, and a clear focus on user experience and mobile optimization. Technically, the platform leverages modern JavaScript frameworks (Vue.js), cloud CDN hosting, and multiple analytics and marketing tools to deliver a fast and responsive user experience. Security posture is good with HTTPS enforced and CSRF protections, though there is room for improvement in security headers and explicit privacy compliance mechanisms. Overall, the business appears legitimate and well-positioned in the niche cycling analytics market, with strong trust indicators such as testimonials and recognized trademarks.

S

Speed Dial 2

speeddial2.com

52

Speed Dial 2 is a well-established browser extension focused on enhancing the new tab page experience for users of Google Chrome, Firefox, Microsoft Edge, and Brave. With over a decade of presence since 2011 and more than one million downloads, it offers customizable, organized, and productivity-enhancing features including bookmark management and a mobile app. The website reflects a professional and user-centric approach with strong branding and positive user testimonials. Technically, the site employs modern web technologies, asynchronous analytics scripts, and is hosted likely behind Cloudflare, ensuring good performance and security. The security posture is solid with HTTPS and some security headers, though there is room for improvement in explicit cookie consent and published security policies. Overall, the site demonstrates high business credibility and technical maturity, with minor gaps in privacy compliance and incident response transparency.

C

Coloring Labs

coloringlabs.com

57

Coloring Labs is a small technology company specializing in the development of family-friendly coloring apps for iPad users, targeting children and parents. Their market position is niche, focusing on creative and educational digital content for kids. The website presents a professional and consistent brand image with clear messaging about their app offerings. Technically, the site is built using modern frameworks such as Next.js and React, ensuring fast performance and excellent mobile optimization. However, accessibility features are basic and could be improved. From a security perspective, the website benefits from HTTPS encryption but lacks important security headers and formal security policies such as privacy or cookie policies. The use of PostHog analytics indicates moderate user tracking without visible consent mechanisms, which may raise privacy compliance concerns. No forms or sensitive data collection points were detected, reducing immediate risk exposure. Overall, the website is safe and suitable for general audiences, with no adult or questionable content. The absence of detailed business registration data and security policies suggests room for improvement in transparency and compliance. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, and expanding contact information to build greater trust and compliance.

Michal Šimonfy's website serves as a comprehensive portfolio showcasing his digital and new media artworks, including installations, netart, and public space actions. The site targets art enthusiasts, galleries, and cultural institutions, positioning the artist as an independent creative professional with international recognition and awards. The business model is centered on artistic presentation rather than commercial transactions. Technically, the website employs standard web technologies such as HTML5, CSS, JavaScript, and jQuery, supplemented by Google Analytics and New Relic for monitoring. While the site is functional and moderately optimized, it lacks advanced frameworks or CMS platforms and could benefit from improved mobile responsiveness and accessibility. From a security perspective, the site uses HTTPS but lacks important security headers and formal privacy or cookie policies, which impacts compliance and user trust. No forms or sensitive data collection are present, reducing risk exposure. The WHOIS data aligns well with the website's claims, supporting legitimacy. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, security hardening, and modernization of technical components to improve user experience and regulatory adherence.

K

Kijub-Bergkamen

kijub-bergkamen.de

39

Kijub-Bergkamen operates as a local government youth service platform in Bergkamen, Germany, providing a range of programs and events targeted at children, youth, adults, and institutions. The website serves as a hub for information on youth participation projects, holiday activities, and educational offerings, positioning itself as a community-centric service provider with a clear focus on youth development and engagement. The business model is public sector oriented, emphasizing community service rather than commercial revenue generation. Technically, the website is built on a modern stack including HTML5, CSS3, JavaScript, and likely the MODX CMS platform, hosted on kasserver.com. It employs responsive design principles and includes cookie consent management via Cookiehero, ensuring compliance with privacy regulations. Performance is moderate with good mobile optimization, though SEO and accessibility features are basic. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, but lacks explicit security headers and documented security policies. No vulnerabilities or exposed sensitive data were detected. The absence of a security.txt file and incident response contacts suggests room for improvement in security transparency and readiness. Overall, the website is professional, trustworthy, and safe for general audiences, with a strong focus on community and youth services. Strategic recommendations include enhancing security headers, publishing security policies, and improving contact transparency to further strengthen trust and compliance.

N

NRW.Mobidrom GmbH

verkehr.nrw

60

Verkehr.NRW is the official traffic information portal for the German state of Nordrhein-Westfalen, operated by NRW.Mobidrom GmbH. The website provides comprehensive real-time traffic updates, routing options for various transport modes including car, bike, public transport, and intermodal solutions, as well as additional services like fuel price comparisons and construction alerts. It serves residents and visitors seeking reliable and up-to-date traffic information within the region. The portal is positioned as a trusted government-affiliated service with a medium-sized operational scope and a focus on transportation sector services. Technically, the website is built on the Liferay CMS platform, leveraging modern web technologies such as OpenLayers for mapping, jQuery, and Clay UI components. The infrastructure appears well-maintained with good mobile optimization, accessibility, and SEO practices. Hosting and domain registration are consistent with the regional focus, and the site uses HTTPS with appropriate security headers, ensuring secure user interactions. From a security perspective, the portal demonstrates good practices including HTTPS enforcement, CAPTCHA protection on contact forms, and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit published security policies or incident response contacts, and DNSSEC is not enabled, which could be improved. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms in place. Overall, Verkehr.NRW presents a professional, trustworthy, and secure platform for traffic information in Nordrhein-Westfalen. Strategic recommendations include enabling DNSSEC, publishing a security.txt file, and providing explicit security and incident response information to further enhance trust and security posture.

G

GL Service gGmbH

gl-service-ggmbh.de

67

GL Service gGmbH is a German non-profit organization focused on social services including employment promotion, youth welfare, catering, and community facility management. The website is professionally designed using WordPress and Gutenberg, with good mobile optimization and clear navigation. The business targets local community members and institutions, providing essential social and municipal services. Technically, the site uses modern web standards and includes structured data for local business identification. Security posture is good with HTTPS and security headers implemented, though there is room for improvement in privacy compliance and incident response transparency. Overall, the site is trustworthy and well-maintained, serving its community effectively.

S

Stadt Bergisch Gladbach

arbeiten-fuer-bergischgladbach.de

61

The website 'arbeiten-fuer-bergischgladbach.de' serves as the official job portal for the municipal government of Stadt Bergisch Gladbach, Germany. It provides comprehensive information on current job openings, apprenticeship and study opportunities, and application procedures. The site targets job seekers interested in public sector employment within the city, emphasizing a diverse range of professions and a strong employer brand supported by employee testimonials. The business model is that of a public sector employer promoting recruitment and workforce development. The site is well-positioned as a trusted municipal resource with a large workforce and a clear focus on community engagement. Technically, the website is built on ASP.NET WebForms with the onpublix CMS platform and uses JavaScript libraries such as slick slider and etracker analytics. The site is mobile-optimized with good SEO practices and a moderate performance profile. Privacy and cookie policies are present with consent mechanisms, reflecting GDPR compliance. However, some security headers are missing, and no explicit security or incident response policies are published. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. The use of etracker analytics is accompanied by cookie consent, indicating a moderate user tracking level with good privacy compliance. No vulnerabilities or suspicious domains were detected. The WHOIS data shows generic DNS providers without detailed registrant info, but no suspicious patterns were found, supporting a high legitimacy score. Overall, the website is a professional, secure, and compliant municipal job portal with strong business credibility and good user experience. Recommendations include enhancing security headers, publishing security policies, and possibly adding terms of service to improve transparency and trust.

A

Amazon

aboutamazon.es

68

The website https://www.aboutamazon.es/ serves as the official Spanish regional About Amazon site, providing comprehensive information about Amazon's business principles, operations, and impact in Spain. It highlights Amazon's focus on customer obsession, innovation, logistics excellence, and long-term thinking. The site targets a general audience including customers, partners, and potential employees, showcasing Amazon's services such as e-commerce, logistics, AWS, and entertainment. The market position is that of a leading global e-commerce and technology provider with a strong presence in Spain. Technically, the site employs modern web technologies including Polymer web components, TrustArc for consent management, and Chartbeat for analytics, ensuring good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS enforced and privacy compliance evident through detailed privacy and cookie policies with consent mechanisms. No critical vulnerabilities or blocking mechanisms were detected. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR regulations, although WHOIS data is unavailable due to query restrictions. Strategic recommendations include publishing explicit security policies and incident response contacts to enhance transparency and trust.

A

Amazon

aboutamazon.mx

60

Amazon México's About site serves as a corporate information portal tailored for the Mexican market, providing announcements, original content, and data about Amazon's operations in Mexico. The site reflects Amazon's position as a leading global e-commerce and technology company, offering services including retail, logistics, cloud computing, and entertainment. The content is professionally presented in Spanish, targeting consumers, partners, and stakeholders in Mexico. The site is part of Amazon's global network of About sites, supporting brand consistency and regional engagement. Technically, the website employs modern web technologies such as Polymer for custom elements, integrates third-party services like Facebook SDK, YouTube API, Chartbeat analytics, and Adobe DTM for marketing and analytics. The site is hosted likely on Amazon AWS infrastructure, ensuring fast performance and good mobile optimization. SEO and accessibility practices are well implemented, with proper meta tags, structured data, and responsive design. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. There is no evidence of exposed sensitive data or vulnerable libraries. However, the site lacks visible cookie consent mechanisms and explicit security or incident response policies, which are areas for improvement to enhance compliance and user trust. Overall, the site is trustworthy, professionally maintained, and aligned with Amazon's global standards. It effectively communicates Amazon's business and impact in Mexico, though it could improve privacy compliance transparency and provide clearer contact channels for security and privacy concerns.

A

Amazon

aboutamazon.com.br

46

About Amazon Brasil is a corporate informational website representing Amazon's presence and activities in Brazil. It provides news, stories, and facts about Amazon's business, including e-commerce, AWS, entertainment, and logistics. The site targets a general audience interested in Amazon's operations in Brazil and serves as a regional hub linking to international Amazon sites. The business model is primarily technology-driven e-commerce and cloud services, supported by media and corporate communications. Amazon holds a leading market position globally and locally in Brazil, with a strong brand and extensive service offerings.

A

Amazon

aboutamazon.ca

60

The About Amazon Canada website serves as a corporate informational portal for Amazon's operations and initiatives in Canada. It highlights Amazon's core principles, business segments including e-commerce, cloud services, devices, and entertainment, and provides access to localized content and international sites. The site is well-branded, professionally designed, and targets a broad audience including customers, partners, and stakeholders interested in Amazon's corporate story and impact. Technically, the site employs modern web technologies such as Polymer web components, asynchronous loading of third-party SDKs, and integrates analytics tools like Chartbeat and Adobe DTM for performance and marketing insights. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response information are not prominently disclosed. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting Amazon's commitment to data protection. Overall, the site demonstrates a mature digital presence consistent with a global enterprise.

A

Amazon

aboutamazon.pl

61

The website www.aboutamazon.pl serves as the official About Amazon regional site for Poland, providing comprehensive information about Amazon's business principles, services, workplace culture, and environmental impact. It targets the general Polish audience and supports multiple languages and regional Amazon sites. The site reflects Amazon's position as a large multinational enterprise with a strong e-commerce and technology services presence. Technically, the site employs modern web technologies including Polymer web components, TrustArc for consent management, Chartbeat analytics, and Adobe DTM for tag management, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with good performance metrics. Security-wise, the site enforces HTTPS and uses consent management for cookies, but lacks explicit security headers and publicly available security policies or incident response contacts. No vulnerabilities or suspicious content were detected. Overall, the site is legitimate, professional, and trustworthy, though it could improve transparency around security policies and vulnerability disclosures.

A

Amazon

aboutamazon.fr

66

About Amazon France is a corporate informational website representing Amazon's presence and activities in France. The site highlights Amazon's core principles, business sectors including e-commerce, cloud services, logistics, and entertainment. It serves as a communication platform for corporate information, sustainability efforts, workplace culture, and economic impact in France. The website is professionally designed with consistent branding aligned with Amazon's global identity. Technically, it employs modern web technologies, including JavaScript, SVG icons, JSON-LD structured data, and integrates consent management and analytics tools. Security posture is strong with HTTPS enforced and privacy compliance mechanisms in place, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site is trustworthy, well-maintained, and compliant with GDPR requirements, serving a general audience interested in Amazon's corporate footprint in France.

A

Amazon

aboutamazon.it

51

About Amazon Italia is a localized corporate website providing news, insights, and information about Amazon's operations, impact, and initiatives in Italy. It serves as a communication platform targeting Italian consumers, employees, partners, and stakeholders interested in Amazon's business activities, sustainability efforts, and employment opportunities. The site reflects Amazon's position as a leading global e-commerce and technology company with a strong presence in Italy, offering services ranging from retail to cloud computing and logistics. Technically, the website employs modern web technologies including custom elements, SVG icons, and integrates third-party services such as TrustArc for consent management and Chartbeat for analytics. The site is hosted on Amazon's infrastructure, ensuring reliable performance and security. It is mobile-optimized and accessible, with good SEO practices implemented. From a security perspective, the site enforces HTTPS, uses consent management for GDPR compliance, and includes security headers. No vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not publicly detailed, which could be improved. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. It effectively supports Amazon's brand and business objectives in the Italian market.

A

Amazon

aboutamazon.in

53

About Amazon India is a corporate informational website providing news, announcements, and facts about Amazon's operations in India. It serves as a communication platform for stakeholders, customers, and the general public interested in Amazon's business activities in the region. The site highlights Amazon's key services including e-commerce, delivery logistics, cloud services, entertainment, and payment solutions, reflecting its position as a leading enterprise in the Indian market. The website is part of the global Amazon brand and is consistent with Amazon's corporate identity and branding standards. Technically, the website employs modern web technologies such as Web Components, asynchronous loading of third-party SDKs (Facebook, YouTube), Google reCAPTCHA for bot protection, and analytics tools like Chartbeat and Adobe DTM. The site is hosted on Amazon AWS infrastructure, ensuring reliable performance and scalability. Mobile optimization and SEO practices are well implemented, although accessibility features could be enhanced. From a security perspective, the site uses HTTPS with excellent SSL configuration and includes security best practices like reCAPTCHA and asynchronous script loading. However, explicit security headers and visible privacy or cookie policies are not found in the provided content, indicating room for improvement in compliance and transparency. No vulnerabilities or suspicious content were detected. Overall, the website demonstrates a high level of professionalism, trustworthiness, and technical maturity. The absence of direct contact information and privacy policies slightly reduces privacy compliance scores. Strategic recommendations include adding explicit privacy and cookie policies with consent mechanisms, enhancing security headers, and providing clear contact channels for incident response and data protection inquiries.

A

Amazon

aboutamazon.com.au

60

About Amazon Australia is a corporate informational website representing Amazon's presence and operations in Australia. The site highlights Amazon's core principles, business segments including e-commerce, logistics, devices, and entertainment, and provides links to various regional Amazon sites. The website is professionally designed with consistent branding and targets general consumers and business customers in Australia. It serves as a hub for corporate information, impact initiatives, workplace culture, and sustainability efforts. The parent company is Amazon.com, Inc., a global leader in e-commerce and cloud computing.

A

Amazon

aboutamazon.sg

50

The website aboutamazon.sg serves as the official informational portal for Amazon's operations and presence in Singapore. It highlights Amazon's core principles, business segments including e-commerce, cloud services (AWS), logistics, and entertainment. The site is well-branded with consistent Amazon corporate identity and provides navigation to various international Amazon sites. The technical infrastructure leverages modern web technologies such as Polymer web components, asynchronous loading of third-party SDKs (Facebook, YouTube), and analytics tools like Chartbeat and Adobe DTM. The website is mobile-optimized and SEO-friendly with proper meta tags and structured data. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and privacy policies are not detected in the provided content. WHOIS data is unavailable, likely due to privacy protection, which is common for large enterprises. Overall, the site demonstrates a mature digital presence with high trustworthiness and professional content.

D

Das Kartenhaus

daskartenhaus.info

54

Das Kartenhaus is a small German ticketing service operating since 2021, providing event ticket sales at 8 physical locations and online via affiliate partnerships with platforms like eventim.de. The website is built on WordPress using the Vantage theme and includes standard cookie consent mechanisms compliant with GDPR. The technical infrastructure is moderate in performance with good mobile optimization but lacks advanced security headers and DNSSEC. Security posture is adequate with HTTPS enforced but could be improved with additional security controls. No explicit incident response or security policies are published. Overall, the business appears legitimate and trustworthy with clear contact phone information and transparent affiliate disclosures.

B

BotTalk

bottalk.io

60

BotTalk is a specialized AI voice solution provider targeting news publishers and media companies. Their platform aggregates multiple leading text-to-speech providers into a single audio hub, enabling easy integration, paywall support, and audio monetization through advertising partnerships. The company positions itself as a niche leader with a clear focus on enhancing user engagement and subscription value through audio content. Technically, the website is built on modern frameworks like Next.js and React, hosted with Cloudflare DNS, and integrates analytics and form services for marketing and support. Security posture is good with HTTPS and domain transfer protections, though improvements in DNSSEC and security headers are recommended. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-optimized for its target audience.

C

Contact Privacy Inc. Customer 0164357247

highlightjs.org

56

Highlight.js is a well-established open source project founded in 2012, providing a popular JavaScript syntax highlighting library supporting 192 languages and 512 themes. The website targets developers and technical users, offering comprehensive usage instructions and trusted by major platforms such as Stack Overflow and Discord. The business model centers on open source software distribution with community contributions and GitHub presence. Technically, the site uses modern web technologies including Next.js, Node.js, and Deno, hosted on Netlify, delivering fast and mobile-optimized performance with good SEO and accessibility features. Security posture is solid with HTTPS enforced and domain transfer protections, though explicit security headers and formal privacy/cookie policies are absent. The presence of a dedicated security contact email indicates some incident response readiness. Overall, the site is professional, trustworthy, and technically mature but could improve privacy compliance and security best practices.

L

literaturgebiet.ruhr

literaturgebiet.ruhr

63

literaturgebiet.ruhr is a regional cultural and literary platform based in Germany's Ruhr area, focusing on promoting literature through events, poetry slams, and magazine content. The website serves a niche audience of literature enthusiasts and local cultural participants, operating likely as a small-scale or non-profit organization. The platform offers event information, literary articles, and community engagement opportunities, positioning itself as a key regional player in literary arts promotion. Technically, the website is built on WordPress with modern SEO practices using the Yoast plugin and includes responsive design elements for mobile users. The site uses HTTPS with good SSL configuration and basic cookie consent mechanisms, indicating a reasonable level of digital maturity. However, no advanced security headers or explicit security policies are published, and no direct contact forms or incident response channels are visible. From a security perspective, the site maintains a good posture with encrypted connections and no visible vulnerabilities or exposed sensitive data. Privacy compliance is addressed through accessible privacy and cookie policies, though terms of service and security incident contacts are absent. The site does not employ extensive tracking or advertising technologies, aligning with its cultural and non-commercial nature. Overall, literaturgebiet.ruhr presents a trustworthy and professionally maintained platform with a clear cultural mission. Strategic improvements could include enhanced security headers, explicit incident response information, and expanded contact options to further strengthen trust and compliance.

L

Literatur Rheinland

literatur-rheinland.de

49

Literatur Rheinland is a cultural network platform dedicated to connecting literary institutions, initiatives, and actors within the Rheinland region of Germany. It promotes literary events, publishes a magazine, and offers a literature map highlighting regional literary figures and institutions. The website is built on Drupal 10, featuring modern web technologies and responsive design, ensuring good user experience and accessibility. Social media integration with Facebook, Instagram, and YouTube supports community engagement. Privacy compliance is addressed with a cookie consent banner and a privacy policy in German. Security posture is adequate with HTTPS and cookie management, though some security headers and explicit policies could be improved. Overall, the site serves as a trusted regional literary hub with good content quality and professional presentation.

L

Literaturbüro NRW e.V.

literaturbuero-nrw.de

40

Literaturbüro NRW e.V. is a well-established non-profit organization based in Düsseldorf, Germany, dedicated to promoting literature and culture across North Rhine-Westphalia. Founded in 1980, it supports authors and young talents through events, publications, and educational projects. The organization is publicly funded by the city of Düsseldorf and the state of NRW, positioning it as a key cultural institution in the region. The website reflects this mission with clear content, event calendars, and resources for writers and literature enthusiasts. Technically, the website is built on Drupal 10, indicating a modern and maintainable CMS platform. The site is mobile-optimized, accessible, and well-structured with good SEO practices. Hosting appears stable with known DNS providers. However, there is no visible cookie consent mechanism or advanced security headers, which could be improved to enhance compliance and security posture. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. No incident response or security policy pages are published, and no vulnerability disclosure mechanism is evident. Social media integration is strong, but no analytics or tracking scripts were detected, suggesting minimal user tracking. Overall, the security posture is solid but could benefit from additional headers and privacy enhancements. The overall risk is low given the non-profit cultural nature of the organization and the absence of suspicious indicators. Strategic recommendations include implementing cookie consent, publishing security policies, adding security headers, and considering a vulnerability disclosure page to improve transparency and compliance.

K

kajado GmbH

kajado.de

50

kajado GmbH is a small, established digital agency based in Dortmund, Germany, founded in 2014. The company specializes in web design, web development using WordPress, TYPO3, and Laravel, e-commerce solutions including WooCommerce and Magento, and comprehensive online marketing services such as SEO, SEA, content marketing, and social media marketing. They also offer workshops and seminars, serving clients across Germany from Berlin to Berchtesgaden. The website reflects a professional and consistent brand image with clear contact information and strong trust signals including customer testimonials and third-party review integration. Technically, the website is built on WordPress 6.7.2 with popular plugins like Yoast SEO and WPBakery Page Builder, supported by Borlabs Cookie for GDPR-compliant cookie management. The site is mobile-optimized, moderately performant, and SEO-friendly. Hosting appears to be managed via your-server.de based on nameservers. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Security-wise, the site demonstrates good practices but lacks explicit published security policies or incident response contacts. GDPR compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. No terms of service or vulnerability disclosure policies were found. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness. The overall risk is low, with recommendations to enhance security headers, publish security and incident response policies, and consider a vulnerability disclosure mechanism to further strengthen trust and compliance.

S

Studio Mitte Digital Media GmbH

smdm.at

60

Studio Mitte Digital Media GmbH is a small Austrian technology company specializing in digital solutions including web and software development, e-commerce, custom software, online marketing, and SEO services. The company positions itself as a creative and strategic partner for businesses seeking tailored digital media solutions, with a strong portfolio of regional clients and partnerships with major platforms such as Shopware and Shopify. The website is professionally designed, mobile-optimized, and accessible, reflecting a mature digital presence. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and uses Matomo for analytics, indicating a focus on privacy-conscious tracking. Security posture is generally good with HTTPS enabled and no visible vulnerabilities, but lacks explicit security headers and published security policies. WHOIS data is missing, which raises some concerns about domain registration legitimacy, though the business presence and content suggest a legitimate operation. Overall, the site scores well on content quality, technical implementation, and privacy compliance, with room for improvement in security transparency and domain registration clarity.

E

eSlovensko

eslovensko.sk

54

eSlovensko is a Slovak non-profit organization focused on informatization of municipalities and public services, with a strong emphasis on eGovernment and social responsibility projects. The website showcases numerous awards and recognitions spanning two decades, highlighting its established presence and influence in the Slovak public sector. The organization targets government entities, municipalities, and citizens interested in digital public services and social initiatives. Technically, the website is basic, using legacy HTML and CSS without modern frameworks or responsive design, and it relies on Google Analytics for visitor tracking. Security posture is moderate with DNSSEC enabled and a valid domain registration, but lacks visible security headers and privacy compliance documentation. Overall, the site is trustworthy but would benefit from modernization and enhanced privacy and security practices.

H

HP

hp.sk

73

HP's Slovak website serves as a comprehensive portal for consumers and businesses seeking HP's computing and printing products. The site offers detailed product categories, support resources, and account management, reflecting HP's strong market position as a global technology leader. The digital infrastructure leverages Adobe Experience Manager and modern analytics tools, ensuring a responsive and user-friendly experience. Security measures such as HTTPS and security headers are well implemented, although explicit security policies and incident response information are not prominently published. The absence of WHOIS data is noted but likely due to registry or privacy policies rather than malicious intent. Overall, the site demonstrates high professionalism and trustworthiness, suitable for its enterprise scale and audience.

Z

ZURB, Inc.

zurb.com

70

ZURB, Inc. is an established design consultancy founded in 1999, specializing in strategic marketing, branding, and user experience design. The company serves a diverse clientele ranging from startups to large enterprises, offering services such as growth design, design systems, experience design, product innovation, and mobile/web app development. Their market position is strong, supported by notable client logos and a consistent brand presence. Technically, the website is well-built using modern frameworks like Foundation, with Cloudflare DNS and CDN services enhancing performance and security. The site is mobile-optimized, accessible, and SEO-friendly, with integrated analytics tools such as Google Analytics and Tag Manager. Security posture is solid with HTTPS and domain transfer protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is partial, with a clear privacy policy but lacking cookie consent mechanisms. Overall, the website reflects a professional and trustworthy business with a high level of digital maturity.

A

Aktion Mensch e.V.

aktion-mensch.de

67

Aktion Mensch e.V. is Germany's largest private funding organization dedicated to supporting social projects for people with and without disabilities. The organization operates primarily through a lottery business model, funding inclusion campaigns and social initiatives. Their website is professionally designed, accessible, and provides comprehensive information and services to a broad audience interested in social inclusion and disability support. Technically, the site uses modern JavaScript libraries, a tag management system (Tealium), and appears to be built on a CMS platform likely Sitecore. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit security policies are not evident. Overall, the domain and website content are consistent and trustworthy, reflecting a mature non-profit organization with a strong market position in Germany.

B

Baden-Baden

baden-baden.com

53

Baden-Baden.com is the official tourism portal for the city of Baden-Baden, Germany, providing comprehensive information on local attractions, events, accommodations, dining, and wellness offerings. The website targets tourists and visitors seeking detailed travel and leisure information about the region. Technically, the site is built on the Neos CMS platform using the Flow PHP framework, with modern web technologies including JavaScript and CSS. It features a cookie consent mechanism compliant with GDPR, uses hCaptcha for bot protection, and integrates analytics tools such as Google Analytics and Facebook Pixel. Security posture is generally good with HTTPS enforced, though some security headers are not evident in the provided data. The absence of WHOIS registration data is a notable anomaly, reducing domain trustworthiness despite the professional presentation and official branding. Overall, the site is well-structured, accessible, and provides a positive user experience for its target audience.

The website fr.igraal.com is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks direct content access. This prevents extraction of meaningful business, contact, or policy information. The domain WHOIS data for this subdomain is unavailable, consistent with it being a subdomain rather than an independently registered domain. The page contains minimal HTML content focused solely on verifying the visitor is human before granting access. No privacy, cookie, or terms of service policies are visible, nor are there any contact details or business descriptions. The technical infrastructure relies on Cloudflare for security and DDoS protection, but the lack of accessible content limits further analysis. Security posture cannot be fully assessed due to the blocking mechanism, though the use of Cloudflare indicates some baseline protection. Overall, the site’s risk profile is elevated due to lack of transparency and accessibility, and a full security and compliance evaluation requires bypassing the WAF challenge.

P

Pepper Deals Ltd.

hotukdeals.com

47

hotukdeals.com is a leading UK-based e-commerce community platform operated by Pepper Deals Ltd., a subsidiary of Atolls GmbH. The site offers a vibrant community-driven environment where users share deals, discounts, and voucher codes, positioning itself as Europe's largest shopping rewards company. The platform targets savvy shoppers seeking to maximize savings through crowdsourced deals and affiliate partnerships. Technically, the website employs modern JavaScript frameworks such as Vue.js, uses service workers for performance, and leverages Amazon Cloudfront CDN for hosting, ensuring fast and responsive user experience across devices. Security posture is strong with HTTPS enforced and multiple security headers implemented, though explicit privacy and cookie policies are not readily found, indicating room for compliance improvement. The absence of WHOIS data limits domain registration trust verification, but the professional branding, verified social media presence, and active community engagement strongly support the site's legitimacy. Overall, hotukdeals.com presents a mature, well-maintained e-commerce community platform with solid technical and security foundations but would benefit from enhanced privacy transparency and incident response documentation.

The website www.bsasoftware.com appears to be an active online presence with marketing and analytics integrations such as Google Analytics, HubSpot, and CallRail. However, the absence of WHOIS registration data raises significant concerns about the legitimacy and ownership of the domain. The website lacks critical business information including contact details, privacy policies, and terms of service, which diminishes trustworthiness. Technically, the site is built on WordPress and uses common web technologies but shows only basic implementation with limited content and minimal SEO or accessibility features. Security posture is weak with no evident security headers or advanced protections. Overall, the site presents a low trust profile and requires significant improvements in transparency, security, and compliance to be considered credible.

Grupo Parques Reunidos operates as a major global leisure park operator managing a diverse portfolio of amusement parks, aquariums, zoos, and water parks across multiple countries. The company employs various business models including ownership, management, and consultancy, positioning itself as a leader in the hospitality and entertainment sector. The website reflects a professional digital presence with clear navigation, multilingual support, and active social media engagement. Technically, the site is built on Adobe Experience Manager with integration of Google Tag Manager and OneTrust for cookie consent, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks visible security headers and explicit privacy policies, which are areas for improvement. The absence of WHOIS registration data is a notable anomaly that reduces trust slightly, though the overall business credibility remains high based on website professionalism and content quality. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and terms policies, and clarifying domain registration details to improve trust and compliance.

Life Radio GmbH & Co.KG operates a professional media website focused on radio broadcasting, podcasts, news, and events primarily serving the Austrian market. The website offers multiple streaming channels, podcast episodes, and promotional campaigns targeting a general audience interested in music and regional news. The company maintains a consistent brand presence across social media and digital platforms, supporting its market position as a regional media broadcaster. Technically, the website employs modern JavaScript frameworks and integrates third-party services such as Usercentrics for consent management and AdsWizz for advertising. The site is mobile-optimized with good SEO practices and a moderate performance profile. However, some technical improvements are recommended, including the implementation of security headers and enhanced accessibility features. From a security perspective, the site enforces HTTPS and uses a consent management platform, indicating GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security policies, incident response contacts, and WHOIS domain registration data introduces some trust concerns. The website does not appear to be blocked or protected by a WAF, allowing full content access. Overall, the website presents a professional and trustworthy media platform with room for improvement in security transparency and domain registration verification. Strategic recommendations include enhancing security headers, publishing incident response information, and verifying domain registration details to strengthen trust and compliance.

R

RegioEntsorgung AöR

regioentsorgung.de

69

RegioEntsorgung AöR operates as a regional public authority focused on waste disposal and recycling services in Germany. The website provides comprehensive information about waste separation, collection services, service locations, customer support, and career opportunities. It targets residents and businesses within its service region, positioning itself as a trusted local waste management provider. The business model is centered on public service delivery with direct citizen engagement. Technically, the website is built on TYPO3 CMS, a robust and mature content management system. It employs responsive design, SVG icons, and modern JavaScript for interactive elements. The site includes a cookie consent mechanism compliant with GDPR, uses Google Analytics for tracking, and is optimized for mobile and accessibility standards. Performance is moderate, with good SEO and navigation clarity. From a security perspective, the site enforces HTTPS and implements cookie consent controls. However, it lacks explicit security policy documentation, incident response contacts, and security.txt files. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms domain legitimacy and consistency with the business identity. Overall, the website demonstrates a solid digital presence with good privacy compliance and business credibility. Strategic improvements in security transparency and incident response readiness would enhance trust and resilience.

K

Klarna

sofort.de

68

Klarna is a leading European payment service provider that has integrated Sofortüberweisung into its platform, offering customers a seamless, secure, and familiar payment experience. The website clearly targets German-speaking online shoppers and merchants, emphasizing ease of use, security, and buyer protection. Klarna's market position is strong, supported by a comprehensive suite of payment options and a well-branded digital presence. Technically, the site uses modern web technologies including React and integrates analytics and tracking tools such as Google Analytics and FullStory, ensuring good performance and user experience across devices. Security is robust with HTTPS, multi-factor authentication, and buyer protection prominently featured, although explicit incident response and vulnerability disclosure policies are not publicly detailed. Overall, the site is professional, trustworthy, and compliant with GDPR, with clear contact channels and comprehensive policy documentation.

Papoo Software & Media GmbH operates the Papoo CMS, a German-based, open source content management system focused on accessibility, SEO, and marketing integration. The company targets website owners and developers seeking a modern, mobile-friendly CMS with extensive features and customization options. The website demonstrates a mature technical infrastructure using PHP, MySQL, and modern frontend frameworks, with strong emphasis on SEO and accessibility. Security posture is solid with HTTPS, CSRF protections, and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is comprehensive, with detailed policies and GDPR-aligned consent tools. Overall, the site is professional, trustworthy, and well-positioned in the CMS market.

J

Jspreadsheet

lemonadejs.com

61

LemonadeJS is a small technology company offering a lightweight, dependency-free reactive JavaScript library designed for modern frontend development. The company provides a suite of reusable components and plugins that integrate with popular frameworks such as React and VueJS. Their ecosystem includes commercial and open-source products, targeting JavaScript developers seeking efficient and flexible tools. The website is well-structured, professionally designed, and provides comprehensive technical documentation and examples. The technical infrastructure leverages modern web technologies and includes analytics via Google Tag Manager and Google Analytics. Security posture is moderate with HTTPS enforced but lacks published security policies, privacy policies, and security headers. The domain is well-established with consistent WHOIS data, supporting legitimacy. Overall, the website is trustworthy but could improve privacy compliance and security transparency.

J

Jspreadsheet CE

bossanova.uk

51

Bossanova.uk operates as the home for Jspreadsheet CE and related JavaScript UI components, offering both open-source and enterprise-grade spreadsheet and data grid solutions. The company targets developers and enterprises seeking flexible and powerful JavaScript components to integrate into web applications. Their product ecosystem includes collaborative spreadsheet tools and JavaScript plugins, positioning them as a niche technology provider in the web development space. The website is professionally designed with good content relevance and clear navigation, supporting a positive user experience.

I

Intrasheets

intrasheets.com

62

Intrasheets is a technology company offering a self-hosted, real-time collaborative spreadsheet solution designed for organizations requiring private data management and API integration capabilities. The product emphasizes data security, version control, and relational worksheet features, targeting developers and enterprises seeking flexible spreadsheet collaboration on their own infrastructure. The website is professionally designed with clear navigation and good content quality, supporting the business model with free trials and comprehensive documentation. Technically, the site leverages modern JavaScript libraries including Jspreadsheet, Jsuites, and LemonadeJS, hosted on AWS infrastructure, providing a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and no exposed sensitive data, though improvements are recommended such as enabling DNSSEC and adding security headers. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the domain registration is consistent with the business age and no suspicious patterns are detected, supporting a legitimacy score of 85 out of 100.

J

Jspreadsheet

jspreadsheet.com

62

Jspreadsheet is a technology company specializing in a JavaScript plugin that provides advanced spreadsheet and data grid controls for web applications. The company targets developers and businesses seeking Excel-like spreadsheet functionality embedded in their software. It holds a strong market position with usage by leading global companies and offers a professional product with extensions and framework integrations. The website demonstrates a mature technical infrastructure leveraging modern JavaScript frameworks, CDNs, and multiple analytics and marketing tools. The site is well-designed, mobile-optimized, and SEO-friendly, providing a rich user experience. Security posture is good with HTTPS and domain transfer protections, but lacks some advanced headers and published security policies. Privacy compliance is basic with cookie consent but no visible privacy policy. Overall, the risk is moderate with recommendations to enhance security headers and publish privacy and security policies to improve trust and compliance.

RDN Agentur für Public Relations GmbH und RDN Verlags GmbH is a small German media and public relations company specializing in creative, multimedia services including website development, press work, social media management, and publishing. Their market position is that of a regional niche agency and publisher serving business clients seeking professional media and PR solutions. The website reflects a professional and consistent brand image with clear contact information and social media presence, supporting business credibility. Technically, the website uses modern Bootstrap 5.3.2 for responsive design and includes JavaScript for interactivity. The site is moderately performant and mobile-optimized but lacks advanced accessibility features and SEO optimization. No CMS or hosting provider details are evident. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site is accessible over HTTPS (assumed from URL), but no security headers were detected, and no explicit security policies or incident response contacts are provided. The site lacks a cookie consent mechanism despite having a GDPR-compliant privacy policy. No forms or data collection points were found on the homepage, reducing attack surface. WHOIS data is consistent with the business claims, showing no privacy protection and legitimate DNS configuration. Overall, the website presents a moderate security posture with room for improvement in security headers, cookie consent, and incident response transparency. The business credibility is strong, but technical and privacy compliance aspects could be enhanced to improve trust and compliance.

H

Hertener Stadtwerke GmbH

hertener-stadtwerke.de

64

Hertener Stadtwerke GmbH is a regional energy utility company based in Herten, Germany, with a long-standing history of approximately 125 years. The company provides a comprehensive range of energy products and services including electricity, natural gas, district heating, water supply, photovoltaic solutions, and e-mobility infrastructure. Their website targets private customers in the Herten region, offering detailed information and customer service options. The business model focuses on regional energy supply and customer-centric services, supported by digital tools such as a customer portal and mobile app. The company maintains a consistent brand presence and demonstrates trustworthiness through structured data, official contact information, and social media engagement.

Š

Štatistický úrad Slovenskej republiky

scitanie.sk

57

The website www.scitanie.sk serves as the official portal for the 2021 Census of Population, Houses, and Apartments conducted by the Statistical Office of the Slovak Republic. It provides comprehensive statistical data, including basic and extended results, geospatial data, and time series related to population, housing, and households. The target audience includes government officials, researchers, and the general public interested in demographic and housing statistics. The site is positioned as an authoritative government source with a clear focus on transparency and data dissemination. From a technical perspective, the website employs modern web technologies such as deferred JavaScript loading, web fonts, and Google Analytics with user consent. The site is mobile-optimized and accessible, with clear navigation menus and structured content. However, there is no detected CMS or advanced frameworks explicitly identified. Performance is moderate, with room for optimization. Security-wise, the site enforces HTTPS and includes a cookie consent mechanism aligned with GDPR requirements. However, it lacks explicit security headers like Content Security Policy or HSTS, and no dedicated security or incident response policies are visible. No vulnerabilities or suspicious elements were detected in the provided content. The WHOIS data confirms the domain's legitimacy as a Slovak government entity, enhancing trust. Overall, the website demonstrates a solid foundation in content quality, technical implementation, and business credibility but could improve its security posture and privacy compliance by adding explicit policies and security headers. Strategic recommendations include implementing security headers, publishing clear contact and incident response information, and establishing a vulnerability disclosure policy to enhance trust and compliance.

E

EURES Slovensko

eures.sk

58

EURES Slovensko operates as the official Slovak national portal for the European Employment Services network, providing verified job offers, seasonal work opportunities, and advisory services for job seekers and employers interested in employment mobility within the European Union. The website targets Slovak citizens and employers, offering comprehensive information about working abroad, financial support, and legal employment conditions. The business model is government-oriented, focusing on facilitating labor mobility and employment support rather than commercial profit. Technically, the website is built on WordPress with a modern plugin ecosystem including caching, multilingual support via WPML, and Google Analytics for visitor insights. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, with room for improvement in loading speed and technical modernization. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms aligned with GDPR. However, it lacks several important security headers such as Content-Security-Policy and X-Frame-Options, which could enhance protection against common web attacks. No explicit security or incident response policies are published, and no vulnerability disclosure or security.txt files are found. Overall, the security posture is adequate but could be improved with additional hardening and transparency. The overall risk assessment is low given the official nature and content safety of the site. Strategic recommendations include implementing missing security headers, publishing privacy and security policies, enhancing accessibility, and maintaining regular security audits. These steps will strengthen trust, compliance, and resilience against emerging threats.

U

UzemnePlany.sk

uzemneplany.sk

39

UzemnePlany.sk is a specialized Slovak information portal dedicated to urban planning, territorial development, and related legislative and architectural topics. It serves a professional and public audience including architects, urban planners, local governments, and students. The portal offers extensive resources such as urban plans, articles, legal documents, and event information, positioning itself as the largest information source in Slovakia for this sector. Technically, the site uses a custom CMS with JavaScript libraries like jQuery and jQuery UI, providing moderate performance and basic mobile optimization. Security-wise, the site employs HTTPS but lacks advanced security headers and explicit security policies, which could be improved to enhance protection and compliance. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professional but could benefit from enhanced security and privacy practices.

D

Deutsche Vereinigung für Datenschutz e.V. (DVD) and Berufsverband der Datenschutzbeauftragten Deutschlands (BvD) e.V.

datenschutz-wiki.de

46

The Datenschutz-Wiki is a specialized, non-profit wiki platform jointly operated by two German data protection associations: Deutsche Vereinigung für Datenschutz e.V. (DVD) and Berufsverband der Datenschutzbeauftragten Deutschlands (BvD) e.V. It serves as a knowledge base on data protection and information freedom, providing legal texts, commentary, and links to relevant blogs and official authorities. The site is currently in a rebuilding phase after a 2023 relaunch, with older content archived externally. The target audience includes data protection professionals and the general public interested in privacy laws in Germany. The business model is educational and community-driven, with no commercial advertising or tracking.