Security Directory

K

Klaviyo

kmail-lists.com

71

Klaviyo is a leading marketing automation platform specializing in email and SMS marketing for eCommerce businesses. Founded in 2012 and headquartered in Boston, MA, it offers a SaaS solution that enables personalized customer engagement through data-driven campaigns. The company holds a strong market position with a focus on technology-driven marketing solutions tailored for online retailers. Technically, Klaviyo's website demonstrates a mature digital infrastructure, leveraging modern JavaScript frameworks, CDN hosting via AWS Cloudfront, and integration with analytics and experimentation tools such as Google Tag Manager and Optimizely. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a high level of digital maturity. From a security perspective, the website enforces HTTPS, employs security headers, and uses reCAPTCHA to protect forms. However, it lacks a publicly visible dedicated security policy or incident response contact, which could be improved to enhance transparency and trust. No vulnerabilities or suspicious content were detected, and privacy compliance is supported by comprehensive privacy and cookie policies. Overall, Klaviyo presents a professional and trustworthy online presence with strong technical and security foundations. Strategic enhancements in security transparency and WHOIS data availability would further strengthen its risk profile and stakeholder confidence.

G

Google

google.dev

71

The Google Developer Program website is a professionally designed and well-structured platform aimed at developers and technology professionals. It provides comprehensive documentation, training resources, and visibility for developer achievements. The site is part of the Google Developers ecosystem, leveraging Google's strong brand and technological infrastructure. The website uses modern web technologies, including progressive web app features, Google Fonts, Material Icons, and Google Analytics for tracking. Hosting and content delivery are managed via Google Cloud Platform, ensuring fast performance and high availability. From a security perspective, the site enforces HTTPS and employs best practices such as secure forms and no exposed sensitive data. While explicit security headers like Content-Security-Policy are not visible in the HTML, the overall SSL configuration and security posture are strong. Privacy compliance is well addressed with accessible privacy and cookie policies, including consent mechanisms and GDPR compliance indicators. However, no direct contact or incident response information is found on the profile page. The domain is a subdomain of google.com, which is a highly trusted and established domain. WHOIS data for the subdomain is not available, which is typical for large organizations managing subdomains internally. The website content is safe for general audiences, with no adult or explicit content detected. Overall, the site demonstrates a high level of professionalism, trustworthiness, and technical maturity.

Stadt Haltern am See operates a municipal government website providing comprehensive information about local administration, politics, public services, and community news. The site targets residents and visitors, offering services such as Bürgerbüro contact, political updates, and event information. The website is well-structured, mobile-optimized, and uses modern web technologies including jQuery and CSS3. It is managed using the PANSITE CMS platform. Security posture is solid with HTTPS enforced and cookie consent implemented, though security headers and incident response information are absent. Privacy compliance is strong with a comprehensive privacy policy and cookie banner. The domain WHOIS data is minimal but consistent with a legitimate municipal entity. Overall, the website is trustworthy, professional, and serves its public service mission effectively.

R

Ruhrbühnen

ruhrbuehnen.de

41

Ruhrbühnen is a regional cultural institution dedicated to theatre and performing arts in the Ruhr region of Germany. The website serves as an informational platform for their performances and cultural events, targeting a general audience interested in arts and culture. The business model is focused on cultural provision rather than commercial sales. The site content is basic but functional, with moderate branding consistency and a regional market position. Technically, the website uses modern web technologies including web components (hylo-button) and appears to be built with StencilJS. Hosting is managed via DomainControl name servers, indicating registration through GoDaddy. The site shows moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. From a security perspective, the website lacks visible security headers, privacy policies, cookie consent mechanisms, and incident response information. SSL configuration and HTTPS enforcement could not be confirmed from the provided data. No vulnerabilities or malicious indicators were detected, but the security posture is weak due to missing best practices and compliance documentation. Overall, the website is accessible and safe for general audiences but requires improvements in privacy compliance, security policies, and contact transparency to enhance trust and regulatory adherence.

D

Deutscher Volkshochschul-Verband e. V.

volkshochschule.de

62

The Deutscher Volkshochschul-Verband e. V. operates the website volkshochschule.de, serving as the central platform for adult education centers (Volkshochschulen) in Germany. The site provides course finding tools, educational policy information, and news updates, targeting adult learners and educational institutions. It holds a strong position as a leading non-profit educational association in Germany. Technically, the website is built on the Sitepark CMS platform, hosted on bringe.net, and employs modern web technologies including responsive images and SVG icons. The site is mobile optimized and accessible, with good SEO practices. Security-wise, the site enforces HTTPS, uses anonymized Matomo analytics, and provides a GDPR-compliant cookie consent mechanism. However, explicit security policies and incident response contacts are not found, which could be improved. Overall, the website is professional, trustworthy, and compliant with privacy regulations, making it a reliable resource for its audience.

S

Samuel Niums Aminou

niums.com

42

The website niums.com represents a personal freelance portfolio and blog operated by Samuel Niums Aminou, a French web designer and blogger. The site focuses on showcasing web design work, sharing blog content related to web development and music, and linking to a YouTube channel for video content. The business model is that of an individual freelancer targeting French-speaking audiences interested in web design and music genres. The market position is small and personal, with no indication of larger corporate structure or subsidiaries. Technically, the website is built using basic HTML, CSS, and JavaScript, with Google Analytics integrated for visitor tracking. The hosting provider is OVH sas, a reputable French hosting company. The site lacks modern CMS or frameworks and shows minimal mobile optimization and accessibility features. SEO practices are basic, with meta tags present but no advanced structured data or Open Graph tags. From a security perspective, the site has a basic posture. The domain is registered since 2003 with no privacy protection, indicating transparency and legitimacy. However, no DNSSEC is enabled, no security headers are detected, and there is no visible HTTPS enforcement or secure forms. Privacy and cookie policies are absent, and no contact information is provided, which reduces compliance with GDPR and best practices. Google Analytics is used without a consent mechanism, indicating privacy compliance gaps. Overall, the website is functional for its purpose as a personal portfolio and blog but lacks professional security, privacy, and compliance features. The risk level is moderate due to missing security controls and privacy policies. Strategic improvements in security headers, HTTPS enforcement, privacy compliance, and contact transparency are recommended to enhance trust and compliance.

The website respectdudroitdauteur.fr serves as an advocacy and informational platform focused on the respect of copyright and intellectual property rights within the context of emerging AI regulations in Europe. It represents a coalition of European cultural and creative organizations, publishing declarations and charters to influence policy and promote responsible AI use respecting creators' rights. The site is relatively new, founded in 2023, and hosted on OVH using WordPress technology. It demonstrates good content quality and professional presentation, targeting stakeholders in the cultural and AI regulatory sectors. Technically, the site is well-structured, mobile-optimized, and accessible, though it lacks advanced security headers and cookie consent mechanisms. Security posture is adequate with HTTPS enforced but could be improved with additional policies and disclosures. Overall, the site is trustworthy and credible but would benefit from enhanced privacy compliance and security transparency.

I

Introversion Software Ltd

introversion.co.uk

57

Introversion Software Ltd is a well-established independent game developer and publisher based in the United Kingdom, founded in 2001. The company has a strong reputation in the indie gaming community, known for critically acclaimed titles such as Prison Architect, Uplink, DEFCON, Darwinia, Multiwinia, and Scanner Sombre. Their business model focuses on direct sales through major digital distribution platforms like Steam, GOG, and Humble Store, targeting gamers on PC, Mac, and Linux platforms. The website reflects a professional and consistent brand image with clear navigation and relevant content about their games and company history. Technically, the website employs a modern tech stack including HTML5, CSS3, JavaScript, jQuery, and integrates third-party services such as Google Analytics, Google Tag Manager, YouTube iframe API, and Twitter widgets. The site is hosted with a reputable registrar (Gandi) and uses CDN resources for performance. Mobile optimization is good, though accessibility features are basic. SEO optimization is present but could be improved. From a security perspective, the site uses HTTPS and asynchronous loading of analytics scripts, but lacks explicit security headers and a published privacy or cookie policy, which are important for compliance and user trust. No vulnerabilities or exposed sensitive data were detected. Contact information is limited to email addresses, with no phone numbers or physical addresses provided. The WHOIS data confirms domain legitimacy and consistency with the company’s history. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance measures, improved security headers, and more comprehensive contact information to strengthen user trust and regulatory adherence.

M

MedSchoolBro

medschoolbro.com

67

MedSchoolBro is a small Canadian-based e-commerce business specializing in educational products for medical students preparing for exams such as the MCAT and USMLE. The website is built on the Shopify platform using the Dawn theme, integrating multiple marketing and analytics tools including Google Tag Manager, Facebook Pixel, Klaviyo, and Mailchimp. The technical infrastructure is modern and supports mobile optimization and good user experience. Security posture is adequate with HTTPS enabled and domain registrar locks in place, but lacks DNSSEC and security headers which could enhance protection. Privacy compliance is weak due to absence of privacy and cookie policies, and no visible contact information or incident response details are provided. Overall, the website is professional and trustworthy for its niche but would benefit from improved compliance and security transparency.

A

AtmosFX Digital Decorations

atmosfx.com

70

AtmosFX Digital Decorations operates a well-established e-commerce website specializing in animated digital decorations for holidays such as Halloween and Christmas. The company leverages the Shopify platform with extensive integrations for marketing, analytics, and customer engagement. The website is professionally designed, mobile-optimized, and provides a seamless user experience targeting consumers interested in digital holiday decorations. Privacy and cookie consent mechanisms are implemented, reflecting good compliance with GDPR standards. However, explicit security policies and incident response information are not publicly available, representing an area for improvement. The domain registration is consistent with the business history, supporting legitimacy. Overall, the website demonstrates a mature digital presence with a solid security posture but could enhance transparency around security and incident response.

S

Sweat

sweat.com

73

Sweat is a leading fitness app focused on empowering women through a wide range of workout programs and wellness content. The company operates a subscription-based business model and has established a strong market position with millions of users globally. Their digital infrastructure leverages modern web technologies including Svelte, Stripe for payments, and Cloudflare for hosting and security. The website demonstrates excellent design quality, mobile optimization, and SEO practices, providing a seamless user experience. Security posture is strong with HTTPS enforcement, security headers, and client transfer protection on the domain, although there is room for improvement in publishing explicit security policies and vulnerability disclosure mechanisms. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent management tools. Overall, Sweat presents a professional, trustworthy, and secure online presence suitable for its target audience.

F

Förderverein für regionale Entwicklung e.V.

terminbuchungstool.de

65

The website terminbuchungstool.de is operated by the Förderverein für regionale Entwicklung e.V., offering an online appointment and course booking tool primarily targeting public sector entities, healthcare providers, and businesses in Germany. The platform facilitates efficient scheduling with features like Outlook synchronization, customizable calendars, and automated email confirmations. The site is well-positioned in its niche, supported by positive customer testimonials and a clear focus on GDPR compliance and data security. Technically, the site employs modern JavaScript libraries and CSS frameworks, is mobile-optimized, and uses SSL encryption to secure data transmission. Security best practices are observed, including CAPTCHA on forms and cookie consent management, though additional security headers and a formal security policy could enhance posture. Overall, the site is professional, trustworthy, and compliant with relevant privacy regulations, making it a reliable solution for appointment management in its target sectors.

Demokratie leben is a local government-backed initiative based in Herten, Germany, focused on promoting democracy, diversity, and preventing extremism through community projects and funding. The website serves as an information hub and application portal for project funding under the federal program 'Demokratie leben!'. The target audience includes local citizens, civil society actors, and project applicants. The business model is non-profit and government-supported, emphasizing community engagement and democratic participation. Technically, the website uses standard web technologies including JavaScript, jQuery, and Font Awesome, hosted on INWX nameservers. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. The CMS is not explicitly identified but appears custom or proprietary. The website is secured with HTTPS and includes a cookie consent mechanism, though lacks advanced security headers and published security policies. From a security perspective, the site demonstrates good baseline practices such as HTTPS enforcement and cookie consent. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The site does not use analytics or advertising scripts, minimizing privacy risks. Overall, the website is trustworthy, professional, and compliant with GDPR requirements. It effectively supports its mission to promote democracy locally. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving mobile optimization and SEO for broader reach.

H

Heineken

heineken.cz

71

Heineken is a globally recognized brewing company specializing in the production and marketing of beer products. The website analyzed serves primarily as an age verification gateway to ensure compliance with legal drinking age regulations before granting access to alcohol-related content. The site demonstrates a mature digital presence with integrated privacy and cookie consent mechanisms, reflecting adherence to GDPR and other privacy standards. The technical infrastructure includes modern JavaScript usage, Google Tag Manager for analytics, and OneTrust for consent management, indicating a well-maintained and compliant digital environment. Security posture is adequate with HTTPS implied and consent mechanisms in place, though explicit security headers were not detected in the provided data. The absence of WHOIS data is unusual but likely due to privacy or registry policies rather than malicious intent. Overall, the website is professional, trustworthy, and targets an adult audience with appropriate content safety measures.

C

CK FISCHER

fischer.sk

55

CK FISCHER is a Slovak travel agency specializing in holiday packages to Mediterranean and exotic destinations for 2025. The website offers last minute and first minute deals, family and wellness holidays, and special travel services. It targets general consumers seeking quality travel experiences with a broad range of destinations and services. The site is professionally designed with consistent branding and good content quality. Technically, it uses modern JavaScript frameworks including Vue.js, integrates Google Tag Manager, reCAPTCHA, and Usercentrics for cookie consent, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and bot protection, but lacks explicit security policies and vulnerability disclosure. Privacy compliance is basic with cookie consent but no visible privacy policy or terms of service pages. Overall, the website is trustworthy and professional, suitable for its business domain.

K

KARTAGO Tours

kartagotours.hu

55

KARTAGO Tours is a Hungarian travel agency specializing in holiday packages, last minute and first minute travel deals, and family-friendly club hotels. The website targets Hungarian-speaking travelers and offers a broad range of travel destinations primarily in Europe, North Africa, and the Middle East. The business operates under the DER Touristik Group umbrella, indicating a strong market presence in Central Europe. Technically, the website employs modern web technologies including Vue.js, Google Tag Manager, and Usercentrics for consent management, reflecting a mature digital infrastructure. Security posture is solid with HTTPS, security headers, and bot protection via reCAPTCHA, though explicit security and incident response policies are not published. Overall, the site is professional, trustworthy, and compliant with GDPR, making it a reliable platform for travel bookings.

K

Kartago SK

kartago.sk

54

Kartago SK operates as a Slovak online travel agency specializing in vacation packages, last minute deals, and first minute offers targeting Slovak-speaking travelers. The website presents a professional and modern interface with a focus on multiple international destinations, leveraging a Vue.js-based frontend and integrating key marketing and analytics tools such as Google Tag Manager, Google Analytics, and Usercentrics for cookie consent management. The business model centers on providing comprehensive travel services including flight bookings and holiday packages, positioning itself as a regional player in the hospitality and transportation sectors. Security measures include HTTPS enforcement and reCAPTCHA integration, though the absence of security headers and formal privacy and terms of service pages indicates room for improvement in compliance and security posture. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

E

EXIM S.A.

exim.pl

58

EXIM S.A. operates the website exim.pl, a prominent Polish travel agency and tour operator specializing in holiday packages, last minute deals, and flight tickets. Positioned as the fifth largest tour operator in Poland, EXIM targets Polish travelers seeking diverse vacation options including exotic destinations, group travel, and customizable plans. The website is professionally designed with a clear focus on user experience, offering rich content and easy navigation. Technically, the site leverages modern JavaScript frameworks such as Vue.js, integrates Google Tag Manager, Usercentrics for consent management, and employs reCAPTCHA for bot protection. Security posture is strong with HTTPS enforcement and multiple security headers, although explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. Overall, the site demonstrates a mature digital presence with good business credibility and technical implementation.

D

Dertouristik RO

dertour.ro

57

DERTOUR Romania operates as an online travel agency specializing in vacation packages, last minute deals, and exclusive hotel offers primarily targeting Romanian customers. The website is professionally designed with a clear focus on travel services, offering a wide range of destinations and booking options. The technical infrastructure leverages modern JavaScript frameworks, Google Tag Manager, and Usercentrics for consent management, indicating a mature digital presence. Security posture is solid with HTTPS enforcement, cookie consent, and no visible vulnerabilities, although explicit security policies and incident response information are not publicly available. Overall, the website presents a trustworthy and professional front for DERTOUR's travel services in Romania.

Q

Qobuz

qobuz.com

66

Qobuz is a well-established digital music service specializing in high-quality streaming and Hi-Res downloads, targeting audiophiles and music enthusiasts primarily in Finland and other international markets. The website demonstrates a mature digital presence with extensive content, clear subscription offerings, and a strong brand identity. Technically, the site employs modern web technologies, including SPA architecture, advanced analytics, and performance monitoring tools, ensuring a fast and responsive user experience across devices. Security posture is solid with HTTPS enforcement, content security policies, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is trustworthy and professionally maintained, though the lack of WHOIS transparency slightly reduces domain trustworthiness.

G

Google

womentechmakers.com

73

The Women Techmakers program is an initiative by Google aimed at advancing women in technology by providing visibility, community support, and resources. The website serves as a hub for program information, ambassador and member engagement, and various initiatives such as Black Women in Tech and She Builds AI. It is positioned as part of Google's broader developer outreach and diversity efforts, targeting women in tech globally. The program has a significant reach with thousands of ambassadors and tens of thousands of members worldwide. Technically, the website is hosted on Google's infrastructure, leveraging modern web technologies including Google Fonts, Google Analytics, and YouTube embeds. It is optimized for mobile devices, accessible, and designed with a professional and consistent branding approach. The use of structured data and comprehensive metadata enhances SEO and content discoverability. From a security perspective, the site enforces HTTPS and likely employs standard security headers, although explicit header data is not visible in the HTML. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear links to Google's centralized privacy and cookie policies, including consent mechanisms. However, no direct contact information or dedicated security incident response details are provided on the site. Overall, the website demonstrates a mature digital presence with high trustworthiness and professionalism. It effectively supports Google's mission to empower women in technology while maintaining strong technical and security standards.

G

Google

techequitycollective.com

73

Google's developers.google.com community page serves as a hub for developer networking, learning, and engagement with a focus on accelerating tech career pathways. The site is part of Google's extensive developer ecosystem, offering resources related to web and mobile app development, cloud computing, AI, and other cutting-edge technologies. As a subdomain of google.com, it benefits from Google's strong market position and brand recognition. Technically, the site employs modern web standards, Google Cloud hosting, and integrates Google Analytics and Tag Manager for performance and user insights. Security posture is robust, leveraging HTTPS and Google’s security infrastructure, with no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies are linked to Google's comprehensive and GDPR-compliant central policies, enhancing user trust. Overall, the site is professional, well-branded, and trustworthy, targeting developers and tech professionals globally.

P

PROCIREP

procirep.fr

53

PROCIREP is a French collective management organization representing cinema and television producers, focusing on rights management related to private copying and retransmission rights. Established since 1999, it operates alongside related entities such as ANGOA and the French ISAN agency, providing support and funding for audiovisual production. The website reflects a professional and consistent brand presence targeting French audiovisual producers and stakeholders. Technically, the site uses the SPIP CMS with standard web technologies and integrates Google Analytics with a compliant cookie consent mechanism. Security posture is adequate with HTTPS and consent management but lacks explicit security headers and published security policies. Overall, the site is trustworthy, well-maintained, and compliant with GDPR requirements, though improvements in accessibility and security transparency are recommended.

L

labor b designbüro

laborb.de

54

labor b designbüro is a small German digital agency specializing in digital brand strategy, design, and web development. The company serves a diverse clientele including international firms and notable institutions in arts, culture, and science. Their key services include brand development, corporate design, software and web application development, and strategic consulting. The website reflects a professional market position with a clear focus on delivering comprehensive digital experiences. Technically, the website employs modern web standards with HTML5, CSS3, and JavaScript, and integrates privacy-conscious Matomo analytics with cookies disabled. Hosting and DNS are managed via Cloudflare, ensuring reliable performance and security. The site is mobile-optimized and accessible, with good SEO practices. However, some security best practices such as security headers and explicit cookie consent mechanisms are missing. From a security perspective, the site benefits from HTTPS and CSRF token implementation, but lacks published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The domain WHOIS data aligns with the website's professional nature, showing no suspicious patterns or privacy protection that might obscure legitimacy. Overall, the website is trustworthy, well-designed, and compliant with GDPR in terms of privacy policy presence, though cookie consent could be improved. Strategic recommendations include enhancing security headers, adding cookie consent, and publishing security and vulnerability disclosure policies to strengthen trust and compliance.

M

mediaprint infoverlag gmbh

total-lokal.de

46

mediaprint infoverlag gmbh operates the website total-lokal.de, providing regional and local informational brochures, news, and job listings across Germany. With over 50 years of experience, the company serves municipalities and local businesses by publishing both digital and print content focused on topics such as education, building, seniors, and local economy. The website is well-branded and targets residents and businesses seeking localized information. Technically, the site uses common JavaScript libraries and galleries, is mobile-optimized, and implements HTTPS with a DigiCert certificate, ensuring secure user interactions. Privacy compliance is addressed with a comprehensive privacy policy and a cookie consent mechanism. However, direct contact emails and phone numbers are not prominently displayed, relying mainly on contact forms. Security posture is solid but could be improved by adding explicit security policies and vulnerability disclosure information. Overall, the site is professional, trustworthy, and serves a niche media publishing market in Germany.

D

Dinslakener Flächenentwicklungsgesellschaft mbH (DIN FLEG mbH)

zukunft-trabrennbahn.de

50

The website Zukunft der Trabrennbahn is a municipal project platform managed by the Dinslakener Flächenentwicklungsgesellschaft mbH (DIN FLEG mbH) in cooperation with the city of Dinslaken, Germany. It focuses on the redevelopment of the former Trabrennbahn area into a residential neighborhood with community and green spaces. The site provides information, event updates, and opportunities for citizen participation, targeting local residents and stakeholders interested in urban development. Technically, the site is built on the Contao CMS platform, uses modern web standards, and includes multimedia content to engage visitors. Security posture is moderate with HTTPS usage but lacks explicit security headers and formal security policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site is professional, trustworthy, and well-aligned with its business purpose, though improvements in security and privacy transparency are recommended.

S

Stadt Dinslaken

familienkompass-dinslaken.de

63

The Familienkompass Dinslaken website serves as a centralized government-supported portal providing comprehensive family-related services and information for the Dinslaken region in Germany. It targets families, pregnant women, parents, and youth with a broad range of offerings from pregnancy support to education and health services. The site is funded by the Ministry for Children, Youth, Family, Equality, Refugees and Integration of North Rhine-Westphalia, reflecting its public service mission and local government affiliation. The portal offers a searchable database of offers and providers, enhancing accessibility to relevant social services. Technically, the website employs a modern but straightforward technology stack including HTML5, CSS3, JavaScript with libraries such as jQuery, Leaflet.js for mapping, and Matomo for analytics. The site is mobile-optimized, accessible, and well-structured, providing a good user experience. However, no explicit CMS or hosting provider information is available. Performance is moderate with no critical technical debt observed. From a security perspective, the site uses HTTPS and secure form submissions but lacks visible advanced security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial; a privacy policy page exists but no cookie consent mechanism is implemented despite usage of tracking via Matomo. Contact information is clearly provided, enhancing trust and credibility. Overall, the website is a trustworthy, well-maintained government portal with good content quality and user experience. Strategic improvements include implementing cookie consent, publishing security and incident response policies, and enhancing security headers to strengthen compliance and security posture.

D

Deutsche Bahn AG

bahnhof.de

63

bahnhof.de is the official platform operated by Deutsche Bahn AG providing comprehensive information about passenger train stations across Germany. It offers live departure and arrival times, station facilities, accessibility information, and local services to travelers. The website is well-positioned as a leading national transportation information portal, serving a broad audience of train passengers and mobility users. Technically, the site leverages modern web technologies including React and Next.js, ensuring fast performance and excellent mobile optimization. Privacy and cookie policies are well implemented, reflecting GDPR compliance. Security posture is strong with HTTPS and no visible vulnerabilities, though explicit security policies and incident response information are absent. Overall, bahnhof.de demonstrates a mature digital presence with high trustworthiness and professional content.

E

Emscher Lippe Energie GmbH

elecard.de

70

Emscher Lippe Energie GmbH operates the ELE Card platform, a regional loyalty program offering customers discounts and benefits across various sectors such as leisure, retail, and travel. The website is professionally designed, leveraging TYPO3 CMS and modern web technologies to provide a user-friendly experience. The company targets residents and customers in the Emscher Lippe region, positioning itself as a regional energy provider with added customer engagement services. Technically, the site uses reputable analytics and advertising tools including Matomo, Google Ads, and Facebook Pixel, all integrated with a robust cookie consent mechanism ensuring GDPR compliance. Security posture is strong with HTTPS, security headers, and session management in place, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website is trustworthy, compliant, and well-structured, supporting the company's business objectives effectively.

S

Stadt Bottrop

ratsinfo-bottrop.de

59

The Ratsinfosystem website is an official municipal portal operated by Stadt Bottrop, Germany, providing comprehensive public access to political information including committees, members, sessions, and archives. It serves citizens and mandate holders with a clear focus on transparency and accessibility. The site is built on the SD.NET RIM 4 platform, leveraging modern web technologies such as jQuery and CSS3, and includes a secure login mechanism for authorized users. Privacy and cookie policies are prominently linked, reflecting GDPR compliance. Security posture is strong with HTTPS enforced and CSRF protection on forms, though some security headers could be improved. Overall, the site is trustworthy, professionally designed, and well-maintained, with no signs of malicious content or blocking mechanisms.

S

Stadtwerke Castrop-Rauxel GmbH

swcas.de

64

Stadtwerke Castrop-Rauxel GmbH operates as a regional energy utility provider focused on delivering renewable electricity, gas, heating, and electric vehicle charging solutions to residents and businesses in Castrop-Rauxel, Germany. The company emphasizes customer proximity, regional engagement, and environmental responsibility, positioning itself as a trusted local energy partner. Their website reflects a mature digital presence with integrated online calculators, customer portals, and comprehensive service information. Technically, the site is built on TYPO3 CMS with modern JavaScript and Bootstrap frameworks, ensuring good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though formal security policies and incident response contacts are absent. Overall, the site demonstrates good GDPR compliance and business credibility, supported by certifications and clear contact details.

M

Mein Mülheim | Heimaturlaub in der Stadt am Fluss

mein-muelheim.de

57

Mein Mülheim is a tourism-focused website promoting the city of Mülheim an der Ruhr, Germany, highlighting local attractions, weekend tips, and outdoor activities. The site targets general visitors and residents interested in exploring the city and its surroundings. The business model centers on local tourism promotion and community engagement. Technically, the website is built on TYPO3 CMS and employs Cookiebot for cookie consent management, indicating a moderate level of digital maturity. The site is mobile-optimized and presents good content quality with consistent branding. Security posture is moderate, with HTTPS implied and cookie consent implemented, but lacks explicit security headers and published security policies. Privacy compliance is basic, with no visible privacy policy or terms of service pages. Overall, the website is accessible, safe, and professional but would benefit from enhanced privacy and security disclosures to improve trust and compliance.

K

Klima-Bündnis Services

stadtradeln.de

65

STADTRADELN is an established international campaign managed by Klima-Bündnis Services that promotes cycling as a means to improve climate protection, increase bicycle traffic, and enhance quality of life in municipalities. The website serves as a platform for participants and municipalities to register, track cycling activities, and access campaign information. The site is built on TYPO3 CMS with a modern, responsive design and integrates Matomo analytics configured to disable cookies, reflecting some privacy awareness. Security posture is good with HTTPS enforced and secure login mechanisms, though explicit security policies and privacy documentation are not found in the provided content. Overall, the website is professional, trustworthy, and well-positioned in its niche.

K

Kulturforum Witten

kulturforum-witten.de

42

Kulturforum Witten is a public cultural institution operating multiple cultural facilities and event venues in the city of Witten, Germany. It serves as a central hub for cultural activities including museums, libraries, music schools, and archives, supported by approximately 100 employees. The website reflects a well-established organization with a strong community and cultural focus, offering diverse programs and events. Technically, the site uses modern web technologies including Bootstrap, UIkit, and Matomo analytics, with good mobile optimization and accessibility features. Security practices include HTTPS, CSRF protection, and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and cookie consent. The domain WHOIS data is minimal but consistent with a legitimate public institution. Overall, the website is professional, trustworthy, and well-maintained.

S

Stadtmarketing Witten GmbH

stadtmarketing-witten.de

61

Stadtmarketing Witten GmbH operates a comprehensive tourism and local commerce website focused on the city of Witten, Germany. The company provides key services including tourist information, ticket sales for events, guided tours, and retail of souvenirs and vouchers. The website positions itself as the largest ticket provider in Witten for entertainment events such as concerts, festivals, and theater. The target audience includes tourists, local residents, and event attendees. The business model centers on service provision and retail within the hospitality and tourism sectors.

SZM s.r.o. operates SZM.sk, the largest Slovak internet directory offering categorized listings of companies, news, culture, education, technology, and more. The website serves Slovak internet users seeking organized access to local and national web resources. The business model centers on providing directory services combined with advertising placements, supported by partner sites in related sectors such as TV programming, banking, and insurance. The domain has a long history since 2003, indicating established market presence. Technically, the website uses a custom-built platform with legacy charset windows-1250, multiple JavaScript libraries including Google Tag Manager, Google Analytics, Microsoft Clarity, and Facebook Pixel for analytics and marketing. Hosting is provided by Platon, with multiple ad networks integrated. The site shows moderate performance and basic mobile optimization. SEO and accessibility are basic but functional. Security posture is moderate with HTTPS enabled and consent management for GDPR compliance. However, legacy HTTP resource loading and lack of modern security headers reduce the security score. No explicit privacy policy or terms of service were found, which is a compliance gap. No direct contact information is provided on the main page, limiting user trust and support access. Overall, SZM.sk is a moderately mature online directory with a stable business presence but requires improvements in privacy transparency, security hardening, and modernization of technical infrastructure to enhance trust and compliance.

A

Adam Žitník

adamzitnik.cz

41

Adam Žitník is a small independent design and web development service provider based in Ostrava, Czechia, founded in 2014. The website showcases a professional portfolio of client projects, emphasizing custom web design, CMS development, SEO, and consultation services. The business targets artists and companies seeking unique and creative digital presentations. Technically, the website uses a modern tech stack including Bootstrap, jQuery, and Google Analytics, with moderate performance and good mobile optimization. Security measures include Google reCAPTCHA for form protection, but lack explicit security headers and published security policies. Privacy compliance is limited due to absence of privacy and cookie policies. Overall, the domain registration data is consistent and supports the legitimacy of the business.

A

AGITPROP

agitprop.bg

37

AGITPROP is a small Bulgarian media production company specializing in creative documentaries, art, and advertising photography. The website content focuses on explaining the term 'AGITPROP' and showcases categories of their work including film, video, campaigns, photography, and graphic design. The company appears to target a general audience interested in artistic and documentary media. The technical infrastructure is basic, relying on custom JavaScript and CSS with hosting inferred to be StableHost. The website lacks modern CMS or frameworks and shows limited mobile optimization and accessibility features. Security posture is minimal with no visible HTTPS or security headers in the provided data, and privacy compliance is poor due to absence of privacy and cookie policies. No contact information or social media links are provided, which limits business credibility. Overall, the site is functional but basic, with room for improvement in security, privacy, and user engagement.

C

Copa Ca Backum/Copa Oase

copacabackum.de

65

Copa Ca Backum is a regional leisure and wellness center located in Herten, Germany, offering a broad range of services including swimming pools, sauna facilities, wellness massages, gastronomy, and family-oriented events. The website presents a professional and consistent brand image with clear navigation and comprehensive content tailored to families, sports enthusiasts, and wellness seekers. The business model focuses on hospitality and recreational services with a medium-sized market presence in the local region. Technically, the website is built on TYPO3 CMS and integrates modern tools such as Google Tag Manager, Google Analytics, and an accessibility assistant, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit incident response documentation. Overall, the site is trustworthy, GDPR compliant, and provides a good user experience with no adult or explicit content.

T

Treffpunkt Villa (Einrichtung der Kinder- und Jugendförderung des Kreises Unna)

treffpunkt-villa.de

59

Treffpunkt Villa is a public youth and family service institution operated under the Kreis Unna government in Germany. It offers a broad range of community-oriented programs including youth counseling, leisure activities, educational support, and cultural integration initiatives targeting children, adolescents, and families in Holzwickede. The website is built on a modern Angular framework, hosted on official Kreis Unna infrastructure, and demonstrates good digital maturity with responsive design and privacy compliance. Security posture is solid with HTTPS and secure form handling, though additional security headers and explicit policies could enhance protection. Overall, the site reflects a trustworthy and professional public service entity with clear contact information and comprehensive content.

VABANQUE, spol. s r.o. is a Czech Republic based full-service advertising and communication agency with over 15 years of experience. The company offers a broad range of marketing and branding services including 3D modeling, packaging design, web development, video production, and event promotion. Their client portfolio includes notable brands and they emphasize tailored marketing solutions to strengthen client market positions. The website is professionally designed with clear navigation and contact information, reflecting a stable and credible business presence. Technically, the site uses common web technologies such as jQuery, Google Analytics, and Google Tag Manager, with moderate performance and basic mobile optimization. Security posture is average with HTTPS usage but lacks visible security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy but could improve in privacy and security transparency.

The website crew-united.com is currently inaccessible due to a Cloudflare security challenge page that requires human verification via Turnstile captcha. This prevents access to any substantive content, business information, or policies. The domain is long-established, created in 1997, and registered with a reputable registrar, indicating legitimacy. However, no business or contact information is available from the accessible content. The technical infrastructure includes Cloudflare protection but lacks DNSSEC and visible security headers. Due to the access block, a full security and compliance assessment cannot be performed.

K

Kino Star

kinostar.sk

55

Kino Star is a local cinema portal website targeting audiences in Slovak towns Zvolen and Lučenec. It provides a simple interface for users to select their preferred cinema location. The website is built using modern web technologies including React and Next.js, indicating a contemporary technical infrastructure. However, the content is minimal and primarily serves as a navigation gateway to subdomains for each cinema location. Security posture is basic with no detected security headers or privacy policies, and no contact information is provided on the main page. The site does not appear to use tracking or analytics services, which reduces privacy concerns but also limits business intelligence capabilities. Overall, the website is functional for its purpose but lacks comprehensive compliance and security features.

Centrum voľného času is a Slovak educational and leisure institution based in Stará Ľubovňa, providing educational, training, and international programs for children and youth for over 50 years. The website reflects a well-established local organization focused on youth development and community engagement through various activities, competitions, and camps. The digital infrastructure is built on standard web technologies with a responsive design and clear navigation, supporting a positive user experience. Security posture is adequate with HTTPS usage and no visible vulnerabilities, though improvements in security headers and cookie consent mechanisms are recommended. Overall, the site demonstrates high business credibility and trustworthiness with comprehensive contact information and active social media presence.

The website vitajte.tricklandia.sk serves as a simple introductory landing page for Tricklandia, a local Slovak entity. The page contains minimal content, primarily images and links to partner or related sites, and redirects users to the main Tricklandia website after 10 seconds. The business appears to be small-scale with limited digital presence on this subdomain. Technically, the site uses basic HTML, CSS, and JavaScript without advanced frameworks or CMS. There is no evidence of analytics, advertising, or user tracking technologies. Security posture is weak due to lack of HTTPS confirmation, absence of security headers, and no visible privacy or cookie policies. The WHOIS data is privacy protected, which is common for small or personal websites but limits transparency. Overall, the site is safe for general audiences but lacks professional security and compliance features.

T

Tero Radio

teroradio.com

47

Tero Radio is a Thai-based online radio and entertainment platform offering multiple radio stations, podcasts, music charts, event promotions, and video content. The website targets a general Thai audience interested in contemporary hits, Asian music, and entertainment news. The platform is moderately mature with a domain age of approximately 3.5 years and a consistent brand presence across social media and partner subdomains. Technically, the site uses modern web technologies such as Next.js and React, with integrations for Google Tag Manager and advertising via Google DoubleClick. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and domain status protections, but lacks DNSSEC and visible security headers. Privacy compliance is weak due to the absence of visible privacy and cookie policies. Overall, the site is legitimate and professionally maintained but would benefit from enhanced security and privacy transparency.

P

Price.ro

price.ro

60

Price.ro is a well-established Romanian price comparison website founded in 2001, offering a comprehensive platform for consumers to search and compare prices across millions of products from thousands of stores. The website targets Romanian online shoppers and provides key services such as product search, price comparison, special offers, and user reviews. The platform demonstrates a consistent brand presence with good content quality and a professional design tailored for a general audience. Technically, the site uses modern web technologies including JavaScript, CSS, and integrates Google Tag Manager and Google Analytics for marketing and analytics purposes. The website is HTTPS secured, ensuring encrypted communication, but lacks some advanced security headers which could enhance its security posture. Privacy compliance is basic with visible cookie consent and a privacy policy page, indicating awareness of GDPR requirements. However, no explicit contact information or security policies are published, which could be improved to enhance trust and transparency. The domain WHOIS data is privacy protected by ROTLD, which is common for Romanian domains, but the domain age aligns well with the business history, supporting legitimacy. Overall, Price.ro presents a solid e-commerce service with moderate technical maturity and a good security baseline, suitable for its market and audience.

S

ShopMania

shopmania.ro

66

ShopMania is a well-established Romanian e-commerce price comparison platform founded in 2005. It aggregates millions of products from hundreds of online stores, providing users with price comparisons, product reviews, and shopping guides. The platform targets Romanian consumers seeking to make informed purchasing decisions by comparing offers and reading customer feedback. ShopMania holds a strong market position as a leading price comparison site in Romania, supported by a comprehensive product catalog and a partner ecosystem for online retailers. Technically, the website employs modern JavaScript libraries and tracking technologies such as Google Analytics, Google Tag Manager, and Facebook Pixel. It uses HTTPS and implements basic security headers, ensuring secure communication and user data protection. The site is mobile-optimized with good navigation and SEO practices, although there is room for improvement in accessibility and advanced security headers. From a security perspective, ShopMania demonstrates a solid posture with encrypted connections, cookie consent mechanisms, and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policies, incident response information, and vulnerability disclosure channels, which could enhance trust and compliance. The WHOIS data is privacy protected as per ROTLD policies, which is common for Romanian domains, and does not raise immediate legitimacy concerns given the site's maturity and professional presence. Overall, ShopMania presents a trustworthy and professional platform with good content quality and technical implementation. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving accessibility features to further strengthen compliance and user trust.

S

Střední odborná škola Třineckých železáren

sostrinec.cz

40

Střední odborná škola Třineckých železáren is a vocational secondary school located in Třinec, Czech Republic, affiliated with the steel company TŘINECKÉ ŽELEZÁRNY, a. s. The institution offers a variety of technical and vocational study programs, lifelong learning courses, and extracurricular activities aimed at students and prospective students interested in technical education. The website reflects a medium-sized educational institution with a consistent brand presence and a strong connection to local industry. Technically, the website is built using Nicepage CMS with standard web technologies such as HTML5, CSS3, and jQuery. It is hosted by Active24 and shows moderate performance and good mobile optimization. Security posture is moderate with HTTPS assumed but lacking explicit security headers and privacy compliance documentation. No forms collecting sensitive data are present on the homepage, reducing immediate risk. The domain registration data is consistent with the business and shows a long-standing presence since 2005, supporting legitimacy. Overall, the website is professional, trustworthy, and safe for general audiences, but it lacks important privacy and security policy disclosures.

M

Muzeum Śląska Cieszyńskiego

muzeumcieszyn.pl

59

Muzeum Śląska Cieszyńskiego is a regional cultural and historical museum based in Poland, focusing on the heritage of the Cieszyn Silesia region. The website provides rich content about exhibitions, educational programs, and publications, targeting a general audience interested in culture and history. The museum operates as a non-profit entity, supported by government funding and cultural grants. Technically, the website is built on Joomla CMS and uses Google Analytics for visitor tracking. While the site is accessible and contains valuable content, it lacks modern security headers, DNSSEC, and explicit privacy and cookie policies, which are important for compliance and security. The domain registration is consistent with the museum's identity and history, indicating legitimacy.